Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add anonymous calendar links with user tokens #36

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add anonymous calendar links with user tokens #36

wants to merge 1 commit into from

Conversation

schliz
Copy link
Collaborator

@schliz schliz commented Jul 6, 2024

  • Add ical_token to User model
  • Allow ical export in UserFeed with out authentication but using a token as GET parameter
  • Add UI for (re-)generating calendar tokens in the profile page

Viele Grüße der Schliz

@schliz
Add anonymous calendar links with user tokens
f6083fd 
- Add ical_token to User model
- Allow ical export in UserFeed with out authentication but using a
token as GET parameter
- Add UI for (re-)generating calendar tokens in the profile page

Viele Grüße der Schliz
Yusuf-Duran
Yusuf-Duran approved these changes Jul 6, 2024
View reviewed changes
Copy link

@Yusuf-Duran Yusuf-Duran left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

lewellien
lewellien reviewed Jul 11, 2024
View reviewed changes
Copy link
Member

@lewellien lewellien left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Generell eine Idee das Problem zu lösen, mit dem aktuellen SSO-Ansatz allerdings nicht besonders nachhaltig.

Eine Verwendung con CalDAV o.Ä. wäre vmtl besser langfristig und für Gruppenkalender besser mit entsprechenden "CalendarUser" Objekten im cal Modul

src/shiftings/accounts/urls/user.py
@@ -30,6 +30,7 @@
name='password_reset_success'),
path('calendar/', UserFeed(), name='user_calendar'),
path('participation_calendar/', OwnShiftsFeed(), name='user_participation_calendar'),
path('ical_token_reset/', UserRegenerateCalendarTokenView.as_view(), name='user_ical_token_reset')
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ich fände rengenerate oder renew da besser da es ja kein reset ist

src/shiftings/accounts/models/user.py
def all_shifts_url(self):
git if self.ical_token is None:
return None
return local_settings.SITE + '/user/calendar?token=' + self.ical_token
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Was tut das?
Einfach Dinge aus local_settings importieren bringt nix das gibts bei dir aber das wars
Mal abgesehen davon das SITE vom Request abhängt

Ein fstring ist mMn ebenfalls wesentlich lesbarer:
f'{SITE}/user../{self.ical_token}'

src/shiftings/accounts/models/user.py
def my_shifts_url(self):
if self.ical_token is None:
return None
return local_settings.SITE + '/user/participation_calendar?token=' + self.ical_token
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

s.o.

src/shiftings/accounts/templates/accounts/user_detail.html
<h4>{% trans "Calendar URL" %}</h4>
<button class="btn btn-info" title="{% trans "Reset iCalendar Link Token" %}" data-bs-toggle="modal"
data-bs-target="#resetCalendarToken">
{% trans "Reset Token" %} <i class="fa-solid fa-repeat"></i>
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ist das ein Reset?

src/shiftings/cal/feed/user.py
if request.user.is_authenticated:
return request.user

# noinspection all
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sowas würde ich eher nicht verwenden meistens hat es einen Grund wenn die inspection meckert

src/shiftings/cal/feed/user.py
return request.user

# noinspection all
user = User.objects.get(ical_token=request.GET.get('token', ''))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Das reicht nicht ganz aus, vor allem für SSO-User müsste man das einmal im Monat checken ob der die Gruppen überhaupt noch sehen darf und dazu bräuchte man nen SSO Login.

src/shiftings/templates/widgets/copy_input.html
@@ -0,0 +1,7 @@
<button onclick="
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Format
Was tut dieses
Auch wenn das inline im Button geht wäre es vmtl besser das irgendwo als inkludierbares Skript schnipsel zu haben.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lewellien lewellien lewellien left review comments

@Yusuf-Duran Yusuf-Duran Yusuf-Duran approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@schliz @Yusuf-Duran @lewellien