- 19 May, 2019 1 commit
-
-
Giorgos Kazelidis authored
- Created the session continuation template and modified the display_default_login_page() view to display the former when it is accessed by (logged-in) instances of the application user models (usermerge.{User/Admin}) - Modified the log_in() view to deny access to (logged-in) instances of the application user models (usermerge.{User/Admin}) - Modified the display_default_login_page(), log_in() and log_out() views to deny access to (logged-in) instances of Django's default user model (auth.User) - Defined the has_empty_profile() method for the usermerge.User model and used it in templates and views to enhance functionality and readability - Omitted the redundant user_id parameters/arguments from (i) the application site URLs defined in the URLconf and used in templates/views and (ii) the corresponding view declarations (the current/session user can be specified in any view via the user attribute of the associated request) - Utilized the recov_user_id value of the session data in the _display_user_profile_recovery_success_message() and _display_user_profile_recovery_error_messages() helper functions as well as the search_for_recovery_user_profile() and recover_user_profile() views to enhance functionality and security - Hooked the Django admin site into the /django-admin/ URL (instead of the default one, /admin/) to distinguish its pages from the ones that refer to the usermerge.Admin model and have an /admin/ URL prefix
-
- 13 May, 2019 1 commit
-
-
Giorgos Kazelidis authored
- Removed the last_login field from the User model, inserted it to the Registry model (a User instance retains now one last_login value for each Platform instance that is associated with it via the corresponding Registry instance) and modified the emission arguments of the user_logged_in signal for logged-in User instances - Constrained the email fields of the User/Admin models and user profile edit/recovery forms to a maximum length of 100 characters - Constrained the username and password fields of the login form to a minimum length of 8 characters - Omitted the redundant ECE-NTUA platform from the test Platform instances that are used to populate the usermerge_platform table of usermergeDB - Omitted the username format check {piYYbSSS with SSS <> 000} of the login form for the Novice and Grader platforms as there can exist valid usernames for them that are not in the aforementioned format - Enabled the Django admin site, registered all the application models to it and provided instructions on accessing it - Defined the User_login_required() and Admin_login_required() decorators and used them for enhanced access control in the majority of views - Reduced the database queries made in recover_user_profile() view to enhance its performance - Added the production_logs folder to the .gitignore file
-
- 23 Apr, 2019 1 commit
-
-
Giorgos Kazelidis authored
- Created and used a library of helper functions that refer (mainly) to views - Created and used a library of validators that refer (mainly) to forms - Corrected/enhanced the existing views - used TemplateResponse objects instead of calling the render() shortcut function, inserted post-validation error codes in template contexts when needed, etc. - Deleted the logout template and used redirection to the login template on logout - Corrected the generic URL format - Enhanced the documentation of templates and modules
-