Commit graph

583 commits

Author SHA1 Message Date
Sachi King
4a5e4dc6ea Use a standard login handler
Is there any reason to not use the standard login decorator?
2017-05-07 19:19:53 +10:00
Sachi King
8cb7bcc021 Link to GCP storage for files
WARNING: We need to reflect in the webpage that these won't be behind a
login.

GitLab Issue #2
2017-05-07 16:17:29 +10:00
Sachi King
e61d87d37c Py3 fixes for guest hash generation 2017-05-07 16:17:06 +10:00
Sachi King
a36ff64a82 Support monospace TextFields instead of Markdown
Drop markdown for monospace

With markdown, we're only allowing about 1/10 of what is possible.
This creates a false reality and expectation.  Lets not suggest this.
Nor do we have in-editor preview.  So the user has to save, look at it,
then go back and edit.  And seeing a bunch of sanitized HTML or just
missing sections isn't firendly.

Monospace, what you type, is what you're going to get.  It gives the
presenter enough power to build a readable abstract, but not so much
that they can break the page and it's CSS, nor the ability to confuse
onselve through not getting what you expect.

We keep bleach sanitation and we should probably run linkify on this in
the long term.  (Turn links into clickable links)
2017-05-07 13:22:28 +10:00
Sachi King
fb5eaea880 Add a CSS class on required fields labels
This makes it possible to add a ' *' required notifier to labels without
needing a bunch of custom form code in templates.
2017-04-29 15:47:19 +10:00
Sachi King
997380152e Silence MARKDOWN debug 2017-04-29 15:47:19 +10:00
Sachi King
21b2a01a84 Py2 compatability has been broke elsewhere drop it
This is all noop in Py3, and Py2 is broke now in various places.
Dropping Py2 code as it will not be a thing going forward.

Django 2 is the next release, Py2 support will be dropped, as such,
dropping this is forward looking.
2017-04-29 15:47:19 +10:00
Sachi King
0652471164 Sanitize user input on markdown fields
This is an XSS vulnribilitiy.

This also blocks a number of MD attributes that a user might attempt to
use.

The following are the allowed attributes.

['a', 'abbr', 'acronym', 'b', 'blockquote', 'code', 'em', 'i', 'li',
'ol', 'p', 'pre', 'strong', 'ul']

I belive this to be acceptable, as honeslty, a speaker using H1 is going
to stomp all over the page and make it harder for the reviewer to parse.

UX wise, it's less than great.  A user can do # title and be left with
<h1> in the sanitized output.
2017-04-29 15:47:08 +10:00
Sachi King
298b162be6 Flake8 Fixes
Mostly whitespace fixes
Some unicode fixes
Fixed up CSV writer.  str is not bytes and all.
2017-04-17 22:51:48 +10:00
Sachi King
ecf14b514d Remove print statements.
I was originally going to switch to print function, but frankly I can't
see any reason to keep these.  I don't know what data it's leaking into
the logs, but it certainly doesn't seem useful

StringIO is not in Py3.  And it's not used at all, so removing that
import.  Seems to work with Py3 now.  More testing is required.
2017-04-17 15:47:10 +10:00
Sachi King
de08802d5b If user does not exist, catch exception
User = None
2017-04-02 22:07:26 +10:00
Sachi King
8621bdb8fe Use django to do lookups. Removes dj-user-accounts 2017-03-26 12:33:27 +11:00
Sachi King
d5986de870 Use django's login_required decorator
This only seems to be here to have some custom login_url used bypassing
django's model.  Well as we want to use django's model, this just won't
do.  So lets move to using django's model.
2017-03-26 12:32:32 +11:00
Joel Addison
155f841afa Generate ical description dynamically
Use method instead of class attribute for ical feed description.
This allows the class to be instantiated without a database being
available (eg. during migrate).
2017-01-29 22:08:49 +10:00
Scott Bragg
37dd7dd15b Fixed recording release to default false 2017-01-15 15:39:44 +11:00
Scott Bragg
8cf4bf3490 Add twitter to json 2017-01-15 09:55:53 +11:00
Scott Bragg
4e22717639 Add description to ICal feed to help Giggety app identify conference 2017-01-14 09:47:14 +11:00
Christopher Neugebauer
2dbf020a81 Unbreaks URLs 2017-01-13 09:05:47 +11:00
Scott Bragg
46ca912f7c Give all ical events a unique uid and remove shortbreaks 2017-01-12 20:21:47 +11:00
James Polley
3d626e8420 Handle slots with no Proposal
* Use the item kind for a title if there's no proposal
* Use the content_override for the description if there's no proposal
2017-01-12 16:58:26 +11:00
James Polley
710d377016 Include author details in iCal event description 2017-01-12 16:01:10 +11:00
Christopher Neugebauer
34e250322c Adds chair() method to sessions so that templates can easily determine who the chair is. 2017-01-10 21:23:07 +11:00
Christopher Neugebauer
b783901e98 Volunteers need to have a ticket before they can apply to volunteer. 2017-01-10 21:23:07 +11:00
Scott Bragg
dbb4ebbb70 Add a permission to view speaker contact details in conference.json 2016-12-30 19:21:36 +11:00
Scott Bragg
765e80765c Added Track model for schedule headings 2016-12-24 17:55:11 +11:00
Scott Bragg
7ae022d2c4 Added track name to room, added day option to conference schedule view 2016-12-24 15:24:31 +11:00
Scott Bragg
d6ac7edc5d Added timezone to start/end datetimes 2016-12-23 20:12:38 +11:00
Scott Bragg
a37d620afb Adds an ical feed 2016-12-22 12:00:23 +11:00
Scott Bragg
cdec6e2258 Slot name needs to be looooooonger 2016-12-10 17:37:01 +11:00
Scott Bragg
de38ffac9e Needs an additional migration to merge two 0003 migrations in schedule. 2016-12-10 17:07:38 +11:00
Christopher Neugebauer
5e372be5f6 Fixes issue with conference.json view 2016-12-10 14:48:30 +11:00
Christopher Neugebauer
4838adf775 Adds “exclusive” field to slots, so that you don’t need to add every single room to exclusive events (like keynotes) 2016-12-10 08:30:51 +11:00
Scott Bragg
02d7066c44 Increase slot name since it's made up of room names and our room names are long. 2016-11-13 15:31:08 +11:00
Scott Bragg
42372791d5 Don't notify everyone when a proposal changes, only the admins 2016-09-27 19:21:57 +10:00
Christopher Neugebauer
2aa0074bdc Removes speaker assistance options from the profile form. 2016-09-26 11:18:05 +10:00
Christopher Neugebauer
699b32b938 Adds “publish changes” behaviour to views so that we can publish edits to abstracts. 2016-09-18 15:52:45 +10:00
Christopher Neugebauer
f42766beef Respects unpublishing in lists. 2016-09-18 15:52:45 +10:00
Christopher Neugebauer
970e002157 Do not show a presentation if it is unpublished 2016-09-18 15:52:45 +10:00
Christopher Neugebauer
3b4a51e6d4 Adds “unpublish” option to presentations (to temporarily hide from the schedule and from view by non-staff) 2016-09-18 15:52:45 +10:00
Scott Bragg
50ee66d200 Merge branch 'chrisjrn/better_mailer' of https://github.com/lca2017/symposion into chrisjrn/better_mailer
Conflicts:
	symposion/utils/mail.py
2016-09-18 12:40:45 +10:00
Christopher Neugebauer
96683b6d7d Refactors to be a bit less obtuse 2016-09-18 12:37:08 +10:00
Christopher Neugebauer
d54d47487e send_mail is no longer hardwired to point at symposion/emails (who does that?!) 2016-09-18 12:37:08 +10:00
Scott Bragg
433a99a402 All the migrations seem fixed now 2016-09-17 15:53:47 +10:00
Christopher Neugebauer
6fadca1773 Removes BCC amendment to mail.py 2016-09-07 12:01:34 +10:00
Scott Bragg
da56226732 Changed var name 2016-09-03 15:06:01 +10:00
Scott Bragg
c7608fb0d5 Added ResultNotification to admin, fixed subject as template 2016-09-03 13:16:05 +10:00
Scott Bragg
420d8ec870 Remove description from Presentation, add fields to proposal for notification template. 2016-09-03 12:48:31 +10:00
Christopher Neugebauer
d9b1583dfe Adds more fields to the reviews CSV 2016-08-25 10:40:21 +10:00
Christopher Neugebauer
b6b6c51cc1 Refactors to be a bit less obtuse 2016-08-21 15:31:09 +10:00
Christopher Neugebauer
565a353375 send_mail is no longer hardwired to point at symposion/emails (who does that?!) 2016-08-21 15:28:22 +10:00