dragoonaethis / coriolis Goto Github PK
View Code? Open in Web Editor NEWSmall event management tool
License: GNU Affero General Public License v3.0
Small event management tool
License: GNU Affero General Public License v3.0
Useful if users need to provide a URL, and an URL only - nice to have, not required at the moment though.
Notifications should be sent for:
Orgs should have a simple Approve/Reject button in the Admin Panel on each Application in the Waiting for Organizers state.
Currently they're GET-based, that's no good.
They're all sent as raw text, which doesn't work so well when field labels contain HTML directly. Special characters also get encoded incorrectly. This needs to be fixed.
If someone submitted 2-3 applications for attractions, it's currently difficult to figure out what was actually accepted. Make the form name dynamic or more descriptive, plus enrich emails with some extra info.
Dependency | Version | Django 4.0? | Python 3.10? |
---|---|---|---|
django-allauth | ^0.48.0 | ✅ | ✅ |
django-allauth-2fa | ^0.8 | ✅ | ✅ |
django-colorfield | ^0.6.3 | ✅ | ✅ |
django-crispy-forms | ^1.14.0 | ✅ | ✅ |
django-debug-toolbar | ^3.2.4 | ✅ | ✅ |
django-environ | ^0.8.1 | ✅ | ✅ |
django-money | ^2.1.1 | ❌ | ❌ |
django-payments | ^1.0.0 | ✅ | ✅ |
django-phonenumber-field | ^6.0.0 | ✅ | ✅ |
Markdown | ^3.3.6 | ✅ | ✅ |
Pillow | ^9.0.0 | ✅ | ✅ |
crispy-bootstrap5 | ^0.6 | ✅ | ✅ |
gunicorn | ^20.1.0 | ✅ | ✅ (latest gevent req'd) |
psycopg2 | ^2.9.3 | ✅ | ✅ |
requests | ^2.27.1 | ✅ | ✅ |
sentry-sdk | ^1.5.4 | ✅ | ✅ |
whitenoise | ^6.0.0 | ✅ | ✅ |
Notes for visitors: If a dependency is marked as ❓/❌ here, it does not mean it doesn't work - we just haven't tested it yet, and changelogs/support tables don't mention Django 4.0/Python 3.10 support.
After Django 4.0 migration, we need to run makemigrations
once to create a no-op migration.
Currently, all ticket types are displayed in the ticket selector under a few conditions (OK'd for online sales, in deadline, has rels), but we sometimes want to force display a ticket type even if it will no longer be available for sale. Allow force displaying a type.
Currently we're doing just SMTP via Gmail, but the next large event will outgrow that. Add Anymail with Azure ACS or AWS SES support for transactional mails.
Feedback from @baatochan: If a ticket belongs to the org, accreditation panel was accessed from the org detail list and the current user has perms on crew_accreditation + crew_orgs, redirect back to the related org detail view instead of the accreditation front.
The way ticket rendering is implemented now is that the Dramatiq service worker, running as www-data, invokes the Docker binary directly. Nothing wrong with that per se, except that if anything takes over www-data, they can call Docker, and so they can just mount, rip and tear whatever they want on the system. Figure out a way to strip that privilege from www-data cleanly.
Can be used for t-shirt sizing for VIP tickets, etc.
We want some forms to automatically show/hide optional fields based on checkbox states. Custom JS would help with that.
Some application types should have their Reply-To set a given org's inbox, not the global event one.
event__name
relation, which kinda sucks.Feedback from @baatochan:
Currently all media is served from a /media
path - we should use a separate user media domain with a proper CSP policy.
Occasionally, the SMTP server dies - and so do pages which need to send mails as a result of whatever they're doing. We should send emails on a background task queue to retry them later.
All the ON_GET features should be disabled: https://django-allauth.readthedocs.io/en/latest/configuration.html
Footer text and button e-mail address is currently hardcoded, this needs to be configurable per-event.
We just assume the form is correct - add a validator that tries to construct a DynamicForm and fails if an exception is thrown.
https://docs.djangoproject.com/en/4.2/releases/4.2/
Notable issues:
update_fields
in Model.save()
may now be requiredEmailBackend
now verifies a hostname
and certificates
. If you need the previous behavior that is less restrictive and not recommended, subclass EmailBackend and override the ssl_context property.{% blocktranslate asvar … %}
result is now marked as safe for (HTML) output purposes.STORAGES
migration, maybe?Deprecations:
JSONField
is deprecatedlength_is
template filter is deprecatedSTATICFILES_STORAGE
setting is deprecated in favor of STORAGES["staticfiles"]
CSRF protection should be enabled, along with .env-configurable trusted origins.
Some tickets need some sort of an action taken within a time period (for example, VIP tickets need to be paid for within a few days of their purchase).
Add a state deadline mechanism where a ticket will have a deadline + handler to execute when it's reached. Background workers should periodically collect and run triggered handlers.
The flow should more or less look like:
/transfer/{id}
) and sends it to the Ticket Receiver.
Allow pinning 3rd party tickets to a form. This should not reveal whether such tickets exist.
Either on each Admin page or by setting a global context to one of the events.
dramatiq-crontab does not clean up after itself if it crashes or gets stopped uncleanly. All subsequent launches will fail due to a persistent lock (which we have disabled for now). Fix that.
Global custom pages are really helpful as the mean to communicate the privacy policy, the terms of service and other, legally important, information.
Happened on an account with enforced 2FA - investigate?
The scenario:
In most cases, the event order is just that, but occasionally something goes wrong and the notification shows up late.
The problem is that it's the user's view handler doing the ticket status updates - if P24 notification shows up after the redirect, it never gets updated. While this can be fixed by clicking Pay Online again (and django-payments will just do the redirect from the 3rd step), it's not a great experience.
On the event site, when people check in on the front lines, we need to notify ID handlers in the back what's about to come. People could do that manually, sure, but we can also set up a background notifier that sends messages to Discord on each used ticket. (This is partially implemented - Dramatiq, wiki docs, some local code.)
<pre>
with some funny CSS to make it look decent. It'd be nice to format it with HTML properly.They're all in English, Polish 'em.
Allow pinning a specific ticket to the dynamic form via a custom ticket selection field.
We're running on a fork right now, let's undo that.
Feedback from HeV: In the accreditation panel, if registering a new ticket, there's a checkbox to denote if the accredited person is of age. Some accreditation volunteers ignore it entirely - convert this into an explicit, required Yes/No checkbox to make it more obvious.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.