Merge pull request #1087 from opengisch/master

QFieldCloud release v0.30.0

Author: dddpt

.env.example

@@ -63,6 +63,11 @@ MINIO_BROWSER_PORT=8010
 WEB_HTTP_PORT=80
 WEB_HTTPS_PORT=443
 
+# Messages are logged at the specified level and all more severe levels. The nginx default is `error`. Read more on https://nginx.org/en/docs/ngx_core_module.html#error_log.
+# OPTIONS: debug, info, notice, warn, error, crit, alert, emerg
+# DEFAULT: error
+NGINX_ERROR_LOG_LEVEL=error
+
 POSTGRES_USER=qfieldcloud_db_admin
 POSTGRES_PASSWORD=3shJDd2r7Twwkehb
 POSTGRES_DB=qfieldcloud_db

.github/workflows/test.yml

@@ -27,6 +27,9 @@ jobs:
         with:
           python-version: '3.12'
       - name: Pre-commit
+        env:
+          # set the `no-commit-to-branch` to be skipped, otherwise the check fails when we merge to `master` branch
+          SKIP: no-commit-to-branch
         uses: pre-commit/[email protected]
 
   test:

.pre-commit-config.yaml

@@ -1,25 +1,39 @@
 repos:
-  # Fix end of files
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.6.0
+    rev: v5.0.0
     hooks:
-      - id: trailing-whitespace
+      - id: check-ast
+        files: '.*\.py$'
+      - id: check-case-conflict
+      - id: check-executables-have-shebangs
+      - id: check-illegal-windows-names
+      - id: check-json
+      - id: check-merge-conflict
+      - id: check-symlinks
+      - id: check-toml
+      - id: check-yaml
+      - id: debug-statements
+      - id: destroyed-symlinks
       - id: end-of-file-fixer
+      - id: fix-byte-order-marker
+      - id: forbid-new-submodules
       - id: mixed-line-ending
         args:
           - '--fix=lf'
+      - id: no-commit-to-branch
+      - id: trailing-whitespace
 
   - repo: https://github.com/adamchainz/django-upgrade
-    rev: "1.21.0"
+    rev: '1.22.2'
     hooks:
     -   id: django-upgrade
-        args: [--target-version, "4.2", "--skip", "admin_register"]
-        files: "^docker-app/qfieldcloud/.*.py$"
+        args: [--target-version, '4.2', '--skip', 'admin_register']
+        files: '^docker-app/qfieldcloud/.*.py$'
 
   # Lint and format
   - repo: https://github.com/astral-sh/ruff-pre-commit
     # Ruff version.
-    rev: v0.6.3
+    rev: v0.8.1
     hooks:
       # Run the linter.
       - id: ruff
@@ -30,7 +44,7 @@ repos:
 
   # Static type-checking with mypy
   - repo: https://github.com/pre-commit/mirrors-mypy
-    rev: 'v1.11.2'
+    rev: v1.13.0
     hooks:
       - id: mypy
         additional_dependencies: [types-pytz, types-Deprecated, types-PyYAML, types-requests, types-tabulate, types-jsonschema, django-stubs, django-stubs-ext]

docker-app/manage.py

@@ -1,9 +1,52 @@
 from django.contrib import admin
 from django.contrib.admin import register
+from django.db.models import Q, QuerySet
+from django.http import HttpRequest
+from django.utils import timezone
 
 from .models import AuthToken
 
 
+class AuthTokenClientTypeFilter(admin.SimpleListFilter):
+    # Human-readable title which will be displayed
+    title = "Client type"
+
+    # Parameter for the filter that will be used in the URL query.
+    parameter_name = "client_type"
+
+    def lookups(
+        self, request: HttpRequest, model_admin: admin.ModelAdmin
+    ) -> list[tuple[str, str]]:
+        """
+        Returns a list of tuples. The first element in each
+        tuple is the coded value for the option that will
+        appear in the URL query. The second element is the
+        human-readable name for the option that will appear
+        in the right sidebar.
+        Here it is just the several available `AuthToken.ClientType`.
+        """
+        return AuthToken.ClientType.choices
+
+    def queryset(self, request: HttpRequest, queryset: QuerySet) -> QuerySet:
+        """
+        Returns the filtered queryset based on the value
+        provided in the query string and retrievable via
+        `self.value()`.
+        """
+        value = self.value()
+
+        if value is None:
+            return queryset
+
+        accepted_values = [ct[0] for ct in AuthToken.ClientType.choices]
+        if value not in accepted_values:
+            raise NotImplementedError(
+                f"Unknown client type: {value} (was expecting: {','.join(accepted_values)})"
+            )
+
+        return queryset.filter(Q(client_type=value))
+
+
 @register(AuthToken)
 class AuthTokenAdmin(admin.ModelAdmin):
     list_display = ("user", "created_at", "expires_at", "last_used_at", "client_type")
@@ -15,6 +58,21 @@ class AuthTokenAdmin(admin.ModelAdmin):
         "client_type",
         "user_agent",
     )
-    list_filter = ("created_at", "last_used_at", "expires_at")
+    list_filter = (
+        "created_at",
+        "last_used_at",
+        "expires_at",
+        AuthTokenClientTypeFilter,
+    )
+
+    actions = ("expire_selected_tokens",)
 
     search_fields = ("user__username__iexact", "client_type", "key__startswith")
+
+    def expire_selected_tokens(self, request: HttpRequest, queryset: QuerySet) -> None:
+        """
+        Sets a set of tokens to expired by updating the `expires_at` date to now.
+        Expires only valid tokens.
+        """
+        now = timezone.now()
+        queryset.filter(Q(expires_at__gt=now)).update(expires_at=now)

docker-app/qfieldcloud/authentication/admin.py

@@ -1258,55 +1258,23 @@ def download_deltafile(self, request, queryset: QuerySet) -> HttpResponse | None
         )
 
 
-class GeodbAdmin(QFieldCloudModelAdmin):
-    list_filter = ("created_at", "hostname")
-    list_display = (
-        "user",
-        "username",
-        "dbname",
-        "hostname",
-        "port",
-        "created_at",
-        "size",
-    )
-
-    fields = (
-        "user",
-        "username",
-        "dbname",
-        "hostname",
-        "port",
-        "created_at",
-        "size",
-        "last_geodb_error",
-    )
-
-    readonly_fields = ("size", "created_at", "last_geodb_error")
-
-    search_fields = (
-        "user__username",
-        "username",
-        "dbname",
-        "hostname",
-    )
-
-    def save_model(self, request, obj, form, change):
-        # Only on creation
-        if not change:
-            messages.add_message(
-                request,
-                messages.WARNING,
-                f"The password is (shown only once): {obj.password}",
-            )
-        super().save_model(request, obj, form, change)
-
-
 class OrganizationMemberInline(admin.TabularInline):
     model = OrganizationMember
     fk_name = "organization"
     extra = 0
 
-    autocomplete_fields = ("member",)
+    # These fields must be autocomplete due to performance issue in the default Django admin theme, as the foreign key dropdown renders all the options.
+    autocomplete_fields = (
+        "member",
+        "created_by",
+        "updated_by",
+    )
+    readonly_fields = (
+        "created_by",
+        "created_at",
+        "updated_by",
+        "updated_at",
+    )
 
 
 class TeamInline(admin.TabularInline):
@@ -1417,6 +1385,17 @@ def get_search_results(self, request, queryset, search_term):
 
         return queryset, use_distinct
 
+    def save_formset(self, request, form, formset, change):
+        for form_obj in formset:
+            if isinstance(form_obj.instance, OrganizationMember):
+                # add created_by only if it's a newly created OrganizationMember
+                if form_obj.instance.id is None:
+                    form_obj.instance.created_by = request.user
+
+                form_obj.instance.updated_by = request.user
+
+        super().save_formset(request, form, formset, change)
+
 
 class TeamMemberInline(admin.TabularInline):
     model = TeamMember
@@ -1522,7 +1501,6 @@ class LogEntryAdmin(
 admin.site.register(Secret, SecretAdmin)
 admin.site.register(Delta, DeltaAdmin)
 admin.site.register(Job, JobAdmin)
-admin.site.register(Geodb, GeodbAdmin)
 admin.site.register(LogEntry, LogEntryAdmin)
 
 # The sole purpose of the `User` and `UserAccount` admin modules is only to support autocomplete fields in Django admin

docker-app/qfieldcloud/core/admin.py

@@ -128,4 +128,4 @@ def do(self):
                 if package_id in job_ids:
                     continue
 
-                storage.delete_stored_package(project_id, package_id)
+                storage.delete_stored_package(project, package_id)

docker-app/qfieldcloud/core/cron.py

@@ -0,0 +1,125 @@
+from django.db.models import QuerySet
+from django.http import HttpRequest
+from rest_framework import filters, viewsets
+
+
+class QfcOrderingFilter(filters.OrderingFilter):
+    """Custom QFC OrderingFilter class that allows usage of custom attributes expression.
+
+    Use it in a ModelViewSet by setting the `filter_backends` and `ordering_fields` fields.
+    It is possible to use an `ordering_fields` expression value with attributes.
+    Custom attributes expression has form : "my_field::alias=my_field_alias,key=value"
+    """
+
+    SEPARATOR = "::"
+    TOKENS_LIST_SEPARATOR = ","
+    TOKENS_VALUE_SEPARATOR = "="
+
+    def _get_query_field(self, fields: list[str], term: str) -> str | None:
+        """Searches a term in a query field list.
+
+        The field list elements may start with "-".
+        This method should be used to search a term from a query's ordering fields.
+
+        Args:
+            fields (list[str]): list of fields to search
+            term (str): term to search in the list
+        Returns:
+            str | None: the matching field, if present in the list
+        """
+        for field in fields:
+            compare_value = field
+
+            # the "-" is used when the fields are sorted descending
+            if field.startswith("-"):
+                compare_value = field[1:]
+
+            if compare_value != term:
+                continue
+
+            return field
+        return None
+
+    def _parse_tokenized_attributes(self, raw: str) -> dict[str, str]:
+        """Parses an ordering field attributes expression.
+
+        Args:
+            raw (str): raw expression to parse, e.g.: "alias=my_field_alias,key=value"
+        Returns:
+            dict[str, str]: dict containing the expression's attributes
+        """
+        definition_attrs = raw.split(self.TOKENS_LIST_SEPARATOR)
+
+        attr_dict = {}
+        for attr in definition_attrs:
+            token, value = attr.split(self.TOKENS_VALUE_SEPARATOR, 1)
+            attr_dict[token] = value
+
+        return attr_dict
+
+    def _parse_definition(self, definition: str) -> tuple[str, dict[str, str]]:
+        """Parses a custom ordering field with attributes expression.
+
+        Args:
+            definition (str): raw definition of the ordering field to parse,
+                e.g.: "my_field::alias=my_field_alias,key=value"
+        Returns :
+            tuple[str, dict[str, str]]: tuple containing the field name (1st) and its attributes dict (2nd)
+        """
+        name, attr_str = definition.split(self.SEPARATOR, 1)
+        attrs = self._parse_tokenized_attributes(attr_str)
+
+        return name, attrs
+
+    def remove_invalid_fields(
+        self,
+        queryset: QuerySet,
+        fields: list[str],
+        view: viewsets.ModelViewSet,
+        request: HttpRequest,
+    ) -> list[str]:
+        """Process ordering fields by parsing custom field expression.
+
+        Custom attributes expression has form : "my_field::alias=my_field_alias,key=value".
+        In the above example, `alias` is the URL GET param value,
+        but `my_field` is the real model field.
+
+        Args:
+            queryset (QuerySet): Django's ORM queryset of the same model as the one used in view of the `ModelViewSet`
+            fields (list[str]): ordering fields passed to the HTTP querystring
+            view (ModelViewSet): DRF view instance
+            request (HttpRequest): DRF request instance
+        Returns :
+            list[str]: parsed ordering fields where aliases have been replaced
+        """
+        base_fields = super().remove_invalid_fields(queryset, fields, view, request)
+        valid_fields = []
+
+        for field_name, _verbose_name in self.get_valid_fields(
+            queryset, view, context={"request": request}
+        ):
+            # standard handling of fields from the base class
+            query_field_name = self._get_query_field(base_fields, field_name)
+
+            if query_field_name:
+                valid_fields.append(query_field_name)
+                continue
+
+            # skip fields without custom attributes expression
+            if self.SEPARATOR not in field_name:
+                continue
+
+            definition_name, attrs = self._parse_definition(field_name)
+            alias = attrs.get("alias", definition_name)
+            query_field_name = self._get_query_field(fields, alias)
+
+            # field is not in the HTTP GET request querystring
+            if not query_field_name:
+                continue
+
+            if query_field_name.startswith("-"):
+                definition_name = f"-{definition_name}"
+
+            valid_fields.append(definition_name)
+
+        return valid_fields