1. 19 May, 2019 1 commit
    • Giorgos Kazelidis's avatar
      - Created the session continuation template and modified the... · d8ab8257
      Giorgos Kazelidis authored
      - Created the session continuation template and modified the display_default_login_page() view to display the former when it is accessed by (logged-in) instances of the application user models (usermerge.{User/Admin})
      - Modified the log_in() view to deny access to (logged-in) instances of the application user models (usermerge.{User/Admin})
      - Modified the display_default_login_page(), log_in() and log_out() views to deny access to (logged-in) instances of Django's default user model (auth.User)
      - Defined the has_empty_profile() method for the usermerge.User model and used it in templates and views to enhance functionality and readability
      - Omitted the redundant user_id parameters/arguments from (i) the application site URLs defined in the URLconf and used in templates/views and (ii) the corresponding view declarations (the current/session user can be specified in any view via the user attribute of the associated request)
      - Utilized the recov_user_id value of the session data in the _display_user_profile_recovery_success_message() and _display_user_profile_recovery_error_messages() helper functions as well as the search_for_recovery_user_profile() and recover_user_profile() views to enhance functionality and security
      - Hooked the Django admin site into the /django-admin/ URL (instead of the default one, /admin/) to distinguish its pages from the ones that refer to the usermerge.Admin model and have an /admin/ URL prefix
      d8ab8257
  2. 13 May, 2019 1 commit
    • Giorgos Kazelidis's avatar
      - Defined __str__() methods for all the application models · 95a43695
      Giorgos Kazelidis authored
      - Removed the last_login field from the User model, inserted it to the Registry model (a User instance retains now one last_login value for each Platform instance that is associated with it via the corresponding Registry instance) and modified the emission arguments of the user_logged_in signal for logged-in User instances
      - Constrained the email fields of the User/Admin models and user profile edit/recovery forms to a maximum length of 100 characters
      - Constrained the username and password fields of the login form to a minimum length of 8 characters
      - Omitted the redundant ECE-NTUA platform from the test Platform instances that are used to populate the usermerge_platform table of usermergeDB
      - Omitted the username format check {piYYbSSS with SSS <> 000} of the login form for the Novice and Grader platforms as there can exist valid usernames for them that are not in the aforementioned format
      - Enabled the Django admin site, registered all the application models to it and provided instructions on accessing it
      - Defined the User_login_required() and Admin_login_required() decorators and used them for enhanced access control in the majority of views
      - Reduced the database queries made in recover_user_profile() view to enhance its performance
      - Added the production_logs folder to the .gitignore file
      95a43695
  3. 23 Apr, 2019 1 commit
    • Giorgos Kazelidis's avatar
      - Implemented the user profile edit, search and recovery tasks · e324d683
      Giorgos Kazelidis authored
      - Created and used a library of helper functions that refer (mainly) to views
      - Created and used a library of validators that refer (mainly) to forms
      - Corrected/enhanced the existing views - used TemplateResponse objects instead of calling the render() shortcut function, inserted post-validation error codes in template contexts when needed, etc.
      - Deleted the logout template and used redirection to the login template on logout
      - Corrected the generic URL format
      - Enhanced the documentation of templates and modules
      e324d683