Version bump to v1.15.6

Seems Discourse won't let you create `Group` if `group` already exists (`422 Name has already been taken`).

Thanks @huberfe

alliance_auth/__init__.py

@@ -4,5 +4,5 @@ from __future__ import absolute_import, unicode_literals
 # Django starts so that shared_task will use this app.
 from .celeryapp import app as celery_app  # noqa
 
-__version__ = '1.15.5'
+__version__ = '1.15.6'
 NAME = 'Alliance Auth v%s' % __version__

docs/installation/auth/dependencies.md

@@ -25,6 +25,17 @@ Required for displaying web content
     apache2 libapache2-mod-php5 libapache2-mod-wsgi
 
 ### PHP
+
+```eval_rst
+.. note::
+    If you are not planing to install either phpBB, smf, evernus alliance market, etc do not install these modules.
+```
+
+```eval_rst
+.. important::
+    If you are not planing to use SeAT; php7.0 is the minimum required.
+```
+
 Required for phpBB, smf, evernus alliance market, etc
 
     php5 php5-gd php5-mysqlnd php5-curl php5-gd php5-intl php-pear php5-imagick php5-imap php5-mcrypt php5-memcache php5-ming php5-ps php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl

docs/installation/services/discourse.md

@@ -65,6 +65,11 @@ Now build:
     sudo ./launcher bootstrap app
     sudo ./launcher start app
 
+#### Errors:
+in case you run into not enough RAM for the docker bootstraping you might want to consider using `./discourse-setup` command. It will start bootstraping and is going to create the `/containers/app.yml` which you can edit.
+Note: every time you change something in the `app.yml` you must bootstrap again which will take between *2-8 minutes* and is accomplished by `./launcher rebuild app`.
+
+***
 ## Apache config
 
 Discourse must run on its own subdomain - it can't handle routing behind an alias like '/forums'. To do so, make a new apache config:
@@ -81,9 +86,59 @@ And enter the following, changing the port if you used a different number:
 
 Now enable proxies and restart apache:
 
+    sudo a2ensite discourse
     sudo a2enmod proxy_http
     sudo service apache2 reload
 
+### Setting up SSL
+
+It is 2017 and there is no reason why you should not setup a SSL certificate and enforce https. You may want to consider certbot with Let's encrypt: https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-16-04
+
+    sudo certbot --apache -d example.com
+
+now adapt the apache configuration:
+
+    sudo nano /etc/apache2/sites-enabled/discourse.conf
+
+and adapt it followlingly:
+
+    <VirtualHost *:80>
+        ServerName discourse.example.com
+        RewriteEngine on
+        RewriteCond %{SERVER_NAME} =discourse.example.com
+        RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
+    </VirtualHost>
+
+Then adapt change the ssl-config file:
+
+    sudo nano /etc/apache2/sites-enabled/discourse-le-ssl.conf
+
+and adapt it followlingly:
+
+    <IfModule mod_ssl.c>
+    <VirtualHost *:443>
+      ServerName discourse.example.com
+      ProxyPass / http://127.0.0.1:7890/
+      ProxyPassReverse / http://127.0.0.1:7890/
+      ProxyPreserveHost On
+      RequestHeader set X-FORWARDED-PROTOCOL https
+      RequestHeader set X-FORWARDED-SSL on
+      SSLCertificateFile /etc/letsencrypt/live/discourse.example.com/fullchain.pem
+      SSLCertificateKeyFile /etc/letsencrypt/live/discourse.example.com/privkey.pem
+      Include /etc/letsencrypt/options-ssl-apache.conf
+    </VirtualHost>
+    </IfModule>
+
+make sure that `a2enmod headers` is enabled and run:
+
+      sudo service apache2 restart
+
+Now you are all set-up and can even enforce https in discourse settings.
+
+
+
+
+
 ## Configure API
 
 ### Generate admin account
@@ -108,6 +163,7 @@ Scroll down to the Discourse section and set the following:
  - `DISCOURSE_API_USERNAME`: the username of the admin account you generated the API key with
  - `DISCOURSE_API_KEY`: the key you just generated
 
+***
 ### Configure SSO
 
 Navigate to `discourse.example.com` and log in. Back to the admin site, scroll down to find SSO settings and set the following:
@@ -120,6 +176,7 @@ Save, now change settings.py and add the following:
 
 ### Enable for your members
 
-Set either or both of `ENABLE_AUTH_DISCOURSE` and `ENABLE_BLUE_DISCOURSE` in settings.py for your members to gain access. Save and exit with control+o, enter, control+x.
+Assign discourse permissions for each auth-group that should have access to discourse.
+You might want to setup Read/Write/Delete rights per Auth group in discourse as you can limit which categories shall be accessablie per auth-group.
 
 ## Done

hrapplications/admin.py

@@ -16,7 +16,7 @@ class ChoiceInline(admin.TabularInline):
 
 class QuestionAdmin(admin.ModelAdmin):
     fieldsets = [
-            (None,      {'fields': ['title', 'help_text']}),
+            (None,      {'fields': ['title', 'help_text', 'multi_select']}),
             ]
     inlines = [ChoiceInline]
 

hrapplications/migrations/0003_applicationquestion_multi_select.py

@@ -0,0 +1,20 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.10 on 2017-10-20 13:51
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('hrapplications', '0002_choices_for_questions'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='applicationquestion',
+            name='multi_select',
+            field=models.BooleanField(default=False),
+        ),
+    ]

hrapplications/models.py

@@ -13,6 +13,7 @@ from authentication.models import AuthServicesInfo
 class ApplicationQuestion(models.Model):
     title = models.CharField(max_length=254, verbose_name='Question')
     help_text = models.CharField(max_length=254, blank=True, null=True)
+    multi_select = models.BooleanField(default=False)
 
     def __str__(self):
         return "Question: " + self.title

hrapplications/views.py

@@ -71,8 +71,8 @@ def hr_application_create_view(request, form_id=None):
                 application.save()
                 for question in app_form.questions.all():
                     response = ApplicationResponse(question=question, application=application)
-                    response.answer = request.POST.get(str(question.pk),
-                                                       "Failed to retrieve answer provided by applicant.")
+                    response.answer = "\n".join(request.POST.getlist(str(question.pk),
+                                                       ""))
                     response.save()
                 logger.info("%s created %s" % (request.user, application))
             return redirect('auth_hrapplications_view')

services/modules/discourse/manager.py

@@ -214,7 +214,7 @@ class DiscourseManager:
         def get_or_create_group():
             groups = DiscourseManager._get_groups()
             for g in groups:
-                if g['name'] == name:
+                if g['name'].lower() == name.lower():
                     return g['id']
             return DiscourseManager._create_group(name)['id']
 

services/modules/seat/manager.py

@@ -78,7 +78,7 @@ class SeatManager:
     @classmethod
     def enable_user(cls, username):
         """ Enable user """
-        ret = cls.exec_request('user/{}'.format(username), 'put', active=1)
+        ret = cls.exec_request('user/{}'.format(username), 'put', account_status=1)
         logger.debug(ret)
         if cls._response_ok(ret):
             logger.info("Enabled SeAT user with username %s" % username)
@@ -86,6 +86,18 @@ class SeatManager:
         logger.info("Failed to enabled SeAT user with username %s" % username)
         return None
 
+    @classmethod
+    def disable_user(cls, username):
+        """ Disable user """
+        cls.update_roles(username, [])
+        ret = cls.exec_request('user/{}'.format(username), 'put', account_status=0)
+        logger.debug(ret)
+        if cls._response_ok(ret):
+            logger.info("Disabled SeAT user with username %s" % username)
+            return username
+        logger.info("Failed to disable SeAT user with username %s" % username)
+        return None
+
     @classmethod
     def _check_email_changed(cls, username, email):
         """Compares email to one set on SeAT"""

services/modules/seat/tasks.py

@@ -28,7 +28,7 @@ class SeatTasks:
 
     @classmethod
     def delete_user(cls, user, notify_user=False):
-        if cls.has_account(user) and SeatManager.delete_user(user.seat.username):
+        if cls.has_account(user) and SeatManager.disable_user(user.seat.username):
             user.seat.delete()
             logger.info("Successfully deactivated SeAT for user %s" % user)
             if notify_user:

services/modules/seat/tests.py

@@ -100,10 +100,10 @@ class SeatHooksTestCase(TestCase):
 
         # Test none user is deleted
         none_user = User.objects.get(username=self.none_user)
-        manager.delete_user.return_value = 'abc123'
+        manager.disable_user.return_value = 'abc123'
         SeatUser.objects.create(user=none_user, username='abc123')
         service.validate_user(none_user)
-        self.assertTrue(manager.delete_user.called)
+        self.assertTrue(manager.disable_user.called)
         with self.assertRaises(ObjectDoesNotExist):
             none_seat = User.objects.get(username=self.none_user).seat
 
@@ -115,7 +115,7 @@ class SeatHooksTestCase(TestCase):
         result = service.delete_user(member)
 
         self.assertTrue(result)
-        self.assertTrue(manager.delete_user.called)
+        self.assertTrue(manager.disable_user.called)
         with self.assertRaises(ObjectDoesNotExist):
             seat_user = User.objects.get(username=self.member).seat
 
@@ -177,7 +177,7 @@ class SeatViewsTestCase(TestCase):
 
         response = self.client.get(urls.reverse('auth_deactivate_seat'))
 
-        self.assertTrue(manager.delete_user.called)
+        self.assertTrue(manager.disable_user.called)
         self.assertRedirects(response, expected_url=urls.reverse('auth_services'), target_status_code=200)
         with self.assertRaises(ObjectDoesNotExist):
             seat_user = User.objects.get(pk=self.member.pk).seat

stock/templates/registered/hrapplicationcreate.html

@@ -20,7 +20,7 @@
                                 <div cass="text-center">{{ question.help_text }}</div>
                             {% endif %}
                             {% for choice in question.choices.all %}
-                                <input type="radio" name="{{ question.pk }}" id="id_{{ question.pk }}" value="{{ choice.choice_text }}" />
+                                <input type={% if question.multi_select == False %}"radio"{% else %}"checkbox"{% endif %} name="{{ question.pk }}" id="id_{{ question.pk }}" value="{{ choice.choice_text }}" />
                                 <label for="choice{{ forloop.counter }}">{{ choice.choice_text }}</label><br />
                             {% empty %}
                                 <textarea class="form-control" cols="30" id="id_{{ question.pk }}" name="{{ question.pk }}" rows="4"></textarea>