RunasSudo/society-self-service
1
Fork 0
Code Issues 1 Pull Requests Activity

Implement membership renewal

Browse Source
This commit is contained in:
Yingtong Li 2020-03-10 17:29:57 +11:00
parent 187f3a9b7c
commit b725b46f2f
Signed by: RunasSudo
GPG Key ID: 7234E476BF21C61A
6 changed files with 61 additions and 129 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ssmembership/jinja2/ssmembership/onboard/complete.html → ssmembership/jinja2/ssmembership/renew/complete.html
View File

@ -2,7 +2,7 @@
{# {#
Society Self-Service Society Self-Service
Copyright © 2018-2019 Yingtong Li (RunasSudo) Copyright © 2018-2020 Yingtong Li (RunasSudo)
This program is free software: you can redistribute it and/or modify This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published by it under the terms of the GNU Affero General Public License as published by
@ -18,12 +18,12 @@
along with this program. If not, see <https://www.gnu.org/licenses/>. along with this program. If not, see <https://www.gnu.org/licenses/>.
#} #}
{% block title %}Membership activation complete{% endblock %} {% block title %}Membership renewal complete{% endblock %}
{% block content %} {% block content %}
<h1>Membership activation complete</h1> <h1>Membership renewal complete</h1>
<p>Your membership activation has been successfully processed.</p> <p>Your membership renewal has been successfully processed.</p>
<p>You can view and edit your membership details by <a href="{{ url('membership') }}">logging in</a>.</p> <p>You can view and edit your membership details by <a href="{{ url('membership') }}">logging in</a>.</p>
{% endblock %} {% endblock %}

12
ssmembership/jinja2/ssmembership/onboard/index.html → ssmembership/jinja2/ssmembership/renew/index.html
View File

@ -2,7 +2,7 @@
{# {#
Society Self-Service Society Self-Service
Copyright © 2018-2019 Yingtong Li (RunasSudo) Copyright © 2018-2020 Yingtong Li (RunasSudo)
This program is free software: you can redistribute it and/or modify This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published by it under the terms of the GNU Affero General Public License as published by
@ -18,14 +18,14 @@
along with this program. If not, see <https://www.gnu.org/licenses/>. along with this program. If not, see <https://www.gnu.org/licenses/>.
#} #}
{% block title %}Membership activation{% endblock %} {% block title %}Membership renewal{% endblock %}
{% block content %} {% block content %}
<h1>Membership activation</h1> <h1>Membership renewal</h1>
<p>To activate a new membership, please enter your details below:</p> <p>To renew your membership, please enter your details below:</p>
<form class="ui form" method="POST" action="{{ url('monboard_search') }}"> <form class="ui form" method="POST" action="{{ url('renew_search') }}">
<div class="ui required inline grid field"> <div class="ui required inline grid field">
<label class="three wide column">Student ID</label> <label class="three wide column">Student ID</label>
<div class="nine wide column"> <div class="nine wide column">
@ -36,7 +36,7 @@
<label class="three wide column">Email</label> <label class="three wide column">Email</label>
<div class="nine wide column"> <div class="nine wide column">
<input type="text" name="email" placeholder="abcd0001@student.monash.edu"> <input type="text" name="email" placeholder="abcd0001@student.monash.edu">
<div style="margin-top: 1.5em;">Enter the email address that is registered with MUMUS. This is the email which received the purchased ticket/receipt.</div> <div style="margin-top: 1.5em;">Enter the email address that is registered with MUMUS. This is the email which received the renewal notice.</div>
</div> </div>
</div> </div>
<div class="ui divider"></div> <div class="ui divider"></div>

20
ssmembership/jinja2/ssmembership/onboard/review.html → ssmembership/jinja2/ssmembership/renew/review.html
View File

@ -2,7 +2,7 @@
{# {#
Society Self-Service Society Self-Service
Copyright © 2018-2019 Yingtong Li (RunasSudo) Copyright © 2018-2020 Yingtong Li (RunasSudo)
This program is free software: you can redistribute it and/or modify This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published by it under the terms of the GNU Affero General Public License as published by
@ -18,17 +18,17 @@
along with this program. If not, see <https://www.gnu.org/licenses/>. along with this program. If not, see <https://www.gnu.org/licenses/>.
#} #}
{% block title %}Membership activation{% endblock %} {% block title %}Membership renewal{% endblock %}
{% block content %} {% block content %}
<h1>Membership activation</h1> <h1>Membership renewal</h1>
{% if not member %} {% if not member %}
<p>The details you entered do not match our records, or the membership has already been activated. <a href="{{ url('monboard_index') }}">Click here</a> to try again.</p> <p>The details you entered do not match our records. <a href="{{ url('renew_index') }}">Click here</a> to try again.</p>
{% else %} {% else %}
<p>Please check the following details and update them if necessary:</p> <p>Please check the following details and update them if necessary:</p>
<form class="ui form" method="POST" action="{{ url('monboard_save') }}"> <form class="ui form" method="POST" action="{{ url('renew_save') }}">
{% if errors %} {% if errors %}
<div class="ui visible error message"><ul> <div class="ui visible error message"><ul>
{% for error in errors %} {% for error in errors %}
@ -40,9 +40,13 @@
<label class="three wide column">Student ID</label> <label class="three wide column">Student ID</label>
<input class="nine wide column" type="text" name="student_id" value="{{ member.student_id }}"> <input class="nine wide column" type="text" name="student_id" value="{{ member.student_id }}">
</div> </div>
<div class="ui required inline grid field"> <div class="ui {% if member.email.endswith('@student.monash.edu') %}disabled{% else %}required{% endif %} inline grid field">
<label class="three wide column">Student email</label> <label class="three wide column">Student email</label>
<input class="nine wide column" type="text" name="email" value="{{ member.email }}"> {% if member.email.endswith('@student.monash.edu') %}
<div class="nine wide column">{{ member.email }}</div>
{% else %}
<input class="nine wide column" type="text" name="email" value="{{ member.email }}">
{% endif %}
</div> </div>
<div class="ui divider"></div> <div class="ui divider"></div>
<div class="ui required inline grid field"> <div class="ui required inline grid field">
@ -92,7 +96,7 @@
{% if group.subscribable %} {% if group.subscribable %}
<div class="field" style="display: inline; margin-right: 1em;"> <div class="field" style="display: inline; margin-right: 1em;">
<div class="ui checkbox"> <div class="ui checkbox">
<input type="checkbox" name="bulletin_group_{{ group.id }}" id="bulletin_group_{{ group.id }}"> <input type="checkbox" name="bulletin_group_{{ group.id }}" id="bulletin_group_{{ group.id }}"{% if group.contains_member(member) %} checked{% endif %}>
<label for="bulletin_group_{{ group.id }}">{{ group.name }}</label> <label for="bulletin_group_{{ group.id }}">{{ group.name }}</label>
</div> </div>
</div> </div>

78
ssmembership/monboard.py
View File

@ -1,78 +0,0 @@
# Society Self-Service
# Copyright © 2018-2019 Yingtong Li (RunasSudo)
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
import sqlite3
from django.utils import timezone
from . import models
import datetime
def get_members():
conn = sqlite3.connect('file:onboards.db?mode=ro', uri=True)
cur = conn.cursor()
cur.execute('SELECT * FROM members')
result = cur.fetchall()
conn.close()
return result
def by_email(email):
conn = sqlite3.connect('file:onboards.db?mode=ro', uri=True)
cur = conn.cursor()
cur.execute('SELECT * FROM members WHERE email=? AND imported=0', (email,))
result = cur.fetchone()
conn.close()
if not result:
return None
member = models.Member()
# id, student_id, email, first_name, last_name, year, is_msa, phone, date, purchased, imported
member.student_id = result[1]
member.email = result[2]
member.first_name = result[3]
member.last_name = result[4]
member.year = {'Year A': 0, 'Year 1': 1, 'Year 2': 2, 'Year 3B': 3, 'Year 4C': 4, 'Year 5D': 5, 'BMedSci': 97, 'PhD': 98, 'Intermission': 99}[result[5]]
member.is_msa = result[6]
member.phone = result[7]
member.member_type = 1 # Ordinary Member
# Calculate expiration date
member.expires = timezone.localtime(timezone.now()).date().replace(month=3, day=31)
member.expires = member.expires.replace(year=member.expires.year+1)
if member.expires < timezone.localtime(timezone.now()).date(): # Add 1 year if after Mar 31, else add 2 years
member.expires = member.expires.replace(year=member.expires.year+1)
return member
def delete_by_email(email):
conn = sqlite3.connect('file:onboards.db', uri=True)
cur = conn.cursor()
cur.execute('UPDATE members SET imported=1 WHERE email=?', (email,))
conn.commit()
conn.close()
def set_emailed_by_email(email):
conn = sqlite3.connect('file:onboards.db', uri=True)
cur = conn.cursor()
cur.execute('UPDATE members SET emailed=1 WHERE email=?', (email,))
conn.commit()
conn.close()

8
ssmembership/urls.py
View File

@ -20,10 +20,10 @@ from . import views
urlpatterns = [ urlpatterns = [
path('', views.index, name='membership'), path('', views.index, name='membership'),
path('onboard/', views.onboard_index, name='monboard_index'), path('renew/', views.renew_index, name='renew_index'),
path('onboard/signed', views.onboard_signed, name='monboard_signed'), path('renew/signed', views.renew_signed, name='renew_signed'),
path('onboard/search', views.onboard_search, name='monboard_search'), path('renew/search', views.renew_search, name='renew_search'),
path('onboard/save', views.onboard_save, name='monboard_save'), path('renew/save', views.renew_save, name='renew_save'),
path('signup/', views.signup_index, name='signup_index'), path('signup/', views.signup_index, name='signup_index'),
path('signup/save', views.signup_save, name='signup_save'), path('signup/save', views.signup_save, name='signup_save'),
] ]

64
ssmembership/views.py
View File

@ -1,5 +1,5 @@
# Society Self-Service # Society Self-Service
# Copyright © 2018-2019 Yingtong Li (RunasSudo) # Copyright © 2018-2020 Yingtong Li (RunasSudo)
# #
# This program is free software: you can redistribute it and/or modify # This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by # it under the terms of the GNU Affero General Public License as published by
@ -25,9 +25,10 @@ from django.shortcuts import render, redirect
from django.urls import reverse from django.urls import reverse
from django.utils import timezone from django.utils import timezone
from . import monboard
from . import models from . import models
import hmac
@login_required @login_required
def index(request): def index(request):
try: try:
@ -69,10 +70,10 @@ def index(request):
return render(request, 'ssmembership/index.html', {'member': member, 'years': models.Member.YEARS}) return render(request, 'ssmembership/index.html', {'member': member, 'years': models.Member.YEARS})
def onboard_index(request): def renew_index(request):
return render(request, 'ssmembership/onboard/index.html') return render(request, 'ssmembership/renew/index.html')
def onboard_signed(request): def renew_signed(request):
if 'email' not in request.GET: if 'email' not in request.GET:
return HttpResponse('Expected an email address', status=400) return HttpResponse('Expected an email address', status=400)
if 'sig' not in request.GET: if 'sig' not in request.GET:
@ -82,8 +83,8 @@ def onboard_signed(request):
if not hmac.compare_digest(sig_expected, request.GET['sig']): if not hmac.compare_digest(sig_expected, request.GET['sig']):
return HttpResponse('Invalid signature', status=403) return HttpResponse('Invalid signature', status=403)
member = monboard.by_email(request.GET['email']) member = models.Member.objects.get(email=request.GET['email'])
return render(request, 'ssmembership/onboard/review.html', { return render(request, 'ssmembership/renew/review.html', {
'member': member, 'member': member,
'years': models.Member.YEARS, 'years': models.Member.YEARS,
'email_orig': member.email if member else None, 'email_orig': member.email if member else None,
@ -91,54 +92,60 @@ def onboard_signed(request):
}) })
@ratelimit(key=settings.RATELIMIT_KEY, rate='100/h') @ratelimit(key=settings.RATELIMIT_KEY, rate='100/h')
def onboard_search(request): def renew_search(request):
if request.method != 'POST': if request.method != 'POST':
return redirect(reverse('onboard_index')) return redirect(reverse('renew_index'))
if request.limited: if request.limited:
return HttpResponse('Too many requests', status=429) return HttpResponse('Too many requests', status=429)
member = monboard.by_email(request.POST['email']) try:
if member and member.student_id != request.POST['student_id']: member = models.Member.objects.get(email=request.POST['email'])
if member.student_id != request.POST['student_id']:
member = None
except models.Member.DoesNotExist:
member = None member = None
return render(request, 'ssmembership/onboard/review.html', { return render(request, 'ssmembership/renew/review.html', {
'member': member, 'member': member,
'years': models.Member.YEARS, 'years': models.Member.YEARS,
'email_orig': member.email if member else None, 'email_orig': member.email if member else None,
'sig': hmac.new(settings.SECRET_KEY_MEMBERSIG.encode('utf-8'), member.email.encode('utf-8'), 'sha256').hexdigest() if member else None 'sig': hmac.new(settings.SECRET_KEY_MEMBERSIG.encode('utf-8'), member.email.encode('utf-8'), 'sha256').hexdigest() if member else None
}) })
def onboard_save(request): def renew_save(request):
if request.method != 'POST': if request.method != 'POST':
return redirect(reverse('onboard_index')) return redirect(reverse('renew_index'))
sig_expected = hmac.new(settings.SECRET_KEY_MEMBERSIG.encode('utf-8'), request.POST['email_orig'].encode('utf-8'), 'sha256').hexdigest() sig_expected = hmac.new(settings.SECRET_KEY_MEMBERSIG.encode('utf-8'), request.POST['email_orig'].encode('utf-8'), 'sha256').hexdigest()
if not hmac.compare_digest(sig_expected, request.POST['sig']): if not hmac.compare_digest(sig_expected, request.POST['sig']):
return HttpResponse('Invalid signature', status=403) return HttpResponse('Invalid signature', status=403)
member = monboard.by_email(request.POST['email_orig']) member = models.Member.objects.get(email=request.POST['email_orig'])
if not member: member.student_id = request.POST['student_id'].strip()
return render(request, 'ssmembership/onboard/review.html', { if not request.POST['email_orig'].endswith('@student.monash.edu'):
'member': member member.email = request.POST['email'].strip()
}) member.first_name = request.POST['first_name'].strip()
member.last_name = request.POST['last_name'].strip()
member.student_id = request.POST['student_id'] member.phone = request.POST['phone'].strip()
member.email = request.POST['email']
member.first_name = request.POST['first_name']
member.last_name = request.POST['last_name']
member.phone = request.POST['phone']
member.year = int(request.POST['year']) member.year = int(request.POST['year'])
member.is_msa = True if request.POST['is_msa'] == '1' else '0' member.is_msa = True if request.POST['is_msa'] == '1' else '0'
# Calculate expiration date
member.expires = timezone.localtime(timezone.now()).date().replace(month=3, day=31)
member.expires = member.expires.replace(year=member.expires.year+1)
if member.expires < timezone.localtime(timezone.now()).date(): # Add 1 year if after Mar 31, else add 2 years
member.expires = member.expires.replace(year=member.expires.year+1)
errors = member.validation_problems() errors = member.validation_problems()
if models.Member.objects.filter(email=request.POST['email']).count() > 0: if not request.POST['email_orig'].endswith('@student.monash.edu') and models.Member.objects.filter(email=member.email).count() > 0:
errors.append('Member with this email already exists') errors.append('Member with this email already exists')
if len(errors) > 0: if len(errors) > 0:
return render(request, 'ssmembership/onboard/review.html', { return render(request, 'ssmembership/renew/review.html', {
'member': member, 'member': member,
'years': models.Member.YEARS, 'years': models.Member.YEARS,
'email_orig': request.POST['email_orig'], 'email_orig': request.POST['email_orig'],
@ -158,8 +165,7 @@ def onboard_save(request):
else: else:
group.subscribe_member(member, False) group.subscribe_member(member, False)
monboard.delete_by_email(request.POST['email_orig']) return render(request, 'ssmembership/renew/complete.html')
return render(request, 'ssmembership/onboard/complete.html')
def signup_index(request): def signup_index(request):
return render(request, 'ssmembership/signup/index.html', { return render(request, 'ssmembership/signup/index.html', {