4 weeks agoFix missing logging on production server master production
Sybren A. Stüvel [Mon, 8 Jun 2020 11:11:57 +0000 (13:11 +0200)]
Fix missing logging on production server

The issue was that Python's `TimedRotatingFileHandler` is not thread/process
safe (even though the `logging` module documentation says differently).

Python logging is now sent to stderr, where it is captured by uWSGI and
logged to disk. It is now uWSGI that performs rollover, based on the log
file size. It is up to a cron job to clean up old log files.

5 weeks agoMake the reCAPTCHA function repeatable
Sybren A. Stüvel [Tue, 2 Jun 2020 16:02:20 +0000 (18:02 +0200)]
Make the reCAPTCHA function repeatable

Apparently `grecaptcha.execute();` won't run twice. This makes sense, as
it's supposed to run on submit, and not on
button-click-that-may-trigger-submit. However, when the form submission
is halted for some reason, the button still needs to call the
`callback_recaptcha_ok()` callback to allow form submission.

5 weeks agoPerform check for recent subscriptions on checkout form
Sybren A. Stüvel [Fri, 29 May 2020 13:26:23 +0000 (15:26 +0200)]
Perform check for recent subscriptions on checkout form

The checkout form now checks for recently-created subscriptions, and will
require the user to check a checkbox before creating another one.

5 weeks agoCleanup: split checkout function into separate functions
Sybren A. Stüvel [Fri, 29 May 2020 08:34:35 +0000 (10:34 +0200)]
Cleanup: split checkout function into separate functions

The `CheckoutView.form_valid()` function was doing way too much in one
function, so I split it up into smaller chunks. It could be split up and
cleaned up more, but this is a nice start.

No functional changes.

5 weeks agoTests: hide coverage report on test failure
Sybren A. Stüvel [Fri, 29 May 2020 13:27:50 +0000 (15:27 +0200)]
Tests: hide coverage report on test failure

The coverage report is quite long, so it scrolls the actual error messages
way off screen.

5 weeks agoFix T76716 - Ensure CSRF token in landing page
Francesco Siddi [Fri, 29 May 2020 07:27:46 +0000 (09:27 +0200)]
Fix T76716 - Ensure CSRF token in landing page

When the user is not authenticated, there is a possibility that the csrf_token
is not set in the user session. This causes the currency change switch to
send a POST request that gets rejected. By adding {% csrf_token %} we
force the creation of the token in the session. This could have been done
using the ensure_csrf_cookie method, but the landing view is served by the
Wagtail framework, which would need to be "extended" to support this.
In this case we prefer to keep tings simple.

6 weeks agoRestructure reCaptcha integration
Sybren A. Stüvel [Thu, 28 May 2020 16:15:21 +0000 (18:15 +0200)]
Restructure reCaptcha integration

The old approach was submitting the form when the CAPTCHA check would
succeeded via `theform.submit()`. This does not trigger on-submit
events, and as a result interfered with the BrainTree processing of the

The new approach changes the submit button to a regular button, and
performs the CAPTCHA check in its on-click handler. As a result, this
check doesn't need the form's on-submit handler any more. By calling
`theform.requestSubmit()`, the BrainTree on-submit handler is still
called, and things should work again.

6 weeks agoUpdate package.json and package-lock.json
Francesco Siddi [Tue, 26 May 2020 10:26:57 +0000 (12:26 +0200)]
Update package.json and package-lock.json

Various security updates.

3 months agoBraintree: expire client tokens after 10 minutes
Sybren A. Stüvel [Tue, 7 Apr 2020 16:37:21 +0000 (18:37 +0200)]
Braintree: expire client tokens after 10 minutes

Braintree expires client tokens after 24 hours. We don't even have to keep
them for that long.

3 months agoBraintree: upgrade JavaScript dropin 1.13.0 → 1.22.1
Sybren A. Stüvel [Tue, 7 Apr 2020 14:45:09 +0000 (16:45 +0200)]
Braintree: upgrade JavaScript dropin 1.13.0 → 1.22.1

Maybe this helps with the error we're seeing in the production site on the
checkout page:

{'data': None,
 'errors': [{'extensions': {'errorClass': 'AUTHENTICATION',
    'errorType': 'developer_error'},
   'message': 'Authentication credentials are invalid.'}],
 'extensions': {'requestId': 'xxxx'}}

3 months agoUnlimited length for Transaction.failure_message
Sybren A. Stüvel [Thu, 26 Mar 2020 09:13:44 +0000 (10:13 +0100)]
Unlimited length for Transaction.failure_message

In PostgreSQL there is no performance difference between VARCHAR and TEXT,
so it's better to just have unlimited space for error messages.

3 months agoFix transaction failure message not fitting into database field
Sybren A. Stüvel [Thu, 26 Mar 2020 09:02:03 +0000 (10:02 +0100)]
Fix transaction failure message not fitting into database field

Due to a recent DDoS attack there were timeouts connecting to the Braintree
payment gateway, resulting in long error messages. These couldn't fit into
the database.

This commit lengthens the `Transaction.failure_message` field from 128 to
255 characters and shortens failure messages that are still too long to

3 months agoAdded missing template `payment_method_not_used.pug`
Sybren A. Stüvel [Mon, 16 Mar 2020 10:22:43 +0000 (11:22 +0100)]
Added missing template `payment_method_not_used.pug`

4 months agoFix error when user tries to pay existing order online via bank transfer
Sybren A. Stüvel [Mon, 24 Feb 2020 13:03:21 +0000 (14:03 +0100)]
Fix error when user tries to pay existing order online via bank transfer

Paying online via bank transfer is not possible, and this was taken into
account for new memberships but not when paying existing orders.

4 months agoReCaptcha: include reCaptcha response in the log in case of a failed check
Sybren A. Stüvel [Thu, 20 Feb 2020 09:40:17 +0000 (10:40 +0100)]
ReCaptcha: include reCaptcha response in the log in case of a failed check

4 months agoImproved reCaptcha error messages
Sybren A. Stüvel [Thu, 20 Feb 2020 09:39:55 +0000 (10:39 +0100)]
Improved reCaptcha error messages

The `Please check the "I'm not a Robot" checkbox and try again.` message
was confusing, as with the invisible reCaptcha approach we use now there
is no such checkbox.

When no reCaptcha response (or an empty one) is included in the POST
request, a message is now shown that asks users to disable script/ad
blockers, as that's my guess as to why the response is missing.

When there is a reCaptcha response but it's invalid it just explains the
check failed, and asks to try again.

5 months agoAdded reCAPTCHA v2 protection to the checkout page
Sybren A. Stüvel [Thu, 6 Feb 2020 15:13:23 +0000 (16:13 +0100)]
Added reCAPTCHA v2 protection to the checkout page

On the client side this is as unintrusive as possible, only showing
a validation popup when the reCAPTCHA API deems it necessary.

The server side validation is using a Requests session to reuse TCP/IP
connections and set up proper retrying of failing connections.

In the server's it is required to set the following keys:

An empty `GOOGLE_RECAPTCHA_SECRET_KEY` will cause the reCAPTCHA feature to
be silently disabled.

Failures to connect to the reCAPTCHA service will result in an email sent
to the admins. Regular verification failures are just logged at WARNING
level. If this causes too much noise we can lower that level, but for now
I think it's a good idea to keep an eye on the number of verification

5 months agoUpgrade dependencies, mostly Dango 2.1 → 2.2
Sybren A. Stüvel [Thu, 6 Feb 2020 10:26:30 +0000 (11:26 +0100)]
Upgrade dependencies, mostly Dango 2.1 → 2.2

Django 2.1 is EOL, so we have to move to 2.2. This is a LTS release that's
already out of mainstream support as well, but will have extended support
until april 2022.

5 months agoChange Error 500 handler to be a regular function
Sybren A. Stüvel [Thu, 6 Feb 2020 10:25:19 +0000 (11:25 +0100)]
Change Error 500 handler to be a regular function

This is required by Django, and will actually be tested for (and cause
an error if it's not) when upgrading to Django 2.2.

5 months agoCleanup: Reformatting
Sybren A. Stüvel [Thu, 6 Feb 2020 09:37:06 +0000 (10:37 +0100)]
Cleanup: Reformatting

5 months agoMissing migration: nullability of BadgerQueuedCall.user
Sybren A. Stüvel [Thu, 6 Feb 2020 09:37:00 +0000 (10:37 +0100)]
Missing migration: nullability of BadgerQueuedCall.user

5 months agoRemoved unused code
Sybren A. Stüvel [Thu, 23 Jan 2020 16:57:23 +0000 (17:57 +0100)]
Removed unused code

5 months agoFix issue with doubly-charged subscription
Sybren A. Stüvel [Thu, 23 Jan 2020 17:21:32 +0000 (18:21 +0100)]
Fix issue with doubly-charged subscription

In the production site there was a subscription that had its order paid for,
but did NOT have its next payment date bumped. There was some retrying
involved, where PayPal first said 'PayPal Buyer Revoked Pre-Approved
Payment Authorization' but the 2nd attempt still succeeded.

I'm not entirely sure how this could have happened, but I did make the
order status change handling a bit more robust. In the new code, whenever
an order is marked as paid, it checks the subscription's next payment date.
If that is in the past, it'll bump it to "now + 1 payment interval". This
should avoid such double charges.

Note that this does NOT update the `intervals_elapsed` field of the
subscription. The clock is still the only one responsible for that.

6 months agoAdded missing dependencies to the base docker image
Sybren A. Stüvel [Thu, 2 Jan 2020 10:56:38 +0000 (11:56 +0100)]
Added missing dependencies to the base docker image

These are necessary to build the MySQL client package. Not sure what
changed apart from a re-pull of the base `ubuntu:18.04` image.

6 months agoUpdated Poetry to 1.0
Sybren A. Stüvel [Thu, 2 Jan 2020 10:47:56 +0000 (11:47 +0100)]
Updated Poetry to 1.0

This introduced a backward-incompatible change: the setting
`` was changed to ``.

6 months agoFixed typo in Francesco's name
Sybren A. Stüvel [Thu, 2 Jan 2020 10:46:37 +0000 (11:46 +0100)]
Fixed typo in Francesco's name

6 months agoGracefully handle IOErrors when transacting a sale
Sybren A. Stüvel [Thu, 2 Jan 2020 10:27:59 +0000 (11:27 +0100)]
Gracefully handle IOErrors when transacting a sale

7 months agoFixed changes introduced in mypy upgrade
Sybren A. Stüvel [Wed, 13 Nov 2019 13:59:16 +0000 (14:59 +0100)]
Fixed changes introduced in mypy upgrade

When moving from Pipenv to Poetry some packages were upgraded, and mypy
caused an issue. The '# type: ignore' comment apparently needs to be on
a different line now, and success is also reported on stdout (so we
can't have the simple "output means failure" logic we had before).

7 months agoMoved from Pipenv to Poetry
Sybren A. Stüvel [Wed, 13 Nov 2019 11:21:22 +0000 (12:21 +0100)]
Moved from Pipenv to Poetry

This change includes being more specific about the versions we require.
Currently this is done with caret notation, which means we'll automatically
get new releases as long as they don't update the major version (or the
minor version in case of 0.x.y version numbers).

The only exception to the above are Django, which is pinned to 2.1.*, and
Blender ID OAuth plugin, which just requires >= 0.7.

7 months agoPrevent AttributeError when changing payment method while logged out
Sybren A. Stüvel [Wed, 13 Nov 2019 11:02:15 +0000 (12:02 +0100)]
Prevent AttributeError when changing payment method while logged out

7 months agoRemoved no-longer-used files from .gitignore
Sybren A. Stüvel [Wed, 13 Nov 2019 13:51:28 +0000 (14:51 +0100)]
Removed no-longer-used files from .gitignore

8 months agoHomepage: Start counting members at a lower number so it always goes up.
Pablo Vazquez [Wed, 6 Nov 2019 15:42:06 +0000 (16:42 +0100)]
Homepage: Start counting members at a lower number so it always goes up.

It was starting to count at 1024 and then down to match the number of
corporate members, looked a bit weird.

Thanks to @dfelinto for the suggestion.

8 months agoHomepage: Use counter color for heart.
Pablo Vazquez [Wed, 6 Nov 2019 15:40:50 +0000 (16:40 +0100)]
Homepage: Use counter color for heart.

8 months agoHomepage: slight change to colors in stats hexagons.
Pablo Vazquez [Wed, 6 Nov 2019 14:59:14 +0000 (15:59 +0100)]
Homepage: slight change to colors in stats hexagons.

8 months agoThermometer: Clamp total percentage to max 100%.
Pablo Vazquez [Wed, 6 Nov 2019 14:58:50 +0000 (15:58 +0100)]
Thermometer: Clamp total percentage to max 100%.

It could lead to the indicator out of the thermometer.

8 months agoHomepage: Use decimal separator on contributions total.
Pablo Vazquez [Wed, 6 Nov 2019 14:31:31 +0000 (15:31 +0100)]
Homepage: Use decimal separator on contributions total.

Thanks to @Keavon for the feedback on

8 months agoHomepage: Use "Contribution" as label instead of "Income".
Pablo Vazquez [Wed, 6 Nov 2019 14:28:35 +0000 (15:28 +0100)]
Homepage: Use "Contribution" as label instead of "Income".

Sounds much nicer. Thanks to Maruf Sarker and Anvesh Dunna for the feedback!

8 months agoHomepage: Always show thermometer.
Pablo Vazquez [Wed, 6 Nov 2019 14:23:22 +0000 (15:23 +0100)]
Homepage: Always show thermometer.

Based on feedback from the community. Thanks everyone!

8 months agoAdd GPL 3 license file
Francesco Siddi [Tue, 5 Nov 2019 10:20:51 +0000 (11:20 +0100)]
Add GPL 3 license file

8 months agoHomepage: Tweak max width of patron logos.
Pablo Vazquez [Fri, 1 Nov 2019 11:19:26 +0000 (12:19 +0100)]
Homepage: Tweak max width of patron logos.

8 months agoUpdate package-lock.json
Francesco Siddi [Thu, 31 Oct 2019 19:13:08 +0000 (20:13 +0100)]
Update package-lock.json

Bootstrap is no longer needed as it is taken from BWA.

8 months agoAdd bootstrap.bundle.min.js
Francesco Siddi [Thu, 31 Oct 2019 19:12:27 +0000 (20:12 +0100)]
Add bootstrap.bundle.min.js

Used for rendering tooltips and menus.

8 months agoImages: Corporate badge.
Pablo Vazquez [Thu, 31 Oct 2019 18:15:12 +0000 (19:15 +0100)]
Images: Corporate badge.

By Francesco

8 months agoHomepage: Redesign memberships list.
Pablo Vazquez [Thu, 31 Oct 2019 18:13:47 +0000 (19:13 +0100)]
Homepage: Redesign memberships list.

8 months agoCleanup unused _config.sass
Pablo Vazquez [Thu, 31 Oct 2019 18:06:04 +0000 (19:06 +0100)]
Cleanup unused _config.sass

Config comes from BWA.

8 months agoUpdate BWA
Pablo Vazquez [Thu, 31 Oct 2019 18:05:43 +0000 (19:05 +0100)]
Update BWA

8 months agoCSS: Use image for honeycomb background.
Pablo Vazquez [Thu, 31 Oct 2019 11:26:13 +0000 (12:26 +0100)]
CSS: Use image for honeycomb background.

Pure CSS can be heavy.

8 months agoHomepage: Use smaller header.
Pablo Vazquez [Thu, 31 Oct 2019 11:17:44 +0000 (12:17 +0100)]
Homepage: Use smaller header.

And check for tagline before showing it.

8 months agoHomepage: Layout and style adjustments.
Pablo Vazquez [Thu, 31 Oct 2019 11:16:33 +0000 (12:16 +0100)]
Homepage: Layout and style adjustments.

Better size checks for sponsors and general styling.

8 months agoHomepage: Introducing stats.
Pablo Vazquez [Thu, 31 Oct 2019 11:14:33 +0000 (12:14 +0100)]
Homepage: Introducing stats.

Better display the amount of members and total income while we are not in campaign.

8 months agoDon't check for thermometer, always calculate stats.
Pablo Vazquez [Thu, 31 Oct 2019 11:10:50 +0000 (12:10 +0100)]
Don't check for thermometer, always calculate stats.

Some stats (total income, currency, etc) are now always shown in the homepage,
so we need to calculate them regardless if we are under campaign or not.

In the future we should split this into general stats (total income) and
campaign goals/targets for when we actually need to show a progress bar.

8 months agoThermometer: Layout tweaks.
Pablo Vazquez [Wed, 30 Oct 2019 11:12:09 +0000 (12:12 +0100)]
Thermometer: Layout tweaks.

Move final target to the bottom so it doesn't overlap.

8 months agoUpgrade Blender Web Assets (4 of 4)
Pablo Vazquez [Tue, 29 Oct 2019 18:21:35 +0000 (19:21 +0100)]
Upgrade Blender Web Assets (4 of 4)

* Remove Bootstrap dependencies from package.json, BWA has its own.
* Remove gulp task to copy glyphs font, BS4 doesn't include them anymore.

8 months agoUpgrade Blender Web Assets (3 of 4)
Pablo Vazquez [Tue, 29 Oct 2019 18:10:44 +0000 (19:10 +0100)]
Upgrade Blender Web Assets (3 of 4)

Layout tweaks
* Change component type of nav_secondary from header to nav.
* In header, move .featured-content inside a .container div.
* Take nav_secondary and tertiary out of the header.
* Replace offset classes with Bootstrap 4's "mx-auto".

8 months agoUpgrade Blender Web Assets (2 of 4)
Pablo Vazquez [Tue, 29 Oct 2019 18:07:26 +0000 (19:07 +0100)]
Upgrade Blender Web Assets (2 of 4)

* Cleanup imports and unused classes.

8 months agoUpgrade Blender Web Assets (1 of 4)
Pablo Vazquez [Tue, 29 Oct 2019 18:03:54 +0000 (19:03 +0100)]
Upgrade Blender Web Assets (1 of 4)

* Update sub-module.

8 months agoUI: Larger Patron sponsors in landing page
Francesco Siddi [Wed, 16 Oct 2019 13:46:06 +0000 (15:46 +0200)]
UI: Larger Patron sponsors in landing page

10 months agoChanged VAT number to tax number
Sybren A. Stüvel [Thu, 15 Aug 2019 09:29:13 +0000 (11:29 +0200)]
Changed VAT number to tax number

By Ton's request.

10 months agoFix mypy warning
Sybren A. Stüvel [Thu, 15 Aug 2019 09:28:52 +0000 (11:28 +0200)]
Fix mypy warning

11 months agoRemoved VAT Number and Tax Exempt fields from Personal Info form
Sybren A. Stüvel [Tue, 23 Jul 2019 09:53:08 +0000 (11:53 +0200)]
Removed VAT Number and Tax Exempt fields from Personal Info form

These fields, even though they're not mandatory, aren't applicable to
the DevFund, and are actively causing confusion.

The fields are still there in the database model so any filled-in data
will be maintained there (but invisible to the user).

11 months agoRemoved the ♥ First Milestone Reached!
Sybren A. Stüvel [Tue, 16 Jul 2019 12:22:44 +0000 (14:22 +0200)]
Removed the ♥ First Milestone Reached!

With the Fund income target increasing, it makes no more sense to put the
heart at the 50% mark. We should either make the heart location + label
configurable via the settings, or remove it altogether. For now I just
choose the latter.

11 months agoAdd setting `FUND_INCOME_TARGET_LABEL`
Sybren A. Stüvel [Tue, 16 Jul 2019 12:16:05 +0000 (14:16 +0200)]

Now both the Fund income target itself (the money) and the label text are
configurable via the settings system.

13 months agoUpgrade jQuery 3.3.1 → 3.4.1
Sybren A. Stüvel [Wed, 29 May 2019 14:23:50 +0000 (16:23 +0200)]
Upgrade jQuery 3.3.1 → 3.4.1

This fixes a security; upgrade was done with `npm audit fix`.

13 months agoRemoved gulp-livereload and re-locked dependencies
Sybren A. Stüvel [Wed, 29 May 2019 14:23:15 +0000 (16:23 +0200)]
Removed gulp-livereload and re-locked dependencies

There are better alternatives (plugins for Code, Sublime, etc) nowadays than
using it via gulp.

13 months agoFix exception when REMOTE_ADDR is a chain of addresses
Sybren A. Stüvel [Wed, 29 May 2019 13:34:29 +0000 (15:34 +0200)]
Fix exception when REMOTE_ADDR is a chain of addresses

Apparently [REMOTE_ADDR](
can also contain a chain of IP addresses, like `,`.
At least, we got a request in that looked like that, and we don't trust it,
so we handle it as 'empty' e.g. 'unknown'.

13 months agoAdded cron job to deployment documentation
Sybren A. Stüvel [Fri, 24 May 2019 08:38:30 +0000 (10:38 +0200)]
Added cron job to deployment documentation

15 months agoUI Progress Bar: Mark First Milestone as Reached!
Pablo Vazquez [Tue, 26 Mar 2019 11:37:36 +0000 (12:37 +0100)]
UI Progress Bar: Mark First Milestone as Reached!

Also split code into a separate file from main.sass

15 months agoThermometer: show current monthly income in entire euros
Sybren A. Stüvel [Tue, 26 Mar 2019 10:56:53 +0000 (11:56 +0100)]
Thermometer: show current monthly income in entire euros

16 months agoMembership credits: show '-anonymous-' as name when no name is given
Sybren A. Stüvel [Thu, 7 Mar 2019 11:17:37 +0000 (12:17 +0100)]
Membership credits: show '-anonymous-' as name when no name is given

Probably it's better to mark the membership as private, but this at least
looks better than 'None'.

16 months agoUpdated styling for corporate membership credits
Sybren A. Stüvel [Thu, 7 Mar 2019 11:17:26 +0000 (12:17 +0100)]
Updated styling for corporate membership credits

This hardly changes the styling when using images (which is the default),
but now when a membership does not have an image, the name is shown big
enough to match the attention the images are getting.

16 months agoCorrectly render membership credits without logo/url on front page
Sybren A. Stüvel [Thu, 7 Mar 2019 11:02:39 +0000 (12:02 +0100)]
Correctly render membership credits without logo/url on front page

I've reduced duplicate code in the template by moving the rendering to a
custom template tag. Now all credits are rendered in the same way. Fields
that should be empty (given the membership's level) are set to `None`
before feeding the membership to the front-end.

16 months agoExtended the list of IP-addresses for which we shouldn't do geo-lookups
Sybren A. Stüvel [Thu, 14 Feb 2019 09:41:14 +0000 (10:41 +0100)]
Extended the list of IP-addresses for which we shouldn't do geo-lookups

The IP address can (apparently) be 'unknown' or just the empty string, in
which case we shouldn't do a geo lookup (it'll fail for sure anyway).

16 months agoFix crash when the current view cannot be determined.
Sybren A. Stüvel [Thu, 14 Feb 2019 09:40:36 +0000 (10:40 +0100)]
Fix crash when the current view cannot be determined.

The view being undeterminable could be caused by other problems, but at
least now we don't add to those.

18 months agoDon't show payment info on managed memberships
Sybren A. Stüvel [Thu, 3 Jan 2019 13:07:40 +0000 (14:07 +0100)]
Don't show payment info on managed memberships

18 months agoPrevent accessing subscriptions of anonymous user
Sybren A. Stüvel [Thu, 3 Jan 2019 11:55:25 +0000 (12:55 +0100)]
Prevent accessing subscriptions of anonymous user

18 months agoLog charge errors at INFO level
Sybren A. Stüvel [Thu, 3 Jan 2019 11:40:13 +0000 (12:40 +0100)]
Log charge errors at INFO level

Such errors happen very frequently (not enough money on a credit card, etc.)
so they shouldn't trigger Sentry events or send mails to admins.

18 months agoPrevent extending managed memberships
Sybren A. Stüvel [Thu, 3 Jan 2019 11:37:52 +0000 (12:37 +0100)]
Prevent extending managed memberships

Owners of a managed membership should NOT see the 'Extend your membership'

18 months agoMembership admin: allow searching by membership ID
Sybren A. Stüvel [Thu, 3 Jan 2019 11:34:26 +0000 (12:34 +0100)]
Membership admin: allow searching by membership ID

18 months agoAllow admins to download last order PDF from a Membership
Sybren A. Stüvel [Thu, 20 Dec 2018 14:06:10 +0000 (15:06 +0100)]
Allow admins to download last order PDF from a Membership

This allows filtering on membership level before trying to find the PDF.

18 months agoAdded hack to allow admins to get order receipts in PDF form from the admin
Sybren A. Stüvel [Thu, 20 Dec 2018 13:53:42 +0000 (14:53 +0100)]
Added hack to allow admins to get order receipts in PDF form from the admin

This adds another dependency of Looper on Blender Fund, which isn't nice
but necessary for now.

18 months agoUse TCP/IP sockets instead of UNIX domain sockets
Sybren A. Stüvel [Thu, 20 Dec 2018 09:41:48 +0000 (10:41 +0100)]
Use TCP/IP sockets instead of UNIX domain sockets

Turns out those are slightly slower but more reliable.

18 months agoBlender ID Badger API: use user ID instead of email address
Sybren A. Stüvel [Tue, 18 Dec 2018 17:38:25 +0000 (18:38 +0100)]
Blender ID Badger API: use user ID instead of email address

This allows people to change their email address and things will keep

Will break heavily when we try to deal with users of whom we don't have
their Blender ID UID, but that's good.

18 months agoAdded missing Looper migration
Sybren A. Stüvel [Tue, 18 Dec 2018 17:37:04 +0000 (18:37 +0100)]
Added missing Looper migration

18 months agoPrevent revoking Blender ID badges from system user
Sybren A. Stüvel [Tue, 18 Dec 2018 15:52:26 +0000 (16:52 +0100)]
Prevent revoking Blender ID badges from system user

Same as 3ca5efaefa163b3509087cd3e39dce377fec3ec8 but then for revoking

18 months agoUpdate BWA
Pablo Vazquez [Mon, 10 Dec 2018 20:11:39 +0000 (21:11 +0100)]
Update BWA

18 months agoUI: Flip overlapping thermometer label.
Pablo Vazquez [Mon, 10 Dec 2018 20:04:00 +0000 (21:04 +0100)]
UI: Flip overlapping thermometer label.

Fixes T59085

19 months agoUI: CSS tweaks to landing page
Francesco Siddi [Wed, 5 Dec 2018 18:59:21 +0000 (19:59 +0100)]
UI: CSS tweaks to landing page

19 months agoPDF Receipt: include bank details when it's a bank transfer
Sybren A. Stüvel [Wed, 28 Nov 2018 13:41:48 +0000 (14:41 +0100)]
PDF Receipt: include bank details when it's a bank transfer

19 months agoPDF receipt: include Foundation's name, address, and VAT number
Sybren A. Stüvel [Wed, 28 Nov 2018 13:33:08 +0000 (14:33 +0100)]
PDF receipt: include Foundation's name, address, and VAT number

19 months agoCopied Sentry settings from production to the example code
Sybren A. Stüvel [Wed, 28 Nov 2018 08:39:07 +0000 (09:39 +0100)]
Copied Sentry settings from production to the example code

This adds explicit logging configuration. It's the same as the default
logging config (see the [Sentry documentation](,
but with a raised `event_level` so that warnings are also sent to Sentry
(rather than only errors).

19 months agoTest multiple users with payment method for the Bank gateway
Sybren A. Stüvel [Wed, 28 Nov 2018 08:37:12 +0000 (09:37 +0100)]
Test multiple users with payment method for the Bank gateway

We had an issue in production with a troublesome uniqueness constraint in
the database (side-effect of some less-than-optimal manual migration in
the past) where only a single user could have a Bank payment method. This
wasn't reproducible in the test database because it's frequently recreated,
but it felt like a good idea to simply cover this case in a test anyway,
as the Bank gateway is somewhat special (ignores nonces, gives everybody
the same token 'bank').

19 months agoFixed the BF logo in the receipt PDF
Sybren A. Stüvel [Tue, 27 Nov 2018 09:40:31 +0000 (10:40 +0100)]
Fixed the BF logo in the receipt PDF

This was broken because of the cache busting introduced in 2f0eba4. It
seems that the finders expect a filename without the MD5 sum in it, but
that's already done by the {% static %} tag, so we have to take it out

19 months agoInclude glyphicons-halflings-regular font files in webstatic
Sybren A. Stüvel [Fri, 23 Nov 2018 13:08:59 +0000 (14:08 +0100)]
Include glyphicons-halflings-regular font files in webstatic

These are referenced by Bootstrap-SASS. Even though we don't use them
directly, they are still searched for by ' collectstatic' because
of the cache busting process.

Previously I tried to include the `node_modules` directory in
`STATICFILES_DIRS`; this works until we build the docker image, which
doesn't include `node_modules`.

19 months agoCache busting for static files
Sybren A. Stüvel [Fri, 23 Nov 2018 12:49:41 +0000 (13:49 +0100)]
Cache busting for static files

The Django built-in `ManifestStaticFilesStorage` class takes care of this.
However, it only works when running ` collectstatic`, so for
unit tests the default storage class is used.

19 months agoMove all unit test setting overrides to common test superclass
Sybren A. Stüvel [Fri, 23 Nov 2018 11:59:42 +0000 (12:59 +0100)]
Move all unit test setting overrides to common test superclass

This allows us to set some more settings globally in one go, without having
to inspect on a test-by-test basis where it is needed.

19 months agoAdded unittest for membership URL without protocol
Sybren A. Stüvel [Fri, 23 Nov 2018 11:24:56 +0000 (12:24 +0100)]
Added unittest for membership URL without protocol

Django already adds 'http://'; by having a unit test a change in this
behaviour will be noticed.

19 months agoCheckout Form: Don't clear the fields on show/hide.
Pablo Vazquez [Fri, 23 Nov 2018 11:04:29 +0000 (12:04 +0100)]
Checkout Form: Don't clear the fields on show/hide.

19 months agoUI: More responsive fixes.
Pablo Vazquez [Thu, 22 Nov 2018 20:03:33 +0000 (21:03 +0100)]
UI: More responsive fixes.

19 months agoUI: Mobile fixes and improvements.
Pablo Vazquez [Thu, 22 Nov 2018 19:55:18 +0000 (20:55 +0100)]
UI: Mobile fixes and improvements.

19 months agoUI Checkout: Show all Billing Address fields on demand.
Pablo Vazquez [Thu, 22 Nov 2018 19:22:07 +0000 (20:22 +0100)]
UI Checkout: Show all Billing Address fields on demand.