Proposed Functionality

Support a new type of competitions where participants are given a certain timeslot.

Use Case

For allocating timeslots in the Tech:Online competition, and possibly for future workshops.

Database Changes

Yes, several.

External Dependencies

Probably not

Steps to Reproduce

1. Create an entry to a competition with at least 2 contributors
2. Select a contributor which is not the owner and make them the owner

Expected Behavior

The original owner should no longer have permissions to edit and delete the entry, only view.

Observed Behavior

The original owner retains their edit and delete permissions after the new owner is set.

I calibrated it with, well, literary the news. NRK at the TV2 channel.

Takk til nå, Ōnō.

Proposed Changes

In competitions/management/commands/update_competition_states.py there is a function Command.set_permissions which contains the logic of giving participants permission to view all qualified entries during the timespan of which voting is enabled on the relevant Competition. This logic should be moved closer to the objects.

Justification

With the current logic, permissions are not given when, say, the vote end time of a Competition is extended after voting is completed.

Proposed Functionality

When an entry is disqualified, the contributors should be notified via email.

Use Case

Make sure the contributors are aware immediately in case action is needed on their part before a deadline.

Database Changes

No.

External Dependencies

Some way of sending emails.

Bytt fra grønn til R:0 G:0 B:255 i logoen. Det ser mer profesjonelt ut. Den oransje passe fint. Bare start på ny med vector graphics og lagre som .svg, husk å fylle inn innimellom pennen. Eg kunne tenkt meg Ada 8.1.0 på serveren min.

PS. Søndag den 19.

Proposed Functionality

A new "pre-show lockdown" should be implemented on Competition to lock all edits a given amount of time before stage show.

Use Case

Generation of slides for the beamer needs to be done a given amount of time before stage show.

Database Changes

Extra fields on Competition to specify when the lockdown starts.

External Dependencies

None.

Indikerer at voting er ferdig og verifisert (inkl. jury) eller at manuelle poeng er lagt inn, slik at konkurransen kan plukkes opp av premieutdeling.

Proposed Functionality

Trigger a back-channel logout call to keycloak providers when users are logging out.

Use Case

Users are logged out of keycloak when logging out, to make sure they are not immediately logged in again when clicking login after logging out.

Database Changes

None

External Dependencies

Relevant keycloak docs: https://www.keycloak.org/docs/latest/server_admin/#backchannel-logout
Not supported upstream: python-social-auth/social-app-django#159

Proposed Changes

Refactor the Competition state machine to be less complex, or easier to understand somehow.

Justification

The logic is too complex. Especially in Competition.compute_next_state and Competition.clean

Proposed Functionality

Implement better integration with Toornament for continuous push and pull of data from start of registrations to end of competition. Also implement support for additional custom fields and public/private notes.

If possible, show status from matches and brackets during the run of the competition.

Use Case

Better integration for game competitions.

Database Changes

TBD

External Dependencies

TBD

Proposed Functionality

There should be created a database dump based on the production database for use in beta and staging environments. This dump should be washed to remove all sensible information about users. This information should be manipulated in such a way that it can't be reversed, but it's length and format should be contained.
For example could [email protected] be formatted as [email protected].

Use Case

When creating new environments for testing, having actual data is quite useful. This prevents having to create new data every time a new environment is created.

Database Changes

None.

External Dependencies

None.

Proposed Functionality

After a successful authentication, fetch nickname from the wannabe API and save it on the user object.

1. POST to wannabe/api/auth/services/login with our client_id, client_secret and scope=external-wannabe-service-user
2. Take the received access_token
3. GET to /api/profile/profile/{sub from users token} with previous access_token in wannabe_jwt cookie
4. Store any relevant data from received profile, i.e. nickname

Proposed Functionality

Create a "My Account" page for users to see all data stored about and connected to them, and allow them to easily export these in a structured format. This page should also have a form/button to request deletion.

This also needs to be tied in with GDPR considerations to make sure we are in the clear.

Both of these elements should also be presented on the first login, in order to show the data we get from external providers (GE, WB) and make the user give their consent to data processing.

Use Case

It's the law.

Database Changes

Probably some changes required to conform to GDPR.

External Dependencies

Probably none.

Proposed Functionality

When images are uploaded, generate thumbnails at predefined sizes.

Use Case

Improved loading-times and lower data usage on entry administration pages and voting.

Database Changes

We probably need additional fields on the File model to allow thumbs to be connected to the original media.

External Dependencies

Yes, unknown at this time.

Tilgang til å endre på konkurranser som eies av et crew man selv er medlem av.

ref gathering/unicorn-frontend#13

Det hadde også vært en fordel om man kunne opprettet konkurranser som ikke er synlige for andre enn de med tilgang / crew. Dette skyldes at vi fra tid til annen arrangerer konkurranser som er hemmelige, og hvor vinner blir tilfeldig trukket f.eks blant alle KANDU medlemmer.

Ref gathering/unicorn-frontend#13

Creative
TGTV
SoMe / Community (FB, Instagram, Snapchat, Discord)
Diverse konkurranser ombudene arrangerer

ref gathering/unicorn-frontend#13

Det som dog er veldig viktig, og egentlig en nøkkelegenskap jeg er ute etter gjelder innhentingen av informasjon. Den burde kunne tilpasses til den typen premie som skal gis ut i konkurransen, og her trenger vi faktisk bare 3 forskjellige typer premier;

Penger
Fullt navn
Telefonnummer
Epostadresse
Kontonummer
Hvis det er en utenlandsk bankkonto trenger vi også dette;
IBAN-nummer
BIC/SWIFT adresse
Signatur

Digital premie (gavekort, vouchers etc.)
Fullt navn
Telefonnummer
Epostadresse

Fysisk premie
Fullt navn
Telefonnummer
Epostadresse
Korrekt postadresse

Her tror jeg det er enklest om vi forholder oss til de nevnte typene og definerer disse fast. Så kan man ved oppretting av konkurranse selv bestemme hvilke premietype som konkurransen skal bruke.

Proposed Functionality

Competition admins should be able to fill out an internal FAQ for competitions, where with access to the FAQ should be able to look up information about a competition.

Use Case

A member in the Creative Desk needs some information about a creative competition. They should then be able to look up the competition to get information about who is responsible for the competition, times and so on. But they should also be able to look up in a FAQ containing frequently asked questions about the given competition.

Database Changes

• A column for text representing the FAQ
• Role access for reading the FAQ. Editing could probably be connected to competition edit

External Dependencies

None.

Proposed Functionality

Fields that contains data should have some sort of XSS protection. This would usually be something that removes illegal tags and attributes.

Known fields that use HTML are the description and rules fields in Competition, with more to come.

Use Case

Improved protection against XSS attacks

Database Changes

None

External Dependencies

Possibly html-sanitizer

Proposed Functionality

The current (logged in or not) permissions should be readable via the API. This can be solved for now by exposing group memberships in an endpoint.

Use Case

Allow frontend applications to show UI elements based on actual permissions.

Database Changes

No.

External Dependencies

No.

Proposed Functionality

A competition administrator should be able enable file upload for users having a registered entry a set period after competition is closed. They should also be able to enable upload on a single entry for a set period. As another alternative, competition administrators should also be able to upload files to entries themselves.

Use Case

In case of unforeseen problems with uploading files or other situations.

Database Changes

Possibly some fields on either Competition, Entry or both.

External Dependencies

None

Steps to Reproduce

Try to submit data, e.g. a new Competition, with emojis in one of the text fields.

cURL example

curl 'https://unicorn.zoodo.io/api/competitions/competitions/8/' -X PUT -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36' -H 'Referer: http://localhost:3000/admin/competitions/8' -H 'Origin: http://localhost:3000' -H 'Authorization: JWT eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzY29wZSI6bnVsbCwiZXhwIjoxNTUyODMyMzU5LCJ1aWQiOjIsImVtYWlsIjoiam8tZW1pbEB6b29kby5ubyIsInVzZXJuYW1lIjoiODk1M2I3YmMtNGI5MC00MjQzLTk1NTUtNjQ0MmEyMzM0NjQxIiwiZmlyc3RfbmFtZSI6IkpvIEVtaWwiLCJsYXN0X25hbWUiOiJIb2xlbiIsImRpc3BsYXlfbmFtZSI6ImpvbXMiLCJpc3MiOiJPc2NhciJ9.LDPe0T4rXjbs0EXVlIYy93CLYT7LAFHi0sUUtre9BKZdxZ3jvs-vAhdD69skhXXIFm63d2c9naBpR2TTr0qxlgALlpQyDeDEYBW-AvqTkxfSa9wDO04arEkN99KtRNJpuFAaarjuSMaPgAXZLH_SA2pLxZxDd2fGqTJIvHX8FKivz9njM0iPxnCrMBsJjzncmvqSul26Cse8VD4AVqTjcMooMA9cH-A5fIkZtADrqvoVfiaojLkh8NirJIGcWq6UABG8L22Te_hraOFGFbs2C1XGbw-UGSOnvWq-VO5FAQrxECWVzUpIcZRZy0yPfIIPM9u61rL6EO-OETC2wLNAAA' -H 'content-type: application/json' --data-binary '{"name":"Test compo yo!","brief_description":"Lorem ipsum dolor sit amet, consecteturs","description":"Test compo yo!","rules":"<p>æ…“øåTest compo <strong>\ud83d</strong>\ude07</p>\n","editorState":{"enabled":false},"run_time_start":"2019-03-17T11:17:00.000Z","run_time_end":"2019-03-24T11:17:00.000Z","participant_limit":0,"genre":2,"_fileupload":{"enabled":true,"fileupload":[{"id":"73d91a73-1b73-42a4-b34a-28ad6d32e7b6","file":"archive","type":"entry","input":"Main entry"}]},"extra":{"enabled":false,"contributor_extra":null},"rsvp":false,"header_image":"https://672061c0b827554def11-ea8c7607510173b2cbad15f9892e8687.ssl.cf2.rackcdn.com/rl-birthday.f44ca8609585ba611e1277fc600f5cc1.jpg","header_credit":"Psyonix","prizes":["1234","234","34","4"],"id":8,"url":"https://unicorn.zoodo.io/api/competitions/competitions/8/","published":false,"state":{"value":8,"label":"Currently Running"},"entries_count":0,"entries":[],"show_time_start":null,"show_time_end":null,"team_required":false,"created":"2019-03-17T11:52:29.630543+01:00","last_updated":"2019-03-17T14:58:16.722641+01:00","next_state":{"value":256,"label":"Finished"},"fileupload":[{"id":"73d91a73-1b73-42a4-b34a-28ad6d32e7b6","file":"archive","type":"entry","input":"Main entry"}],"register_time_start":null,"register_time_end":null,"team_min":null,"team_max":null,"vote_time_start":null,"vote_time_end":null}' --compressed

Expected Behavior

The request should be successful and, in the above example, the competition should be created.

Observed Behavior

An Exception is thrown in the save() method of the Competition model, on the last line calling super().

UnicodeEncodeError: 'utf-8' codec can't encode character '\ud83d' in position 22: surrogates not allowed

#16

#17