Changeset bd72d5c

Timestamp:

Sep 15, 2011, 3:34:54 PM (15 years ago)

Author:

Alex Dehnert <adehnert@…>

Branches:

master, space-access, stable, stage, test-hooks

Children:

5c68184

Parents:

ceaf3bd (diff), fbb362a (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the (diff) links above to see all the changes relative to each parent.

git-author:

Alex Dehnert <adehnert@…> (09/15/11 15:34:54)

git-committer:

Alex Dehnert <adehnert@…> (09/15/11 15:34:54)

Message:

Merge remote branch 'remotes/origin/new-db'

Files:

• .gitignore (modified) (1 diff)
• asadb/forms/views.py (modified) (1 diff)
• asadb/groups/admin.py (modified) (3 diffs)
• asadb/groups/import_signatories.py (added)
• asadb/groups/load_people.py (added)
• asadb/groups/migrations/0002_add_officers.py (added)
• asadb/groups/migrations/0003_add_people.py (added)
• asadb/groups/migrations/0004_add_require_student.py (added)
• asadb/groups/migrations/0005_add_role_user_grant.py (added)
• asadb/groups/migrations/0006_add_group_perms.py (added)
• asadb/groups/migrations/0007_add_statusy_stuff.py (added)
• asadb/groups/migrations/0008_add_statusy_stuff_data.py (added)
• asadb/groups/migrations/0009_add_notes.py (added)
• asadb/groups/migrations/0010_allow_null_updater.py (added)
• asadb/groups/migrations/0011_add_publicly_viewable.py (added)
• asadb/groups/models.py (modified) (5 diffs)
• asadb/groups/urls.py (added)
• asadb/groups/views.py (modified) (1 diff)
• asadb/media/style/style.css (modified) (3 diffs)
• asadb/settings.py (modified) (5 diffs)
• asadb/template/base.html (modified) (1 diff)
• asadb/template/form_utils/better_form.html (added)
• asadb/template/form_utils/fields_as_trs.html (added)
• asadb/template/groups/group_change_main.html (added)
• asadb/template/groups/group_change_officers.html (added)
• asadb/template/groups/group_detail.html (added)
• asadb/template/groups/group_list.html (modified) (2 diffs)
• asadb/template/groups/group_search.html (added)
• asadb/template/groups/group_version.html (added)
• asadb/template/groups/groups_signatories.html (added)
• asadb/template/groups/note/detail.head.html (added)
• asadb/template/groups/note/detail.row.html (added)
• asadb/template/index.html (modified) (1 diff)
• asadb/template/registration/login.html (modified) (1 diff)
• asadb/urls.py (modified) (3 diffs)
• asadb/util/db_form_utils.py (added)
• asadb/util/import_db.py (modified) (2 diffs)
• design/tools/audit-trail.txt (modified) (1 diff)
• asadb/forms/admin.py (modified) (1 diff)
• asadb/forms/migrations/0005_group_membership_update.py (added)
• asadb/forms/migrations/0006_person_membership_update.py (added)
• asadb/forms/migrations/0007_fix_fields_community.py (added)
• asadb/forms/models.py (modified) (1 diff)
• asadb/settings/local_settings.dev-template.py (added)
• asadb/template/membership/anti-hazing.txt (added)
• asadb/template/membership/confirm.html (added)
• asadb/template/membership/submit-confirm-email.txt (added)
• asadb/template/membership/thanks.html (added)
• asadb/template/membership/update.html (added)

.gitignore

@@ -6 +6 @@
 asadb/media/fysm/logos/
 asadb/media/fysm/slides/
+asadb/media/page-previews/fysm/
 asadb/util/saved-data/
 asadb/util/warehouse-dump.csv

asadb/forms/views.py

@@ -121 +121 @@
 def select_group_fysm(request, ):
     qobj = Q(activity_category__isnull = True) | ~(Q(activity_category__name='Dorm') | Q(activity_category__name='FSILG'))
-    queryset = groups.models.Group.objects.filter(qobj)
+    queryset = groups.models.Group.active_groups.filter(qobj)
     return select_group(
         request,

asadb/groups/admin.py

@@ -1 +1 @@
 import groups.models
 from django.contrib import admin
+from reversion.admin import VersionAdmin
 
-class GroupAdmin(admin.ModelAdmin):
+class GroupAdmin(VersionAdmin):
     list_display = (
         'id',
@@ -16 +17 @@
     )
     list_display_links = ('id', 'name', )
-    list_filter = [ 'activity_category', ]
+    list_filter = [
+        'activity_category',
+        'group_class',
+        'group_status',
+        'group_funding',
+    ]
     date_hierarchy = 'update_date'
     search_fields = [ 'id', 'name', 'abbreviation', 'officer_email', 'athena_locker', ]
+admin.site.register(groups.models.Group, GroupAdmin)
+
+
+class Admin_GroupNote(VersionAdmin):
+    list_display = (
+        'pk',
+        'author',
+        'timestamp',
+        'acl_read_group',
+        'acl_read_offices',
+        'group',
+    )
+    list_display_links = ('pk', 'timestamp', )
+    list_filter = [
+        'acl_read_group',
+        'acl_read_offices',
+    ]
+    date_hierarchy = 'timestamp'
+    search_fields = [
+        'author',
+        'group__name',
+        'group__abbreviation',
+        'group__officer_email',
+        'group__athena_locker',
+    ]
+admin.site.register(groups.models.GroupNote, Admin_GroupNote)
+
+
+class OfficerRoleAdmin(VersionAdmin):
+    list_display = (
+        'id',
+        'display_name',
+        'slug',
+        'max_count',
+        'require_student',
+        'publicly_visible',
+        'grant_user',
+    )
+    list_display_links = ('id', 'display_name', 'slug', )
+    prepopulated_fields = {"slug": ("display_name",)}
+admin.site.register(groups.models.OfficerRole, OfficerRoleAdmin)
+
+
+class OfficeHolderAdmin(VersionAdmin):
+    list_display = (
+        'id',
+        'person',
+        'role',
+        'group',
+        'start_time', 'end_time',
+    )
+    list_display_links = (
+        'id',
+        'person',
+        'role',
+        'group',
+        'start_time', 'end_time',
+    )
+    search_fields = (
+        'id',
+        'person',
+        'role__display_name', 'role__slug',
+        'group__name', 'group__abbreviation',
+        'start_time', 'end_time',
+    )
+admin.site.register(groups.models.OfficeHolder, OfficeHolderAdmin)
+
 
 class ActivityCategoryAdmin(admin.ModelAdmin):
@@ -26 +99 @@
     )
     list_display_links = ('id', 'name', )
+admin.site.register(groups.models.ActivityCategory, ActivityCategoryAdmin)
 
-admin.site.register(groups.models.Group, GroupAdmin)
-admin.site.register(groups.models.ActivityCategory, ActivityCategoryAdmin)
+
+class Admin_GroupClass(admin.ModelAdmin):
+    list_display = (
+        'id',
+        'name',
+        'slug',
+        'gets_publicity',
+    )
+    list_display_links = ('id', 'name', 'slug', )
+    list_filter = [ 'gets_publicity', ]
+    prepopulated_fields = {'slug': ('name', )}
+admin.site.register(groups.models.GroupClass, Admin_GroupClass)
+
+
+class Admin_GroupStatus(admin.ModelAdmin):
+    list_display = (
+        'id',
+        'name',
+        'slug',
+        'is_active',
+    )
+    list_display_links = ('id', 'name', 'slug', )
+    list_filter = [ 'is_active', ]
+    prepopulated_fields = {'slug': ('name', )}
+admin.site.register(groups.models.GroupStatus, Admin_GroupStatus)
+
+
+class Admin_GroupFunding(admin.ModelAdmin):
+    list_display = (
+        'id',
+        'name',
+        'slug',
+        'contact_email',
+        'funding_list',
+    )
+    list_display_links = ('id', 'name', 'slug', )
+    prepopulated_fields = {'slug': ('name', )}
+admin.site.register(groups.models.GroupFunding, Admin_GroupFunding)
+
+
+class Admin_AthenaMoiraAccount(admin.ModelAdmin):
+    list_display = (
+        'id',
+        'username',
+        'mit_id',
+        'first_name',
+        'last_name',
+        'account_class',
+        'mutable',
+        'add_date',
+        'del_date',
+        'mod_date',
+    )
+    list_display_links = ( 'id', 'username', )
+    search_fields = ( 'username', 'mit_id', 'first_name', 'last_name', 'account_class', )
+admin.site.register(groups.models.AthenaMoiraAccount, Admin_AthenaMoiraAccount)

asadb/groups/models.py

@@ -1 +1 @@
 from django.db import models
+from django.contrib.auth.models import User
+
+import datetime
+
+import settings
 
 # Create your models here.
+
+class ActiveGroupManager(models.Manager):
+    def get_query_set(self, ):
+        return super(ActiveGroupManager, self).get_query_set().filter(
+            group_status__slug='active',
+        )
+
 class Group(models.Model):
     name = models.CharField(max_length=100)
@@ -7 +19 @@
     description = models.TextField()
     activity_category = models.ForeignKey('ActivityCategory', null=True, blank=True, )
+    group_class = models.ForeignKey('GroupClass')
+    group_status = models.ForeignKey('GroupStatus')
+    group_funding = models.ForeignKey('GroupFunding', null=True, blank=True, )
     website_url = models.URLField()
     constitution_url = models.CharField(max_length=200, blank=True)
@@ -21 +36 @@
     athena_locker = models.CharField(max_length=20, blank=True)
     recognition_date = models.DateField()
-    update_date = models.DateTimeField()
-    updater = models.CharField(max_length=30) # match Django username field
+    update_date = models.DateTimeField(editable=False, )
+    updater = models.CharField(max_length=30, editable=False, null=True, ) # match Django username field
+    _updater_set = False
+
+    objects = models.Manager()
+    active_groups = ActiveGroupManager()
+
+    def update_string(self, ):
+        updater = self.updater or "unknown"
+        return "%s by %s" % (self.update_date.strftime(settings.DATETIME_FORMAT_PYTHON), updater, )
+
+    def set_updater(self, who):
+        if hasattr(who, 'username'):
+            self.updater = who.username
+        else:
+            self.updater = who
+        self._updater_set = True
+
+    def save(self, ):
+        if not self._updater_set:
+            self.updater = None
+        self.update_date = datetime.datetime.now()
+        super(Group, self).save()
+
+    def viewable_notes(self, user):
+        return GroupNote.viewable_notes(self, user)
+
+    def officers(self, role=None, person=None, as_of="now",):
+        """Get the set of people holding some office.
+
+        If None is passed for role, person, or as_of, that field will not
+        be constrained. If as_of is "now" (default) the status will be
+        required to be current. If any of the three parameters are set
+        to another value, the corresponding filter will be applied.
+        """
+        office_holders = OfficeHolder.objects.filter(group=self,)
+        if role:
+            if isinstance(role, str):
+                office_holders = office_holders.filter(role__slug=role)
+            else:
+                office_holders = office_holders.filter(role=role)
+        if person:
+            office_holders = office_holders.filter(person=person)
+        if as_of:
+            if as_of == "now": as_of = datetime.datetime.now()
+            office_holders = office_holders.filter(start_time__lte=as_of, end_time__gte=as_of)
+        return office_holders
 
     def __str__(self, ):
@@ -29 +89 @@
     class Meta:
         ordering = ('name', )
+        permissions = (
+            ('view_group_private_info', 'View private group information'),
+            # ability to update normal group info or people
+            # this is weaker than change_group, which is the built-in
+            # permission that controls the admin interface
+            ('admin_group', 'Administer basic group information'),
+            ('view_signatories', 'View signatory information for all groups'),
+        )
+
+
+class GroupNote(models.Model):
+    author = models.CharField(max_length=30, ) # match Django username field
+    timestamp = models.DateTimeField(default=datetime.datetime.now, editable=False, )
+    body = models.TextField()
+    acl_read_group = models.BooleanField(default=True, help_text='Can the group read this note')
+    acl_read_offices = models.BooleanField(default=True, help_text='Can "offices" that interact with groups (SAO, CAC, and funding boards) read this note')
+    group = models.ForeignKey(Group)
+
+    def __str__(self, ):
+        return "Note by %s on %s" % (self.author, self.timestamp, )
+
+    @classmethod
+    def viewable_notes(cls, group, user):
+        notes = cls.objects.filter(group=group)
+        if not user.has_perm('groups.view_note_all'):
+            q = models.Q(pk=0)
+            if user.has_perm('groups.view_note_group', group):
+                q |= models.Q(acl_read_group=True)
+            if user.has_perm('groups.view_note_office'):
+                q |= models.Q(acl_read_offices=True)
+            notes = notes.filter(q)
+        return notes
+
+    class Meta:
+        permissions = (
+            ('view_note_group',     'View notes intended for the group to see', ),
+            ('view_note_office',    'View notes intended for "offices" to see', ),
+            ('view_note_all',       'View all notes', ),
+        )
+
+
+class OfficerRole(models.Model):
+    UNLIMITED = 10000
+
+    display_name = models.CharField(max_length=50)
+    slug = models.SlugField()
+    description = models.TextField()
+    max_count = models.IntegerField(default=UNLIMITED, help_text='Maximum number of holders of this role. Use %d for no limit.' % UNLIMITED)
+    require_student = models.BooleanField(default=False)
+    grant_user = models.ForeignKey(User, null=True, blank=True,
+        limit_choices_to={ 'username__endswith': '@SYSTEM'})
+    publicly_visible = models.BooleanField(default=True, help_text='Can everyone see the holders of this office.')
+
+    def max_count_str(self, ):
+        if self.max_count == self.UNLIMITED:
+            return "unlimited"
+        else:
+            return str(self.max_count)
+
+    def __str__(self, ):
+        return self.display_name
+
+    @classmethod
+    def getGrantUsers(cls, roles):
+        ret = set([role.grant_user for role in roles])
+        if None in ret: ret.remove(None)
+        return ret
+
+    @classmethod
+    def retrieve(cls, slug, ):
+        return cls.objects.get(slug=slug)
+
+
+class OfficeHolder_CurrentManager(models.Manager):
+    def get_query_set(self, ):
+        return super(OfficeHolder_CurrentManager, self).get_query_set().filter(
+            start_time__lte=datetime.datetime.now,
+            end_time__gte=datetime.datetime.now,
+        )
+
+class OfficeHolder(models.Model):
+    EXPIRE_OFFSET   = datetime.timedelta(seconds=1)
+    END_NEVER       = datetime.datetime.max
+
+    person = models.CharField(max_length=30)
+    role = models.ForeignKey('OfficerRole')
+    group = models.ForeignKey('Group')
+    start_time = models.DateTimeField(default=datetime.datetime.now)
+    end_time = models.DateTimeField(default=datetime.datetime.max)
+
+    objects = models.Manager()
+    current_holders = OfficeHolder_CurrentManager()
+
+    def expire(self, ):
+        self.end_time = datetime.datetime.now()-self.EXPIRE_OFFSET
+        self.save()
+
+    def __str__(self, ):
+        return "<OfficeHolder: person=%s, role=%s, group=%s, start_time=%s, end_time=%s>" % (
+            self.person, self.role, self.group, self.start_time, self.end_time, )
+
+    def __repr__(self, ):
+        return str(self)
+
+
+class PerGroupAuthz:
+    supports_anonymous_user = True
+    supports_inactive_user = True
+    supports_object_permissions = True
+
+    def authenticate(self, username=None, password=None, ):
+        return None # we don't do authn
+    def get_user(user_id, ):
+        return None # we don't do authn
+
+    def has_perm(self, user_obj, perm, obj=None, ):
+        print "Checking user %s for perm %s on obj %s" % (user_obj, perm, obj)
+        if not user_obj.is_active:
+            return False
+        if not user_obj.is_authenticated():
+            return False
+        if obj is None:
+            return False
+        # Great, we're active, authenticated, and not in a recursive call
+        # Check that we've got a reasonable object
+        if getattr(user_obj, 'is_system', False):
+            return False
+        if isinstance(obj, Group):
+            # Now we can do the real work
+            holders = obj.officers(person=user_obj.username).select_related('role__grant_user')
+            sys_users = OfficerRole.getGrantUsers([holder.role for holder in holders])
+            for sys_user in sys_users:
+                sys_user.is_system = True
+                if sys_user.has_perm(perm):
+                    print "While checking user %s for perm %s on obj %s: implicit user %s has perms" % (user_obj, perm, obj, sys_user, )
+                    return True
+        print "While checking user %s for perm %s on obj %s: no perms found (implicit: %s)" % (user_obj, perm, obj, sys_users)
+        return False
+
+
 
 class ActivityCategory(models.Model):
@@ -38 +238 @@
     class Meta:
         verbose_name_plural = "activity categories"
+
+
+class GroupClass(models.Model):
+    name = models.CharField(max_length=50)
+    slug = models.SlugField(unique=True, )
+    description = models.TextField()
+    gets_publicity = models.BooleanField(help_text="Gets publicity resources such as FYSM or Activities Midway")
+
+    def __str__(self, ):
+        return self.name
+
+    class Meta:
+        verbose_name_plural = "group classes"
+
+
+class GroupStatus(models.Model):
+    name = models.CharField(max_length=50)
+    slug = models.SlugField(unique=True, )
+    description = models.TextField()
+    is_active = models.BooleanField(default=True, help_text="This status represents an active group")
+
+    def __str__(self, ):
+        active = ""
+        if not self.is_active:
+            active = " (inactive)"
+        return "%s%s" % (self.name, active, )
+
+    class Meta:
+        verbose_name_plural= "group statuses"
+
+
+class GroupFunding(models.Model):
+    name = models.CharField(max_length=50)
+    slug = models.SlugField(unique=True, )
+    contact_email = models.EmailField()
+    funding_list = models.CharField(max_length=32, blank=True, help_text="List that groups receiving funding emails should be on. The database will attempt to make sure that ONLY those groups are on it.")
+
+    def __str__(self, ):
+        return "%s (%s)" % (self.name, self.contact_email, )
+
+
+class AthenaMoiraAccount_ActiveManager(models.Manager):
+    def get_query_set(self, ):
+        return super(AthenaMoiraAccount_ActiveManager, self).get_query_set().filter(del_date=None)
+
+class AthenaMoiraAccount(models.Model):
+    username = models.CharField(max_length=8)
+    mit_id = models.CharField(max_length=15)
+    first_name      = models.CharField(max_length=45)
+    last_name       = models.CharField(max_length=45)
+    account_class   = models.CharField(max_length=10)
+    mutable         = models.BooleanField(default=True)
+    add_date        = models.DateField(help_text="Date when this person was added to the dump.", )
+    del_date        = models.DateField(help_text="Date when this person was removed from the dump.", blank=True, null=True, )
+    mod_date        = models.DateField(help_text="Date when this person's record was last changed.", blank=True, null=True, )
+
+    objects = models.Manager()
+    active_accounts = AthenaMoiraAccount_ActiveManager()
+
+    def is_student(self, ):
+        # XXX: Is this... right?
+        return self.account_class == 'G' or self.account_class.isdigit()
+
+    def __str__(self, ):
+        if self.mutable:
+            mutable_str = ""
+        else:
+            mutable_str = " (immutable)"
+        return "<AthenaMoiraAccount: username=%s name='%s, %s' account_class=%s%s>" % (
+            self.username, self.last_name, self.first_name,
+            self.account_class, mutable_str,
+        )
+
+    def __repr__(self, ):
+        return str(self)
+
+    class Meta:
+        verbose_name = "Athena (Moira) account"

asadb/groups/views.py

@@ -1 +1 @@
 # Create your views here.
+
+import collections
+import datetime
+
+import groups.models
+
+from django.contrib.auth.decorators import user_passes_test, login_required, permission_required
+from django.contrib.contenttypes.models import ContentType
+from django.core.exceptions import PermissionDenied
+from django.views.generic import ListView, DetailView
+from django.shortcuts import render_to_response, get_object_or_404, redirect
+from django.template import RequestContext
+from django.template import Context, Template
+from django.template.loader import get_template
+from django.http import Http404, HttpResponseRedirect
+from django.core.urlresolvers import reverse
+from django.core.mail import EmailMessage, mail_admins
+from django.forms import Form
+from django.forms import ModelForm
+from django.forms import ModelChoiceField
+from django.db import connection
+from django.db.models import Q
+
+import form_utils.forms
+import reversion.models
+import django_filters
+
+from util.db_form_utils import StaticWidget
+
+
+def view_homepage(request, ):
+    users_groups = []
+    groupmsg = ""
+    has_perms = []
+    if request.user.is_authenticated():
+        username = request.user.username
+        current_officers = groups.models.OfficeHolder.current_holders.filter(person=username)
+        users_groups = groups.models.Group.objects.filter(officeholder__in=current_officers).distinct()
+
+        perms = []
+        perms.extend(groups.models.Group._meta.permissions)
+        perms.extend(groups.models.GroupNote._meta.permissions)
+        perms += (
+            ('change_group', 'Change arbitrary group information', ),
+        )
+        for perm_name, perm_desc in perms:
+            if request.user.has_perm('groups.%s' % (perm_name, )):
+                has_perms.append((perm_name, perm_desc, ))
+
+    context = {
+        'groups': users_groups,
+        'groupmsg': groupmsg,
+        'has_perms': has_perms,
+        'pagename': 'homepage',
+    }
+    return render_to_response('index.html', context, context_instance=RequestContext(request), )
+
+
+class GroupChangeMainForm(form_utils.forms.BetterModelForm):
+    def __init__(self, *args, **kwargs):
+        change_restricted = False
+        if 'change_restricted' in kwargs:
+            change_restricted = kwargs['change_restricted']
+            del kwargs['change_restricted']
+        super(GroupChangeMainForm, self).__init__(*args, **kwargs)
+        restricted_fields = list(self.nobody_fields)
+        if change_restricted:
+            restricted_fields.extend(self.exec_only_fields)
+        for field_name in restricted_fields:
+            formfield = self.fields[field_name]
+            value = getattr(self.instance, field_name)
+            StaticWidget.replace_widget(formfield, value)
+
+    exec_only_fields = [
+        'name', 'abbreviation',
+        'group_status', 'group_class',
+        'group_funding', 'main_account_id', 'funding_account_id',
+    ]
+    nobody_fields = [
+        'recognition_date',
+    ]
+
+    class Meta:
+        fieldsets = [
+            ('basic', {
+                'legend': 'Basic Information',
+                'fields': ['name', 'abbreviation', 'activity_category', 'description', ],
+            }),
+            ('size', {
+                'legend':'Membership Numbers',
+                'fields': ['num_undergrads', 'num_grads', 'num_community', 'num_other',],
+            }),
+            ('contact', {
+                'legend': 'Contact Information',
+                'fields': ['website_url', 'meeting_times', 'officer_email', 'group_email', ],
+            }),
+            ('recognition', {
+                'legend': 'Recognition',
+                'fields': ['group_status', 'group_class', 'recognition_date', ],
+            }),
+            ('financial', {
+                'legend': 'Financial Information',
+                'fields': ['group_funding', 'main_account_id', 'funding_account_id', ],
+            }),
+            ('more-info', {
+                'legend': 'Additional Information',
+                'fields': ['constitution_url', 'advisor_name', 'athena_locker', ],
+            }),
+        ]
+        model = groups.models.Group
+
+def manage_main(request, pk, ):
+    group = get_object_or_404(groups.models.Group, pk=pk)
+
+    if not request.user.has_perm('groups.admin_group', group):
+        raise PermissionDenied
+    change_restricted = True
+    if request.user.has_perm('groups.change_group', group):
+        change_restricted = False
+
+    msg = None
+
+    initial = {}
+    if request.method == 'POST': # If the form has been submitted...
+        # A form bound to the POST data
+        form = GroupChangeMainForm(
+            request.POST, request.FILES,
+            change_restricted=change_restricted,
+            instance=group,
+        )
+
+        if form.is_valid(): # All validation rules pass
+            request_obj = form.save(commit=False)
+            request_obj.set_updater(request.user)
+            request_obj.save()
+            form.save_m2m()
+
+            # Send email
+            #tmpl = get_template('fysm/update_email.txt')
+            #ctx = Context({
+            #    'group': group_obj,
+            #    'fysm': fysm_obj,
+            #    'view_uri': view_uri,
+            #    'submitter': request.user,
+            #    'request': request,
+            #    'sender': "ASA FYSM team",
+            #})
+            #body = tmpl.render(ctx)
+            #email = EmailMessage(
+            #    subject='FYSM entry for "%s" updated by "%s"' % (
+            #        group_obj.name,
+            #        request.user,
+            #    ),
+            #    body=body,
+            #    from_email='asa-fysm@mit.edu',
+            #    to=[group_obj.officer_email, request.user.email, ],
+            #    bcc=['asa-fysm-submissions@mit.edu', ]
+            #)
+            #email.send()
+            msg = "Thanks for editing!"
+        else:
+            msg = "Validation failed. See below for details."
+
+    else:
+        form = GroupChangeMainForm(change_restricted=change_restricted, instance=group, initial=initial, ) # An unbound form
+
+    context = {
+        'group': group,
+        'form':  form,
+        'msg':   msg,
+    }
+    return render_to_response('groups/group_change_main.html', context, context_instance=RequestContext(request), )
+
+
+class GroupFilter(django_filters.FilterSet):
+    name = django_filters.CharFilter(lookup_type='icontains', label="Name contains")
+    abbreviation = django_filters.CharFilter(lookup_type='iexact', label="Abbreviation is")
+
+    class Meta:
+        model = groups.models.Group
+        fields = [
+            'name',
+            'abbreviation',
+            'activity_category',
+            'group_class',
+            'group_status',
+            'group_funding',
+        ]
+
+
+class GroupListView(ListView):
+    model = groups.models.Group
+    template_object_name = 'group'
+
+    def get(self, *args, **kwargs):
+        qs = super(GroupListView, self).get_queryset()
+        self.filterset = GroupFilter(self.request.GET, qs)
+        return super(GroupListView, self).get(*args, **kwargs)
+
+    def get_queryset(self, ):
+        qs = self.filterset.qs
+        return qs
+
+    def get_context_data(self, **kwargs):
+        context = super(GroupListView, self).get_context_data(**kwargs)
+        # Add in the publisher
+        context['pagename'] = 'groups'
+        context['filter'] = self.filterset
+        return context
+
+
+class GroupDetailView(DetailView):
+    context_object_name = "group"
+    model = groups.models.Group
+    def get_context_data(self, **kwargs):
+        # Call the base implementation first to get a context
+        context = super(GroupDetailView, self).get_context_data(**kwargs)
+        group = context['group']
+
+        # Indicate whether this person should be able to see "private" info
+        context['viewpriv'] = self.request.user.has_perm('groups.view_group_private_info', group)
+        context['adminpriv'] = self.request.user.has_perm('groups.admin_group', group)
+        context['notes'] = group.viewable_notes(self.request.user)
+
+        # People involved in the group
+        just_roles = groups.models.OfficerRole.objects.all()
+        if context['viewpriv'] or self.request.user.has_perm('groups.view_signatories'):
+            # Can see the non-public stuff
+            pass
+        else:
+            just_roles = just_roles.filter(publicly_visible=True)
+        roles = []
+        for role in just_roles:
+            roles.append((role.display_name, role, group.officers(role=role), ))
+        context['roles'] = roles
+
+        return context
+
+
+class GroupHistoryView(ListView):
+    context_object_name = "version_list"
+    template_name = "groups/group_version.html"
+
+    def get_queryset(self):
+        history_entries = None
+        if 'pk' in self.kwargs:
+            group = get_object_or_404(groups.models.Group, pk=self.kwargs['pk'])
+            history_entries = reversion.models.Version.objects.get_for_object(group)
+        else:
+            history_entries = reversion.models.Version.objects.all()
+            group_content_type = ContentType.objects.get_for_model(groups.models.Group)
+            history_entries = history_entries.filter(content_type=group_content_type)
+        length = len(history_entries)
+        if length > 150:
+            history_entries = history_entries[length-100:]
+        return history_entries
+
+    def get_context_data(self, **kwargs):
+        context = super(GroupHistoryView, self).get_context_data(**kwargs)
+        if 'pk' in self.kwargs:
+            group = get_object_or_404(groups.models.Group, pk=self.kwargs['pk'])
+            context['title'] = "History for %s" % (group.name, )
+        else:
+            context['title'] = "Recent Changes"
+        return context
+
+
+def load_officers(group, ):
+    officers = group.officers()
+    people = list(set([ officer.person for officer in officers ]))
+    roles  = groups.models.OfficerRole.objects.all()
+
+    officers_map = {}
+    for officer in officers:
+        officers_map[(officer.person, officer.role)] = officer
+
+    return people, roles, officers_map
+
+def manage_officers(request, pk, ):
+    group = get_object_or_404(groups.models.Group, pk=pk)
+
+    if not request.user.has_perm('groups.admin_group', group):
+        raise PermissionDenied
+
+    max_new = 4
+
+    people, roles, officers_map = load_officers(group)
+
+    msgs = []
+    changes = []
+    edited = False
+    kept = 0
+    kept_not = 0
+    if request.method == 'POST': # If the form has been submitted
+        edited = True
+
+        new_people = {}
+        moira_accounts = {}
+        for i in range(max_new):
+            key = "extra.%d" % (i, )
+            if key in request.POST and request.POST[key] != "":
+                username = request.POST[key]
+                try:
+                    moira_accounts[username] = groups.models.AthenaMoiraAccount.active_accounts.get(username=username)
+                    new_people[i] = username
+                except groups.models.AthenaMoiraAccount.DoesNotExist:
+                    msgs.append('Athena account "%s" appears not to exist. Changes involving them have been ignored.' % (username, ))
+        for person in people:
+            try:
+                moira_accounts[person] = groups.models.AthenaMoiraAccount.active_accounts.get(username=person)
+            except groups.models.AthenaMoiraAccount.DoesNotExist:
+                msgs.append('Athena account "%s" appears not to exist. They can not be added to new roles. You should remove them from any roles they hold, if you have not already.' % (person, ))
+        for role in roles:
+            key = "holders.%s" % (role.slug, )
+            new_holders = set()
+            if key in request.POST:
+                new_holders = set(request.POST.getlist(key, ))
+            if len(new_holders) > role.max_count:
+                msgs.append("You selected %d people for %s; only %d are allowed. No changes to %s have been carried out in this update." %
+                    (len(new_holders), role.display_name, role.max_count, role.display_name, )
+                )
+            else:
+                for person in people:
+                    if person in new_holders:
+                        if (person, role) in officers_map:
+                            if role.require_student and not moira_accounts[person].is_student():
+                                msgs.append('Only students can have the %s role, and %s does not appear to be a student. (If this is not the case, please contact us.) You should replace this person ASAP.' % (role, person, ))
+                            #changes.append(("Kept", "yellow", person, role))
+                            kept += 1
+                        else:
+                            if person not in moira_accounts:
+                                msgs.append('Could not add nonexistent Athena account "%s" as %s.' % (person, role, ))
+                            elif role.require_student and not moira_accounts[person].is_student():
+                                msgs.append('Only students can have the %s role, and %s does not appear to be a student. (If this is not the case, please contact us.)' % (role, person, ))
+                            else:
+                                holder = groups.models.OfficeHolder(person=person, role=role, group=group,)
+                                holder.save()
+                                changes.append(("Added", "green", person, role))
+                    else:
+                        if (person, role) in officers_map:
+                            officers_map[(person, role)].expire()
+                            changes.append(("Removed", "red", person, role))
+                        else:
+                            kept_not += 1
+                            pass
+                for i in range(max_new):
+                    if "extra.%d" % (i, ) in new_holders:
+                        if i in new_people:
+                            person = new_people[i]
+                            if role.require_student and not moira_accounts[person].is_student():
+                                msgs.append('Only students can have the %s role, and %s does not appear to be a student.' % (role, person, ))
+                            else:
+                                holder = groups.models.OfficeHolder(person=person, role=role, group=group,)
+                                holder.save()
+                                changes.append(("Added", "green", person, role))
+
+        # mark as changed and reload the data
+        if changes:
+            group.set_updater(request.user)
+            group.save()
+        people, roles, officers_map = load_officers(group)
+
+    officers_data = []
+    for person in people:
+        role_list = []
+        for role in roles:
+            if (person, role) in officers_map:
+                role_list.append((role, True))
+            else:
+                role_list.append((role, False))
+        officers_data.append((False, person, role_list))
+    null_role_list = [(role, False) for role in roles]
+    for i in range(max_new):
+        officers_data.append((True, "extra.%d" % (i, ), null_role_list))
+
+    context = {
+        'group': group,
+        'roles': roles,
+        'people': people,
+        'officers': officers_data,
+        'edited': edited,
+        'changes':   changes,
+        'kept': kept,
+        'kept_not': kept_not,
+        'msgs': msgs,
+    }
+    return render_to_response('groups/group_change_officers.html', context, context_instance=RequestContext(request), )
+
+@permission_required('groups.view_signatories')
+def view_signatories(request, ):
+    # TODO:
+    # * limit which columns (roles) get displayed
+    # This might want to wait for the generic reporting infrastructure, since
+    # I'd imagine some of it can be reused.
+
+    the_groups = groups.models.Group.objects.all()
+    groups_filterset = GroupFilter(request.GET, the_groups)
+    the_groups = groups_filterset.qs
+    officers = groups.models.OfficeHolder.objects.filter(start_time__lte=datetime.datetime.now(), end_time__gte=datetime.datetime.now())
+    officers = officers.filter(group__in=the_groups)
+    officers = officers.select_related(depth=1)
+    roles = groups.models.OfficerRole.objects.all()
+    officers_map = collections.defaultdict(lambda: collections.defaultdict(set))
+    for officer in officers:
+        officers_map[officer.group][officer.role].add(officer.person)
+    officers_data = []
+    for group in the_groups:
+        role_list = []
+        for role in roles:
+            role_list.append(officers_map[group][role])
+        officers_data.append((group, role_list))
+
+    context = {
+        'roles': roles,
+        'officers': officers_data,
+        'filter': groups_filterset,
+        'pagename': 'groups',
+    }
+    return render_to_response('groups/groups_signatories.html', context, context_instance=RequestContext(request), )
+
+def search_groups(request, ):
+    the_groups = groups.models.Group.objects.all()
+    groups_filterset = GroupFilter(request.GET, the_groups)
+
+    dest = None
+    if 'signatories' in request.GET:
+        dest = reverse('groups:signatories')
+        print dest
+    elif 'group-info' in request.GET:
+        dest = reverse('groups:list')
+
+    if dest:
+        return redirect(dest + "?" + request.META['QUERY_STRING'])
+    else:
+        context = {
+            'filter': groups_filterset,
+            'pagename': 'groups',
+        }
+        return render_to_response('groups/group_search.html', context, context_instance=RequestContext(request), )

asadb/media/style/style.css

@@ -7 +7 @@
 {
     border-collapse: collapse;
-}
-table.pretty-table th, table.pretty-table td
+    margin: 0.5em;
+}
+table.pretty-table th, table.pretty-table td, table.pretty-table caption
 {
     border: 1px solid black;
     padding: 2px;
 }
-table.pretty-table th
-{
+table.pretty-table caption
+{
+    border-bottom: none;
+}
+table.pretty-table th, table.pretty-table caption
+{
+    font-weight: bold;
     background: #BE2933;
+}
+table.pretty-table th a, table.pretty-table caption a
+{
+    color: #008;
 }
 ul.errorlist
@@ -202 +212 @@
 
 
+/*****************
+ * GROUP DISPLAY *
+ *****************/
+tr.private-info th:before
+{
+    content: "* ";
+}
+
+
 /* Reset some stuff */
 h1, h2, h3, th
@@ -212 +231 @@
     margin-left: 0;
 }
+
+table.group-change-officers-change td
+{
+    text-align: center;
+}

asadb/settings.py

@@ -5 +5 @@
 SITE_ROOT = os.path.normpath(os.path.dirname(__file__))
 SITE_WEB_PATH = ''
-
 
 DEBUG = False
@@ -28 +27 @@
 # If running in a Windows environment this must be set to the same as your
 # system time zone.
-TIME_ZONE = 'America/Chicago'
+TIME_ZONE = 'America/New_York'
 
 # Language code for this installation. All choices can be found here:
@@ -39 +38 @@
 # to load the internationalization machinery.
 USE_I18N = True
+
+DATETIME_FORMAT_PYTHON = "%c"
 
 from local_settings import *
@@ -71 +72 @@
     'django.contrib.sessions.middleware.SessionMiddleware',
     'django.contrib.auth.middleware.AuthenticationMiddleware',
+    'django.middleware.transaction.TransactionMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
+    'reversion.middleware.RevisionMiddleware',
 ]
 
 AUTHENTICATION_BACKENDS = [
+    'groups.models.PerGroupAuthz',
     'django.contrib.auth.backends.ModelBackend',
 ]
@@ -99 +103 @@
     'django.contrib.sessions',
     'django.contrib.sites',
+    'form_utils',
+    'django_filters',
+    'reversion',
     'south',
     'groups',

asadb/template/base.html

@@ -12 +12 @@
     <ul class='tab-navigation'>
         <li{% ifequal pagename "homepage" %} class='selected'{% endifequal %}><a href="{% url homepage   %}">Home</a></li>
-        <li{% ifequal pagename "groups"   %} class='selected'{% endifequal %}><a href="{% url group-list %}">Groups</a></li>
+        <li{% ifequal pagename "groups"   %} class='selected'{% endifequal %}><a href="{% url groups:list %}">Groups</a></li>
         <li{% ifequal pagename "fysm"     %} class='selected'{% endifequal %}><a href="{% url fysm       %}">FYSM</a></li>
+        {% if user.is_staff %}<li><a href='{% url admin:index %}'>Admin</a></li>{% endif %}
     </ul>
     <div id='content'>

asadb/template/groups/group_list.html

@@ -6 +6 @@
 <h1>MIT Student Groups</h1>
 
+<h2>Search</h2>
+
+<form action="" method="get">
+    <table class='pretty-table'>
+    {{ filter.form.as_table }}
+    </table>
+    <input type="submit" value="Search" />
+</form>
+
+<h2>The Groups</h2>
+
 <table class='pretty-table'>
 <thead>
     <tr>
         <th>Name</th>
+        <th>Website</th>
+        <th>ASA DB</th>
+        <th>Description</th>
         <th>Meeting Time</th>
     </tr>
@@ -16 +30 @@
 {% for group in group_list %}
     <tr>
-        <td>{% if group.website_url %}<a href='{{group.website_url}}'>{% endif %}{{group.name}}{%if group.website_url%}</a>{%endif%}</td>
+        <th>{{group.name}}</th>
+        <td>{% if group.website_url %}<a href='{{group.website_url}}'>Website</a>{%endif%}</td>
+        <td><a href='{% url groups:group-detail group.pk %}'>DB Entry</a></td>
+        <td>{{group.description}}</td>
         <td>{{group.meeting_times}}</td>
     </tr>

asadb/template/index.html

@@ -7 +7 @@
 
 <ul>
-    <li><a href='{%url group-list%}'>List of groups</a></li>
+    <li><a href='{%url groups:search%}'>Search groups</a></li>
+    <li><a href='{%url groups:list%}'>List of groups</a></li>
     <li>First Year Summer Mailing<ul>
         <li><a href='{%url fysm%}'>View the entries</a></li>
         <li><a href='{%url fysm-select%}'>Submit an entry</a></li>
     </ul></li>
+    {%if perms.groups.view_signatories %}<li><a href='{% url groups:signatories %}'>View Signatories</a></li>{%endif%}
 </ul>
 
+<h2>My Groups</h2>
+
+{% if user.is_anonymous %}
+<p><a href='{% url login %}'>Login</a> to see your groups.</p>
+{% else %}
+{%if not groups %}
+<p>You do not currently appear to be listed with any groups.</p>
+{% endif %}
+{% endif %}
+
+{% if groups %}
+<ul>
+{% for group in groups %}
+    <li><a href='{% url groups:group-detail group.pk %}'>{{group}}</a></li>
+{%endfor%}
+</ul>
+{% endif %}
+
+{% if has_perms %}
+<h2>Permissions</h2>
+
+<p>You have the following permissions:</p>
+
+<table class='pretty-table'>
+<tr>
+    <th>Name</th>
+    <th>Description</th>
+</tr>
+{% for perm_name, perm_desc in has_perms %}
+<tr>
+    <td>{{perm_name}}</td>
+    <td>{{perm_desc}}</td>
+</tr>
+{% endfor %}
+</table>
+{% endif %}
+
 {% endblock %}

asadb/template/registration/login.html

@@ -15 +15 @@
 <p>In the unlikely event that you have a username and password, you can log in below.</p>
 
-<form method="post" action="{% url login %}">
+<form method="post" action="{% url login-password %}">
 {% csrf_token %}
 <table>

asadb/urls.py

@@ -9 +9 @@
 import settings
 
+import groups.urls
 import forms.views
-
-import groups.models
 
 urlpatterns = patterns('',
     # Example:
     # (r'^asadb/', include('asadb.foo.urls')),
-    url(
-        r'^$',
-        'django.views.generic.simple.direct_to_template',
-        {'template': 'index.html', 'extra_context': { 'pagename':'homepage' }, },
-        name='homepage',
-    ),
+    url(r'^$', 'groups.views.view_homepage', name='homepage', ),
 
     # FYSM
@@ -45 +39 @@
 
     # Group list
-    url(
-        r'^groups/$',
-        list_detail.object_list,
-        {
-            'queryset': groups.models.Group.objects.all(),
-            'template_object_name': 'group',
-            'extra_context': {'pagename': 'groups', },
-        },
-        name='group-list',
-    ),
+    (r'^groups/', include(groups.urls.urls(), ), ),
 
     # Uncomment the admin/doc line below and add 'django.contrib.admindocs' 
@@ -62 +47 @@
     # Uncomment the next line to enable the admin:
     (r'^admin/', include(admin.site.urls)),
+    url(r'^accounts/login/password/', 'django.contrib.auth.views.login', name='login-password', ),
     url(r'^accounts/login/',  'mit.scripts_login',  name='login', ),
     url(r'^accounts/logout/', logout, name='logout', ),

asadb/util/import_db.py

@@ -21 +21 @@
 def canonicalize_email(email):
     if '@' in email: return email
+    elif email == '': return ''
     else: return email + "@mit.edu"
 
@@ -50 +51 @@
             print ">> Unknown category '%s' on group '%s'" % (cat_name, g.name, )
             pass
+        class_name = d['GROUP_CLASS']
+        status_name = d['GROUP_STATUS']
+        funding_name = d['GROUP_FUNDING_TYPE']
+        if class_name == 'Standard':
+            if status_name == 'Provisional':
+                class_name = 'Unfunded'
+                status_name = 'Active'
+            elif status_name == 'Active':
+                class_name = 'MIT-funded'
+            elif status_name == 'Suspended' or status_name == 'Derecognized':
+                class_name = 'MIT-funded'
+        g.group_class = groups.models.GroupClass.objects.get(name=class_name)
+        g.group_status = groups.models.GroupStatus.objects.get(name=status_name)
+        if funding_name == 'none':
+            g.group_funding = None
+        else:
+            g.group_funding = groups.models.GroupFunding.objects.get(name=funding_name)
         g.website_url       = d['WEBSITE_URL']
         g.constitution_url  = d['CONSTITUTION_WEB_URL']

design/tools/audit-trail.txt

@@ -34 +34 @@
     * Design
         * Store all versions of all models in a single table, JSON'd
+        * Metadata stored unpickled
+            * Time
+            * Editor
+            * Some other stuff
 * django-reversion
     * https://github.com/etianen/django-reversion

asadb/forms/admin.py

@@ -22 +22 @@
 admin.site.register(forms.models.FYSM, FYSMAdmin)
 admin.site.register(forms.models.FYSMCategory, FYSMCategoryAdmin)
+
+class Admin_GroupMembershipUpdate(admin.ModelAdmin):
+    list_display = (
+        'pk',
+        'group',
+        'update_time',
+        'updater_name',
+        'updater_title',
+        'num_undergrads',
+        'num_grads',
+        'num_alum',
+        'num_other_affiliate',
+        'num_other',
+    )
+    list_display_links = ('pk', 'group', )
+admin.site.register(forms.models.GroupMembershipUpdate, Admin_GroupMembershipUpdate)
+
+class Admin_PersonMembershipUpdate(admin.ModelAdmin):
+    list_display = (
+        'pk',
+        'username',
+        'update_time',
+    )
+    list_display_links = ('pk', 'username', )
+admin.site.register(forms.models.PersonMembershipUpdate, Admin_PersonMembershipUpdate)

asadb/forms/models.py

@@ -135 +135 @@
             preview.update_time = cls.never_updated
             preview.save()
+
+
+class GroupMembershipUpdate(models.Model):
+    update_time = models.DateTimeField(default=datetime.datetime.utcfromtimestamp(0))
+    updater_name = models.CharField(max_length=30)
+    updater_title = models.CharField(max_length=30, help_text="You need not hold any particular title in the group, but we like to know who is completing the form.")
+    
+    group = models.ForeignKey(groups.models.Group, help_text="If your group does not appear in the list above, then please email asa-exec@mit.edu.")
+    group_email = models.EmailField(help_text="The text of the law will be automatically distributed to your members via this list, in order to comply with the law.")
+    officer_email = models.EmailField()
+
+    membership_definition = models.TextField()
+    num_undergrads = models.IntegerField()
+    num_grads = models.IntegerField()
+    num_alum = models.IntegerField()
+    num_other_affiliate = models.IntegerField()
+    num_other = models.IntegerField()
+
+    membership_list = models.TextField(help_text="Member emails on separate lines (Athena usernames where applicable)")
+
+    compliance_statement = "By checking this, I hereby affirm that I have read and understand Chapter 269: Sections 17, 18, and 19 of Massachusetts Law. I furthermore attest that I will distribute to group members, pledges, and/or applicants, copies of Massachusetts Law 269: 17, 18, 19 and that our organization, group, or team agrees to comply with the provisions of that law. (See below for text.)"
+    no_hazing = models.BooleanField(help_text=compliance_statement)
+
+
+class PersonMembershipUpdate(models.Model):
+    update_time = models.DateTimeField(default=datetime.datetime.utcfromtimestamp(0))
+    username = models.CharField(max_length=30)
+    groups = models.ManyToManyField(groups.models.Group, help_text="By selecting a group here, you indicate that you are an active member of the group in question.<br>If your group does not appear in the list above, then please email asa-exec@mit.edu.<br>")