Fixes for gdb with OATH

bugfixes financeID and pretty otrs links

.gitignore

@@ -2,7 +2,7 @@
 /secrets.json
 /staticfiles
 # /foerderbarometer/settings.py
-/foerderbarometer/*settings*
+# /foerderbarometer/*settings*
 /input/settings.py
 /nohup.out
 /logfile

foerderbarometer/settings.py

@@ -0,0 +1,186 @@
+"""
+Django settings for foerderbarometer project.
+
+Generated by 'django-admin startproject' using Django 3.1.1.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/3.1/topics/settings/
+
+For the full list of settings and their values, see
+https://docs.djangoproject.com/en/3.1/ref/settings/
+"""
+
+import json
+import os
+from pathlib import Path
+
+from django.core.exceptions import ImproperlyConfigured
+
+# prefix for urls in mails
+URLPREFIX = 'https://fdb-devel.wikimedia.de'
+
+
+# mails in development go to stdout
+EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
+
+# EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
+
+#EMAIL_HOST = 'email.wikimedia.de'
+#EMAIL_PORT = '587'
+#EMAIL_USE_TLS = True
+#EMAIL_HOST_USER = get_secret('EMAIL_HOST_USER')
+#EMAIL_HOST_PASSWORD = get_secret('EMAIL_HOST_PASSWORD')
+
+
+# Build paths inside the project like this: BASE_DIR / 'subdir'.
+BASE_DIR = Path(__file__).resolve().parent.parent
+
+# get secrets
+with open(os.path.join(BASE_DIR, 'secrets.json')) as secrets_file:
+    secrets = json.load(secrets_file)
+
+def get_secret(setting, secrets=secrets):
+    """Get secret setting or fail with ImproperlyConfigured"""
+    try:
+        return secrets[setting]
+    except KeyError:
+        raise ImproperlyConfigured("Set the {} setting".format(setting))
+
+
+# Quick-start development settings - unsuitable for production
+# See https://docs.djangoproject.com/en/3.1/howto/deployment/checklist/
+
+# SECURITY WARNING: keep the secret key used in production secret!
+SECRET_KEY = get_secret('SECRET_KEY')
+
+# SECURITY WARNING: don't run with debug turned on in production!
+DEBUG = True
+
+STATIC_ROOT = BASE_DIR / 'staticfiles'
+
+ALLOWED_HOSTS = ['*']
+
+
+# Application definition
+
+INSTALLED_APPS = [
+    'input.apps.InputConfig',
+    'django.contrib.admin',
+    'django.contrib.auth',
+    'django.contrib.contenttypes',
+    'django.contrib.sessions',
+    'django.contrib.messages',
+    'django.contrib.staticfiles',
+    'formtools',
+]
+
+MIDDLEWARE = [
+    'django.middleware.security.SecurityMiddleware',
+    'whitenoise.middleware.WhiteNoiseMiddleware',
+    'django.contrib.sessions.middleware.SessionMiddleware',
+    'django.middleware.locale.LocaleMiddleware',
+    'django.middleware.common.CommonMiddleware',
+    'django.middleware.csrf.CsrfViewMiddleware',
+    'django.contrib.auth.middleware.AuthenticationMiddleware',
+    'django.contrib.messages.middleware.MessageMiddleware',
+    'django.middleware.clickjacking.XFrameOptionsMiddleware',
+    'input.middleware.oauth.OAuthMiddleware'
+]
+
+ROOT_URLCONF = 'foerderbarometer.urls'
+
+TEMPLATES = [
+    {
+        'BACKEND': 'django.template.backends.django.DjangoTemplates',
+        'DIRS': [],
+        'APP_DIRS': True,
+        'OPTIONS': {
+            'context_processors': [
+                'django.template.context_processors.debug',
+                'django.template.context_processors.request',
+                'django.contrib.auth.context_processors.auth',
+                'django.contrib.messages.context_processors.messages',
+            ],
+        },
+    },
+]
+
+WSGI_APPLICATION = 'foerderbarometer.wsgi.application'
+
+
+# Database
+# https://docs.djangoproject.com/en/3.1/ref/settings/#databases
+
+DATABASES = {
+    'default': {
+        'ENGINE': 'django.db.backends.sqlite3',
+        'NAME': BASE_DIR / 'db.sqlite3',
+        'PASSWORD': get_secret('DATABASE_PASSWORD')
+    }
+}
+
+
+# Password validation
+# https://docs.djangoproject.com/en/3.1/ref/settings/#auth-password-validators
+
+AUTH_PASSWORD_VALIDATORS = [
+    {
+        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
+    },
+    {
+        'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
+    },
+    {
+        'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
+    },
+    {
+        'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
+    },
+]
+
+
+# Internationalization
+# https://docs.djangoproject.com/en/3.1/topics/i18n/
+
+LANGUAGE_CODE = 'en-us'
+
+TIME_ZONE = 'UTC'
+
+USE_I18N = True
+
+USE_L10N = True
+
+USE_TZ = True
+
+
+# Static files (CSS, JavaScript, Images)
+# https://docs.djangoproject.com/en/3.1/howto/static-files/
+
+STATIC_URL = '/static/'
+
+# needed since django 3.2
+DEFAULT_AUTO_FIELD = 'django.db.models.AutoField'
+
+
+# OAuth Settings
+OAUTH_URL_WHITELISTS = ['/admin']
+
+OAUTH_CLIENT_NAME = '<name-of-the-configured-wikimedia-app>'
+OAUTH_CLIENT_NAME = get_secret('OAUTH_CLIENT_NAME')
+
+
+OAUTH_CLIENT = {
+    'client_id': get_secret('OAUTH_CLIENT_ID'),
+    'client_secret': get_secret('OAUTH_CLIENT_SECRET'),
+    'access_token_url': 'https://meta.wikimedia.org/w/rest.php/oauth2/access_token',
+    'authorize_url': 'https://meta.wikimedia.org/w/rest.php/oauth2/authorize',
+    'api_base_url': 'https://meta.wikimedia.org/w/rest.php/oauth2/resource',
+    'redirect_uri': 'https://fdb-devel.wikimedia.de/oauth/callback',
+    'client_kwargs': {
+	'scope': 'basic',
+        'token_placement': 'header'
+    },
+    'userinfo_endpoint': 'resource/profile',
+}
+
+OAUTH_COOKIE_SESSION_ID = 'sso_session_id'

input/admin.py

@@ -36,6 +36,11 @@ class ProjectAdmin(admin.ModelAdmin):
     date_hierarchy = 'end'
     readonly_fields = ('end_quartal', 'project_of_year', 'pid', 'finance_id')
 
+    class Media:
+        js = ('dropdown/js/otrs_link.js',)
+
+
+
 @admin.register(BusinessCard)
 class BusinessCardAdmin(admin.ModelAdmin):
     save_as = True    

input/forms.py

@@ -26,6 +26,9 @@ class ProjectForm(FdbForm):
         widgets = {'start': AdminDateWidget(),
                    'end': AdminDateWidget(),}
 
+    class Media:
+        js = ('dropdown/js/otrs_link.js',)
+
 
 class ExternForm(FdbForm):
 

input/middleware/oauth.py

@@ -14,6 +14,9 @@ class OAuthMiddleware(MiddlewareMixin):
         self.oauth = OAuth()
 
     def process_request(self, request):
+        # added this if clause to get the landing page before oauth
+        if request.path == '/':
+            return self.get_response(request)
         if settings.OAUTH_URL_WHITELISTS is not None:
             for w in settings.OAUTH_URL_WHITELISTS:
                 if request.path.startswith(w):

input/models.py

@@ -13,7 +13,7 @@ EMAIL_STATES = {'NONE': 'noch keine Mail versendet',
 
 class Volunteer(models.Model):
     realname = models.CharField(max_length=200, null=True, verbose_name="Realname",
-                                help_text="Bitte gib deinen Vornamen und deinen Nachnamen ein.", default='oi')
+                                help_text="Bitte gib deinen Vornamen und deinen Nachnamen ein.", default='')
     email = models.EmailField(max_length=200, null=True, verbose_name='E-Mail-Adresse',
                               help_text=format_html('Bitte gib deine E-Mail-Adresse ein, damit dich<br>Wikimedia Deutschland bei Rückfragen oder für<br>die Zusage kontaktieren kann.'))
 

input/static/dropdown/js/otrs_link.js

@@ -0,0 +1,19 @@
+window.addEventListener("load", function() {
+(function($) {
+    $(function() {
+
+               let otrs_link = document.querySelector(".field-otrs > div > p.url > a").href;
+               console.log(otrs_link);
+               alert(otrs_link);
+
+               let otrs_link_pret = otrs_link.replace(/%3B/g, ";");
+               let otrs_link_pretty = otrs_link_pret.replace(/%3D/g, "=");
+               
+               console.log(otrs_link_pretty);
+                                 
+               document.querySelector(".field-otrs > div > p.url > a").href = otrs_link_pretty;
+               
+
+    });
+})(django.jQuery);
+});

input/templates/input/index.html

@@ -0,0 +1,69 @@
+{% load static  %}
+
+
+<link rel="stylesheet" type="text/css" href="{% static 'admin/css/base.css' %}" />
+<link rel="stylesheet" type="text/css" href="{% static 'admin/css/widgets.css' %}" />
+
+
+{% load i18n %}
+
+{% csrf_token %}
+
+
+<center>
+  <style>
+    ul > li {
+      list-style-type: none;
+    }
+    ul {
+      padding-left: 10;
+    }
+    label.required::after {
+      content: ' *';
+      color: red;
+    }
+    .div15 {
+      height: 15%;
+    }
+    .div5 {
+      height: 5%;
+    }
+    .button1 {
+      width: 40vw;
+      height: 6vh;
+      display: flex;
+      justify-content: center;
+      align-items: center;
+      font-weight: bold;
+      font-size: 4vh;
+    }
+      
+  </style>
+
+<div class="div5"></div>
+<p>
+Herzlich willkommen im Förderanfrageportal von Wikimedia Deutschland!
+</p>
+<div class="div5"></div>
+<!-- <a href="http://fdb-devel.wikimedia.de/extern"style="float:right;padding-right:10%;">OAUTH</a>
+<a href="http://fdb-devel.wikimedia.de/extern" style="float:left;padding-left:10%;">OAUTH</a> -->
+<p>
+<img src="https://upload.wikimedia.org/wikipedia/commons/c/c4/Figuren_klein.jpg"><p>
+Um eine Unterstützungsleistung im Rahmen der Förderangebote anfragen zu können, verifiziere dich bitte mit deinem Wikimedia-Konto. 
+<br>Weitere Informationen und Hintergründe findest du unter
+<a href="https://de.wikipedia.org/wiki/Wikipedia:Förderung/Förderangebote">
+  Förderportal</a> in der deutschsprachigen Wikipedia.
+<p>
+<div class="div5"></div>
+<div class="button button1"><a href="/extern"><div class="button1_text">Anmelden</div></a></div>
+<div class="div5"></div>
+<div class="div5"></div>
+<br>Für alle Fragen wende dich gern an das <a href="https://de.wikipedia.org/wiki/Wikipedia:Förderung/Wikimedia_Deutschland">Team Communitys und Engagement</a>.
+<br>Für interessierte Hacker gibts auch den <a href="https://srcsrv.wikimedia.de/beba/foerderbarometer">Sourcecode</a> zum Formular und was damit passiert.
+<p>
+  <a href="https://www.wikimedia.de/impressum/">Impressum</a>
+<p>
+</center>
+
+
+

input/urls.py

@@ -1,9 +1,10 @@
 from django.urls import path
-from .views import ExternView, done, authorize, deny, InternView, export
+from .views import ExternView, index, done, authorize, deny, InternView, export
 from django.contrib import admin
 
 urlpatterns = [
-    path('', ExternView.as_view(), name='extern'),
+    path('', index, name='index'),
+    path('extern', ExternView.as_view(), name='extern'),
 #    path('intern', InternView.as_view(), name='intern'),
     path('admin/', admin.site.urls),
     path('saved', done, name='done'),

input/views.py

@@ -70,6 +70,8 @@ def deny(request, choice, pk):
 def done(request):
     return HttpResponse("Deine Anfrage wurde gesendet. Du erhältst in Kürze eine E-Mail-Benachrichtigung mit deinen Angaben. Für alle Fragen kontaktiere bitte das Team Communitys und Engagement unter community@wikimedia.de.")
 
+def index(request):
+    return render(request, 'input/index.html')
 
 class InternView(LoginRequiredMixin, CookieWizardView):
     '''This View is for WMDE-employees only'''