Version Bump 3.3.0

Merge branch 'tokens-and-alts' into 'master'
CCP SSO Issues, Mitigations See merge request allianceauth/allianceauth!1472
2026-02-04 14:16:21 +01:00 · 2022-10-14 21:46:28 +10:00 · 2022-10-14 11:44:18 +00:00 · 2022-10-14 20:21:07 +10:00 · 2022-10-12 20:52:59 +10:00 · 2022-10-12 20:51:36 +10:00
1160 changed files with 68190 additions and 26824 deletions
--- a/.coveragerc
+++ b/.coveragerc
@@ -1,24 +1,15 @@
 [run]
 branch = True
 source =
-    alliance_auth
+    allianceauth
    authentication
    corputils
    eveonline
    fleetactivitytracking
    fleetup
    groupmanagement
    hrapplications
    notifications
    optimer
    permissions_tool
    services
    srp
    timerboard
 omit =
    */migrations/*
    */example/*
    */project_template/*
    */bin/*
    */tests/*
    */tests.py
 [report]
 exclude_lines =
--- a/.editorconfig
+++ b/.editorconfig
@@ -0,0 +1,28 @@
 # http://editorconfig.org
 root = true
 [*]
 indent_style = space
 indent_size = 4
 tab_width = 4
 end_of_line = lf
 charset = utf-8
 trim_trailing_whitespace = true
 insert_final_newline = true
 [*.{yaml,yml,less}]
 indent_size = 2
 [*.md]
 indent_size = 2
 # Makefiles always use tabs for indentation
 [Makefile]
 indent_style = tab
 [*.bat]
 indent_style = tab
 [{Dockerfile,*.dockerfile}]
 indent_style = space
 indent_size = 4
--- a/.gitattributes
+++ b/.gitattributes
@@ -1 +0,0 @@
 */*.py.example linguist-language=Python
--- a/.gitignore
+++ b/.gitignore
@@ -8,6 +8,7 @@ __pycache__/
 # Distribution / packaging
 .Python
 env/
 venv/
 build/
 develop-eggs/
 dist/
@@ -37,11 +38,9 @@ htmlcov/
 .tox/
 .coverage
 .cache
 nosetests.xml
 coverage.xml
 # Translations
 *.mo
 *.pot
 # Django stuff:
@@ -53,17 +52,28 @@ docs/_build/
 # PyBuilder
 target/
 .vagrant/
 alliance_auth/settings.py
 *Thumbs.db
 nginx_config.txt
 # custom staticfiles
 static/*
 #celerybeat
 *.pid
 celerybeat-schedule
 #pycharm
-.idea/*
+.idea/*
 /nbproject/
 #VSCode
 .vscode/
 #gitlab configs
 .gitlab/
 #transifex
 .tx/
 #other
 .flake8
 .pylintrc
 Makefile
 .isort.cfg
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -0,0 +1,255 @@
 .only-default: &only-default
  only:
    - master
    - branches
    - merge_requests
 stages:
  - pre-commit
  - gitlab
  - test
  - deploy
  - docker
 include:
  - template: Dependency-Scanning.gitlab-ci.yml
  - template: Security/SAST.gitlab-ci.yml
  - template: Security/Secret-Detection.gitlab-ci.yml
 before_script:
  - apt-get update && apt-get install redis-server -y
  - redis-server --daemonize yes
  - python -V
  - pip install wheel tox
 pre-commit-check:
  <<: *only-default
  stage: pre-commit
  image: python:3.8-bullseye
  variables:
    PRE_COMMIT_HOME: ${CI_PROJECT_DIR}/.cache/pre-commit
  cache:
    paths:
      - ${PRE_COMMIT_HOME}
  script:
    - pip install pre-commit
    - pre-commit run --all-files
 sast:
  stage: gitlab
  before_script: []
 dependency_scanning:
  stage: gitlab
  before_script:
    - apt-get update && apt-get install redis-server libmariadb-dev -y
    - redis-server --daemonize yes
    - python -V
    - pip install wheel tox
 secret_detection:
  stage: gitlab
  before_script: []
 test-3.8-core:
  <<: *only-default
  image: python:3.8-bullseye
  script:
    - tox -e py38-core
  artifacts:
    when: always
    reports:
      coverage_report:
        coverage_format: cobertura
        path: coverage.xml
 test-3.9-core:
  <<: *only-default
  image: python:3.9-bullseye
  script:
    - tox -e py39-core
  artifacts:
    when: always
    reports:
      coverage_report:
        coverage_format: cobertura
        path: coverage.xml
 test-3.10-core:
  <<: *only-default
  image: python:3.10-bullseye
  script:
    - tox -e py310-core
  artifacts:
    when: always
    reports:
      coverage_report:
        coverage_format: cobertura
        path: coverage.xml
 test-3.11-core:
  <<: *only-default
  image: python:3.11-rc-bullseye
  script:
    - tox -e py311-core
  artifacts:
    when: always
    reports:
      coverage_report:
        coverage_format: cobertura
        path: coverage.xml
  allow_failure: true
 test-3.8-all:
  <<: *only-default
  image: python:3.8-bullseye
  script:
    - tox -e py38-all
  artifacts:
    when: always
    reports:
      coverage_report:
        coverage_format: cobertura
        path: coverage.xml
 test-3.9-all:
  <<: *only-default
  image: python:3.9-bullseye
  script:
    - tox -e py39-all
  artifacts:
    when: always
    reports:
      coverage_report:
        coverage_format: cobertura
        path: coverage.xml
 test-3.10-all:
  <<: *only-default
  image: python:3.10-bullseye
  script:
    - tox -e py310-all
  artifacts:
    when: always
    reports:
      coverage_report:
        coverage_format: cobertura
        path: coverage.xml
 test-3.11-all:
  <<: *only-default
  image: python:3.11-rc-bullseye
  script:
    - tox -e py311-all
  artifacts:
    when: always
    reports:
      coverage_report:
        coverage_format: cobertura
        path: coverage.xml
  allow_failure: true
 build-test:
  stage: test
  image: python:3.10-bullseye
  before_script:
    - python -m pip install --upgrade pip
    - python -m pip install --upgrade build
    - python -m pip install --upgrade setuptools wheel
  script:
    - python -m build
  artifacts:
    when: always
    name: "$CI_JOB_NAME-$CI_COMMIT_REF_SLUG"
    paths:
      - dist/*
    expire_in: 1 year
 test-docs:
  <<: *only-default
  image: python:3.10-bullseye
  script:
  - tox -e docs
 deploy_production:
  stage: deploy
  image: python:3.10-bullseye
  before_script:
    - python -m pip install --upgrade pip
    - python -m pip install --upgrade build
    - python -m pip install --upgrade setuptools wheel twine
  script:
    - python -m build
    - python -m twine upload dist/*
  rules:
    - if: $CI_COMMIT_TAG
 build-image:
  before_script: []
  image: docker:20.10.10
  stage: docker
  services:
    - docker:20.10.10-dind
  script: |
    CURRENT_DATE=$(echo $CI_COMMIT_TIMESTAMP | head -c 10 | tr -d -)
    IMAGE_TAG=$CI_REGISTRY_IMAGE/auth:$CURRENT_DATE-$CI_COMMIT_SHORT_SHA
    CURRENT_TAG=$CI_REGISTRY_IMAGE/auth:$CI_COMMIT_TAG
    MINOR_TAG=$CI_REGISTRY_IMAGE/auth:$(echo $CI_COMMIT_TAG | cut -d '.' -f 1-2)
    MAJOR_TAG=$CI_REGISTRY_IMAGE/auth:$(echo $CI_COMMIT_TAG | cut -d '.' -f 1)
    LATEST_TAG=$CI_REGISTRY_IMAGE/auth:latest
    docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
    docker build . -t $IMAGE_TAG -f docker/Dockerfile --build-arg AUTH_VERSION=$(echo $CI_COMMIT_TAG | cut -c 2-)
    docker tag $IMAGE_TAG $CURRENT_TAG
    docker tag $IMAGE_TAG $MINOR_TAG
    docker tag $IMAGE_TAG $MAJOR_TAG
    docker tag $IMAGE_TAG $LATEST_TAG
    docker image push --all-tags $CI_REGISTRY_IMAGE/auth
  rules:
    - if: $CI_COMMIT_TAG
      when: delayed
      start_in: 10 minutes
 build-image-dev:
  before_script: []
  image: docker:20.10.10
  stage: docker
  services:
    - docker:20.10.10-dind
  script: |
    CURRENT_DATE=$(echo $CI_COMMIT_TIMESTAMP | head -c 10 | tr -d -)
    IMAGE_TAG=$CI_REGISTRY_IMAGE/auth:$CURRENT_DATE-$CI_COMMIT_BRANCH-$CI_COMMIT_SHORT_SHA
    docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
    docker build . -t $IMAGE_TAG -f docker/Dockerfile --build-arg AUTH_PACKAGE=git+https://gitlab.com/allianceauth/allianceauth@$CI_COMMIT_BRANCH
    docker push $IMAGE_TAG
  rules:
    - if: '$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME == ""'
      when: manual
    - if: '$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME != ""'
      when: never
 build-image-mr:
  before_script: []
  image: docker:20.10.10
  stage: docker
  services:
    - docker:20.10.10-dind
  script: |
    CURRENT_DATE=$(echo $CI_COMMIT_TIMESTAMP | head -c 10 | tr -d -)
    IMAGE_TAG=$CI_REGISTRY_IMAGE/auth:$CURRENT_DATE-$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME-$CI_COMMIT_SHORT_SHA
    docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
    docker build . -t $IMAGE_TAG -f docker/Dockerfile --build-arg AUTH_PACKAGE=git+$CI_MERGE_REQUEST_SOURCE_PROJECT_URL@$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME
    docker push $IMAGE_TAG
  rules:
    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
      when: manual
    - if: '$CI_PIPELINE_SOURCE != "merge_request_event"'
      when: never
--- a/.gitlab/issue_templates/Bug.md
+++ b/.gitlab/issue_templates/Bug.md
@@ -0,0 +1,14 @@
 # Bug
 - I have searched [issues](https://gitlab.com/allianceauth/allianceauth/issues?scope=all&utf8=%E2%9C%93&state=all) (Y/N):
 - What Version of Alliance Auth:
 - What Operating System:
 - Version of other components relevant to issue eg. Service, Database:
 Please include a brief description of your issue here.
 Please include steps to reproduce the issue
 Please include any tracebacks or logs
 Please include the results of the command `pip list`
--- a/.gitlab/issue_templates/Feature
+++ b/.gitlab/issue_templates/Feature
@@ -0,0 +1,7 @@
 # Feature Request
 - Describe the feature are you requesting.
 - Is this a Service (external integration), a Module (Alliance Auth extension) or an enhancement to an existing service/module.
 - Describe why its useful to you or others.
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,60 @@
 # Apply to all files without committing:
 #   pre-commit run --all-files
 # Update this file:
 #   pre-commit autoupdate
 repos:
  - repo: https://github.com/pre-commit/pre-commit-hooks
    rev: v4.3.0
    hooks:
      - id: check-case-conflict
      - id: check-json
      - id: check-xml
      - id: check-yaml
      - id: fix-byte-order-marker
      - id: trailing-whitespace
        exclude: |
          (?x)(
            \.min\.css|
            \.min\.js|
            \.po|
            \.mo|
            swagger\.json
          )
      - id: end-of-file-fixer
        exclude: |
          (?x)(
            \.min\.css|
            \.min\.js|
            \.po|
            \.mo|
            swagger\.json
          )
      - id: mixed-line-ending
        args: [ '--fix=lf' ]
      - id: fix-encoding-pragma
        args: [ '--remove' ]
  - repo: https://github.com/editorconfig-checker/editorconfig-checker.python
    rev: 2.4.0
    hooks:
      - id: editorconfig-checker
        exclude: |
          (?x)(
            LICENSE|
            allianceauth\/static\/allianceauth\/css\/themes\/bootstrap-locals.less|
            \.po|
            \.mo|
            swagger\.json
          )
  - repo: https://github.com/asottile/pyupgrade
    rev: v2.34.0
    hooks:
      - id: pyupgrade
        args: [ --py38-plus ]
  - repo: https://github.com/asottile/setup-cfg-fmt
    rev: v1.20.1
    hooks:
      - id: setup-cfg-fmt
--- a/.readthedocs.yml
+++ b/.readthedocs.yml
@@ -0,0 +1,26 @@
 # .readthedocs.yml
 # Read the Docs configuration file
 # See https://docs.readthedocs.io/en/stable/config-file/v2.html for details
 # Required
 version: 2
 # Set the version of Python and other tools you might need
 build:
  os: ubuntu-20.04
  apt_packages:
    - redis
  tools:
    python: "3.8"
 # Build documentation in the docs/ directory with Sphinx
 sphinx:
  configuration: docs/conf.py
 # Optionally build your docs in additional formats such as PDF and ePub
 formats: all
 # Optionally set the version of Python and requirements required to build your docs
 python:
  install:
    - requirements: docs/requirements.txt
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,14 +0,0 @@
 language: python
 python:
  - "2.7"
  - "3.5"
 # command to install dependencies
 install:
  - pip install requests
  - pip install -r requirements.txt
  - pip install -r testing-requirements.txt
 # command to run tests
 script: coverage run runtests.py
 cache: pip
 after_success:
  coveralls
--- a/1
+++ b/1
@@ -337,4 +337,3 @@ proprietary programs.  If your program is a subroutine library, you may
 consider it more useful to permit linking proprietary applications with the
 library.  If this is what you want to do, use the GNU Lesser General
 Public License instead of this License.
--- a/MANIFEST.in
+++ b/MANIFEST.in
@@ -0,0 +1,7 @@
 include LICENSE
 include README.md
 include MANIFEST.in
 graft allianceauth
 global-exclude __pycache__
 global-exclude *.py[co]
--- a/README.md
+++ b/README.md
@@ -1,55 +1,86 @@
-Alliance Auth
+# Alliance Auth
 ============
-[![Join the chat at https://gitter.im/R4stl1n/allianceauth](https://badges.gitter.im/R4stl1n/allianceauth.svg)](https://gitter.im/R4stl1n/allianceauth?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
+[![license](https://img.shields.io/badge/license-GPLv2-green)](https://pypi.org/project/allianceauth/)
 [![python](https://img.shields.io/pypi/pyversions/allianceauth)](https://pypi.org/project/allianceauth/)
 [![django](https://img.shields.io/pypi/djversions/allianceauth?label=django)](https://pypi.org/project/allianceauth/)
 [![version](https://img.shields.io/pypi/v/allianceauth?label=release)](https://pypi.org/project/allianceauth/)
 [![pipeline status](https://gitlab.com/allianceauth/allianceauth/badges/master/pipeline.svg)](https://gitlab.com/allianceauth/allianceauth/commits/master)
 [![Documentation Status](https://readthedocs.org/projects/allianceauth/badge/?version=latest)](http://allianceauth.readthedocs.io/?badge=latest)
-[![Build Status](https://travis-ci.org/allianceauth/allianceauth.svg?branch=master)](https://travis-ci.org/allianceauth/allianceauth)
+[![coverage report](https://gitlab.com/allianceauth/allianceauth/badges/master/coverage.svg)](https://gitlab.com/allianceauth/allianceauth/commits/master)
-[![Coverage Status](https://coveralls.io/repos/github/allianceauth/allianceauth/badge.svg?branch=master)](https://coveralls.io/github/allianceauth/allianceauth?branch=master)
+[![Chat on Discord](https://img.shields.io/discord/399006117012832262.svg)](https://discord.gg/fjnHAmk)
 An auth system for EVE Online to help in-game organizations manage online service access.
-EVE service auth to help corps, alliances, and coalitions manage services.
+## Content
 Built for "The 99 Percent" open for anyone to use.
-[Read the docs here.](http://allianceauth.rtfd.io)
+- [Overview](#overview)
 - [Documentation](http://allianceauth.rtfd.io)
 - [Support](#support)
 - [Release Notes](https://gitlab.com/allianceauth/allianceauth/-/releases)
 - [Developer Team](#developer-team)
 - [Contributing](#contributing)
-Special Permissions In Admin:
+## Overview
-    auth | user | group_management ( Access to add members to groups within the alliance )
+Alliance Auth (AA) is a web site that helps Eve Online organizations efficiently manage access to applications and services.
    auth | user | jabber_broadcast ( Access to broadcast a message over jabber to own groups )
    auth | user | jabber_broadcast_all ( Can choose from all groups and the 'all' option when broadcasting )
    auth | user | corp_apis ( View APIs, and jackKnife, of all members in user's corp. )
    auth | user | alliance_apis ( View APIs, and jackKnife, of all member in user's alliance member corps. )
    auth | user | timer_management ( Access to create and remove timers )
    auth | user | timer_view ( Access to timerboard to view timers )
    auth | user | srp_management ( Allows for an individual to create and remove srp fleets and fleet data )
    auth | user | sigtracker_management ( Allows for an individual to create and remove signitures )
    auth | user | sigtracker_view ( Allows for an individual view signitures )
    auth | user | optimer_management ( Allows for an individual to create and remove fleet operations )
    auth | user | optimer_view ( Allows for an individual view fleet operations )
    auth | user | logging_notifications ( Generate notifications from logging )
-    auth | user | human_resources ( View applications to user's corp )
+Main features:
    hrapplications | application | delete_application ( Can delete applications )
    hrapplications | application | accept_application ( Can accept applications )
    hrapplications | application | reject_application ( Can reject applications )
    hrapplications | application | view_apis ( Can see applicant's API keys )
    hrapplications | applicationcomment | add_applicationcomment ( Can comment on applications )
-Vagrant Instructions:
+- Automatically grants or revokes user access to external services (e.g. Discord, Mumble) and web apps (e.g. SRP requests) based on the user's current membership to [in-game organizations](https://allianceauth.readthedocs.io/en/latest/features/core/states/) and [groups](https://allianceauth.readthedocs.io/en/latest/features/core/groups/)
-    Copy the scripts to the root directory before running
+- Provides a central web site where users can directly access web apps (e.g. SRP requests, Fleet Schedule) and manage their access to external services and groups.
-Active Developers:
+- Includes a set of connectors (called ["services"](https://allianceauth.readthedocs.io/en/latest/features/services/)) for integrating access management with many popular external applications / services like Discord, Mumble, Teamspeak 3, SMF and others
-    Adarnof
+- Includes a set of web [apps](https://allianceauth.readthedocs.io/en/latest/features/apps/) which add many useful functions, e.g.: fleet schedule, timer board, SRP request management, fleet activity tracker
    basraah
-Beta Testers/ Bug Fixers:
+- Can be easily extended with additional services and apps. Many are provided by the community and can be found here: [Community Creations](https://gitlab.com/allianceauth/community-creations)
-    TrentBartlem ( Testing and Bug Fixes )
+- English :flag_gb:, Chinese :flag_cn:, German :flag_de:, Spanish :flag_es:, Korean :flag_kr: and Russian :flag_ru: localization
    IskFiend ( Bug Fixes and Server Configuration )
    Mr McClain (Bug Fixes and server configuration )
-Special Thanks:
+For further details about AA - including an installation guide and a full list of included services and plugin apps - please see the [official documentation](http://allianceauth.rtfd.io).
-    Thanks to Nikdoof, without his old auth implementation this project wouldn't be as far as it is now.
+## Screenshot
 Here is an example of the Alliance Auth web site with some plug-ins apps and services enabled:
 ![screenshot](https://i.imgur.com/2tnX9kD.png)
 ## Support
 [Get help on Discord](https://discord.gg/fjnHAmk) or submit an [issue](https://gitlab.com/allianceauth/allianceauth/issues).
 ## Development Team
 ### Active Developers
 - [Aaron Kable](https://gitlab.com/aaronkable/)
 - [Ariel Rin](https://gitlab.com/soratidus999/)
 - [Basraah](https://gitlab.com/basraah/)
 - [Col Crunch](https://gitlab.com/colcrunch/)
 - [Erik Kalkoken](https://gitlab.com/ErikKalkoken/)
 ### Former Developers
 - [Adarnof](https://gitlab.com/adarnof/)
 ### Beta Testers / Bug Fixers
 - [ghoti](https://gitlab.com/ChainsawMcGinny/)
 - [kaezon](https://github.com/kaezon/)
 - [mmolitor87](https://gitlab.com/mmolitor87/)
 - [orbitroom](https://github.com/orbitroom/)
 - [TargetZ3R0](https://github.com/TargetZ3R0)
 - [tehfiend](https://github.com/tehfiend/)
 Special thanks to [Nikdoof](https://github.com/nikdoof/), as his [auth](https://github.com/nikdoof/test-auth) was the foundation for the original work on this project.
 ## Contributing
 Alliance Auth is maintained and developed by the community and we welcome every contribution!
 To see what needs to be worked on please review our issue list or chat with our active developers on Discord.
 Also, please make sure you have signed the [License Agreement](https://developers.eveonline.com/resource/license-agreement) by logging in at [https://developers.eveonline.com](https://developers.eveonline.com) before submitting any pull requests.
 In addition to the core AA system we also very much welcome contributions to our growing list of 3rd party services and plugin apps. Please see [AA Community Creations](https://gitlab.com/allianceauth/community-creations) for details.
--- a/alliance_auth/.gitignore
+++ b/alliance_auth/.gitignore
@@ -1,2 +0,0 @@
 /settings.py
 !/*.example
--- a/alliance_auth/init.py
+++ b/alliance_auth/init.py
@@ -1,8 +0,0 @@
 from __future__ import absolute_import, unicode_literals
 # This will make sure the app is always imported when
 # Django starts so that shared_task will use this app.
 from .celeryapp import app as celery_app  # noqa
 __version__ = '1.15.4'
 NAME = 'Alliance Auth v%s' % __version__
--- a/alliance_auth/celeryapp.py
+++ b/alliance_auth/celeryapp.py
@@ -1,17 +0,0 @@
 from __future__ import absolute_import, unicode_literals
 import os
 from celery import Celery
 # set the default Django settings module for the 'celery' program.
 os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'alliance_auth.settings')
 from django.conf import settings  # noqa
 app = Celery('alliance_auth')
 # Using a string here means the worker don't have to serialize
 # the configuration object to child processes.
 app.config_from_object('django.conf:settings')
 # Load task modules from all registered Django app configs.
 app.autodiscover_tasks(lambda: settings.INSTALLED_APPS)
--- a/alliance_auth/settings.py.example
+++ b/alliance_auth/settings.py.example
@@ -1,708 +0,0 @@
 # -*- coding: UTF-8 -*-
 """
 Django settings for alliance_auth project.
 Generated by 'django-admin startproject' using Django 1.10.1.
 For more information on this file, see
 https://docs.djangoproject.com/en/1.10/topics/settings/
 For the full list of settings and their values, see
 https://docs.djangoproject.com/en/1.10/ref/settings/
 """
 import os
 from django.contrib import messages
 from celery.schedules import crontab
 # Celery configuration
 BROKER_URL = 'redis://localhost:6379/0'
 CELERYBEAT_SCHEDULER = "django_celery_beat.schedulers.DatabaseScheduler"
 # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
 BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
 # Quick-start development settings - unsuitable for production
 # See https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/
 # SECURITY WARNING: keep the secret key used in production secret!
 SECRET_KEY = ''
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = 'True' == os.environ.get('AA_DEBUG','True')
 ALLOWED_HOSTS = []
 # Application definition
 INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'django.contrib.humanize',
    'django_celery_beat',
    'bootstrapform',
    'authentication',
    'services',
    'eveonline',
    'groupmanagement',
    'hrapplications',
    'timerboard',
    'srp',
    'optimer',
    'corputils',
    'fleetactivitytracking',
    'fleetup',
    'notifications',
    'esi',
    'permissions_tool',
    'geelweb.django.navhelper',
    'bootstrap_pagination',
    'captcha',
    # Services
    'services.modules.mumble',
    'services.modules.discord',
    'services.modules.discourse',
    'services.modules.ipboard',
    'services.modules.ips4',
    'services.modules.market',
    'services.modules.openfire',
    'services.modules.seat',
    'services.modules.smf',
    'services.modules.phpbb3',
    'services.modules.xenforo',
    'services.modules.teamspeak3',
 ]
 MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
    'django.middleware.locale.LocaleMiddleware',
 ]
 ROOT_URLCONF = 'alliance_auth.urls'
 LOCALE_PATHS = (
    os.path.join(BASE_DIR, 'locale/'),
 )
 ugettext = lambda s: s
 LANGUAGES = (
    ('en', ugettext('English')),
    ('de', ugettext('German')),
 )
 TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
        'DIRS': [
            os.path.join(BASE_DIR, 'customization/templates'),
            os.path.join(BASE_DIR, 'stock/templates'),
        ],
        'APP_DIRS': True,
        'OPTIONS': {
            'context_processors': [
                'django.template.context_processors.debug',
                'django.template.context_processors.request',
                'django.contrib.auth.context_processors.auth',
                'django.contrib.messages.context_processors.messages',
                'django.template.context_processors.i18n',
                'django.template.context_processors.media',
                'django.template.context_processors.static',
                'django.template.context_processors.tz',
                'services.context_processors.auth_settings',
                'notifications.context_processors.user_notification_count',
                'authentication.context_processors.states',
                'authentication.context_processors.membership_state',
                'groupmanagement.context_processors.can_manage_groups',
            ],
        },
    },
 ]
 WSGI_APPLICATION = 'alliance_auth.wsgi.application'
 # Database
 # https://docs.djangoproject.com/en/1.10/ref/settings/#databases
 DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.mysql',
        'NAME': 'alliance_auth',
        'USER': os.environ.get('AA_DB_DEFAULT_USER', 'allianceserver'),
        'PASSWORD': os.environ.get('AA_DB_DEFAULT_PASSWORD', 'password'),
        'HOST': os.environ.get('AA_DB_DEFAULT_HOST', '127.0.0.1'),
        'PORT': os.environ.get('AA_DB_DEFAULT_PORT', '3306'),
    },
 }
 # If you have run the authentication.0013_service_modules migration
 # you will need to set this to True in order to install service modules
 # which were involved in that migration after it has been run.
 # If you are on a fresh install with no existing database you can safely
 # set this to True
 # If you have not run the authentication.0013_service_modules migration
 # leave this set to False.
 SERVICES_MIGRATED = False
 # Password validation
 # https://docs.djangoproject.com/en/1.10/ref/settings/#auth-password-validators
 AUTH_PASSWORD_VALIDATORS = [
    {
        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
    },
 ]
 LOGIN_URL = 'auth_login_user'
 SUPERUSER_STATE_BYPASS = 'True' == os.environ.get('AA_SUPERUSER_STATE_BYPASS', 'True')
 # Internationalization
 # https://docs.djangoproject.com/en/1.10/topics/i18n/
 LANGUAGE_CODE = os.environ.get('AA_LANGUAGE_CODE', 'en-us')
 TIME_ZONE = os.environ.get('AA_TIME_ZONE', 'UTC')
 USE_I18N = True
 USE_L10N = True
 USE_TZ = True
 # Static files (CSS, JavaScript, Images)
 # https://docs.djangoproject.com/en/1.10/howto/static-files/
 STATIC_URL = '/static/'
 STATIC_ROOT = os.path.join(BASE_DIR, "static")
 STATICFILES_DIRS = (
    os.path.join(BASE_DIR, "customization/static"),
    os.path.join(BASE_DIR, "stock/static"),
 )
 # Bootstrap messaging css workaround
 MESSAGE_TAGS = {
    messages.ERROR: 'danger'
 }
 CACHES = {
    "default": {
        "BACKEND": "redis_cache.RedisCache",
        "LOCATION": "localhost:6379",
        "OPTIONS": {
            "DB": 1,
        }
    }
 }
 # Google Recaptcha
 CAPTCHA_ENABLED = False
 RECAPTCHA_PUBLIC_KEY = 'MyRecaptchaKey'
 RECAPTCHA_PRIVATE_KEY = 'MyRecaptchaPrivateKey'
 NOCAPTCHA = True
 #####################################################
 ##
 ## Auth configuration starts here
 ##
 #####################################################
 #########################
 # CELERY SCHEDULED TASKS
 #########################
 CELERYBEAT_SCHEDULE = {
    'run_api_refresh': {
        'task': 'eveonline.tasks.run_api_refresh',
        'schedule': crontab(minute=0, hour="*/3"),
    },
    'run_corp_update': {
        'task': 'eveonline.tasks.run_corp_update',
        'schedule': crontab(minute=0, hour="*/2"),
    },
    'update_all_corpstats': {
        'task': 'corputils.tasks.update_all_corpstats',
        'schedule': crontab(minute=0, hour="*/6"),
    },
 }
 #################
 # EMAIL SETTINGS
 #################
 # DOMAIN - The alliance auth domain_url
 # EMAIL_HOST - SMTP Server URL
 # EMAIL_PORT - SMTP Server PORT
 # EMAIL_HOST_USER - Email Username (for gmail, the entire address)
 # EMAIL_HOST_PASSWORD - Email Password
 # EMAIL_USE_TLS - Set to use TLS encryption
 #################
 DOMAIN = os.environ.get('AA_DOMAIN', 'https://example.com')
 EMAIL_HOST = os.environ.get('AA_EMAIL_HOST', 'smtp.gmail.com')
 EMAIL_PORT = int(os.environ.get('AA_EMAIL_PORT', '587'))
 EMAIL_HOST_USER = os.environ.get('AA_EMAIL_HOST_USER', '')
 EMAIL_HOST_PASSWORD = os.environ.get('AA_EMAIL_HOST_PASSWORD', '')
 EMAIL_USE_TLS = 'True' == os.environ.get('AA_EMAIL_USE_TLS', 'True')
 ####################
 # Front Page Links
 ####################
 # KILLBOARD_URL - URL for your killboard. Blank to hide link
 # MEDIA_URL - URL for your media page (youtube etc). Blank to hide link
 # FORUM_URL - URL for your forums. Blank to hide link
 # SITE_NAME - Name of the auth site.
 ####################
 KILLBOARD_URL = os.environ.get('AA_KILLBOARD_URL', '')
 EXTERNAL_MEDIA_URL = os.environ.get('AA_EXTERNAL_MEDIA_URL', '')
 FORUM_URL = os.environ.get('AA_FORUM_URL', '')
 SITE_NAME = os.environ.get('AA_SITE_NAME', 'Alliance Auth')
 ###################
 # SSO Settings
 ###################
 # Get client ID and client secret from registering an app at
 # https://developers.eveonline.com/
 # Callback URL should be https://example.com/sso/callback
 ###################
 ESI_SSO_CLIENT_ID = os.environ.get('AA_ESI_SSO_CLIENT_ID', '')
 ESI_SSO_CLIENT_SECRET = os.environ.get('AA_ESI_SSO_CLIENT_SECRET', '')
 ESI_SSO_CALLBACK_URL = os.environ.get('AA_ESI_SSO_CALLBACK_URL', '')
 #########################
 # Default Group Settings
 #########################
 # DEFAULT_AUTH_GROUP - Default group members are put in
 # DEFAULT_BLUE_GROUP - Default group for blue members
 # MEMBER_CORP_GROUPS - Assign members to a group representing their main corp
 # BLUE_CORP_GROUPS - Assign blues to a group representing their main corp
 #########################
 DEFAULT_AUTH_GROUP = os.environ.get('AA_DEFAULT_ALLIANCE_GROUP', 'Member')
 DEFAULT_BLUE_GROUP = os.environ.get('AA_DEFAULT_BLUE_GROUP', 'Blue')
 MEMBER_CORP_GROUPS = 'True' == os.environ.get('AA_MEMBER_CORP_GROUPS', 'True')
 MEMBER_ALLIANCE_GROUPS = 'True' == os.environ.get('AA_MEMBER_ALLIANCE_GROUPS', 'False')
 BLUE_CORP_GROUPS = 'True' == os.environ.get('AA_BLUE_CORP_GROUPS', 'False')
 BLUE_ALLIANCE_GROUPS = 'True' == os.environ.get('AA_BLUE_ALLIANCE_GROUPS', 'False')
 #########################
 # Tenant Configuration
 #########################
 # CORP_IDS - A list of corporation IDs to treat as members.
 # ALLIANCE_IDS - A list of alliance IDs to treat as members.
 # Any corps in a specified alliance will be treated as members, so do not include them in CORP_IDS
 #########################
 CORP_IDS = []
 ALLIANCE_IDS = []
 #########################
 # Standings Configuration
 #########################
 # Add a corp API key to add blue standings to grant access.
 # CORP_API_ID - Set this to the api id for the corp API key
 # CORP_API_VCODE - Set this to the api vcode for the corp API key
 # BLUE_STANDING - The lowest standings value to consider blue
 # STANDING_LEVEL - The level of standings to query. Accepted values are 'corp' and 'alliance'.
 # BLUE_CORP_IDS - A list of corps to remain blue regardless of in-game standings
 # BLUE_ALLIANCE_IDS - A list of alliances to remain blue regardless of in-game standings
 ########################
 CORP_API_ID = os.environ.get('AA_CORP_API_ID', '')
 CORP_API_VCODE = os.environ.get('AA_CORP_API_VCODE', '')
 BLUE_STANDING = float(os.environ.get('AA_BLUE_STANDING', '5.0'))
 STANDING_LEVEL = os.environ.get('AA_STANDING_LEVEL', 'corp')
 BLUE_CORP_IDS = []
 BLUE_ALLIANCE_IDS = []
 ########################
 # API Configuration
 ########################
 # MEMBER_API_MASK - Numeric value of minimum API mask required for members
 # MEMBER_API_ACCOUNT - Require API to be for Account and not character restricted
 # BLUE_API_MASK - Numeric value of minimum API mask required for blues
 # BLUE_API_ACCOUNT - Require API to be for Account and not character restricted
 # REJECT_OLD_APIS - Require each submitted API be newer than the latest submitted API
 # REJECT_OLD_APIS_MARGIN - Margin from latest submitted API ID within which a newly submitted API is still accepted
 # API_SSO_VALIDATION - Require users to prove ownership of newly entered API keys via SSO
 #                      Requires SSO to be configured.
 #######################
 MEMBER_API_MASK = os.environ.get('AA_MEMBER_API_MASK', 268435455)
 MEMBER_API_ACCOUNT = 'True' == os.environ.get('AA_MEMBER_API_ACCOUNT', 'True')
 BLUE_API_MASK = os.environ.get('AA_BLUE_API_MASK', 8388608)
 BLUE_API_ACCOUNT = 'True' == os.environ.get('AA_BLUE_API_ACCOUNT', 'False')
 REJECT_OLD_APIS = 'True' == os.environ.get('AA_REJECT_OLD_APIS', 'False')
 REJECT_OLD_APIS_MARGIN = os.environ.get('AA_REJECT_OLD_APIS_MARGIN', 50)
 API_SSO_VALIDATION = 'True' == os.environ.get('AA_API_SSO_VALIDATION', 'False')
 #######################
 # EVE Provider Settings
 #######################
 # EVEONLINE_CHARACTER_PROVIDER - Name of default data source for getting eve character data
 # EVEONLINE_CORP_PROVIDER - Name of default data source for getting eve corporation data
 # EVEONLINE_ALLIANCE_PROVIDER - Name of default data source for getting eve alliance data
 # EVEONLINE_ITEMTYPE_PROVIDER - Name of default data source for getting eve item type data
 #
 # Available sources are 'esi' and 'xml'. Leaving blank results in the default 'esi' being used.
 #######################
 EVEONLINE_CHARACTER_PROVIDER = os.environ.get('AA_EVEONLINE_CHARACTER_PROVIDER', '')
 EVEONLINE_CORP_PROVIDER = os.environ.get('AA_EVEONLINE_CORP_PROVIDER', '')
 EVEONLINE_ALLIANCE_PROVIDER = os.environ.get('AA_EVEONLINE_ALLIANCE_PROVIDER', '')
 EVEONLINE_ITEMTYPE_PROVIDER = os.environ.get('AA_EVEONLINE_ITEMTYPE_PROVIDER', '')
 #####################
 # Alliance Market
 #####################
 MARKET_URL = os.environ.get('AA_MARKET_URL', 'http://example.com/market')
 MARKET_DB = {
    'ENGINE': 'django.db.backends.mysql',
    'NAME': 'alliance_market',
    'USER': os.environ.get('AA_DB_MARKET_USER', 'allianceserver-market'),
    'PASSWORD': os.environ.get('AA_DB_MARKET_PASSWORD', 'password'),
    'HOST': os.environ.get('AA_DB_MARKET_HOST', '127.0.0.1'),
    'PORT': os.environ.get('AA_DB_MARKET_PORT', '3306'),
 }
 #####################
 # HR Configuration
 #####################
 # API_KEY_AUDIT_URL - URL for viewing API keys.
 # Other URLs are supported. Use string formatting notation {} with parameter names api_id, vcode, pk
 # Example URL formats are shown below:
 #           Old Jacknife: 'https://example.com/jacknife/eveapi/audit.php?usid={api_id}&apik={vcode}'
 #           New Jacknife: 'https://example.com/jacknife/?usid={api_id}&apik={vcode}'
 #           SeAT: 'https://seat.example.com/api-key/detail/{api_id}'
 #           Django Admin: '/admin/eveonline/eveapikeypair/{pk}/change'
 # Leave blank for the verification code to be shown in a popup on click.
 #####################
 API_KEY_AUDIT_URL = os.environ.get('AA_API_KEY_AUDIT_URL', '')
 #####################
 # Forum Configuration
 #####################
 # IPBOARD_ENDPOINT - Api endpoint if using ipboard
 # IPBOARD_APIKEY - Api key to interact with ipboard
 # IPBOARD_APIMODULE - Module for alliance auth *leave alone*
 #####################
 IPBOARD_ENDPOINT = os.environ.get('AA_IPBOARD_ENDPOINT', 'example.com/interface/board/index.php')
 IPBOARD_APIKEY = os.environ.get('AA_IPBOARD_APIKEY', 'somekeyhere')
 IPBOARD_APIMODULE = 'aa'
 ########################
 # XenForo Configuration
 ########################
 XENFORO_ENDPOINT = os.environ.get('AA_XENFORO_ENDPOINT', 'example.com/api.php')
 XENFORO_DEFAULT_GROUP = os.environ.get('AA_XENFORO_DEFAULT_GROUP', 0)
 XENFORO_APIKEY   = os.environ.get('AA_XENFORO_APIKEY', 'yourapikey')
 #####################
 ######################
 # Jabber Configuration
 ######################
 # JABBER_URL - Jabber address url
 # JABBER_PORT - Jabber service portal
 # JABBER_SERVER - Jabber server url
 # OPENFIRE_ADDRESS - Address of the openfire admin console including port
 #                    Please use http with 9090 or https with 9091
 # OPENFIRE_SECRET_KEY - Openfire REST API secret key
 # BROADCAST_USER - Broadcast user JID
 # BROADCAST_USER_PASSWORD - Broadcast user password
 ######################
 JABBER_URL = os.environ.get('AA_JABBER_URL', "example.com")
 JABBER_PORT = int(os.environ.get('AA_JABBER_PORT', '5223'))
 JABBER_SERVER = os.environ.get('AA_JABBER_SERVER', "example.com")
 OPENFIRE_ADDRESS = os.environ.get('AA_OPENFIRE_ADDRESS', "http://example.com:9090")
 OPENFIRE_SECRET_KEY = os.environ.get('AA_OPENFIRE_SECRET_KEY', "somekey")
 BROADCAST_USER = os.environ.get('AA_BROADCAST_USER', "broadcast@") + JABBER_URL
 BROADCAST_USER_PASSWORD = os.environ.get('AA_BROADCAST_USER_PASSWORD', "somepassword")
 BROADCAST_SERVICE_NAME = os.environ.get('AA_BROADCAST_SERVICE_NAME', "broadcast")
 ######################################
 # Mumble Configuration
 ######################################
 # MUMBLE_URL - Mumble server host
 #               Do not include leading http:// or mumble://
 ######################################
 MUMBLE_URL = os.environ.get('AA_MUMBLE_URL', "example.com")
 ######################################
 # PHPBB3 Configuration
 ######################################
 PHPBB3_DB = {
    'ENGINE': 'django.db.backends.mysql',
    'NAME': 'alliance_forum',
    'USER': os.environ.get('AA_DB_PHPBB3_USER', 'allianceserver-phpbb3'),
    'PASSWORD': os.environ.get('AA_DB_PHPBB3_PASSWORD', 'password'),
    'HOST': os.environ.get('AA_DB_PHPBB3_HOST', '127.0.0.1'),
    'PORT': os.environ.get('AA_DB_PHPBB3_PORT', '3306'),
 }
 ######################################
 # Teamspeak3 Configuration
 ######################################
 # TEAMSPEAK3_SERVER_IP - Teamspeak3 server ip
 # TEAMSPEAK3_SERVER_PORT - Teamspeak3 server port
 # TEAMSPEAK3_SERVERQUERY_USER - Teamspeak3 serverquery username
 # TEAMSPEAK3_SERVERQUERY_PASSWORD - Teamspeak3 serverquery password
 # TEAMSPEAK3_VIRTUAL_SERVER - Virtual server id
 # TEAMSPEAK3_AUTHED_GROUP_ID - Default authed group id
 # TEAMSPEAK3_PUBLIC_URL - teamspeak3 public url used for link creation
 ######################################
 TEAMSPEAK3_SERVER_IP = os.environ.get('AA_TEAMSPEAK3_SERVER_IP', '127.0.0.1')
 TEAMSPEAK3_SERVER_PORT = int(os.environ.get('AA_TEAMSPEAK3_SERVER_PORT', '10011'))
 TEAMSPEAK3_SERVERQUERY_USER = os.environ.get('AA_TEAMSPEAK3_SERVERQUERY_USER', 'serveradmin')
 TEAMSPEAK3_SERVERQUERY_PASSWORD = os.environ.get('AA_TEAMSPEAK3_SERVERQUERY_PASSWORD', 'passwordhere')
 TEAMSPEAK3_VIRTUAL_SERVER = int(os.environ.get('AA_TEAMSPEAK3_VIRTUAL_SERVER', '1'))
 TEAMSPEAK3_PUBLIC_URL = os.environ.get('AA_TEAMSPEAK3_PUBLIC_URL', 'example.com')
 ######################################
 # Discord Configuration
 ######################################
 # DISCORD_GUILD_ID - ID of the guild to manage
 # DISCORD_BOT_TOKEN - oauth token of the app bot user
 # DISCORD_INVITE_CODE - invite code to the server
 # DISCORD_APP_ID - oauth app client ID
 # DISCORD_APP_SECRET - oauth app secret
 # DISCORD_CALLBACK_URL - oauth callback url
 # DISCORD_SYNC_NAMES - enable to force discord nicknames to be set to eve char name (bot needs Manage Nicknames permission)
 ######################################
 DISCORD_GUILD_ID = os.environ.get('AA_DISCORD_GUILD_ID', '')
 DISCORD_BOT_TOKEN = os.environ.get('AA_DISCORD_BOT_TOKEN', '')
 DISCORD_INVITE_CODE = os.environ.get('AA_DISCORD_INVITE_CODE', '')
 DISCORD_APP_ID = os.environ.get('AA_DISCORD_APP_ID', '')
 DISCORD_APP_SECRET = os.environ.get('AA_DISCORD_APP_SECRET', '')
 DISCORD_CALLBACK_URL = os.environ.get('AA_DISCORD_CALLBACK_URL', 'http://example.com/discord/callback')
 DISCORD_SYNC_NAMES = 'True' == os.environ.get('AA_DISCORD_SYNC_NAMES', 'False')
 ######################################
 # Discourse Configuration
 ######################################
 # DISCOURSE_URL - Web address of the forums (no trailing slash)
 # DISCOURSE_API_USERNAME - API account username
 # DISCOURSE_API_KEY - API Key
 # DISCOURSE_SSO_SECRET - SSO secret key
 ######################################
 DISCOURSE_URL = os.environ.get('AA_DISCOURSE_URL', '')
 DISCOURSE_API_USERNAME = os.environ.get('AA_DISCOURSE_API_USERNAME', '')
 DISCOURSE_API_KEY = os.environ.get('AA_DISCOURSE_API_KEY', '')
 DISCOURSE_SSO_SECRET = os.environ.get('AA_DISCOURSE_SSO_SECRET', '')
 #####################################
 # IPS4 Configuration
 #####################################
 # IPS4_URL - base url of the IPS4 install (no trailing slash)
 # IPS4_API_KEY - API key provided by IPS4
 #####################################
 IPS4_URL = os.environ.get('AA_IPS4_URL', 'http://example.com/ips4')
 IPS4_API_KEY = os.environ.get('AA_IPS4_API_KEY', '')
 IPS4_DB = {
    'ENGINE': 'django.db.backends.mysql',
    'NAME': 'alliance_ips4',
    'USER': os.environ.get('AA_DB_IPS4_USER', 'allianceserver-ips4'),
    'PASSWORD': os.environ.get('AA_DB_IPS4_PASSWORD', 'password'),
    'HOST': os.environ.get('AA_DB_IPS4_HOST', '127.0.0.1'),
    'PORT': os.environ.get('AA_DB_IPS4_PORT', '3306'),
 }
 #####################################
 # SEAT Configuration
 #####################################
 # SEAT_URL - base url of the seat install (no trailing slash)
 # SEAT_XTOKEN - API key X-Token provided by SeAT
 #####################################
 SEAT_URL = os.environ.get('AA_SEAT_URL', 'http://example.com/seat')
 SEAT_XTOKEN = os.environ.get('AA_SEAT_XTOKEN', '')
 ######################################
 # SMF Configuration
 ######################################
 SMF_URL = os.environ.get('AA_SMF_URL', 'https://example.com')
 SMF_DB = {
    'ENGINE': 'django.db.backends.mysql',
    'NAME': 'alliance_smf',
    'USER': os.environ.get('AA_DB_SMF_USER', 'allianceserver-smf'),
    'PASSWORD': os.environ.get('AA_DB_SMF_PASSWORD', 'password'),
    'HOST': os.environ.get('AA_DB_SMF_HOST', '127.0.0.1'),
    'PORT': os.environ.get('AA_DB_SMF_PORT', '3306'),
 }
 ######################################
 # Fleet-Up Configuration
 ######################################
 # FLEETUP_APP_KEY - The app key from http://fleet-up.com/Api/MyApps
 # FLEETUP_USER_ID - The user id from http://fleet-up.com/Api/MyKeys
 # FLEETUP_API_ID - The API id from http://fleet-up.com/Api/MyKeys
 # FLEETUP_GROUP_ID - The id of the group you want to pull data from, see http://fleet-up.com/Api/Endpoints#groups_mygroupmemberships
 ######################################
 FLEETUP_APP_KEY = os.environ.get('AA_FLEETUP_APP_KEY', '')
 FLEETUP_USER_ID = os.environ.get('AA_FLEETUP_USER_ID', '')
 FLEETUP_API_ID = os.environ.get('AA_FLEETUP_API_ID', '')
 FLEETUP_GROUP_ID = os.environ.get('AA_FLEETUP_GROUP_ID', '')
 #####################################
 # Logging Configuration
 #####################################
 # Set log_file and console level to desired state:
 # DEBUG - basically stack trace, explains every step
 # INFO - model creation, deletion, updates, etc
 # WARN - unexpected function outcomes that do not impact user
 # ERROR - unexcpeted function outcomes which prevent user from achieving desired outcome
 # EXCEPTION - something critical went wrong, unhandled
 #####################################
 # Recommended level for log_file is INFO, console is DEBUG
 # Change log level of individual apps below to narrow your debugging
 #####################################
 LOGGING = {
    'version': 1,
    'disable_existing_loggers': False,
    'formatters': {
        'verbose': {
            'format' : "[%(asctime)s] %(levelname)s [%(name)s:%(lineno)s] %(message)s",
            'datefmt' : "%d/%b/%Y %H:%M:%S"
        },
        'simple': {
            'format': '%(levelname)s %(message)s'
        },
    },
    'handlers': {
        'log_file': {
            'level': 'INFO',         # edit this line to change logging level to file
            'class': 'logging.handlers.RotatingFileHandler',
            'filename': os.path.join(BASE_DIR,'log/allianceauth.log'),
            'formatter': 'verbose',
            'maxBytes': 1024*1024*5, # edit this line to change max log file size
            'backupCount': 5,        # edit this line to change number of log backups
        },
        'console': {
            'level': 'DEBUG',        # edit this line to change logging level to console
            'class': 'logging.StreamHandler',
            'formatter': 'verbose',
        },
        'notifications': {           # creates notifications for users with logging_notifications permission
            'level': 'ERROR',        # edit this line to change logging level to notifications
            'class': 'notifications.handlers.NotificationHandler',
            'formatter': 'verbose',
        },
    },
    'loggers': {
        'authentication': {
            'handlers': ['log_file', 'console', 'notifications'],
            'level': 'DEBUG',
        },
        'celerytask': {
            'handlers': ['log_file', 'console', 'notifications'],
            'level': 'DEBUG',
        },
        'eveonline': {
            'handlers': ['log_file', 'console', 'notifications'],
            'level': 'DEBUG',
        },
        'groupmanagement': {
            'handlers': ['log_file', 'console', 'notifications'],
            'level': 'DEBUG',
        },
        'hrapplications': {
            'handlers': ['log_file', 'console', 'notifications'],
            'level': 'DEBUG',
        },
        'portal': {
            'handlers': ['log_file', 'console', 'notifications'],
            'level': 'DEBUG',
        },
        'registration': {
            'handlers': ['log_file', 'console', 'notifications'],
            'level': 'DEBUG',
        },
        'services': {
            'handlers': ['log_file', 'console', 'notifications'],
            'level': 'DEBUG',
        },
        'srp': {
            'handlers': ['log_file', 'console', 'notifications'],
            'level': 'DEBUG',
        },
        'timerboard': {
            'handlers': ['log_file', 'console', 'notifications'],
            'level': 'DEBUG',
        },
        'sigtracker': {
            'handlers': ['log_file', 'console', 'notifications'],
            'level': 'DEBUG',
        },
        'optimer': {
            'handlers': ['log_file', 'console', 'notifications'],
            'level': 'DEBUG',
        },
        'corputils': {
            'handlers': ['log_file', 'console', 'notifications'],
            'level': 'DEBUG',
        },
        'fleetactivitytracking': {
            'handlers': ['log_file', 'console', 'notifications'],
            'level': 'ERROR',
        },
        'fleetup': {
            'handlers': ['log_file', 'console', 'notifications'],
            'level': 'DEBUG',
        },
        'util': {
            'handlers': ['log_file', 'console', 'notifications'],
            'level': 'DEBUG',
        },
        'django': {
            'handlers': ['log_file', 'console', 'notifications'],
            'level': 'ERROR',
        },
    }
 }
 # Conditionally add databases only if configured
 if 'services.modules.phpbb3' in INSTALLED_APPS:
    DATABASES['phpbb3'] = PHPBB3_DB
 if 'services.modules.smf' in INSTALLED_APPS:
    DATABASES['smf'] = SMF_DB
 if 'services.modules.market' in INSTALLED_APPS:
    DATABASES['market'] = MARKET_DB
 if 'services.modules.ips4' in INSTALLED_APPS:
    DATABASES['ips4'] = IPS4_DB
 # Ensure corp/alliance IDs are expected types
 STR_CORP_IDS = [str(id) for id in CORP_IDS]
 STR_ALLIANCE_IDS = [str(id) for id in ALLIANCE_IDS]
 STR_BLUE_CORP_IDS = [str(id) for id in BLUE_CORP_IDS]
 STR_BLUE_ALLIANCE_IDS = [str(id) for id in BLUE_ALLIANCE_IDS]
 # Conditionally add periodic tasks for services if installed
 if 'services.modules.teamspeak3' in INSTALLED_APPS:
    CELERYBEAT_SCHEDULE['run_ts3_group_update'] = {
        'task': 'services.modules.teamspeak3.tasks.run_ts3_group_update',
        'schedule': crontab(minute='*/30'),
    }
 if 'services.modules.seat' in INSTALLED_APPS:
    CELERYBEAT_SCHEDULE['run_seat_api_sync'] = {
        'task': 'services.modules.seat.tasks.run_api_sync',
        'schedule': crontab(minute='*/30'),
    }
--- a/alliance_auth/tests/auth_utils.py
+++ b/alliance_auth/tests/auth_utils.py
@@ -1,98 +0,0 @@
 from __future__ import unicode_literals
 from django.db.models.signals import m2m_changed, pre_save
 from django.contrib.auth.models import User, Group, Permission
 from services.signals import m2m_changed_user_groups, pre_save_user
 from services.signals import m2m_changed_group_permissions, m2m_changed_user_permissions
 from authentication.signals import pre_save_auth_state
 from authentication.tasks import make_member, make_blue
 from authentication.models import AuthServicesInfo
 from authentication.states import MEMBER_STATE, BLUE_STATE, NONE_STATE
 from eveonline.models import EveCharacter
 class AuthUtils:
    def __init__(self):
        pass
    @staticmethod
    def _create_user(username):
        return User.objects.create(username=username)
    @classmethod
    def create_user(cls, username, disconnect_signals=False):
        if disconnect_signals:
            cls.disconnect_signals()
        user = cls._create_user(username)
        user.authservicesinfo.state = NONE_STATE
        user.authservicesinfo.save()
        if disconnect_signals:
            cls.connect_signals()
        return user
    @classmethod
    def create_member(cls, username):
        cls.disconnect_signals()
        user = cls._create_user(username)
        user.authservicesinfo.state = MEMBER_STATE
        user.authservicesinfo.save()
        make_member(user.authservicesinfo)
        cls.connect_signals()
        return user
    @classmethod
    def create_blue(cls, username):
        cls.disconnect_signals()
        user = cls._create_user(username)
        user.authservicesinfo.state = BLUE_STATE
        user.authservicesinfo.save()
        make_blue(user.authservicesinfo)
        cls.connect_signals()
        return user
    @classmethod
    def disconnect_signals(cls):
        m2m_changed.disconnect(m2m_changed_user_groups, sender=User.groups.through)
        m2m_changed.disconnect(m2m_changed_group_permissions, sender=Group.permissions.through)
        m2m_changed.disconnect(m2m_changed_user_permissions, sender=User.user_permissions.through)
        pre_save.disconnect(pre_save_user, sender=User)
        pre_save.disconnect(pre_save_auth_state, sender=AuthServicesInfo)
    @classmethod
    def connect_signals(cls):
        m2m_changed.connect(m2m_changed_user_groups, sender=User.groups.through)
        m2m_changed.connect(m2m_changed_group_permissions, sender=Group.permissions.through)
        m2m_changed.connect(m2m_changed_user_permissions, sender=User.user_permissions.through)
        pre_save.connect(pre_save_user, sender=User)
        pre_save.connect(pre_save_auth_state, sender=AuthServicesInfo)
    @classmethod
    def add_main_character(cls, user, name, character_id, corp_id='', corp_name='', corp_ticker='', alliance_id='',
                           alliance_name=''):
        EveCharacter.objects.create(
            character_id=character_id,
            character_name=name,
            corporation_id=corp_id,
            corporation_name=corp_name,
            corporation_ticker=corp_ticker,
            alliance_id=alliance_id,
            alliance_name=alliance_name,
            api_id='1234',
            user=user
        )
        AuthServicesInfo.objects.update_or_create(user=user, defaults={'main_char_id': character_id})
    @classmethod
    def add_permissions_to_groups(cls, perms, groups, disconnect_signals=True):
        if disconnect_signals:
            cls.disconnect_signals()
        for group in groups:
            for perm in perms:
                group.permissions.add(perm)
        if disconnect_signals:
            cls.connect_signals()
--- a/alliance_auth/tests/test_settings.py
+++ b/alliance_auth/tests/test_settings.py
@@ -1,556 +0,0 @@
 """
 Alliance Auth Test Suite Django settings.
 """
 import os
 from django.contrib import messages
 import alliance_auth
 # Use nose to run all tests
 TEST_RUNNER = 'django_nose.NoseTestSuiteRunner'
 NOSE_ARGS = [
    #'--with-coverage',
    #'--cover-package=',
    #'--exe',  # If your tests need this to be found/run, check they py files are not chmodded +x
 ]
 # Celery configuration
 CELERY_ALWAYS_EAGER = True  # Forces celery to run locally for testing
 # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
 BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(alliance_auth.__file__)))
 SECRET_KEY = 'testing only'
 DEBUG = True
 # Application definition
 INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'django.contrib.humanize',
    'django_celery_beat',
    'bootstrapform',
    'authentication',
    'services',
    'eveonline',
    'groupmanagement',
    'hrapplications',
    'timerboard',
    'srp',
    'optimer',
    'corputils',
    'fleetactivitytracking',
    'fleetup',
    'notifications',
    'esi',
    'permissions_tool',
    'geelweb.django.navhelper',
    'bootstrap_pagination',
    'services.modules.mumble',
    'services.modules.discord',
    'services.modules.discourse',
    'services.modules.ipboard',
    'services.modules.ips4',
    'services.modules.market',
    'services.modules.openfire',
    'services.modules.seat',
    'services.modules.smf',
    'services.modules.phpbb3',
    'services.modules.xenforo',
    'services.modules.teamspeak3',
    'django_nose',
 ]
 MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
    'django.middleware.locale.LocaleMiddleware',
 ]
 ROOT_URLCONF = 'alliance_auth.urls'
 LOCALE_PATHS = (
    os.path.join(BASE_DIR, 'locale/'),
 )
 ugettext = lambda s: s
 LANGUAGES = (
    ('en', ugettext('English')),
    ('de', ugettext('German')),
 )
 TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
        'DIRS': [
            os.path.join(BASE_DIR, 'customization/templates'),
            os.path.join(BASE_DIR, 'stock/templates'),
        ],
        'APP_DIRS': True,
        'OPTIONS': {
            'context_processors': [
                'django.template.context_processors.debug',
                'django.template.context_processors.request',
                'django.contrib.auth.context_processors.auth',
                'django.contrib.messages.context_processors.messages',
                'django.template.context_processors.i18n',
                'django.template.context_processors.media',
                'django.template.context_processors.static',
                'django.template.context_processors.tz',
                'services.context_processors.auth_settings',
                'notifications.context_processors.user_notification_count',
                'authentication.context_processors.states',
                'authentication.context_processors.membership_state',
                'groupmanagement.context_processors.can_manage_groups',
            ],
        },
    },
 ]
 # Database
 # https://docs.djangoproject.com/en/1.10/ref/settings/#databases
 DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.sqlite3',
        'NAME': 'alliance_auth',
        'USER': os.environ.get('AA_DB_DEFAULT_USER', None),
        'PASSWORD': os.environ.get('AA_DB_DEFAULT_PASSWORD', None),
        'HOST': os.environ.get('AA_DB_DEFAULT_HOST', None)
    },
 }
 LOGIN_URL = 'auth_login_user'
 SUPERUSER_STATE_BYPASS = 'True' == os.environ.get('AA_SUPERUSER_STATE_BYPASS', 'True')
 # Internationalization
 # https://docs.djangoproject.com/en/1.10/topics/i18n/
 LANGUAGE_CODE = os.environ.get('AA_LANGUAGE_CODE', 'en')
 TIME_ZONE = os.environ.get('AA_TIME_ZONE', 'UTC')
 USE_I18N = True
 USE_L10N = True
 USE_TZ = True
 # Static files (CSS, JavaScript, Images)
 STATIC_URL = '/static/'
 STATIC_ROOT = os.path.join(BASE_DIR, "static")
 STATICFILES_DIRS = (
    os.path.join(BASE_DIR, "customization/static"),
    os.path.join(BASE_DIR, "stock/static"),
 )
 # Bootstrap messaging css workaround
 MESSAGE_TAGS = {
    messages.ERROR: 'danger'
 }
 CACHES = {
    'default': {
        'BACKEND': 'django.core.cache.backends.dummy.DummyCache',
    }
 }
 #####################################################
 ##
 ## Auth configuration starts here
 ##
 #####################################################
 ###########################
 # ALLIANCE / CORP TOGGLE
 ###########################
 # Specifies to run membership checks against corp or alliance
 # Set to FALSE for alliance
 # Set to TRUE for corp
 ###########################
 IS_CORP = 'True' == os.environ.get('AA_IS_CORP', 'True')
 #################
 # EMAIL SETTINGS
 #################
 # DOMAIN - The alliance auth domain_url
 # EMAIL_HOST - SMTP Server URL
 # EMAIL_PORT - SMTP Server PORT
 # EMAIL_HOST_USER - Email Username (for gmail, the entire address)
 # EMAIL_HOST_PASSWORD - Email Password
 # EMAIL_USE_TLS - Set to use TLS encryption
 #################
 DOMAIN = os.environ.get('AA_DOMAIN', 'https://example.com')
 EMAIL_HOST = os.environ.get('AA_EMAIL_HOST', 'smtp.example.com')
 EMAIL_PORT = int(os.environ.get('AA_EMAIL_PORT', '587'))
 EMAIL_HOST_USER = os.environ.get('AA_EMAIL_HOST_USER', '')
 EMAIL_HOST_PASSWORD = os.environ.get('AA_EMAIL_HOST_PASSWORD', '')
 EMAIL_USE_TLS = 'True' == os.environ.get('AA_EMAIL_USE_TLS', 'True')
 ####################
 # Front Page Links
 ####################
 # KILLBOARD_URL - URL for your killboard. Blank to hide link
 # MEDIA_URL - URL for your media page (youtube etc). Blank to hide link
 # FORUM_URL - URL for your forums. Blank to hide link
 # SITE_NAME - Name of the auth site.
 ####################
 KILLBOARD_URL = os.environ.get('AA_KILLBOARD_URL', '')
 EXTERNAL_MEDIA_URL = os.environ.get('AA_EXTERNAL_MEDIA_URL', '')
 FORUM_URL = os.environ.get('AA_FORUM_URL', '')
 SITE_NAME = os.environ.get('AA_SITE_NAME', 'Test Alliance Auth')
 ###################
 # SSO Settings
 ###################
 # Optional SSO.
 # Get client ID and client secret from registering an app at
 # https://developers.eveonline.com/
 # Callback URL should be http://mydomain.com/sso/callback
 # Leave callback blank to hide SSO button on login page
 ###################
 ESI_SSO_CLIENT_ID = os.environ.get('AA_ESI_SSO_CLIENT_ID', '')
 ESI_SSO_CLIENT_SECRET = os.environ.get('AA_ESI_SSO_CLIENT_SECRET', '')
 ESI_SSO_CALLBACK_URL = os.environ.get('AA_ESI_SSO_CALLBACK_URL', '')
 #########################
 # Default Group Settings
 #########################
 # DEFAULT_AUTH_GROUP - Default group members are put in
 # DEFAULT_BLUE_GROUP - Default group for blue members
 # MEMBER_CORP_GROUPS - Assign members to a group representing their main corp
 # BLUE_CORP_GROUPS - Assign blues to a group representing their main corp
 #########################
 DEFAULT_AUTH_GROUP = os.environ.get('AA_DEFAULT_ALLIANCE_GROUP', 'Member')
 DEFAULT_BLUE_GROUP = os.environ.get('AA_DEFAULT_BLUE_GROUP', 'Blue')
 MEMBER_CORP_GROUPS = 'True' == os.environ.get('AA_MEMBER_CORP_GROUPS', 'True')
 MEMBER_ALLIANCE_GROUPS = 'True' == os.environ.get('AA_MEMBER_ALLIANCE_GROUPS', 'False')
 BLUE_CORP_GROUPS = 'True' == os.environ.get('AA_BLUE_CORP_GROUPS', 'False')
 BLUE_ALLIANCE_GROUPS = 'True' == os.environ.get('AA_BLUE_ALLIANCE_GROUPS', 'False')
 #########################
 # Corp Configuration
 #########################
 # If running in alliance mode, the following should be for the executor corp#
 # CORP_ID - Set this to your corp ID (get this from https://zkillboard.com/corporation/#######)
 # CORP_NAME - Set this to your Corporation Name
 # CORP_API_ID - Set this to the api id for the corp API key
 # CORP_API_VCODE - Set this to the api vcode for the corp API key
 ########################
 CORP_ID = os.environ.get('AA_CORP_ID', '1234')
 CORP_NAME = os.environ.get('AA_CORP_NAME', 'Alliance Auth Test Corp')
 CORP_API_ID = os.environ.get('AA_CORP_API_ID', '')
 CORP_API_VCODE = os.environ.get('AA_CORP_API_VCODE', '')
 #########################
 # Alliance Configuration
 #########################
 # ALLIANCE_ID - Set this to your Alliance ID (get this from https://zkillboard.com/alliance/#######)
 # ALLIANCE_NAME - Set this to your Alliance Name
 ########################
 ALLIANCE_ID = os.environ.get('AA_ALLIANCE_ID', '12345')
 ALLIANCE_NAME = os.environ.get('AA_ALLIANCE_NAME', 'Alliance Auth Test Alliance')
 ########################
 # API Configuration
 ########################
 # MEMBER_API_MASK - Numeric value of minimum API mask required for members
 # MEMBER_API_ACCOUNT - Require API to be for Account and not character restricted
 # BLUE_API_MASK - Numeric value of minimum API mask required for blues
 # BLUE_API_ACCOUNT - Require API to be for Account and not character restricted
 # REJECT_OLD_APIS - Require each submitted API be newer than the latest submitted API
 # REJECT_OLD_APIS_MARGIN - Margin from latest submitted API ID within which a newly submitted API is still accepted
 # API_SSO_VALIDATION - Require users to prove ownership of newly entered API keys via SSO
 #                      Requires SSO to be configured.
 #######################
 MEMBER_API_MASK = os.environ.get('AA_MEMBER_API_MASK', 268435455)
 MEMBER_API_ACCOUNT = 'True' == os.environ.get('AA_MEMBER_API_ACCOUNT', 'True')
 BLUE_API_MASK = os.environ.get('AA_BLUE_API_MASK', 8388608)
 BLUE_API_ACCOUNT = 'True' == os.environ.get('AA_BLUE_API_ACCOUNT', 'True')
 REJECT_OLD_APIS = 'True' == os.environ.get('AA_REJECT_OLD_APIS', 'False')
 REJECT_OLD_APIS_MARGIN = os.environ.get('AA_REJECT_OLD_APIS_MARGIN', 50)
 API_SSO_VALIDATION = 'True' == os.environ.get('AA_API_SSO_VALIDATION', 'False')
 #######################
 # EVE Provider Settings
 #######################
 # EVEONLINE_CHARACTER_PROVIDER - Name of default data source for getting eve character data
 # EVEONLINE_CORP_PROVIDER - Name of default data source for getting eve corporation data
 # EVEONLINE_ALLIANCE_PROVIDER - Name of default data source for getting eve alliance data
 # EVEONLINE_ITEMTYPE_PROVIDER - Name of default data source for getting eve item type data
 #
 # Available sources are 'esi' and 'xml'. Leaving blank results in the default 'esi' being used.
 #######################
 EVEONLINE_CHARACTER_PROVIDER = os.environ.get('AA_EVEONLINE_CHARACTER_PROVIDER', 'xml')
 EVEONLINE_CORP_PROVIDER = os.environ.get('AA_EVEONLINE_CORP_PROVIDER', 'xml')
 EVEONLINE_ALLIANCE_PROVIDER = os.environ.get('AA_EVEONLINE_ALLIANCE_PROVIDER', 'xml')
 EVEONLINE_ITEMTYPE_PROVIDER = os.environ.get('AA_EVEONLINE_ITEMTYPE_PROVIDER', 'xml')
 #####################
 # Alliance Market
 #####################
 MARKET_URL = os.environ.get('AA_MARKET_URL', 'http://yourdomain.com/market')
 #####################
 # HR Configuration
 #####################
 # JACK_KNIFE_URL - Url for the audit page of API Jack knife
 #                  Should seriously replace with your own.
 #####################
 JACK_KNIFE_URL = os.environ.get('AA_JACK_KNIFE_URL', 'http://example.com/eveapi/audit.php')
 #####################
 # Forum Configuration
 #####################
 # IPBOARD_ENDPOINT - Api endpoint if using ipboard
 # IPBOARD_APIKEY - Api key to interact with ipboard
 # IPBOARD_APIMODULE - Module for alliance auth *leave alone*
 #####################
 IPBOARD_ENDPOINT = os.environ.get('AA_IPBOARD_ENDPOINT', 'example.com/interface/board/index.php')
 IPBOARD_APIKEY = os.environ.get('AA_IPBOARD_APIKEY', 'somekeyhere')
 IPBOARD_APIMODULE = 'aa'
 ########################
 # XenForo Configuration
 ########################
 XENFORO_ENDPOINT = os.environ.get('AA_XENFORO_ENDPOINT', 'example.com/api.php')
 XENFORO_DEFAULT_GROUP = os.environ.get('AA_XENFORO_DEFAULT_GROUP', 0)
 XENFORO_APIKEY   = os.environ.get('AA_XENFORO_APIKEY', 'yourapikey')
 #####################
 ######################
 # Jabber Configuration
 ######################
 # JABBER_URL - Jabber address url
 # JABBER_PORT - Jabber service portal
 # JABBER_SERVER - Jabber server url
 # OPENFIRE_ADDRESS - Address of the openfire admin console including port
 #                    Please use http with 9090 or https with 9091
 # OPENFIRE_SECRET_KEY - Openfire REST API secret key
 # BROADCAST_USER - Broadcast user JID
 # BROADCAST_USER_PASSWORD - Broadcast user password
 ######################
 JABBER_URL = os.environ.get('AA_JABBER_URL', "example.com")
 JABBER_PORT = int(os.environ.get('AA_JABBER_PORT', '5223'))
 JABBER_SERVER = os.environ.get('AA_JABBER_SERVER', "example.com")
 OPENFIRE_ADDRESS = os.environ.get('AA_OPENFIRE_ADDRESS', "http://example.com:9090")
 OPENFIRE_SECRET_KEY = os.environ.get('AA_OPENFIRE_SECRET_KEY', "somekey")
 BROADCAST_USER = os.environ.get('AA_BROADCAST_USER', "broadcast@") + JABBER_URL
 BROADCAST_USER_PASSWORD = os.environ.get('AA_BROADCAST_USER_PASSWORD', "somepassword")
 BROADCAST_SERVICE_NAME = os.environ.get('AA_BROADCAST_SERVICE_NAME', "broadcast")
 ######################################
 # Mumble Configuration
 ######################################
 # MUMBLE_URL - Mumble server url
 # MUMBLE_SERVER_ID - Mumble server id
 ######################################
 MUMBLE_URL = os.environ.get('AA_MUMBLE_URL', "example.com")
 MUMBLE_SERVER_ID = int(os.environ.get('AA_MUMBLE_SERVER_ID', '1'))
 ######################################
 # PHPBB3 Configuration
 ######################################
 ######################################
 # Teamspeak3 Configuration
 ######################################
 # TEAMSPEAK3_SERVER_IP - Teamspeak3 server ip
 # TEAMSPEAK3_SERVER_PORT - Teamspeak3 server port
 # TEAMSPEAK3_SERVERQUERY_USER - Teamspeak3 serverquery username
 # TEAMSPEAK3_SERVERQUERY_PASSWORD - Teamspeak3 serverquery password
 # TEAMSPEAK3_VIRTUAL_SERVER - Virtual server id
 # TEAMSPEAK3_AUTHED_GROUP_ID - Default authed group id
 # TEAMSPEAK3_PUBLIC_URL - teamspeak3 public url used for link creation
 ######################################
 TEAMSPEAK3_SERVER_IP = os.environ.get('AA_TEAMSPEAK3_SERVER_IP', '127.0.0.1')
 TEAMSPEAK3_SERVER_PORT = int(os.environ.get('AA_TEAMSPEAK3_SERVER_PORT', '10011'))
 TEAMSPEAK3_SERVERQUERY_USER = os.environ.get('AA_TEAMSPEAK3_SERVERQUERY_USER', 'serveradmin')
 TEAMSPEAK3_SERVERQUERY_PASSWORD = os.environ.get('AA_TEAMSPEAK3_SERVERQUERY_PASSWORD', 'passwordhere')
 TEAMSPEAK3_VIRTUAL_SERVER = int(os.environ.get('AA_TEAMSPEAK3_VIRTUAL_SERVER', '1'))
 TEAMSPEAK3_PUBLIC_URL = os.environ.get('AA_TEAMSPEAK3_PUBLIC_URL', 'example.com')
 ######################################
 # Discord Configuration
 ######################################
 # DISCORD_GUILD_ID - ID of the guild to manage
 # DISCORD_BOT_TOKEN - oauth token of the app bot user
 # DISCORD_INVITE_CODE - invite code to the server
 # DISCORD_APP_ID - oauth app client ID
 # DISCORD_APP_SECRET - oauth app secret
 # DISCORD_CALLBACK_URL - oauth callback url
 # DISCORD_SYNC_NAMES - enable to force discord nicknames to be set to eve char name (bot needs Manage Nicknames permission)
 ######################################
 DISCORD_GUILD_ID = os.environ.get('AA_DISCORD_GUILD_ID', '0118999')
 DISCORD_BOT_TOKEN = os.environ.get('AA_DISCORD_BOT_TOKEN', 'bottoken')
 DISCORD_INVITE_CODE = os.environ.get('AA_DISCORD_INVITE_CODE', 'invitecode')
 DISCORD_APP_ID = os.environ.get('AA_DISCORD_APP_ID', 'appid')
 DISCORD_APP_SECRET = os.environ.get('AA_DISCORD_APP_SECRET', 'secret')
 DISCORD_CALLBACK_URL = os.environ.get('AA_DISCORD_CALLBACK_URL', 'http://example.com/discord/callback')
 DISCORD_SYNC_NAMES = 'True' == os.environ.get('AA_DISCORD_SYNC_NAMES', 'False')
 ######################################
 # Discourse Configuration
 ######################################
 # DISCOURSE_URL - Web address of the forums (no trailing slash)
 # DISCOURSE_API_USERNAME - API account username
 # DISCOURSE_API_KEY - API Key
 # DISCOURSE_SSO_SECRET - SSO secret key
 ######################################
 DISCOURSE_URL = os.environ.get('AA_DISCOURSE_URL', 'https://example.com')
 DISCOURSE_API_USERNAME = os.environ.get('AA_DISCOURSE_API_USERNAME', '')
 DISCOURSE_API_KEY = os.environ.get('AA_DISCOURSE_API_KEY', '')
 DISCOURSE_SSO_SECRET = 'd836444a9e4084d5b224a60c208dce14'
 # Example secret from https://meta.discourse.org/t/official-single-sign-on-for-discourse/13045
 #####################################
 # IPS4 Configuration
 #####################################
 # IPS4_URL - base url of the IPS4 install (no trailing slash)
 # IPS4_API_KEY - API key provided by IPS4
 #####################################
 IPS4_URL = os.environ.get('AA_IPS4_URL', 'http://example.com/ips4')
 IPS4_API_KEY = os.environ.get('AA_IPS4_API_KEY', '')
 #####################################
 # SEAT Configuration
 #####################################
 # SEAT_URL - base url of the seat install (no trailing slash)
 # SEAT_XTOKEN - API key X-Token provided by SeAT
 #####################################
 SEAT_URL = os.environ.get('AA_SEAT_URL', 'http://example.com/seat')
 SEAT_XTOKEN = os.environ.get('AA_SEAT_XTOKEN', 'tokentokentoken')
 ######################################
 # SMF Configuration
 ######################################
 SMF_URL = os.environ.get('AA_SMF_URL', '')
 ######################################
 # Fleet-Up Configuration
 ######################################
 # FLEETUP_APP_KEY - The app key from http://fleet-up.com/Api/MyApps
 # FLEETUP_USER_ID - The user id from http://fleet-up.com/Api/MyKeys
 # FLEETUP_API_ID - The API id from http://fleet-up.com/Api/MyKeys
 # FLEETUP_GROUP_ID - The id of the group you want to pull data from, see http://fleet-up.com/Api/Endpoints#groups_mygroupmemberships
 ######################################
 FLEETUP_APP_KEY = os.environ.get('AA_FLEETUP_APP_KEY', '')
 FLEETUP_USER_ID = os.environ.get('AA_FLEETUP_USER_ID', '')
 FLEETUP_API_ID = os.environ.get('AA_FLEETUP_API_ID', '')
 FLEETUP_GROUP_ID = os.environ.get('AA_FLEETUP_GROUP_ID', '')
 PASSWORD_HASHERS = [
    'django.contrib.auth.hashers.MD5PasswordHasher',
 ]
 LOGGING = {
    'version': 1,
    'disable_existing_loggers': False,
    'formatters': {
        'verbose': {
            'format' : "[%(asctime)s] %(levelname)s [%(name)s:%(lineno)s] %(message)s",
            'datefmt' : "%d/%b/%Y %H:%M:%S"
        },
        'simple': {
            'format': '%(levelname)s %(message)s'
        },
    },
    'handlers': {
        'console': {
            'level': 'DEBUG',        # edit this line to change logging level to console
            'class': 'logging.StreamHandler',
            'formatter': 'verbose',
        },
        'notifications': {           # creates notifications for users with logging_notifications permission
            'level': 'ERROR',        # edit this line to change logging level to notifications
            'class': 'notifications.handlers.NotificationHandler',
            'formatter': 'verbose',
        },
    },
    'loggers': {
        'authentication': {
            'handlers': ['console', 'notifications'],
            'level': 'DEBUG',
        },
        'celerytask': {
            'handlers': ['console', 'notifications'],
            'level': 'DEBUG',
        },
        'eveonline': {
            'handlers': ['console', 'notifications'],
            'level': 'DEBUG',
        },
        'groupmanagement': {
            'handlers': ['console', 'notifications'],
            'level': 'DEBUG',
        },
        'hrapplications': {
            'handlers': ['console', 'notifications'],
            'level': 'DEBUG',
        },
        'portal': {
            'handlers': ['console', 'notifications'],
            'level': 'DEBUG',
        },
        'registration': {
            'handlers': ['console', 'notifications'],
            'level': 'DEBUG',
        },
        'services': {
            'handlers': ['console', 'notifications'],
            'level': 'DEBUG',
        },
        'srp': {
            'handlers': ['console', 'notifications'],
            'level': 'DEBUG',
        },
        'timerboard': {
            'handlers': ['console', 'notifications'],
            'level': 'DEBUG',
        },
        'sigtracker': {
            'handlers': ['console', 'notifications'],
            'level': 'DEBUG',
        },
        'optimer': {
            'handlers': ['console', 'notifications'],
            'level': 'DEBUG',
        },
        'corputils': {
            'handlers': ['console', 'notifications'],
            'level': 'DEBUG',
        },
        'fleetactivitytracking': {
            'handlers': ['console', 'notifications'],
            'level': 'ERROR',
        },
        'util': {
            'handlers': ['console', 'notifications'],
            'level': 'DEBUG',
        },
        'django': {
            'handlers': ['console', 'notifications'],
            'level': 'ERROR',
        },
    }
 }
 LOGGING = None  # Comment out to enable logging for debugging
--- a/alliance_auth/urls.py
+++ b/alliance_auth/urls.py
@@ -1,222 +0,0 @@
 from django.conf.urls import include, url
 from django.conf.urls.i18n import i18n_patterns
 from django.utils.translation import ugettext_lazy as _
 from django.contrib import admin
 import django.contrib.auth.views
 import authentication.views
 import eveonline.views
 import services.views
 import groupmanagement.views
 import optimer.views
 import timerboard.views
 import fleetactivitytracking.views
 import fleetup.urls
 import srp.views
 import notifications.views
 import hrapplications.views
 import corputils.urls
 import esi.urls
 import permissions_tool.urls
 from alliance_auth import NAME
 admin.site.site_header = NAME
 from alliance_auth.hooks import get_hooks
 # Functional/Untranslated URL's
 urlpatterns = [
    # Locale
    url(r'^i18n/', include('django.conf.urls.i18n')),
    # Admin urls
    url(r'^admin/', include(admin.site.urls)),
    # SSO
    url(r'^sso/', include(esi.urls, namespace='esi')),
    url(r'^sso/login$', authentication.views.sso_login, name='auth_sso_login'),
    # Index
    url(_(r'^$'), authentication.views.index_view, name='auth_index'),
    # Authentication
    url(r'^logout_user/', authentication.views.logout_user, name='auth_logout_user'),
    # Eve Online
    url(r'^main_character_change/(\w+)/$', eveonline.views.main_character_change,
        name='auth_main_character_change'),
    url(r'^api_verify_owner/(\w+)/$', eveonline.views.api_sso_validate, name='auth_api_sso'),
    # SRP URLS
    url(r'^srp_fleet_remove/(\w+)$', srp.views.srp_fleet_remove, name='auth_srp_fleet_remove'),
    url(r'^srp_fleet_disable/(\w+)$', srp.views.srp_fleet_disable, name='auth_srp_fleet_disable'),
    url(r'^srp_fleet_enable/(\w+)$', srp.views.srp_fleet_enable, name='auth_srp_fleet_enable'),
    url(r'^srp_fleet_mark_completed/(\w+)', srp.views.srp_fleet_mark_completed,
        name='auth_srp_fleet_mark_completed'),
    url(r'^srp_fleet_mark_uncompleted/(\w+)', srp.views.srp_fleet_mark_uncompleted,
        name='auth_srp_fleet_mark_uncompleted'),
    url(r'^srp_request_remove/', srp.views.srp_request_remove,
        name="auth_srp_request_remove"),
    url(r'srp_request_approve/', srp.views.srp_request_approve,
        name='auth_srp_request_approve'),
    url(r'srp_request_reject/', srp.views.srp_request_reject, 
        name='auth_srp_request_reject'),
    url(_(r'srp_request_amount_update/(\w+)'), srp.views.srp_request_update_amount,
        name="auth_srp_request_update_amount"),
    # Notifications
    url(r'^remove_notifications/(\w+)/$', notifications.views.remove_notification, name='auth_remove_notification'),
    url(r'^notifications/mark_all_read/$', notifications.views.mark_all_read, name='auth_mark_all_notifications_read'),
    url(r'^notifications/delete_all_read/$', notifications.views.delete_all_read,
        name='auth_delete_all_read_notifications'),
 ]
 # User viewed/translated URLS
 urlpatterns += i18n_patterns(
    # Fleetup
    url(r'^fleetup/', include(fleetup.urls.urlpatterns)),
    # Authentication
    url(_(r'^login_user/'), authentication.views.login_user, name='auth_login_user'),
    url(_(r'^register_user/'), authentication.views.register_user_view, name='auth_register_user'),
    url(_(r'^user/password/$'), django.contrib.auth.views.password_change, name='password_change'),
    url(_(r'^user/password/done/$'), django.contrib.auth.views.password_change_done,
        name='password_change_done'),
    url(_(r'^user/password/reset/$'), django.contrib.auth.views.password_reset,
        name='password_reset'),
    url(_(r'^user/password/password/reset/done/$'), django.contrib.auth.views.password_reset_done,
        name='password_reset_done'),
    url(_(r'^user/password/reset/complete/$'), django.contrib.auth.views.password_reset_complete,
        name='password_reset_complete'),
    url(_(r'^user/password/reset/confirm/(?P<uidb64>[0-9A-Za-z_\-]+)/(?P<token>.+)/$'),
        django.contrib.auth.views.password_reset_confirm, name='password_reset_confirm'),
    # Portal Urls
    url(_(r'^dashboard/$'), eveonline.views.dashboard_view, name='auth_dashboard'),
    url(_(r'^help/$'), authentication.views.help_view, name='auth_help'),
    # Eveonline Urls
    url(_(r'^add_api_key/'), eveonline.views.add_api_key, name='auth_add_api_key'),
    url(_(r'^refresh_api_pair/([0-9]+)/$'), eveonline.views.user_refresh_api, name='auth_user_refresh_api'),
    url(_(r'^delete_api_pair/(\w+)/$'), eveonline.views.api_key_removal, name='auth_api_key_removal'),
    url(_(r'^characters/'), eveonline.views.characters_view, name='auth_characters'),
    # Corputils
    url(_(r'^corpstats/'), include(corputils.urls, namespace='corputils')),
    # Group management
    url(_(r'^groups/'), groupmanagement.views.groups_view, name='auth_groups'),
    url(_(r'^group/management/'), groupmanagement.views.group_management,
        name='auth_group_management'),
    url(_(r'^group/membership/$'), groupmanagement.views.group_membership,
        name='auth_group_membership'),
    url(_(r'^group/membership/(\w+)/$'), groupmanagement.views.group_membership_list,
        name='auth_group_membership_list'),
    url(_(r'^group/membership/(\w+)/remove/(\w+)/$'), groupmanagement.views.group_membership_remove,
        name='auth_group_membership_remove'),
    url(_(r'^group/request_add/(\w+)'), groupmanagement.views.group_request_add,
        name='auth_group_request_add'),
    url(_(r'^group/request/accept/(\w+)'), groupmanagement.views.group_accept_request,
        name='auth_group_accept_request'),
    url(_(r'^group/request/reject/(\w+)'), groupmanagement.views.group_reject_request,
        name='auth_group_reject_request'),
    url(_(r'^group/request_leave/(\w+)'), groupmanagement.views.group_request_leave,
        name='auth_group_request_leave'),
    url(_(r'group/leave_request/accept/(\w+)'), groupmanagement.views.group_leave_accept_request,
        name='auth_group_leave_accept_request'),
    url(_(r'^group/leave_request/reject/(\w+)'), groupmanagement.views.group_leave_reject_request,
        name='auth_group_leave_reject_request'),
    # HR Application Management
    url(_(r'^hr_application_management/'), hrapplications.views.hr_application_management_view,
        name="auth_hrapplications_view"),
    url(_(r'^hr_application_create/$'), hrapplications.views.hr_application_create_view,
        name="auth_hrapplication_create_view"),
    url(_(r'^hr_application_create/(\d+)'), hrapplications.views.hr_application_create_view,
        name="auth_hrapplication_create_view"),
    url(_(r'^hr_application_remove/(\w+)'), hrapplications.views.hr_application_remove,
        name="auth_hrapplication_remove"),
    url(_(r'hr_application_view/(\w+)'), hrapplications.views.hr_application_view,
        name="auth_hrapplication_view"),
    url(_(r'hr_application_personal_view/(\w+)'), hrapplications.views.hr_application_personal_view,
        name="auth_hrapplication_personal_view"),
    url(_(r'hr_application_personal_removal/(\w+)'),
        hrapplications.views.hr_application_personal_removal,
        name="auth_hrapplication_personal_removal"),
    url(_(r'hr_application_approve/(\w+)'), hrapplications.views.hr_application_approve,
        name="auth_hrapplication_approve"),
    url(_(r'hr_application_reject/(\w+)'), hrapplications.views.hr_application_reject,
        name="auth_hrapplication_reject"),
    url(_(r'hr_application_search/'), hrapplications.views.hr_application_search,
        name="auth_hrapplication_search"),
    url(_(r'hr_mark_in_progress/(\w+)'), hrapplications.views.hr_application_mark_in_progress,
        name="auth_hrapplication_mark_in_progress"),
    # Fleet Operations Timers
    url(_(r'^optimer/$'), optimer.views.optimer_view, name='auth_optimer_view'),
    url(_(r'^add_optimer/$'), optimer.views.add_optimer_view, name='auth_add_optimer_view'),
    url(_(r'^remove_optimer/(\w+)'), optimer.views.remove_optimer, name='auth_remove_optimer'),
    url(_(r'^edit_optimer/(\w+)$'), optimer.views.edit_optimer, name='auth_edit_optimer'),
    # Service Urls
    url(_(r'^services/$'), services.views.services_view, name='auth_services'),
    # Timer URLS
    url(_(r'^timers/$'), timerboard.views.timer_view, name='auth_timer_view'),
    url(_(r'^add_timer/$'), timerboard.views.add_timer_view, name='auth_add_timer_view'),
    url(_(r'^remove_timer/(\w+)'), timerboard.views.remove_timer, name='auth_remove_timer'),
    url(_(r'^edit_timer/(\w+)$'), timerboard.views.edit_timer, name='auth_edit_timer'),
    # SRP URLS
    url(_(r'^srp/$'), srp.views.srp_management, name='auth_srp_management_view'),
    url(_(r'^srp_all/$'), srp.views.srp_management_all, name='auth_srp_management_all_view'),
    url(_(r'^srp_fleet_view/(\w+)$'), srp.views.srp_fleet_view, name='auth_srp_fleet_view'),
    url(_(r'^srp_fleet_add_view/$'), srp.views.srp_fleet_add_view, name='auth_srp_fleet_add_view'),
    url(_(r'^srp_fleet_edit/(\w+)$'), srp.views.srp_fleet_edit_view, name='auth_srp_fleet_edit_view'),
    url(_(r'^srp_request/(\w+)'), srp.views.srp_request_view, name='auth_srp_request_view'),
    # Tools
    url(_(r'^tool/fleet_formatter_tool/$'), services.views.fleet_formatter_view,
        name='auth_fleet_format_tool_view'),
    # Notifications
    url(_(r'^notifications/$'), notifications.views.notification_list, name='auth_notification_list'),
    url(_(r'^notifications/(\w+)/$'), notifications.views.notification_view, name='auth_notification_view'),
    # FleetActivityTracking (FAT)
    url(r'^fat/$', fleetactivitytracking.views.fatlink_view, name='auth_fatlink_view'),
    url(r'^fat/statistics/$', fleetactivitytracking.views.fatlink_statistics_view, name='auth_fatlink_view_statistics'),
    url(r'^fat/statistics/corp/(\w+)$', fleetactivitytracking.views.fatlink_statistics_corp_view, name='auth_fatlink_view_statistics_corp'),
    url(r'^fat/statistics/corp/(?P<corpid>\w+)/(?P<year>[0-9]+)/(?P<month>[0-9]+)/', fleetactivitytracking.views.fatlink_statistics_corp_view,
        name='auth_fatlink_view_statistics_corp_month'),
    url(r'^fat/statistics/(?P<year>[0-9]+)/(?P<month>[0-9]+)/$', fleetactivitytracking.views.fatlink_statistics_view,
        name='auth_fatlink_view_statistics_month'),
    url(r'^fat/user/statistics/$', fleetactivitytracking.views.fatlink_personal_statistics_view,
        name='auth_fatlink_view_personal_statistics'),
    url(r'^fat/user/statistics/(?P<year>[0-9]+)/$', fleetactivitytracking.views.fatlink_personal_statistics_view,
        name='auth_fatlink_view_personal_statistics_year'),
    url(r'^fat/user/statistics/(?P<year>[0-9]+)/(?P<month>[0-9]+)/$',
        fleetactivitytracking.views.fatlink_monthly_personal_statistics_view,
        name='auth_fatlink_view_personal_statistics_month'),
    url(r'^fat/user/(?P<char_id>[0-9]+)/statistics/(?P<year>[0-9]+)/(?P<month>[0-9]+)/$',
        fleetactivitytracking.views.fatlink_monthly_personal_statistics_view,
        name='auth_fatlink_view_user_statistics_month'),
    url(r'^fat/create/$', fleetactivitytracking.views.create_fatlink_view, name='auth_create_fatlink_view'),
    url(r'^fat/modify/$', fleetactivitytracking.views.modify_fatlink_view, name='auth_modify_fatlink_view'),
    url(r'^fat/modify/(?P<hash>[a-zA-Z0-9_-]+)/([a-z0-9_-]+)$',
        fleetactivitytracking.views.modify_fatlink_view),
    url(r'^fat/link/$', fleetactivitytracking.views.fatlink_view, name='auth_click_fatlink_view'),
    url(r'^fat/link/(?P<hash>[a-zA-Z0-9]+)/(?P<fatname>[a-z0-9_-]+)/$',
        fleetactivitytracking.views.click_fatlink_view),
    url(r'^permissions/', include(permissions_tool.urls))
 )
 # Append hooked service urls
 services = get_hooks('services_hook')
 for svc in services:
    urlpatterns += svc().urlpatterns
--- a/alliance_auth/wsgi.py
+++ b/alliance_auth/wsgi.py
@@ -1,20 +0,0 @@
 """
 WSGI config for alliance_auth project.
 It exposes the WSGI callable as a module-level variable named ``application``.
 For more information on this file, see
 https://docs.djangoproject.com/en/1.6/howto/deployment/wsgi/
 """
 import os
 from django.core.wsgi import get_wsgi_application
 os.environ.setdefault("DJANGO_SETTINGS_MODULE", "alliance_auth.settings")
 # virtualenv wrapper, uncomment below to activate
 # activate_env=os.path.join(os.path.dirname(os.path.abspath(__file__)), 'env/bin/activate_this.py')
 # execfile(activate_env, dict(__file__=activate_env))
 application = get_wsgi_application()
--- a/allianceauth/init.py
+++ b/allianceauth/init.py
@@ -0,0 +1,7 @@
 # This will make sure the app is always imported when
 # Django starts so that shared_task will use this app.
 __version__ = '3.3.0'
 __title__ = 'Alliance Auth'
 __url__ = 'https://gitlab.com/allianceauth/allianceauth'
 NAME = f'{__title__} v{__version__}'
--- a/allianceauth/analytics/init.py
+++ b/allianceauth/analytics/init.py
--- a/allianceauth/analytics/admin.py
+++ b/allianceauth/analytics/admin.py
@@ -0,0 +1,21 @@
 from django.contrib import admin
 from .models import AnalyticsIdentifier, AnalyticsPath, AnalyticsTokens
@admin.register(AnalyticsIdentifier)
 class AnalyticsIdentifierAdmin(admin.ModelAdmin):
    search_fields = ['identifier', ]
    list_display = ('identifier',)
@admin.register(AnalyticsTokens)
 class AnalyticsTokensAdmin(admin.ModelAdmin):
    search_fields = ['name', ]
    list_display = ('name', 'type',)
@admin.register(AnalyticsPath)
 class AnalyticsPathAdmin(admin.ModelAdmin):
    search_fields = ['ignore_path', ]
    list_display = ('ignore_path',)
--- a/allianceauth/analytics/apps.py
+++ b/allianceauth/analytics/apps.py
@@ -0,0 +1,9 @@
 from django.apps import AppConfig
 class AnalyticsConfig(AppConfig):
    name = 'allianceauth.analytics'
    label = 'analytics'
    def ready(self):
        import allianceauth.analytics.signals
--- a/allianceauth/analytics/fixtures/disable_analytics.json
+++ b/allianceauth/analytics/fixtures/disable_analytics.json
@@ -0,0 +1,21 @@
 [
    {
    "model": "analytics.AnalyticsTokens",
    "pk": 1,
    "fields": {
        "name": "AA Team Public Google Analytics (Universal)",
        "type": "GA-V4",
        "token": "UA-186249766-2",
        "send_page_views": "False",
        "send_celery_tasks": "False",
        "send_stats": "False"
        }
    },
    {
        "model": "analytics.AnalyticsIdentifier",
        "pk": 1,
        "fields": {
            "identifier": "ab33e241fbf042b6aa77c7655a768af7"
        }
    }
 ]
--- a/allianceauth/analytics/middleware.py
+++ b/allianceauth/analytics/middleware.py
@@ -0,0 +1,52 @@
 from bs4 import BeautifulSoup
 from django.conf import settings
 from django.utils.deprecation import MiddlewareMixin
 from .models import AnalyticsTokens, AnalyticsIdentifier
 from .tasks import send_ga_tracking_web_view
 import re
 class AnalyticsMiddleware(MiddlewareMixin):
    def process_response(self, request, response):
        """Django Middleware: Process Page Views and creates Analytics Celery Tasks"""
        if getattr(settings, "ANALYTICS_DISABLED", False):
            return response
        analyticstokens = AnalyticsTokens.objects.all()
        client_id = AnalyticsIdentifier.objects.get(id=1).identifier.hex
        try:
            title = BeautifulSoup(
                response.content, "html.parser").html.head.title.text
        except AttributeError:
            title = ''
        for token in analyticstokens:
            # Check if Page View Sending is Disabled
            if token.send_page_views is False:
                continue
            # Check Exclusions
            ignore = False
            for ignore_path in token.ignore_paths.values():
                ignore_path_regex = re.compile(ignore_path["ignore_path"])
                if re.search(ignore_path_regex, request.path) is not None:
                    ignore = True
            if ignore is True:
                continue
            tracking_id = token.token
            locale = request.LANGUAGE_CODE
            path = request.path
            try:
                useragent = request.headers["User-Agent"]
            except KeyError:
                useragent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36"
            send_ga_tracking_web_view.s(tracking_id=tracking_id,
                                        client_id=client_id,
                                        page=path,
                                        title=title,
                                        locale=locale,
                                        useragent=useragent).\
                apply_async(priority=9)
        return response
--- a/allianceauth/analytics/migrations/0001_initial.py
+++ b/allianceauth/analytics/migrations/0001_initial.py
@@ -0,0 +1,42 @@
 # Generated by Django 3.1.4 on 2020-12-30 13:11
 from django.db import migrations, models
 import uuid
 class Migration(migrations.Migration):
    initial = True
    dependencies = [
    ]
    operations = [
        migrations.CreateModel(
            name='AnalyticsIdentifier',
            fields=[
                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                ('identifier', models.UUIDField(default=uuid.uuid4, editable=False)),
            ],
        ),
        migrations.CreateModel(
            name='AnalyticsPath',
            fields=[
                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                ('ignore_path', models.CharField(default='/example/', max_length=254)),
            ],
        ),
        migrations.CreateModel(
            name='AnalyticsTokens',
            fields=[
                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                ('name', models.CharField(max_length=254)),
                ('type', models.CharField(choices=[('GA-U', 'Google Analytics Universal'), ('GA-V4', 'Google Analytics V4')], max_length=254)),
                ('token', models.CharField(max_length=254)),
                ('send_page_views', models.BooleanField(default=False)),
                ('send_celery_tasks', models.BooleanField(default=False)),
                ('send_stats', models.BooleanField(default=False)),
                ('ignore_paths', models.ManyToManyField(blank=True, to='analytics.AnalyticsPath')),
            ],
        ),
    ]
--- a/allianceauth/analytics/migrations/0002_add_AA_Team_Token.py
+++ b/allianceauth/analytics/migrations/0002_add_AA_Team_Token.py
@@ -0,0 +1,34 @@
 # Generated by Django 3.1.4 on 2020-12-30 08:53
 from django.db import migrations
 def add_aa_team_token(apps, schema_editor):
    # We can't import the Person model directly as it may be a newer
    # version than this migration expects. We use the historical version.
    Tokens = apps.get_model('analytics', 'AnalyticsTokens')
    token = Tokens()
    token.type = 'GA-U'
    token.token = 'UA-186249766-2'
    token.send_page_views = True
    token.send_celery_tasks = True
    token.send_stats = True
    token.name = 'AA Team Public Google Analytics (Universal)'
    token.save()
 def remove_aa_team_token(apps, schema_editor):
    # Have to define some code to remove this identifier
    # In case of migration rollback?
    Tokens = apps.get_model('analytics', 'AnalyticsTokens')
    token = Tokens.objects.filter(token="UA-186249766-2").delete()
 class Migration(migrations.Migration):
    dependencies = [
        ('analytics', '0001_initial'),
        ]
    operations = [migrations.RunPython(add_aa_team_token, remove_aa_team_token)
                    ]
--- a/allianceauth/analytics/migrations/0003_Generate_Identifier.py
+++ b/allianceauth/analytics/migrations/0003_Generate_Identifier.py
@@ -0,0 +1,30 @@
 # Generated by Django 3.1.4 on 2020-12-30 08:53
 from uuid import uuid4
 from django.db import migrations
 def generate_identifier(apps, schema_editor):
    # We can't import the Person model directly as it may be a newer
    # version than this migration expects. We use the historical version.
    Identifier = apps.get_model('analytics', 'AnalyticsIdentifier')
    identifier = Identifier()
    identifier.id = 1
    identifier.save()
 def zero_identifier(apps, schema_editor):
    # Have to define some code to remove this identifier
    # In case of migration rollback?
    Identifier = apps.get_model('analytics', 'AnalyticsIdentifier')
    Identifier.objects.filter(id=1).delete()
 class Migration(migrations.Migration):
    dependencies = [
        ('analytics', '0002_add_AA_Team_Token'),
    ]
    operations = [migrations.RunPython(generate_identifier, zero_identifier)
                    ]
--- a/allianceauth/analytics/migrations/0004_auto_20211015_0502.py
+++ b/allianceauth/analytics/migrations/0004_auto_20211015_0502.py
@@ -0,0 +1,42 @@
 # Generated by Django 3.1.13 on 2021-10-15 05:02
 from django.core.exceptions import ObjectDoesNotExist
 from django.db import migrations
 def modify_aa_team_token_add_page_ignore_paths(apps, schema_editor):
    # Add /admin/ and /user_notifications_count/ path to ignore
    AnalyticsPath = apps.get_model('analytics', 'AnalyticsPath')
    admin = AnalyticsPath.objects.create(ignore_path=r"^\/admin\/.*")
    user_notifications_count = AnalyticsPath.objects.create(ignore_path=r"^\/user_notifications_count\/.*")
    Tokens = apps.get_model('analytics', 'AnalyticsTokens')
    token = Tokens.objects.get(token="UA-186249766-2")
    token.ignore_paths.add(admin, user_notifications_count)
 def undo_modify_aa_team_token_add_page_ignore_paths(apps, schema_editor):
    #
    AnalyticsPath = apps.get_model('analytics', 'AnalyticsPath')
    Tokens = apps.get_model('analytics', 'AnalyticsTokens')
    token = Tokens.objects.get(token="UA-186249766-2")
    try:
        admin = AnalyticsPath.objects.get(ignore_path=r"^\/admin\/.*", analyticstokens=token)
        user_notifications_count = AnalyticsPath.objects.get(ignore_path=r"^\/user_notifications_count\/.*", analyticstokens=token)
        admin.delete()
        user_notifications_count.delete()
    except ObjectDoesNotExist:
        # Its fine if it doesnt exist, we just dont want them building up when re-migrating
        pass
 class Migration(migrations.Migration):
    dependencies = [
        ('analytics', '0003_Generate_Identifier'),
    ]
    operations = [migrations.RunPython(modify_aa_team_token_add_page_ignore_paths, undo_modify_aa_team_token_add_page_ignore_paths)
    ]
--- a/allianceauth/analytics/migrations/0005_alter_analyticspath_ignore_path.py
+++ b/allianceauth/analytics/migrations/0005_alter_analyticspath_ignore_path.py
@@ -0,0 +1,18 @@
 # Generated by Django 3.2.8 on 2021-10-17 16:26
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('analytics', '0004_auto_20211015_0502'),
    ]
    operations = [
        migrations.AlterField(
            model_name='analyticspath',
            name='ignore_path',
            field=models.CharField(default='/example/', help_text='Regex Expression, If matched no Analytics Page View is sent', max_length=254),
        ),
    ]
--- a/allianceauth/analytics/migrations/0006_more_ignore_paths.py
+++ b/allianceauth/analytics/migrations/0006_more_ignore_paths.py
@@ -0,0 +1,40 @@
 # Generated by Django 3.2.8 on 2021-10-19 01:47
 from django.core.exceptions import ObjectDoesNotExist
 from django.db import migrations
 def modify_aa_team_token_add_page_ignore_paths(apps, schema_editor):
    # Add the /account/activate path to ignore
    AnalyticsPath = apps.get_model('analytics', 'AnalyticsPath')
    account_activate = AnalyticsPath.objects.create(ignore_path=r"^\/account\/activate\/.*")
    Tokens = apps.get_model('analytics', 'AnalyticsTokens')
    token = Tokens.objects.get(token="UA-186249766-2")
    token.ignore_paths.add(account_activate)
 def undo_modify_aa_team_token_add_page_ignore_paths(apps, schema_editor):
    #
    AnalyticsPath = apps.get_model('analytics', 'AnalyticsPath')
    Tokens = apps.get_model('analytics', 'AnalyticsTokens')
    token = Tokens.objects.get(token="UA-186249766-2")
    try:
        account_activate = AnalyticsPath.objects.get(ignore_path=r"^\/account\/activate\/.*", analyticstokens=token)
        account_activate.delete()
    except ObjectDoesNotExist:
        # Its fine if it doesnt exist, we just dont want them building up when re-migrating
        pass
 class Migration(migrations.Migration):
    dependencies = [
        ('analytics', '0005_alter_analyticspath_ignore_path'),
    ]
    operations = [
        migrations.RunPython(modify_aa_team_token_add_page_ignore_paths, undo_modify_aa_team_token_add_page_ignore_paths)
    ]
--- a/allianceauth/analytics/migrations/init.py
+++ b/allianceauth/analytics/migrations/init.py
--- a/allianceauth/analytics/models.py
+++ b/allianceauth/analytics/models.py
@@ -0,0 +1,38 @@
 from django.db import models
 from django.core.exceptions import ValidationError
 from django.utils.translation import gettext_lazy as _
 from uuid import uuid4
 class AnalyticsIdentifier(models.Model):
    identifier = models.UUIDField(default=uuid4,
                                editable=False)
    def save(self, *args, **kwargs):
        if not self.pk and AnalyticsIdentifier.objects.exists():
            # Force a single object
            raise ValidationError('There is can be only one \
                                    AnalyticsIdentifier instance')
        self.pk = self.id = 1 # If this happens to be deleted and recreated, force it to be 1
        return super().save(*args, **kwargs)
 class AnalyticsPath(models.Model):
    ignore_path = models.CharField(max_length=254, default="/example/", help_text="Regex Expression, If matched no Analytics Page View is sent")
 class AnalyticsTokens(models.Model):
    class Analytics_Type(models.TextChoices):
        GA_U = 'GA-U', _('Google Analytics Universal')
        GA_V4 = 'GA-V4', _('Google Analytics V4')
    name = models.CharField(max_length=254)
    type = models.CharField(max_length=254, choices=Analytics_Type.choices)
    token = models.CharField(max_length=254, blank=False)
    send_page_views = models.BooleanField(default=False)
    send_celery_tasks = models.BooleanField(default=False)
    send_stats = models.BooleanField(default=False)
    ignore_paths = models.ManyToManyField(AnalyticsPath, blank=True)
--- a/allianceauth/analytics/signals.py
+++ b/allianceauth/analytics/signals.py
@@ -0,0 +1,55 @@
 import logging
 from celery.signals import task_failure, task_success
 from django.conf import settings
 from allianceauth.analytics.tasks import analytics_event
 logger = logging.getLogger(__name__)
@task_failure.connect
 def process_failure_signal(
                        exception, traceback,
                        sender, task_id, signal,
                        args, kwargs, einfo, **kw):
    logger.debug("Celery task_failure signal %s" % sender.__class__.__name__)
    if getattr(settings, "ANALYTICS_DISABLED", False):
        return
    category = sender.__module__
    if 'allianceauth.analytics' not in category:
        if category.endswith(".tasks"):
            category = category[:-6]
        action = sender.__name__
        label = f"{exception.__class__.__name__}"
        analytics_event(category=category,
                        action=action,
                        label=label)
@task_success.connect
 def celery_success_signal(sender, result=None, **kw):
    logger.debug("Celery task_success signal %s" % sender.__class__.__name__)
    if getattr(settings, "ANALYTICS_DISABLED", False):
        return
    category = sender.__module__
    if 'allianceauth.analytics' not in category:
        if category.endswith(".tasks"):
            category = category[:-6]
        action = sender.__name__
        label = "Success"
        value = 0
        if isinstance(result, int):
            value = result
        analytics_event(category=category,
                        action=action,
                        label=label,
                        value=value)
--- a/allianceauth/analytics/tasks.py
+++ b/allianceauth/analytics/tasks.py
@@ -0,0 +1,207 @@
 import requests
 import logging
 from django.conf import settings
 from django.apps import apps
 from celery import shared_task
 from allianceauth import __version__
 from .models import AnalyticsTokens, AnalyticsIdentifier
 from .utils import (
    install_stat_addons,
    install_stat_tokens,
    install_stat_users)
 logger = logging.getLogger(__name__)
 BASE_URL = "https://www.google-analytics.com/"
 DEBUG_URL = f"{BASE_URL}debug/collect"
 COLLECTION_URL = f"{BASE_URL}collect"
 if getattr(settings, "ANALYTICS_ENABLE_DEBUG", False) and settings.DEBUG:
    # Force sending of analytics data during in a debug/test environemt
    # Usefull for developers working on this feature.
    logger.warning(
        "You have 'ANALYTICS_ENABLE_DEBUG' Enabled! "
        "This debug instance will send analytics data!")
    DEBUG_URL = COLLECTION_URL
 ANALYTICS_URL = COLLECTION_URL
 if settings.DEBUG is True:
    ANALYTICS_URL = DEBUG_URL
 def analytics_event(category: str,
                    action: str,
                    label: str,
                    value: int = 0,
                    event_type: str = 'Celery'):
    """
    Send a Google Analytics Event for each token stored
    Includes check for if its enabled/disabled
    Args:
        `category` (str): Celery Namespace
        `action` (str): Task Name
        `label` (str): Optional, Task Success/Exception
        `value` (int): Optional, If bulk, Query size, can be a binary True/False
        `event_type` (str): Optional, Celery or Stats only, Default to Celery
    """
    analyticstokens = AnalyticsTokens.objects.all()
    client_id = AnalyticsIdentifier.objects.get(id=1).identifier.hex
    for token in analyticstokens:
        if event_type == 'Celery':
            allowed = token.send_celery_tasks
        elif event_type == 'Stats':
            allowed = token.send_stats
        else:
            allowed = False
        if allowed is True:
            tracking_id = token.token
            send_ga_tracking_celery_event.s(
                tracking_id=tracking_id,
                client_id=client_id,
                category=category,
                action=action,
                label=label,
                value=value).apply_async(priority=9)
@shared_task()
 def analytics_daily_stats():
    """Celery Task: Do not call directly
    Gathers a series of daily statistics and sends analytics events containing them
    """
    users = install_stat_users()
    tokens = install_stat_tokens()
    addons = install_stat_addons()
    logger.debug("Running Daily Analytics Upload")
    analytics_event(category='allianceauth.analytics',
                    action='send_install_stats',
                    label='existence',
                    value=1,
                    event_type='Stats')
    analytics_event(category='allianceauth.analytics',
                    action='send_install_stats',
                    label='users',
                    value=users,
                    event_type='Stats')
    analytics_event(category='allianceauth.analytics',
                    action='send_install_stats',
                    label='tokens',
                    value=tokens,
                    event_type='Stats')
    analytics_event(category='allianceauth.analytics',
                    action='send_install_stats',
                    label='addons',
                    value=addons,
                    event_type='Stats')
    for appconfig in apps.get_app_configs():
        analytics_event(category='allianceauth.analytics',
                        action='send_extension_stats',
                        label=appconfig.label,
                        value=1,
                        event_type='Stats')
@shared_task()
 def send_ga_tracking_web_view(
                            tracking_id: str,
                            client_id: str,
                            page: str,
                            title: str,
                            locale: str,
                            useragent: str) -> requests.Response:
    """Celery Task: Do not call directly
    Sends Page View events to GA, Called only via analytics.middleware
    Parameters
    ----------
    `tracking_id` (str): Unique Server Identifier
    `client_id` (str): GA Token
    `page` (str): Page Path
    `title` (str): Page Title
    `locale` (str): Browser Language
    `useragent` (str): Browser UserAgent
    Returns
    -------
    requests.Reponse Object
    """
    headers = {"User-Agent": useragent}
    payload = {
            'v': '1',
            'tid': tracking_id,
            'cid': client_id,
            't': 'pageview',
            'dp': page,
            'dt': title,
            'ul': locale,
            'ua': useragent,
            'aip': 1,
            'an': "allianceauth",
            'av': __version__
            }
    response = requests.post(
                        ANALYTICS_URL, data=payload,
                        timeout=5, headers=headers)
    logger.debug(f"Analytics Page View HTTP{response.status_code}")
    return response
@shared_task()
 def send_ga_tracking_celery_event(
                                tracking_id: str,
                                client_id: str,
                                category: str,
                                action: str,
                                label: str,
                                value: int) -> requests.Response:
    """Celery Task: Do not call directly
    Sends Page View events to GA, Called only via analytics.middleware
    Parameters
    ----------
    `tracking_id` (str): Unique Server Identifier
    `client_id` (str): GA Token
    `category` (str): Celery Namespace
    `action` (str): Task Name
    `label` (str): Optional, Task Success/Exception
    `value` (int): Optional, If bulk, Query size, can be a binary True/False
    Returns
    -------
    requests.Reponse Object
    """
    headers = {
        "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36"}
    payload = {
            'v': '1',
            'tid': tracking_id,
            'cid': client_id,
            't': 'event',
            'ec': category,
            'ea': action,
            'el': label,
            'ev': value,
            'aip': 1,
            'an': "allianceauth",
            'av': __version__
            }
    response = requests.post(
                        ANALYTICS_URL, data=payload,
                        timeout=5, headers=headers)
    logger.debug(f"Analytics Celery/Stats Event HTTP{response.status_code}")
    return response
--- a/allianceauth/analytics/tests/init.py
+++ b/allianceauth/analytics/tests/init.py
--- a/allianceauth/analytics/tests/test_integration.py
+++ b/allianceauth/analytics/tests/test_integration.py
@@ -0,0 +1,109 @@
 from unittest.mock import patch
 from urllib.parse import parse_qs
 import requests_mock
 from django.test import override_settings
 from allianceauth.analytics.tasks import ANALYTICS_URL
 from allianceauth.eveonline.tasks import update_character
 from allianceauth.tests.auth_utils import AuthUtils
 from allianceauth.utils.testing import NoSocketsTestCase
@override_settings(CELERY_ALWAYS_EAGER=True)
@requests_mock.mock()
 class TestAnalyticsForViews(NoSocketsTestCase):
    @override_settings(ANALYTICS_DISABLED=False)
    def test_should_run_analytics(self, requests_mocker):
        # given
        requests_mocker.post(ANALYTICS_URL)
        user = AuthUtils.create_user("Bruce Wayne")
        self.client.force_login(user)
        # when
        response = self.client.get("/dashboard/")
        # then
        self.assertEqual(response.status_code, 200)
        self.assertTrue(requests_mocker.called)
    @override_settings(ANALYTICS_DISABLED=True)
    def test_should_not_run_analytics(self, requests_mocker):
        # given
        requests_mocker.post(ANALYTICS_URL)
        user = AuthUtils.create_user("Bruce Wayne")
        self.client.force_login(user)
        # when
        response = self.client.get("/dashboard/")
        # then
        self.assertEqual(response.status_code, 200)
        self.assertFalse(requests_mocker.called)
@override_settings(CELERY_ALWAYS_EAGER=True)
@requests_mock.mock()
 class TestAnalyticsForTasks(NoSocketsTestCase):
    @override_settings(ANALYTICS_DISABLED=False)
    @patch("allianceauth.eveonline.models.EveCharacter.objects.update_character")
    def test_should_run_analytics_for_successful_task(
        self, requests_mocker, mock_update_character
    ):
        # given
        requests_mocker.post(ANALYTICS_URL)
        user = AuthUtils.create_user("Bruce Wayne")
        character = AuthUtils.add_main_character_2(user, "Bruce Wayne", 1001)
        # when
        update_character.delay(character.character_id)
        # then
        self.assertTrue(mock_update_character.called)
        self.assertTrue(requests_mocker.called)
        payload = parse_qs(requests_mocker.last_request.text)
        self.assertListEqual(payload["el"], ["Success"])
    @override_settings(ANALYTICS_DISABLED=True)
    @patch("allianceauth.eveonline.models.EveCharacter.objects.update_character")
    def test_should_not_run_analytics_for_successful_task(
        self, requests_mocker, mock_update_character
    ):
        # given
        requests_mocker.post(ANALYTICS_URL)
        user = AuthUtils.create_user("Bruce Wayne")
        character = AuthUtils.add_main_character_2(user, "Bruce Wayne", 1001)
        # when
        update_character.delay(character.character_id)
        # then
        self.assertTrue(mock_update_character.called)
        self.assertFalse(requests_mocker.called)
    @override_settings(ANALYTICS_DISABLED=False)
    @patch("allianceauth.eveonline.models.EveCharacter.objects.update_character")
    def test_should_run_analytics_for_failed_task(
        self, requests_mocker, mock_update_character
    ):
        # given
        requests_mocker.post(ANALYTICS_URL)
        mock_update_character.side_effect = RuntimeError
        user = AuthUtils.create_user("Bruce Wayne")
        character = AuthUtils.add_main_character_2(user, "Bruce Wayne", 1001)
        # when
        update_character.delay(character.character_id)
        # then
        self.assertTrue(mock_update_character.called)
        self.assertTrue(requests_mocker.called)
        payload = parse_qs(requests_mocker.last_request.text)
        self.assertNotEqual(payload["el"], ["Success"])
    @override_settings(ANALYTICS_DISABLED=True)
    @patch("allianceauth.eveonline.models.EveCharacter.objects.update_character")
    def test_should_not_run_analytics_for_failed_task(
        self, requests_mocker, mock_update_character
    ):
        # given
        requests_mocker.post(ANALYTICS_URL)
        mock_update_character.side_effect = RuntimeError
        user = AuthUtils.create_user("Bruce Wayne")
        character = AuthUtils.add_main_character_2(user, "Bruce Wayne", 1001)
        # when
        update_character.delay(character.character_id)
        # then
        self.assertTrue(mock_update_character.called)
        self.assertFalse(requests_mocker.called)
--- a/allianceauth/analytics/tests/test_middleware.py
+++ b/allianceauth/analytics/tests/test_middleware.py
@@ -0,0 +1,24 @@
 from allianceauth.analytics.middleware import AnalyticsMiddleware
 from unittest.mock import Mock
 from django.http import HttpResponse
 from django.test.testcases import TestCase
 class TestAnalyticsMiddleware(TestCase):
    def setUp(self):
        self.middleware = AnalyticsMiddleware(HttpResponse)
        self.request = Mock()
        self.request.headers = {
                "User-Agent": "AUTOMATED TEST"
            }
        self.request.path = '/testURL/'
        self.request.session = {}
        self.request.LANGUAGE_CODE = 'en'
        self.response = Mock()
        self.response.content = 'hello world'
    def test_middleware(self):
        response = self.middleware.process_response(self.request, self.response)
        self.assertEqual(self.response, response)
--- a/allianceauth/analytics/tests/test_models.py
+++ b/allianceauth/analytics/tests/test_models.py
@@ -0,0 +1,26 @@
 from allianceauth.analytics.models import AnalyticsIdentifier
 from django.core.exceptions import ValidationError
 from django.test.testcases import TestCase
 from uuid import UUID, uuid4
 # Identifiers
 uuid_1 = "ab33e241fbf042b6aa77c7655a768af7"
 uuid_2 = "7aa6bd70701f44729af5e3095ff4b55c"
 class TestAnalyticsIdentifier(TestCase):
    def test_identifier_random(self):
        self.assertNotEqual(AnalyticsIdentifier.objects.get(), uuid4)
    def test_identifier_singular(self):
        AnalyticsIdentifier.objects.all().delete()
        AnalyticsIdentifier.objects.create(identifier=uuid_1)
        # Yeah i have multiple asserts here, they all do the same thing
        with self.assertRaises(ValidationError):
            AnalyticsIdentifier.objects.create(identifier=uuid_2)
        self.assertEqual(AnalyticsIdentifier.objects.count(), 1)
        self.assertEqual(AnalyticsIdentifier.objects.get(pk=1).identifier, UUID(uuid_1))
--- a/allianceauth/analytics/tests/test_tasks.py
+++ b/allianceauth/analytics/tests/test_tasks.py
@@ -0,0 +1,212 @@
 import requests_mock
 from django.test.utils import override_settings
 from allianceauth.analytics.tasks import (
    analytics_event,
    send_ga_tracking_celery_event,
    send_ga_tracking_web_view)
 from allianceauth.utils.testing import NoSocketsTestCase
 GOOGLE_ANALYTICS_DEBUG_URL = 'https://www.google-analytics.com/debug/collect'
@override_settings(CELERY_ALWAYS_EAGER=True, CELERY_EAGER_PROPAGATES_EXCEPTIONS=True)
@requests_mock.Mocker()
 class TestAnalyticsTasks(NoSocketsTestCase):
    def test_analytics_event(self, requests_mocker):
        requests_mocker.register_uri('POST', GOOGLE_ANALYTICS_DEBUG_URL)
        analytics_event(
                        category='allianceauth.analytics',
                        action='send_tests',
                        label='test',
                        value=1,
                        event_type='Stats')
    def test_send_ga_tracking_web_view_sent(self, requests_mocker):
        """This test sends if the event SENDS to google.
        Not if it was successful.
        """
        # given
        requests_mocker.register_uri('POST', GOOGLE_ANALYTICS_DEBUG_URL)
        tracking_id = 'UA-186249766-2'
        client_id = 'ab33e241fbf042b6aa77c7655a768af7'
        page = '/index/'
        title = 'Hello World'
        locale = 'en'
        useragent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36"
        # when
        response = send_ga_tracking_web_view(
                                            tracking_id,
                                            client_id,
                                            page,
                                            title,
                                            locale,
                                            useragent)
        # then
        self.assertEqual(response.status_code, 200)
    def test_send_ga_tracking_web_view_success(self, requests_mocker):
        # given
        requests_mocker.register_uri(
            'POST',
            GOOGLE_ANALYTICS_DEBUG_URL,
            json={"hitParsingResult":[{'valid': True}]}
        )
        tracking_id = 'UA-186249766-2'
        client_id = 'ab33e241fbf042b6aa77c7655a768af7'
        page = '/index/'
        title = 'Hello World'
        locale = 'en'
        useragent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36"
        # when
        json_response = send_ga_tracking_web_view(
                                                tracking_id,
                                                client_id,
                                                page,
                                                title,
                                                locale,
                                                useragent).json()
        # then
        self.assertTrue(json_response["hitParsingResult"][0]["valid"])
    def test_send_ga_tracking_web_view_invalid_token(self, requests_mocker):
        # given
        requests_mocker.register_uri(
            'POST',
            GOOGLE_ANALYTICS_DEBUG_URL,
            json={
                "hitParsingResult":[
                    {
                        'valid': False,
                        'parserMessage': [
                            {
                                'messageType': 'INFO',
                                'description': 'IP Address from this hit was anonymized to 1.132.110.0.',
                                'messageCode': 'VALUE_MODIFIED'
                            },
                            {
                                'messageType': 'ERROR',
                                'description': "The value provided for parameter 'tid' is invalid. Please see http://goo.gl/a8d4RP#tid for details.",
                                'messageCode': 'VALUE_INVALID', 'parameter': 'tid'
                            }
                        ],
                        'hit': '/debug/collect?v=1&tid=UA-IntentionallyBadTrackingID-2&cid=ab33e241fbf042b6aa77c7655a768af7&t=pageview&dp=/index/&dt=Hello World&ul=en&ua=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36&aip=1&an=allianceauth&av=2.9.0a2'
                    }
                ]
            }
        )
        tracking_id = 'UA-IntentionallyBadTrackingID-2'
        client_id = 'ab33e241fbf042b6aa77c7655a768af7'
        page = '/index/'
        title = 'Hello World'
        locale = 'en'
        useragent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36"
        # when
        json_response = send_ga_tracking_web_view(
                                            tracking_id,
                                            client_id,
                                            page,
                                            title,
                                            locale,
                                            useragent).json()
        # then
        self.assertFalse(json_response["hitParsingResult"][0]["valid"])
        self.assertEqual(
            json_response["hitParsingResult"][0]["parserMessage"][1]["description"],
            "The value provided for parameter 'tid' is invalid. Please see http://goo.gl/a8d4RP#tid for details."
        )
        # [{'valid': False, 'parserMessage': [{'messageType': 'INFO', 'description': 'IP Address from this hit was anonymized to 1.132.110.0.', 'messageCode': 'VALUE_MODIFIED'}, {'messageType': 'ERROR', 'description': "The value provided for parameter 'tid' is invalid. Please see http://goo.gl/a8d4RP#tid for details.", 'messageCode': 'VALUE_INVALID', 'parameter': 'tid'}], 'hit': '/debug/collect?v=1&tid=UA-IntentionallyBadTrackingID-2&cid=ab33e241fbf042b6aa77c7655a768af7&t=pageview&dp=/index/&dt=Hello World&ul=en&ua=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36&aip=1&an=allianceauth&av=2.9.0a2'}]
    def test_send_ga_tracking_celery_event_sent(self, requests_mocker):
        # given
        requests_mocker.register_uri('POST', GOOGLE_ANALYTICS_DEBUG_URL)
        tracking_id = 'UA-186249766-2'
        client_id = 'ab33e241fbf042b6aa77c7655a768af7'
        category = 'test'
        action = 'test'
        label = 'test'
        value = '1'
        # when
        response = send_ga_tracking_celery_event(
                                                tracking_id,
                                                client_id,
                                                category,
                                                action,
                                                label,
                                                value)
        # then
        self.assertEqual(response.status_code, 200)
    def test_send_ga_tracking_celery_event_success(self, requests_mocker):
        # given
        requests_mocker.register_uri(
            'POST',
            GOOGLE_ANALYTICS_DEBUG_URL,
            json={"hitParsingResult":[{'valid': True}]}
        )
        tracking_id = 'UA-186249766-2'
        client_id = 'ab33e241fbf042b6aa77c7655a768af7'
        category = 'test'
        action = 'test'
        label = 'test'
        value = '1'
        # when
        json_response = send_ga_tracking_celery_event(
                                                    tracking_id,
                                                    client_id,
                                                    category,
                                                    action,
                                                    label,
                                                    value).json()
        # then
        self.assertTrue(json_response["hitParsingResult"][0]["valid"])
    def test_send_ga_tracking_celery_event_invalid_token(self, requests_mocker):
        # given
        requests_mocker.register_uri(
            'POST',
            GOOGLE_ANALYTICS_DEBUG_URL,
            json={
                "hitParsingResult":[
                    {
                        'valid': False,
                        'parserMessage': [
                            {
                                'messageType': 'INFO',
                                'description': 'IP Address from this hit was anonymized to 1.132.110.0.',
                                'messageCode': 'VALUE_MODIFIED'
                            },
                            {
                                'messageType': 'ERROR',
                                'description': "The value provided for parameter 'tid' is invalid. Please see http://goo.gl/a8d4RP#tid for details.",
                                'messageCode': 'VALUE_INVALID', 'parameter': 'tid'
                            }
                        ],
                        'hit': '/debug/collect?v=1&tid=UA-IntentionallyBadTrackingID-2&cid=ab33e241fbf042b6aa77c7655a768af7&t=pageview&dp=/index/&dt=Hello World&ul=en&ua=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36&aip=1&an=allianceauth&av=2.9.0a2'
                    }
                ]
            }
        )
        tracking_id = 'UA-IntentionallyBadTrackingID-2'
        client_id = 'ab33e241fbf042b6aa77c7655a768af7'
        category = 'test'
        action = 'test'
        label = 'test'
        value = '1'
        # when
        json_response = send_ga_tracking_celery_event(
                                                    tracking_id,
                                                    client_id,
                                                    category,
                                                    action,
                                                    label,
                                                    value).json()
        # then
        self.assertFalse(json_response["hitParsingResult"][0]["valid"])
        self.assertEqual(
            json_response["hitParsingResult"][0]["parserMessage"][1]["description"],
            "The value provided for parameter 'tid' is invalid. Please see http://goo.gl/a8d4RP#tid for details."
        )
--- a/allianceauth/analytics/tests/test_utils.py
+++ b/allianceauth/analytics/tests/test_utils.py
@@ -0,0 +1,55 @@
 from django.apps import apps
 from allianceauth.authentication.models import User
 from esi.models import Token
 from allianceauth.analytics.utils import install_stat_users, install_stat_tokens, install_stat_addons
 from django.test.testcases import TestCase
 def create_testdata():
    User.objects.all().delete()
    User.objects.create_user(
        'user_1'
        'abc@example.com',
        'password'
    )
    User.objects.create_user(
        'user_2'
        'abc@example.com',
        'password'
    )
    #Token.objects.all().delete()
    #Token.objects.create(
    #            character_id=101,
    #            character_name='character1',
    #            access_token='my_access_token'
    #)
    #Token.objects.create(
    #            character_id=102,
    #            character_name='character2',
    #            access_token='my_access_token'
    #)
 class TestAnalyticsUtils(TestCase):
    def test_install_stat_users(self):
        create_testdata()
        expected = 2
        users = install_stat_users()
        self.assertEqual(users, expected)
    #def test_install_stat_tokens(self):
    #    create_testdata()
    #    expected = 2
    #
    #   tokens = install_stat_tokens()
    #   self.assertEqual(tokens, expected)
    def test_install_stat_addons(self):
        # this test does what its testing...
        # but helpful for existing as a sanity check
        expected = len(list(apps.get_app_configs()))
        addons = install_stat_addons()
        self.assertEqual(addons, expected)
--- a/allianceauth/analytics/utils.py
+++ b/allianceauth/analytics/utils.py
@@ -0,0 +1,36 @@
 from django.apps import apps
 from allianceauth.authentication.models import User
 from esi.models import Token
 def install_stat_users() -> int:
    """Count and Return the number of User accounts
    Returns
    -------
    int
        The Number of User objects"""
    users = User.objects.count()
    return users
 def install_stat_tokens() -> int:
    """Count and Return the number of ESI Tokens Stored
    Returns
    -------
    int
        The Number of Token Objects"""
    tokens = Token.objects.count()
    return tokens
 def install_stat_addons() -> int:
    """Count and Return the number of Django Applications Installed
    Returns
    -------
    int
        The Number of Installed Apps"""
    addons = len(list(apps.get_app_configs()))
    return addons
--- a/allianceauth/apps.py
+++ b/allianceauth/apps.py
@@ -0,0 +1,5 @@
 from django.apps import AppConfig
 class AllianceAuthConfig(AppConfig):
    name = 'allianceauth'
--- a/allianceauth/authentication/init.py
+++ b/allianceauth/authentication/init.py
--- a/allianceauth/authentication/admin.py
+++ b/allianceauth/authentication/admin.py
@@ -0,0 +1,639 @@
 from django.contrib import admin
 from django.contrib.auth.admin import UserAdmin as BaseUserAdmin
 from django.contrib.auth.models import Group
 from django.contrib.auth.models import Permission as BasePermission
 from django.contrib.auth.models import User as BaseUser
 from django.db.models import Count, Q
 from django.db.models.functions import Lower
 from django.db.models.signals import (
    m2m_changed,
    post_delete,
    post_save,
    pre_delete,
    pre_save
 )
 from django.dispatch import receiver
 from django.urls import reverse
 from django.utils.html import format_html
 from django.utils.text import slugify
 from allianceauth.authentication.models import (
    CharacterOwnership,
    OwnershipRecord,
    State,
    UserProfile,
    get_guest_state
 )
 from allianceauth.eveonline.models import (
    EveAllianceInfo,
    EveCharacter,
    EveCorporationInfo,
    EveFactionInfo
 )
 from allianceauth.eveonline.tasks import update_character
 from allianceauth.hooks import get_hooks
 from allianceauth.services.hooks import ServicesHook
 from .app_settings import (
    AUTHENTICATION_ADMIN_USERS_MAX_CHARS,
    AUTHENTICATION_ADMIN_USERS_MAX_GROUPS
 )
 from .forms import UserChangeForm, UserProfileForm
 def make_service_hooks_update_groups_action(service):
    """
    Make a admin action for the given service
    :param service: services.hooks.ServicesHook
    :return: fn to update services groups for the selected users
    """
    def update_service_groups(modeladmin, request, queryset):
        if hasattr(service, 'update_groups_bulk'):
            service.update_groups_bulk(queryset)
        else:
            for user in queryset:  # queryset filtering doesn't work here?
                service.update_groups(user)
    update_service_groups.__name__ = str(f'update_{slugify(service.name)}_groups')
    update_service_groups.short_description = f"Sync groups for selected {service.title} accounts"
    return update_service_groups
 def make_service_hooks_sync_nickname_action(service):
    """
    Make a sync_nickname admin action for the given service
    :param service: services.hooks.ServicesHook
    :return: fn to sync nickname for the selected users
    """
    def sync_nickname(modeladmin, request, queryset):
        if hasattr(service, 'sync_nicknames_bulk'):
            service.sync_nicknames_bulk(queryset)
        else:
            for user in queryset:  # queryset filtering doesn't work here?
                service.sync_nickname(user)
    sync_nickname.__name__ = str(f'sync_{slugify(service.name)}_nickname')
    sync_nickname.short_description = f"Sync nicknames for selected {service.title} accounts"
    return sync_nickname
 class UserProfileInline(admin.StackedInline):
    model = UserProfile
    readonly_fields = ('state',)
    form = UserProfileForm
    verbose_name = ''
    verbose_name_plural = 'Profile'
    def get_formset(self, request, obj=None, **kwargs):
        # main_character field can only show current value or unclaimed alts
        # if superuser, allow selecting from any unclaimed main
        query = Q()
        if obj and obj.profile.main_character:
            query |= Q(pk=obj.profile.main_character_id)
            if request.user.is_superuser:
                query |= Q(userprofile__isnull=True)
            else:
                query |= Q(character_ownership__user=obj)
        formset = super().get_formset(request, obj=obj, **kwargs)
        def get_kwargs(self, index):
            return {'querysets': {'main_character': EveCharacter.objects.filter(query)}}
        formset.get_form_kwargs = get_kwargs
        return formset
    def has_add_permission(self, request, obj=None):
        return False
    def has_delete_permission(self, request, obj=None):
        return False
@admin.display(description="")
 def user_profile_pic(obj):
    """profile pic column data for user objects
    works for both User objects and objects with `user` as FK to User
    To be used for all user based admin lists (requires CSS)
    """
    user_obj = obj.user if hasattr(obj, 'user') else obj
    if user_obj.profile.main_character:
        return format_html(
            '<img src="{}" class="img-circle">',
            user_obj.profile.main_character.portrait_url(size=32)
        )
    return None
@admin.display(description="user / main", ordering="username")
 def user_username(obj):
    """user column data for user objects
    works for both User objects and objects with `user` as FK to User
    To be used for all user based admin lists
    """
    link = reverse(
        'admin:{}_{}_change'.format(
            obj._meta.app_label,
            type(obj).__name__.lower()
        ),
        args=(obj.pk,)
    )
    user_obj = obj.user if hasattr(obj, 'user') else obj
    if user_obj.profile.main_character:
        return format_html(
            '<strong><a href="{}">{}</a></strong><br>{}',
            link,
            user_obj.username,
            user_obj.profile.main_character.character_name
        )
    return format_html(
        '<strong><a href="{}">{}</a></strong>',
        link,
        user_obj.username,
    )
@admin.display(
    description="Corporation / Alliance (Main)",
    ordering="profile__main_character__corporation_name"
 )
 def user_main_organization(obj):
    """main organization column data for user objects
    works for both User objects and objects with `user` as FK to User
    To be used for all user based admin lists
    """
    user_obj = obj.user if hasattr(obj, 'user') else obj
    if not user_obj.profile.main_character:
        return ''
    result = user_obj.profile.main_character.corporation_name
    if user_obj.profile.main_character.alliance_id:
        result += f'<br>{user_obj.profile.main_character.alliance_name}'
    elif user_obj.profile.main_character.faction_name:
        result += f'<br>{user_obj.profile.main_character.faction_name}'
    return format_html(result)
 class MainCorporationsFilter(admin.SimpleListFilter):
    """Custom filter to filter on corporations from mains only
    works for both User objects and objects with `user` as FK to User
    To be used for all user based admin lists
    """
    title = 'corporation'
    parameter_name = 'main_corporation_id__exact'
    def lookups(self, request, model_admin):
        qs = EveCharacter.objects\
            .exclude(userprofile=None)\
            .values('corporation_id', 'corporation_name')\
            .distinct()\
            .order_by(Lower('corporation_name'))
        return tuple(
            (x['corporation_id'], x['corporation_name']) for x in qs
        )
    def queryset(self, request, qs):
        if self.value() is None:
            return qs.all()
        if qs.model == User:
            return qs.filter(
                profile__main_character__corporation_id=self.value()
            )
        return qs.filter(
            user__profile__main_character__corporation_id=self.value()
        )
 class MainAllianceFilter(admin.SimpleListFilter):
    """Custom filter to filter on alliances from mains only
    works for both User objects and objects with `user` as FK to User
    To be used for all user based admin lists
    """
    title = 'alliance'
    parameter_name = 'main_alliance_id__exact'
    def lookups(self, request, model_admin):
        qs = (
            EveCharacter.objects
            .exclude(alliance_id=None)
            .exclude(userprofile=None)
            .values('alliance_id', 'alliance_name')
            .distinct()
            .order_by(Lower('alliance_name'))
        )
        return tuple(
            (x['alliance_id'], x['alliance_name']) for x in qs
        )
    def queryset(self, request, qs):
        if self.value() is None:
            return qs.all()
        if qs.model == User:
            return qs.filter(profile__main_character__alliance_id=self.value())
        return qs.filter(
            user__profile__main_character__alliance_id=self.value()
        )
 class MainFactionFilter(admin.SimpleListFilter):
    """Custom filter to filter on factions from mains only
    works for both User objects and objects with `user` as FK to User
    To be used for all user based admin lists
    """
    title = 'faction'
    parameter_name = 'main_faction_id__exact'
    def lookups(self, request, model_admin):
        qs = (
            EveCharacter.objects
            .exclude(faction_id=None)
            .exclude(userprofile=None)
            .values('faction_id', 'faction_name')
            .distinct()
            .order_by(Lower('faction_name'))
        )
        return tuple(
            (x['faction_id'], x['faction_name']) for x in qs
        )
    def queryset(self, request, qs):
        if self.value() is None:
            return qs.all()
        if qs.model == User:
            return qs.filter(profile__main_character__faction_id=self.value())
        return qs.filter(
            user__profile__main_character__faction_id=self.value()
        )
@admin.display(description="Update main character model from ESI")
 def update_main_character_model(modeladmin, request, queryset):
    tasks_count = 0
    for obj in queryset:
        if obj.profile.main_character:
            update_character.delay(obj.profile.main_character.character_id)
            tasks_count += 1
    modeladmin.message_user(
        request, f'Update from ESI started for {tasks_count} characters'
    )
 class UserAdmin(BaseUserAdmin):
    """Extending Django's UserAdmin model
    Behavior of groups and characters columns can be configured via settings
    """
    inlines = BaseUserAdmin.inlines + [UserProfileInline]
    ordering = ('username', )
    list_select_related = ('profile__state', 'profile__main_character')
    show_full_result_count = True
    list_display = (
        user_profile_pic,
        user_username,
        '_state',
        '_groups',
        user_main_organization,
        '_characters',
        'is_active',
        'date_joined',
        '_role'
    )
    list_display_links = None
    list_filter = (
        'profile__state',
        'groups',
        MainCorporationsFilter,
        MainAllianceFilter,
        MainFactionFilter,
        'is_active',
        'date_joined',
        'is_staff',
        'is_superuser'
    )
    search_fields = ('username', 'character_ownerships__character__character_name')
    readonly_fields = ('date_joined', 'last_login')
    filter_horizontal = ('groups', 'user_permissions',)
    form = UserChangeForm
    class Media:
        css = {
            "all": ("allianceauth/authentication/css/admin.css",)
        }
    def get_queryset(self, request):
        qs = super().get_queryset(request)
        return qs.prefetch_related("character_ownerships__character", "groups")
    def get_form(self, request, obj=None, **kwargs):
        """Inject current request into change form object."""
        MyForm = super().get_form(request, obj, **kwargs)
        if obj:
            class MyFormInjected(MyForm):
                def __new__(cls, *args, **kwargs):
                    kwargs['request'] = request
                    return MyForm(*args, **kwargs)
            return MyFormInjected
        return MyForm
    def get_actions(self, request):
        actions = super().get_actions(request)
        actions[update_main_character_model.__name__] = (
            update_main_character_model,
            update_main_character_model.__name__,
            update_main_character_model.short_description
        )
        for hook in get_hooks('services_hook'):
            svc = hook()
            # Check update_groups is redefined/overloaded
            if svc.update_groups.__module__ != ServicesHook.update_groups.__module__:
                action = make_service_hooks_update_groups_action(svc)
                actions[action.__name__] = (
                    action,
                    action.__name__,
                    action.short_description
                )
            # Create sync nickname action if service implements it
            if svc.sync_nickname.__module__ != ServicesHook.sync_nickname.__module__:
                action = make_service_hooks_sync_nickname_action(svc)
                actions[action.__name__] = (
                    action, action.__name__,
                    action.short_description
                )
        return actions
    def _list_2_html_w_tooltips(self, my_items: list, max_items: int) -> str:
        """converts list of strings into HTML with cutoff and tooltip"""
        items_truncated_str = ', '.join(my_items[:max_items])
        if not my_items:
            result = None
        elif len(my_items) <= max_items:
            result = items_truncated_str
        else:
            items_truncated_str += ', (...)'
            items_all_str = ', '.join(my_items)
            result = format_html(
                '<span data-tooltip="{}" class="tooltip">{}</span>',
                items_all_str,
                items_truncated_str
            )
        return result
    def _characters(self, obj):
        character_ownerships = list(obj.character_ownerships.all())
        characters = [obj.character.character_name for obj in character_ownerships]
        return self._list_2_html_w_tooltips(
            sorted(characters),
            AUTHENTICATION_ADMIN_USERS_MAX_CHARS
        )
    @admin.display(ordering="profile__state")
    def _state(self, obj):
        return obj.profile.state.name
    def _groups(self, obj):
        my_groups = sorted(group.name for group in list(obj.groups.all()))
        return self._list_2_html_w_tooltips(
            my_groups, AUTHENTICATION_ADMIN_USERS_MAX_GROUPS
        )
    def _role(self, obj):
        if obj.is_superuser:
            role = 'Superuser'
        elif obj.is_staff:
            role = 'Staff'
        else:
            role = 'User'
        return role
    def has_change_permission(self, request, obj=None):
        return request.user.has_perm('auth.change_user')
    def has_add_permission(self, request, obj=None):
        return request.user.has_perm('auth.add_user')
    def has_delete_permission(self, request, obj=None):
        return request.user.has_perm('auth.delete_user')
    def get_object(self, *args , **kwargs):
        obj = super().get_object(*args , **kwargs)
        self.obj = obj  # storing current object for use in formfield_for_manytomany
        return obj
    def formfield_for_manytomany(self, db_field, request, **kwargs):
        if db_field.name == "groups":
            groups_qs = Group.objects.filter(authgroup__states__isnull=True)
            obj_state = self.obj.profile.state
            if obj_state:
                matching_groups_qs = Group.objects.filter(authgroup__states=obj_state)
                groups_qs = groups_qs | matching_groups_qs
            kwargs["queryset"] = groups_qs.order_by(Lower("name"))
        return super().formfield_for_manytomany(db_field, request, **kwargs)
    def get_readonly_fields(self, request, obj=None):
        if obj and not request.user.is_superuser:
            return self.readonly_fields + (
                "is_staff", "is_superuser", "user_permissions"
            )
        return self.readonly_fields
@admin.register(State)
 class StateAdmin(admin.ModelAdmin):
    list_select_related = True
    list_display = ('name', 'priority', '_user_count')
    def get_queryset(self, request):
        qs = super().get_queryset(request)
        return qs.annotate(user_count=Count("userprofile__id"))
    @admin.display(description="Users", ordering="user_count")
    def _user_count(self, obj):
        return obj.user_count
    fieldsets = (
        (None, {
            'fields': ('name', 'permissions', 'priority'),
        }),
        ('Membership', {
            'fields': (
                'public',
                'member_characters',
                'member_corporations',
                'member_alliances',
                'member_factions'
            ),
        })
    )
    filter_horizontal = [
        'member_characters',
        'member_corporations',
        'member_alliances',
        'member_factions',
        'permissions'
    ]
    def formfield_for_manytomany(self, db_field, request, **kwargs):
        """overriding this formfield to have sorted lists in the form"""
        if db_field.name == "member_characters":
            kwargs["queryset"] = EveCharacter.objects.all()\
                .order_by(Lower('character_name'))
        elif db_field.name == "member_corporations":
            kwargs["queryset"] = EveCorporationInfo.objects.all()\
                .order_by(Lower('corporation_name'))
        elif db_field.name == "member_alliances":
            kwargs["queryset"] = EveAllianceInfo.objects.all()\
                .order_by(Lower('alliance_name'))
        elif db_field.name == "member_factions":
            kwargs["queryset"] = EveFactionInfo.objects.all()\
                .order_by(Lower('faction_name'))
        elif db_field.name == "permissions":
            kwargs["queryset"] = Permission.objects.select_related("content_type").all()
        return super().formfield_for_manytomany(db_field, request, **kwargs)
    def has_delete_permission(self, request, obj=None):
        if obj == get_guest_state():
            return False
        return super().has_delete_permission(request, obj=obj)
    def get_fieldsets(self, request, obj=None):
        if obj == get_guest_state():
            return (
                (None, {
                    'fields': ('permissions', 'priority'),
                }),
            )
        return super().get_fieldsets(request, obj=obj)
    def get_readonly_fields(self, request, obj=None):
        if not request.user.is_superuser:
            return self.readonly_fields + ("permissions",)
        return self.readonly_fields
 class BaseOwnershipAdmin(admin.ModelAdmin):
    list_select_related = (
        'user__profile__state', 'user__profile__main_character', 'character')
    list_display = (
        user_profile_pic,
        user_username,
        user_main_organization,
        'character',
    )
    search_fields = (
        'user__username',
        'character__character_name',
        'character__corporation_name',
        'character__alliance_name',
        'character__faction_name'
    )
    list_filter = (
        MainCorporationsFilter,
        MainAllianceFilter,
    )
    class Media:
        css = {
            "all": ("allianceauth/authentication/css/admin.css",)
        }
    def get_readonly_fields(self, request, obj=None):
        if obj and obj.pk:
            return 'owner_hash', 'character'
        return tuple()
@admin.register(OwnershipRecord)
 class OwnershipRecordAdmin(BaseOwnershipAdmin):
    list_display = BaseOwnershipAdmin.list_display + ('created',)
@admin.register(CharacterOwnership)
 class CharacterOwnershipAdmin(BaseOwnershipAdmin):
    def has_add_permission(self, request):
        return False
 class PermissionAdmin(admin.ModelAdmin):
    actions = None
    readonly_fields = [field.name for field in BasePermission._meta.fields]
    search_fields = ('codename', )
    list_display = ('admin_name', 'name', 'codename', 'content_type')
    list_filter = ('content_type__app_label',)
    @staticmethod
    def admin_name(obj):
        return str(obj)
    def has_add_permission(self, request, obj=None):
        return False
    def has_delete_permission(self, request, obj=None):
        return False
    def has_module_permission(self, request):
        return True
    def has_change_permission(self, request, obj=None):
        # can see list but not edit it
        return not obj
 # Hack to allow registration of django.contrib.auth models in our authentication app
 class User(BaseUser):
    class Meta:
        proxy = True
        verbose_name = BaseUser._meta.verbose_name
        verbose_name_plural = BaseUser._meta.verbose_name_plural
 class Permission(BasePermission):
    class Meta:
        proxy = True
        verbose_name = BasePermission._meta.verbose_name
        verbose_name_plural = BasePermission._meta.verbose_name_plural
 try:
    admin.site.unregister(BaseUser)
 finally:
    admin.site.register(User, UserAdmin)
    admin.site.register(Permission, PermissionAdmin)
@receiver(pre_save, sender=User)
 def redirect_pre_save(sender, signal=None, *args, **kwargs):
    pre_save.send(BaseUser, *args, **kwargs)
@receiver(post_save, sender=User)
 def redirect_post_save(sender, signal=None, *args, **kwargs):
    post_save.send(BaseUser, *args, **kwargs)
@receiver(pre_delete, sender=User)
 def redirect_pre_delete(sender, signal=None, *args, **kwargs):
    pre_delete.send(BaseUser, *args, **kwargs)
@receiver(post_delete, sender=User)
 def redirect_post_delete(sender, signal=None, *args, **kwargs):
    post_delete.send(BaseUser, *args, **kwargs)
@receiver(m2m_changed, sender=User.groups.through)
 def redirect_m2m_changed_groups(sender, signal=None, *args, **kwargs):
    m2m_changed.send(BaseUser, *args, **kwargs)
@receiver(m2m_changed, sender=User.user_permissions.through)
 def redirect_m2m_changed_permissions(sender, signal=None, *args, **kwargs):
    m2m_changed.send(BaseUser, *args, **kwargs)
--- a/allianceauth/authentication/app_settings.py
+++ b/allianceauth/authentication/app_settings.py
@@ -0,0 +1,45 @@
 from django.conf import settings
 def _clean_setting(
    name: str,
    default_value: object,
    min_value: int = None,
    max_value: int = None,
    required_type: type = None
 ):
    """cleans the input for a custom setting
    Will use `default_value` if settings does not exit or has the wrong type
    or is outside define boundaries (for int only)
    Need to define `required_type` if `default_value` is `None`
    Will assume `min_value` of 0 for int (can be overriden)
    Returns cleaned value for setting
    """
    if default_value is None and not required_type:
        raise ValueError('You must specify a required_type for None defaults')
    if not required_type:
        required_type = type(default_value)
    if min_value is None and required_type == int:
        min_value = 0
    if (hasattr(settings, name)
        and isinstance(getattr(settings, name), required_type)
        and (min_value is None or getattr(settings, name) >= min_value)
        and (max_value is None or getattr(settings, name) <= max_value)
    ):
        return getattr(settings, name)
    else:
        return default_value
 AUTHENTICATION_ADMIN_USERS_MAX_GROUPS = \
    _clean_setting('AUTHENTICATION_ADMIN_USERS_MAX_GROUPS', 10)
 AUTHENTICATION_ADMIN_USERS_MAX_CHARS = \
    _clean_setting('AUTHENTICATION_ADMIN_USERS_MAX_CHARS', 5)
--- a/allianceauth/authentication/apps.py
+++ b/allianceauth/authentication/apps.py
@@ -0,0 +1,16 @@
 from django.apps import AppConfig
 from django.core.checks import register, Tags
 class AuthenticationConfig(AppConfig):
    name = "allianceauth.authentication"
    label = "authentication"
    def ready(self):
        from allianceauth.authentication import checks, signals  # noqa: F401
        from allianceauth.authentication.task_statistics import (
            signals as celery_signals,
        )
        register(Tags.security)(checks.check_login_scopes_setting)
        celery_signals.reset_counters()
--- a/allianceauth/authentication/backends.py
+++ b/allianceauth/authentication/backends.py
@@ -0,0 +1,110 @@
 import logging
 from django.contrib.auth.backends import ModelBackend
 from django.contrib.auth.models import User, Permission
 from django.contrib import messages
 from .models import UserProfile, CharacterOwnership, OwnershipRecord
 logger = logging.getLogger(__name__)
 class StateBackend(ModelBackend):
    @staticmethod
    def _get_state_permissions(user_obj):
        """returns permissions for state of given user object"""
        if hasattr(user_obj, "profile") and user_obj.profile:
            return Permission.objects.filter(state=user_obj.profile.state)
        else:
            return Permission.objects.none()
    def get_state_permissions(self, user_obj, obj=None):
        return self._get_permissions(user_obj, obj, 'state')
    def get_all_permissions(self, user_obj, obj=None):
        if not user_obj.is_active or user_obj.is_anonymous or obj is not None:
            return set()
        if not hasattr(user_obj, '_perm_cache'):
            user_obj._perm_cache = self.get_user_permissions(user_obj)
            user_obj._perm_cache.update(self.get_group_permissions(user_obj))
            user_obj._perm_cache.update(self.get_state_permissions(user_obj))
        return user_obj._perm_cache
    def authenticate(self, request=None, token=None, **credentials):
        if not token:
            return None
        try:
            ownership = CharacterOwnership.objects.get(character__character_id=token.character_id)
            if ownership.owner_hash == token.character_owner_hash:
                logger.debug(f'Authenticating {ownership.user} by ownership of character {token.character_name}')
                if ownership.user.profile.main_character:
                    if ownership.user.profile.main_character.character_id == token.character_id:
                        return ownership.user
                    else:  ## this is an alt, enforce main only.
                        if request:
                            messages.error("Unable to authenticate with this Character, Please log in with the main character associated with this account.")
                        return None
            else:
                logger.debug(f'{token.character_name} has changed ownership. Creating new user account.')
                ownership.delete()
                return self.create_user(token)
        except CharacterOwnership.DoesNotExist:
            try:
                # insecure legacy main check for pre-sso registration auth installs
                profile = UserProfile.objects.get(main_character__character_id=token.character_id)
                logger.debug(f'Authenticating {profile.user} by their main character {profile.main_character} without active ownership.')
                # attach an ownership
                token.user = profile.user
                CharacterOwnership.objects.create_by_token(token)
                return profile.user
            except UserProfile.DoesNotExist:
                # now we check historical records to see if this is a returning user
                records = OwnershipRecord.objects.filter(owner_hash=token.character_owner_hash).filter(character__character_id=token.character_id)
                if records.exists():
                    # we've seen this character owner before. Re-attach to their old user account
                    user = records[0].user
                    if user.profile.main_character:
                        if ownership.user.profile.main_character.character_id != token.character_id:
                            ## this is an alt, enforce main only due to trust issues in SSO.
                            if request:
                                messages.error("Unable to authenticate with this Character, Please log in with the main character associated with this account. Then add this character from the dashboard.")
                            return None
                    token.user = user
                    co = CharacterOwnership.objects.create_by_token(token)
                    logger.debug(f'Authenticating {user} by matching owner hash record of character {co.character}')
                    # set this as their main by default as they have none
                    user.profile.main_character = co.character
                    user.profile.save()
                    return user
            logger.debug(f'Unable to authenticate character {token.character_name}. Creating new user.')
            return self.create_user(token)
    def create_user(self, token):
        username = self.iterate_username(token.character_name)  # build unique username off character name
        user = User.objects.create_user(username, is_active=False)  # prevent login until email set
        user.set_unusable_password()  # prevent login via password
        user.save()
        token.user = user
        co = CharacterOwnership.objects.create_by_token(token)  # assign ownership to this user
        user.profile.main_character = co.character  # assign main character as token character
        user.profile.save()
        logger.debug(f'Created new user {user}')
        return user
    @staticmethod
    def iterate_username(name):
        name = str.replace(name, "'", "")
        name = str.replace(name, ' ', '_')
        if User.objects.filter(username__startswith=name).exists():
            u = User.objects.filter(username__startswith=name)
            num = len(u)
            username = f"{name}_{num}"
            while u.filter(username=username).exists():
                num += 1
                username = f"{name}_{num}"
        else:
            username = name
        return username
--- a/allianceauth/authentication/checks.py
+++ b/allianceauth/authentication/checks.py
@@ -0,0 +1,12 @@
 from django.core.checks import Error
 from django.conf import settings
 def check_login_scopes_setting(*args, **kwargs):
    errors = []
    try:
        assert settings.LOGIN_TOKEN_SCOPES
    except (AssertionError, AttributeError):
        errors.append(Error('LOGIN_TOKEN_SCOPES setting cannot be blank.',
                            hint='SSO tokens used for logging in must require scopes to be refreshable.'))
    return errors
--- a/allianceauth/authentication/decorators.py
+++ b/allianceauth/authentication/decorators.py
@@ -0,0 +1,68 @@
 from django.conf.urls import include
 from django.contrib.auth.decorators import user_passes_test
 from django.core.exceptions import PermissionDenied
 from functools import wraps
 from django.shortcuts import redirect
 from django.contrib import messages
 from django.utils.translation import gettext_lazy as _
 from django.contrib.auth.decorators import login_required
 def user_has_main_character(user):
    return bool(user.profile.main_character)
 def decorate_url_patterns(urls, decorator):
    url_list, app_name, namespace = include(urls)
    def process_patterns(url_patterns):
        for pattern in url_patterns:
            if hasattr(pattern, 'url_patterns'):
                # this is an include - apply to all nested patterns
                process_patterns(pattern.url_patterns)
            else:
                # this is a pattern
                pattern.callback = decorator(pattern.callback)
    process_patterns(url_list)
    return url_list, app_name, namespace
 def main_character_required(view_func):
    @wraps(view_func)
    def _wrapped_view(request, *args, **kwargs):
        if user_has_main_character(request.user):
            return view_func(request, *args, **kwargs)
        messages.error(request, _('A main character is required to perform that action. Add one below.'))
        return redirect('authentication:dashboard')
    return login_required(_wrapped_view)
 def permissions_required(perm, login_url=None, raise_exception=False):
    """
    Decorator for views that checks whether a user has a particular permission
    enabled, redirecting to the log-in page if necessary.
    If the raise_exception parameter is given the PermissionDenied exception
    is raised.
    This decorator is identical to the django permission_required except it
    allows for passing a tuple/list of perms that will return true if any one
    of them is present.
    """
    def check_perms(user):
        if isinstance(perm, str):
            perms = (perm,)
        else:
            perms = perm
        # First check if the user has the permission (even anon users)
        for perm_ in perms:
            perm_ = (perm_,)
            if user.has_perms(perm_):
                return True
        # In case the 403 handler should be called raise the exception
        if raise_exception:
            raise PermissionDenied
        # As the last resort, show the login form
        return False
    return user_passes_test(check_perms, login_url=login_url)
--- a/allianceauth/authentication/forms.py
+++ b/allianceauth/authentication/forms.py
@@ -0,0 +1,66 @@
 from django import forms
 from django.contrib.auth.forms import UserChangeForm as BaseUserChangeForm
 from django.contrib.auth.models import Group
 from django.core.exceptions import ValidationError
 from django.forms import ModelForm
 from django.utils.translation import gettext_lazy as _
 from allianceauth.authentication.models import User
 class RegistrationForm(forms.Form):
    email = forms.EmailField(label=_('Email'), max_length=254, required=True)
    class _meta:
        model = User
 class UserProfileForm(ModelForm):
    """Allows specifying FK querysets through kwarg"""
    def __init__(self, querysets=None, *args, **kwargs):
        querysets = querysets or {}
        super().__init__(*args, **kwargs)
        for field, qs in querysets.items():
            self.fields[field].queryset = qs
 class UserChangeForm(BaseUserChangeForm):
    """Add custom cleaning to UserChangeForm"""
    def __init__(self, *args, **kwargs):
        self.request = kwargs.pop("request")  # Inject current request into form object
        super().__init__(*args, **kwargs)
    def clean(self):
        cleaned_data = super().clean()
        if not self.request.user.is_superuser:
            if self.instance:
                current_restricted = set(
                    self.instance.groups.filter(
                        authgroup__restricted=True
                    ).values_list("pk", flat=True)
                )
            else:
                current_restricted = set()
            new_restricted = set(
                cleaned_data["groups"].filter(
                    authgroup__restricted=True
                ).values_list("pk", flat=True)
            )
            if current_restricted != new_restricted:
                restricted_removed = current_restricted - new_restricted
                restricted_added = new_restricted - current_restricted
                restricted_changed = restricted_removed | restricted_added
                restricted_names_qs = Group.objects.filter(
                    pk__in=restricted_changed
                ).values_list("name", flat=True)
                restricted_names = ",".join(list(restricted_names_qs))
                raise ValidationError(
                    {
                        "groups": _(
                            "You are not allowed to add or remove these "
                            "restricted groups: %s" % restricted_names
                        )
                    }
                )
--- a/allianceauth/authentication/hmac_urls.py
+++ b/allianceauth/authentication/hmac_urls.py
@@ -0,0 +1,16 @@
 from django.conf.urls import include
 from allianceauth.authentication import views
 from django.urls import re_path
 from django.urls import path
 urlpatterns = [
    path('activate/complete/', views.activation_complete, name='registration_activation_complete'),
    # The activation key can make use of any character from the
    # URL-safe base64 alphabet, plus the colon as a separator.
    re_path(r'^activate/(?P<activation_key>[-:\w]+)/$', views.ActivationView.as_view(), name='registration_activate'),
    path('register/', views.RegistrationView.as_view(), name='registration_register'),
    path('register/complete/', views.registration_complete, name='registration_complete'),
    path('register/closed/', views.registration_closed, name='registration_disallowed'),
    path('', include('django.contrib.auth.urls')),
 ]
--- a/allianceauth/authentication/management/init.py
+++ b/allianceauth/authentication/management/init.py
--- a/allianceauth/authentication/management/commands/init.py
+++ b/allianceauth/authentication/management/commands/init.py
--- a/allianceauth/authentication/management/commands/checkmains.py
+++ b/allianceauth/authentication/management/commands/checkmains.py
@@ -0,0 +1,20 @@
 from django.core.management.base import BaseCommand
 from allianceauth.authentication.models import UserProfile
 class Command(BaseCommand):
    help = 'Ensures all main characters have an active ownership'
    def handle(self, *args, **options):
        profiles = UserProfile.objects.filter(main_character__isnull=False).filter(
            main_character__character_ownership__isnull=True)
        if profiles.exists():
            for profile in profiles:
                self.stdout.write(self.style.ERROR(
                    '{} does not have an ownership. Resetting user {} main character.'.format(profile.main_character,
                                                                                                profile.user)))
                profile.main_character = None
                profile.save()
            self.stdout.write(self.style.WARNING(f'Reset {profiles.count()} main characters.'))
        else:
            self.stdout.write(self.style.SUCCESS('All main characters have active ownership.'))
--- a/allianceauth/authentication/managers.py
+++ b/allianceauth/authentication/managers.py
@@ -0,0 +1,76 @@
 import logging
 from django.db import transaction
 from django.db.models import Manager, QuerySet, Q
 from allianceauth.eveonline.models import EveCharacter
 logger = logging.getLogger(__name__)
 def available_states_query(character):
    query = Q(public=True)
    if character.character_id:
        query |= Q(member_characters__character_id=character.character_id)
    if character.corporation_id:
        query |= Q(member_corporations__corporation_id=character.corporation_id)
    if character.alliance_id:
        query |= Q(member_alliances__alliance_id=character.alliance_id)
    if character.faction_id:
        query |= Q(member_factions__faction_id=character.faction_id)
    return query
 class CharacterOwnershipManager(Manager):
    def create_by_token(self, token):
        if not EveCharacter.objects.filter(character_id=token.character_id).exists():
            EveCharacter.objects.create_character(token.character_id)
        return self.create(character=EveCharacter.objects.get(character_id=token.character_id), user=token.user, owner_hash=token.character_owner_hash)
 class StateQuerySet(QuerySet):
    def available_to_character(self, character):
        return self.filter(available_states_query(character))
    def available_to_user(self, user):
        if user.profile.main_character:
            return self.available_to_character(user.profile.main_character)
        else:
            return self.none()
    def get_for_user(self, user):
        states = self.available_to_user(user)
        if states.exists():
            return states[0]
        else:
            from allianceauth.authentication.models import get_guest_state
            return get_guest_state()
    def delete(self):
        with transaction.atomic():
            for state in self:
                for profile in state.userprofile_set.all():
                    profile.assign_state(state=self.model.objects.exclude(pk=state.pk).get_for_user(profile.user))
        super().delete()
 class StateManager(Manager):
    def get_queryset(self):
        return StateQuerySet(self.model, using=self._db)
    def available_to_character(self, character):
        return self.get_queryset().available_to_character(character)
    def available_to_user(self, user):
        return self.get_queryset().available_to_user(user)
    def get_for_character(self, character):
        states = self.get_queryset().available_to_character(character)
        if states.exists():
            return states[0]
        else:
            from allianceauth.authentication.models import get_guest_state
            return get_guest_state()
    def get_for_user(self, user):
        return self.get_queryset().get_for_user(user)
--- a/allianceauth/authentication/middleware.py
+++ b/allianceauth/authentication/middleware.py
@@ -0,0 +1,45 @@
 from django.conf import settings
 from django.utils.deprecation import MiddlewareMixin
 import logging
 logger = logging.getLogger(__name__)
 class UserSettingsMiddleware(MiddlewareMixin):
    def process_response(self, request, response):
        """Django Middleware: User Settings."""
        # Intercept the built in django /setlang/ view and also save it to Database.
        # Note the annoymous user check, only logged in users will ever hit the DB here
        if request.path == '/i18n/setlang/' and not request.user.is_anonymous:
            try:
                request.user.profile.language = request.POST['language']
                request.user.profile.save()
            except Exception as e:
                logger.exception(e)
        # Only act during the login flow, _after_ user is activated (step 2: post-sso)
        elif request.path == '/sso/login' and not request.user.is_anonymous:
            # Set the Language Cookie, if it doesnt match the DB
            # Null = hasnt been set by the user ever, dont act.
            try:
                if request.user.profile.language != request.LANGUAGE_CODE and request.user.profile.language is not None:
                    response.set_cookie(key=settings.LANGUAGE_COOKIE_NAME,
                                        value=request.user.profile.language,
                                        max_age=settings.LANGUAGE_COOKIE_AGE)
            except Exception as e:
                logger.exception(e)
            # Set our Night mode flag from the DB
            # Null = hasnt been set by the user ever, dont act.
            #
            # Night mode intercept is not needed in this middleware.
            # is saved direct to DB in NightModeRedirectView
            try:
                if request.user.profile.night_mode is not None:
                    request.session["NIGHT_MODE"] = request.user.profile.night_mode
            except Exception as e:
                logger.exception(e)
        return response
--- a/allianceauth/authentication/migrations/0001_initial.py
+++ b/allianceauth/authentication/migrations/0001_initial.py
@@ -1,6 +1,4 @@
 # -*- coding: utf-8 -*-
 # Generated by Django 1.10.1 on 2016-09-05 21:38
 from __future__ import unicode_literals
 from django.conf import settings
 from django.db import migrations, models
--- a/allianceauth/authentication/migrations/0002_auto_20160907_1914.py
+++ b/allianceauth/authentication/migrations/0002_auto_20160907_1914.py
@@ -1,6 +1,4 @@
 # -*- coding: utf-8 -*-
 # Generated by Django 1.10.1 on 2016-09-07 19:14
 from __future__ import unicode_literals
 from django.db import migrations
--- a/allianceauth/authentication/migrations/0003_authservicesinfo_state.py
+++ b/allianceauth/authentication/migrations/0003_authservicesinfo_state.py
@@ -1,6 +1,4 @@
 # -*- coding: utf-8 -*-
 # Generated by Django 1.10.1 on 2016-09-09 20:29
 from __future__ import unicode_literals
 from django.db import migrations, models
--- a/allianceauth/authentication/migrations/0004_create_permissions.py
+++ b/allianceauth/authentication/migrations/0004_create_permissions.py
@@ -1,6 +1,4 @@
 # -*- coding: utf-8 -*-
 # Generated by Django 1.10.1 on 2016-09-09 23:19
 from __future__ import unicode_literals
 from django.db import migrations
--- a/allianceauth/authentication/migrations/0005_delete_perms.py
+++ b/allianceauth/authentication/migrations/0005_delete_perms.py
@@ -1,6 +1,4 @@
 # -*- coding: utf-8 -*-
 # Generated by Django 1.10.1 on 2016-09-09 23:11
 from __future__ import unicode_literals
 from django.db import migrations
@@ -17,7 +15,7 @@ def create_permissions(apps, schema_editor):
    Permission = apps.get_model('auth', 'Permission')
    ct = ContentType.objects.get_for_model(User)
    Permission.objects.get_or_create(codename="member", content_type=ct, name="member")
-    Permission.objects.get_or_create(codename="blue_member", content_type=ct, name="blue_member") 
+    Permission.objects.get_or_create(codename="blue_member", content_type=ct, name="blue_member")
 class Migration(migrations.Migration):
--- a/allianceauth/authentication/migrations/0006_auto_20160910_0542.py
+++ b/allianceauth/authentication/migrations/0006_auto_20160910_0542.py
@@ -1,6 +1,4 @@
 # -*- coding: utf-8 -*-
 # Generated by Django 1.10.1 on 2016-09-10 05:42
 from __future__ import unicode_literals
 from django.db import migrations
--- a/allianceauth/authentication/migrations/0007_remove_authservicesinfo_is_blue.py
+++ b/allianceauth/authentication/migrations/0007_remove_authservicesinfo_is_blue.py
@@ -1,6 +1,4 @@
 # -*- coding: utf-8 -*-
 # Generated by Django 1.10.1 on 2016-09-10 21:50
 from __future__ import unicode_literals
 from django.db import migrations
--- a/allianceauth/authentication/migrations/0008_set_state.py
+++ b/allianceauth/authentication/migrations/0008_set_state.py
@@ -0,0 +1,15 @@
 # Generated by Django 1.10.1 on 2016-09-12 13:04
 from django.db import migrations
 class Migration(migrations.Migration):
    dependencies = [
        ('authentication', '0007_remove_authservicesinfo_is_blue'),
        ('eveonline', '0001_initial'),
        ('auth', '0001_initial'),
    ]
    operations = [
    ]
--- a/allianceauth/authentication/migrations/0009_auto_20161021_0228.py
+++ b/allianceauth/authentication/migrations/0009_auto_20161021_0228.py
@@ -1,6 +1,4 @@
 # -*- coding: utf-8 -*-
 # Generated by Django 1.10.2 on 2016-10-21 02:28
 from __future__ import unicode_literals
 from django.db import migrations, models
--- a/allianceauth/authentication/migrations/0010_only_one_authservicesinfo.py
+++ b/allianceauth/authentication/migrations/0010_only_one_authservicesinfo.py
@@ -1,6 +1,4 @@
 # -*- coding: utf-8 -*-
 # Generated by Django 1.10.1 on 2017-01-07 06:47
 from __future__ import unicode_literals
 from django.db import migrations
@@ -10,7 +8,7 @@ def count_completed_fields(model):
 def forward(apps, schema_editor):
    # this ensures only one model exists per user
    AuthServicesInfo = apps.get_model('authentication', 'AuthServicesInfo')
-    users = set([a.user for a in AuthServicesInfo.objects.all()])
+    users = {a.user for a in AuthServicesInfo.objects.all()}
    for u in users:
        auths = AuthServicesInfo.objects.filter(user=u)
        if auths.count() > 1:
--- a/allianceauth/authentication/migrations/0011_authservicesinfo_user_onetoonefield.py
+++ b/allianceauth/authentication/migrations/0011_authservicesinfo_user_onetoonefield.py
@@ -1,6 +1,4 @@
 # -*- coding: utf-8 -*-
 # Generated by Django 1.10.1 on 2017-01-07 07:11
 from __future__ import unicode_literals
 from django.conf import settings
 from django.db import migrations, models
--- a/allianceauth/authentication/migrations/0012_remove_add_delete_authservicesinfo_permissions.py
+++ b/allianceauth/authentication/migrations/0012_remove_add_delete_authservicesinfo_permissions.py
@@ -1,6 +1,4 @@
 # -*- coding: utf-8 -*-
 # Generated by Django 1.10.5 on 2017-01-12 00:59
 from __future__ import unicode_literals
 from django.db import migrations, models
--- a/allianceauth/authentication/migrations/0013_service_modules.py
+++ b/allianceauth/authentication/migrations/0013_service_modules.py
@@ -0,0 +1,70 @@
 # Generated by Django 1.10.2 on 2016-12-11 23:14
 from django.db import migrations
 import logging
 logger = logging.getLogger(__name__)
 class Migration(migrations.Migration):
    dependencies = [
        ('authentication', '0012_remove_add_delete_authservicesinfo_permissions'),
    ]
    operations = [
        # Remove fields
        migrations.RemoveField(
            model_name='authservicesinfo',
            name='discord_uid',
        ),
        migrations.RemoveField(
            model_name='authservicesinfo',
            name='discourse_enabled',
        ),
        migrations.RemoveField(
            model_name='authservicesinfo',
            name='forum_username',
        ),
        migrations.RemoveField(
            model_name='authservicesinfo',
            name='ipboard_username',
        ),
        migrations.RemoveField(
            model_name='authservicesinfo',
            name='ips4_id',
        ),
        migrations.RemoveField(
            model_name='authservicesinfo',
            name='ips4_username',
        ),
        migrations.RemoveField(
            model_name='authservicesinfo',
            name='jabber_username',
        ),
        migrations.RemoveField(
            model_name='authservicesinfo',
            name='market_username',
        ),
        migrations.RemoveField(
            model_name='authservicesinfo',
            name='mumble_username',
        ),
        migrations.RemoveField(
            model_name='authservicesinfo',
            name='smf_username',
        ),
        migrations.RemoveField(
            model_name='authservicesinfo',
            name='teamspeak3_perm_key',
        ),
        migrations.RemoveField(
            model_name='authservicesinfo',
            name='teamspeak3_uid',
        ),
        migrations.RemoveField(
            model_name='authservicesinfo',
            name='xenforo_username',
        ),
    ]
--- a/allianceauth/authentication/migrations/0014_fleetup_permission.py
+++ b/allianceauth/authentication/migrations/0014_fleetup_permission.py
@@ -0,0 +1,22 @@
 # Generated by Django 1.10.1 on 2016-09-09 23:19
 from django.db import migrations
 def create_permission(apps, schema_editor):
    User = apps.get_model('auth', 'User')
    ContentType = apps.get_model('contenttypes', 'ContentType')
    Permission = apps.get_model('auth', 'Permission')
    ct = ContentType.objects.get_for_model(User)
    Permission.objects.get_or_create(codename="view_fleetup", content_type=ct, name="view_fleetup")
 class Migration(migrations.Migration):
    dependencies = [
        ('authentication', '0013_service_modules'),
    ]
    operations = [
        migrations.RunPython(create_permission, migrations.RunPython.noop)
    ]
--- a/allianceauth/authentication/migrations/0015_user_profiles.py
+++ b/allianceauth/authentication/migrations/0015_user_profiles.py
@@ -0,0 +1,282 @@
 # Generated by Django 1.10.5 on 2017-03-22 23:09
 import allianceauth.authentication.models
 import django.db.models.deletion
 from django.conf import settings
 from django.contrib.auth.hashers import make_password
 from django.db import migrations, models
 def create_guest_state(apps, schema_editor):
    State = apps.get_model('authentication', 'State')
    State.objects.update_or_create(name='Guest', defaults={'priority': 0, 'public': True})
 def create_member_state(apps, schema_editor):
    Group = apps.get_model('auth', 'Group')
    State = apps.get_model('authentication', 'State')
    EveAllianceInfo = apps.get_model('eveonline', 'EveAllianceInfo')
    EveCorporationInfo = apps.get_model('eveonline', 'EveCorporationInfo')
    member_state_name = getattr(settings, 'DEFAULT_AUTH_GROUP', 'Member')
    s = State.objects.update_or_create(name=member_state_name, defaults={'priority': 100, 'public': False})[0]
    try:
        # move group permissions to state
        g = Group.objects.get(name=member_state_name)
        [s.permissions.add(p.pk) for p in g.permissions.all()]
        g.delete()
    except Group.DoesNotExist:
        pass
    # auto-populate member IDs
    CORP_IDS = getattr(settings, 'CORP_IDS', [])
    ALLIANCE_IDS = getattr(settings, 'ALLIANCE_IDS', [])
    [s.member_corporations.add(c.pk) for c in EveCorporationInfo.objects.filter(corporation_id__in=CORP_IDS)]
    [s.member_alliances.add(a.pk) for a in EveAllianceInfo.objects.filter(alliance_id__in=ALLIANCE_IDS)]
 def create_member_group(apps, schema_editor):
    Group = apps.get_model('auth', 'Group')
    State = apps.get_model('authentication', 'State')
    member_state_name = getattr(settings, 'DEFAULT_AUTH_GROUP', 'Member')
    try:
        g, _ = Group.objects.get_or_create(name=member_state_name)
        # move permissions back
        state = State.objects.get(name=member_state_name)
        [g.permissions.add(p.pk) for p in state.permissions.all()]
        # move users back
        for profile in state.userprofile_set.all().select_related('user'):
            profile.user.groups.add(g.pk)
    except State.DoesNotExist:
        pass
 def create_blue_state(apps, schema_editor):
    Group = apps.get_model('auth', 'Group')
    State = apps.get_model('authentication', 'State')
    EveAllianceInfo = apps.get_model('eveonline', 'EveAllianceInfo')
    EveCorporationInfo = apps.get_model('eveonline', 'EveCorporationInfo')
    blue_state_name = getattr(settings, 'DEFAULT_BLUE_GROUP', 'Blue')
    s = State.objects.update_or_create(name=blue_state_name, defaults={'priority': 50, 'public': False})[0]
    try:
        # move group permissions to state
        g = Group.objects.get(name=blue_state_name)
        [s.permissions.add(p.pk) for p in g.permissions.all()]
        g.delete()
    except Group.DoesNotExist:
        pass
    # auto-populate blue member IDs
    BLUE_CORP_IDS = getattr(settings, 'BLUE_CORP_IDS', [])
    BLUE_ALLIANCE_IDS = getattr(settings, 'BLUE_ALLIANCE_IDS', [])
    [s.member_corporations.add(c.pk) for c in EveCorporationInfo.objects.filter(corporation_id__in=BLUE_CORP_IDS)]
    [s.member_alliances.add(a.pk) for a in EveAllianceInfo.objects.filter(alliance_id__in=BLUE_ALLIANCE_IDS)]
 def create_blue_group(apps, schema_editor):
    Group = apps.get_model('auth', 'Group')
    State = apps.get_model('authentication', 'State')
    blue_state_name = getattr(settings, 'DEFAULT_BLUE_GROUP', 'Blue')
    try:
        g, _ = Group.objects.get_or_create(name=blue_state_name)
        # move permissions back
        state = State.objects.get(name=blue_state_name)
        [g.permissions.add(p.pk) for p in state.permissions.all()]
        # move users back
        for profile in state.userprofile_set.all().select_related('user'):
            profile.user.groups.add(g.pk)
    except State.DoesNotExist:
        pass
 def purge_tokens(apps, schema_editor):
    Token = apps.get_model('esi', 'Token')
    Token.objects.filter(refresh_token__isnull=True).delete()
 def populate_ownerships(apps, schema_editor):
    Token = apps.get_model('esi', 'Token')
    CharacterOwnership = apps.get_model('authentication', 'CharacterOwnership')
    EveCharacter = apps.get_model('eveonline', 'EveCharacter')
    unique_character_owners = [t['character_id'] for t in
                                Token.objects.all().values('character_id').annotate(n=models.Count('user')) if
                                t['n'] == 1 and EveCharacter.objects.filter(character_id=t['character_id']).exists()]
    tokens = Token.objects.filter(character_id__in=unique_character_owners)
    for c_id in unique_character_owners:
        # find newest refreshable token and use it as basis for CharacterOwnership
        ts = tokens.filter(character_id=c_id).exclude(refresh_token__isnull=True).order_by('created')
        if ts.exists():
            token = ts[0]
            char = EveCharacter.objects.get(character_id=token.character_id)
            CharacterOwnership.objects.create(user_id=token.user_id, character_id=char.id, owner_hash=token.character_owner_hash)
 def create_profiles(apps, schema_editor):
    AuthServicesInfo = apps.get_model('authentication', 'AuthServicesInfo')
    State = apps.get_model('authentication', 'State')
    UserProfile = apps.get_model('authentication', 'UserProfile')
    EveCharacter = apps.get_model('eveonline', 'EveCharacter')
    # grab AuthServicesInfo if they have a unique main_char_id and the EveCharacter exists
    unique_mains = [auth['main_char_id'] for auth in
                    AuthServicesInfo.objects.exclude(main_char_id='').values('main_char_id').annotate(
                        n=models.Count('main_char_id')) if
                    auth['n'] == 1 and EveCharacter.objects.filter(character_id=auth['main_char_id']).exists()]
    auths = AuthServicesInfo.objects.filter(main_char_id__in=unique_mains).select_related('user')
    blue_state_name = getattr(settings, 'DEFAULT_BLUE_GROUP', 'Blue')
    member_state_name = getattr(settings, 'DEFAULT_AUTH_GROUP', 'Member')
    states = {
        'Member': State.objects.get(name=member_state_name),
        'Blue': State.objects.get(name=blue_state_name),
    }
    guest_state = State.objects.get(name='Guest')
    for auth in auths:
        # carry states and mains forward
        state = states.get(auth.state, guest_state)
        char = EveCharacter.objects.get(character_id=auth.main_char_id)
        UserProfile.objects.create(user=auth.user, state=state, main_character=char)
    for auth in AuthServicesInfo.objects.exclude(main_char_id__in=unique_mains).select_related('user'):
        # prepare empty profiles
        UserProfile.objects.create(user=auth.user, state=guest_state)
 def recreate_authservicesinfo(apps, schema_editor):
    AuthServicesInfo = apps.get_model('authentication', 'AuthServicesInfo')
    UserProfile = apps.get_model('authentication', 'UserProfile')
    User = apps.get_model('auth', 'User')
    blue_state_name = getattr(settings, 'DEFAULT_BLUE_GROUP', 'Blue')
    member_state_name = getattr(settings, 'DEFAULT_AUTH_GROUP', 'Member')
    states = {
        member_state_name: 'Member',
        blue_state_name: 'Blue',
    }
    # recreate all missing AuthServicesInfo models
    AuthServicesInfo.objects.bulk_create([AuthServicesInfo(user_id=u.pk) for u in User.objects.all()])
    # repopulate main characters
    for profile in UserProfile.objects.exclude(main_character__isnull=True).select_related('user', 'main_character'):
        AuthServicesInfo.objects.update_or_create(user=profile.user, defaults={'main_char_id': profile.main_character.character_id})
    # repopulate states we understand
    for profile in UserProfile.objects.exclude(state__name='Guest').filter(
            state__name__in=[member_state_name, blue_state_name]).select_related('user', 'state'):
        AuthServicesInfo.objects.update_or_create(user=profile.user, defaults={'state': states[profile.state.name]})
 def disable_passwords(apps, schema_editor):
    User = apps.get_model('auth', 'User')
    for u in User.objects.exclude(is_staff=True):
        # remove passwords for non-staff users to prevent password-based authentication
        # set_unusable_password is unavailable in migrations because :reasons:
        u.password = make_password(None)
        u.save()
 class Migration(migrations.Migration):
    dependencies = [
        ('auth', '0008_alter_user_username_max_length'),
        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
        ('eveonline', '0008_remove_apikeys'),
        ('authentication', '0014_fleetup_permission'),
        ('esi', '0001_initial'),
    ]
    operations = [
        migrations.CreateModel(
            name='CharacterOwnership',
            fields=[
                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                ('owner_hash', models.CharField(max_length=28, unique=True)),
                ('character', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, related_name='character_ownership', to='eveonline.EveCharacter')),
                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='character_ownerships', to=settings.AUTH_USER_MODEL)),
            ],
            options={
                'default_permissions': ('change', 'delete'),
                'ordering': ['user', 'character__character_name'],
            },
        ),
        migrations.CreateModel(
            name='State',
            fields=[
                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                ('name', models.CharField(max_length=20, unique=True)),
                ('priority', models.IntegerField(help_text='Users get assigned the state with the highest priority available to them.', unique=True)),
                ('public', models.BooleanField(default=False, help_text='Make this state available to any character.')),
                ('member_alliances', models.ManyToManyField(blank=True, help_text='Alliances to whose members this state is available.', to='eveonline.EveAllianceInfo')),
                ('member_characters', models.ManyToManyField(blank=True, help_text='Characters to which this state is available.', to='eveonline.EveCharacter')),
                ('member_corporations', models.ManyToManyField(blank=True, help_text='Corporations to whose members this state is available.', to='eveonline.EveCorporationInfo')),
                ('permissions', models.ManyToManyField(blank=True, to='auth.Permission')),
            ],
            options={
                'ordering': ['-priority'],
            },
        ),
        migrations.CreateModel(
            name='UserProfile',
            fields=[
                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                ('main_character', models.OneToOneField(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, to='eveonline.EveCharacter')),
                ('state', models.ForeignKey(default=allianceauth.authentication.models.get_guest_state_pk, on_delete=django.db.models.deletion.SET_DEFAULT, to='authentication.State')),
                ('user', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, related_name='profile', to=settings.AUTH_USER_MODEL)),
            ],
            options={
                'default_permissions': ('change',),
            },
        ),
        migrations.RunPython(create_guest_state, migrations.RunPython.noop),
        migrations.RunPython(create_member_state, create_member_group),
        migrations.RunPython(create_blue_state, create_blue_group),
        migrations.RunPython(purge_tokens, migrations.RunPython.noop),
        migrations.RunPython(populate_ownerships, migrations.RunPython.noop),
        migrations.RunPython(create_profiles, recreate_authservicesinfo),
        migrations.RemoveField(
            model_name='authservicesinfo',
            name='user',
        ),
        migrations.DeleteModel(
            name='AuthServicesInfo',
        ),
        migrations.RunPython(disable_passwords, migrations.RunPython.noop),
        migrations.CreateModel(
            name='Permission',
            fields=[
            ],
            options={
                'proxy': True,
                'verbose_name': 'permission',
                'verbose_name_plural': 'permissions',
            },
            bases=('auth.permission',),
            managers=[
                ('objects', django.contrib.auth.models.PermissionManager()),
            ],
        ),
        migrations.CreateModel(
            name='User',
            fields=[
            ],
            options={
                'proxy': True,
                'verbose_name': 'user',
                'verbose_name_plural': 'users',
            },
            bases=('auth.user',),
            managers=[
                ('objects', django.contrib.auth.models.UserManager()),
            ],
        ),
    ]
--- a/allianceauth/authentication/migrations/0016_ownershiprecord.py
+++ b/allianceauth/authentication/migrations/0016_ownershiprecord.py
@@ -0,0 +1,40 @@
 # Generated by Django 2.0.4 on 2018-04-14 18:28
 from django.conf import settings
 from django.db import migrations, models
 import django.db.models.deletion
 def create_initial_records(apps, schema_editor):
    OwnershipRecord = apps.get_model('authentication', 'OwnershipRecord')
    CharacterOwnership = apps.get_model('authentication', 'CharacterOwnership')
    OwnershipRecord.objects.bulk_create([
        OwnershipRecord(user=o.user, character=o.character, owner_hash=o.owner_hash) for o in CharacterOwnership.objects.all()
    ])
 class Migration(migrations.Migration):
    dependencies = [
        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
        ('eveonline', '0009_on_delete'),
        ('authentication', '0015_user_profiles'),
    ]
    operations = [
        migrations.CreateModel(
            name='OwnershipRecord',
            fields=[
                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                ('owner_hash', models.CharField(db_index=True, max_length=28)),
                ('created', models.DateTimeField(auto_now=True)),
                ('character', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='ownership_records', to='eveonline.EveCharacter')),
                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='ownership_records', to=settings.AUTH_USER_MODEL)),
            ],
            options={
                'ordering': ['-created'],
            },
        ),
        migrations.RunPython(create_initial_records, migrations.RunPython.noop)
    ]
--- a/allianceauth/authentication/migrations/0017_remove_fleetup_permission.py
+++ b/allianceauth/authentication/migrations/0017_remove_fleetup_permission.py
@@ -0,0 +1,20 @@
 from django.db import migrations
 def remove_permission(apps, schema_editor):
    User = apps.get_model('auth', 'User')
    ContentType = apps.get_model('contenttypes', 'ContentType')
    Permission = apps.get_model('auth', 'Permission')
    ct = ContentType.objects.get_for_model(User)
    Permission.objects.filter(codename="view_fleetup", content_type=ct, name="view_fleetup").delete()
 class Migration(migrations.Migration):
    dependencies = [
        ('authentication', '0016_ownershiprecord'),
    ]
    operations = [
        migrations.RunPython(remove_permission, migrations.RunPython.noop)
    ]
--- a/allianceauth/authentication/migrations/0018_alter_state_name_length.py
+++ b/allianceauth/authentication/migrations/0018_alter_state_name_length.py
@@ -0,0 +1,18 @@
 # Generated by Django 3.2.8 on 2021-10-20 05:22
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('authentication', '0017_remove_fleetup_permission'),
    ]
    operations = [
        migrations.AlterField(
            model_name='state',
            name='name',
            field=models.CharField(max_length=32, unique=True),
        ),
    ]
--- a/allianceauth/authentication/migrations/0018_state_member_factions.py
+++ b/allianceauth/authentication/migrations/0018_state_member_factions.py
@@ -0,0 +1,19 @@
 # Generated by Django 3.1.13 on 2021-10-12 20:21
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('eveonline', '0015_factions'),
        ('authentication', '0017_remove_fleetup_permission'),
    ]
    operations = [
        migrations.AddField(
            model_name='state',
            name='member_factions',
            field=models.ManyToManyField(blank=True, help_text='Factions to whose members this state is available.', to='eveonline.EveFactionInfo'),
        ),
    ]
--- a/allianceauth/authentication/migrations/0019_merge_20211026_0919.py
+++ b/allianceauth/authentication/migrations/0019_merge_20211026_0919.py
@@ -0,0 +1,14 @@
 # Generated by Django 3.2.8 on 2021-10-26 09:19
 from django.db import migrations
 class Migration(migrations.Migration):
    dependencies = [
        ('authentication', '0018_alter_state_name_length'),
        ('authentication', '0018_state_member_factions'),
    ]
    operations = [
    ]
--- a/allianceauth/authentication/migrations/0020_userprofile_language_userprofile_night_mode.py
+++ b/allianceauth/authentication/migrations/0020_userprofile_language_userprofile_night_mode.py
@@ -0,0 +1,23 @@
 # Generated by Django 4.0.2 on 2022-02-26 03:45
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('authentication', '0019_merge_20211026_0919'),
    ]
    operations = [
        migrations.AddField(
            model_name='userprofile',
            name='language',
            field=models.CharField(blank=True, choices=[('en', 'English'), ('de', 'German'), ('es', 'Spanish'), ('zh-hans', 'Chinese Simplified'), ('ru', 'Russian'), ('ko', 'Korean'), ('fr', 'French'), ('ja', 'Japanese'), ('it', 'Italian')], default='', max_length=10, verbose_name='Language'),
        ),
        migrations.AddField(
            model_name='userprofile',
            name='night_mode',
            field=models.BooleanField(blank=True, null=True, verbose_name='Night Mode'),
        ),
    ]
--- a/allianceauth/authentication/migrations/init.py
+++ b/allianceauth/authentication/migrations/init.py
--- a/allianceauth/authentication/models.py
+++ b/allianceauth/authentication/models.py
@@ -0,0 +1,152 @@
 import logging
 from django.contrib.auth.models import User, Permission
 from django.db import models, transaction
 from django.utils.translation import gettext_lazy as _
 from allianceauth.eveonline.models import EveCharacter, EveCorporationInfo, EveAllianceInfo, EveFactionInfo
 from allianceauth.notifications import notify
 from django.conf import settings
 from .managers import CharacterOwnershipManager, StateManager
 logger = logging.getLogger(__name__)
 class State(models.Model):
    name = models.CharField(max_length=32, unique=True)
    permissions = models.ManyToManyField(Permission, blank=True)
    priority = models.IntegerField(unique=True, help_text="Users get assigned the state with the highest priority available to them.")
    member_characters = models.ManyToManyField(EveCharacter, blank=True,
                                                help_text="Characters to which this state is available.")
    member_corporations = models.ManyToManyField(EveCorporationInfo, blank=True,
                                                help_text="Corporations to whose members this state is available.")
    member_alliances = models.ManyToManyField(EveAllianceInfo, blank=True,
                                            help_text="Alliances to whose members this state is available.")
    member_factions = models.ManyToManyField(EveFactionInfo, blank=True,
                                            help_text="Factions to whose members this state is available.")
    public = models.BooleanField(default=False, help_text="Make this state available to any character.")
    objects = StateManager()
    class Meta:
        ordering = ['-priority']
    def __str__(self):
        return self.name
    def available_to_character(self, character):
        return self in State.objects.available_to_character(character)
    def available_to_user(self, user):
        return self in State.objects.available_to_user(user)
    def delete(self, **kwargs):
        with transaction.atomic():
            for profile in self.userprofile_set.all():
                profile.assign_state(state=State.objects.exclude(pk=self.pk).get_for_user(profile.user))
        super().delete(**kwargs)
 def get_guest_state():
    try:
        return State.objects.get(name='Guest')
    except State.DoesNotExist:
        return State.objects.create(name='Guest', priority=0, public=True)
 def get_guest_state_pk():
    return get_guest_state().pk
 class UserProfile(models.Model):
    class Meta:
        default_permissions = ('change',)
    user = models.OneToOneField(
        User,
        related_name='profile',
        on_delete=models.CASCADE)
    main_character = models.OneToOneField(
        EveCharacter,
        blank=True,
        null=True,
        on_delete=models.SET_NULL)
    state = models.ForeignKey(
        State,
        on_delete=models.SET_DEFAULT,
        default=get_guest_state_pk)
    LANGUAGE_CHOICES = [
        ('en', _('English')),
        ('de', _('German')),
        ('es', _('Spanish')),
        ('zh-hans', _('Chinese Simplified')),
        ('ru', _('Russian')),
        ('ko', _('Korean')),
        ('fr', _('French')),
        ('ja', _('Japanese')),
        ('it', _('Italian')),
    ]
    language = models.CharField(
        _("Language"), max_length=10,
        choices=LANGUAGE_CHOICES,
        blank=True,
        default='')
    night_mode = models.BooleanField(
        _("Night Mode"),
        blank=True,
        null=True)
    def assign_state(self, state=None, commit=True):
        if not state:
            state = State.objects.get_for_user(self.user)
        if self.state != state:
            self.state = state
            if commit:
                logger.info(f'Updating {self.user} state to {self.state}')
                self.save(update_fields=['state'])
                notify(
                    self.user,
                    _('State changed to: %s' % state),
                    _('Your user\'s state is now: %(state)s')
                    % ({'state': state}),
                    'info'
                )
                from allianceauth.authentication.signals import state_changed
                # We need to ensure we get up to date perms here as they will have just changed.
                # Clear all attribute caches and reload the model that will get passed to the signals!
                self.refresh_from_db()
                state_changed.send(
                    sender=self.__class__, user=self.user, state=self.state
                )
    def __str__(self):
        return str(self.user)
 class CharacterOwnership(models.Model):
    class Meta:
        default_permissions = ('change', 'delete')
        ordering = ['user', 'character__character_name']
    character = models.OneToOneField(EveCharacter, on_delete=models.CASCADE, related_name='character_ownership')
    owner_hash = models.CharField(max_length=28, unique=True)
    user = models.ForeignKey(User, on_delete=models.CASCADE, related_name='character_ownerships')
    objects = CharacterOwnershipManager()
    def __str__(self):
        return f"{self.user}: {self.character}"
 class OwnershipRecord(models.Model):
    character = models.ForeignKey(EveCharacter, on_delete=models.CASCADE, related_name='ownership_records')
    owner_hash = models.CharField(max_length=28, db_index=True)
    user = models.ForeignKey(User, on_delete=models.CASCADE, related_name='ownership_records')
    created = models.DateTimeField(auto_now=True)
    class Meta:
        ordering = ['-created']
    def __str__(self):
        return f"{self.user}: {self.character} on {self.created}"
--- a/allianceauth/authentication/signals.py
+++ b/allianceauth/authentication/signals.py
@@ -0,0 +1,164 @@
 import logging
 from .models import (
    CharacterOwnership,
    UserProfile,
    get_guest_state,
    State,
    OwnershipRecord)
 from django.contrib.auth.models import User
 from django.db.models import Q
 from django.db.models.signals import pre_save, post_save, pre_delete, post_delete, m2m_changed
 from django.dispatch import receiver, Signal
 from esi.models import Token
 from allianceauth.eveonline.models import EveCharacter
 logger = logging.getLogger(__name__)
 state_changed = Signal()
 def trigger_state_check(state):
    # evaluate all current members to ensure they still have access
    for profile in state.userprofile_set.all():
        profile.assign_state()
    # we may now be available to others with lower states
    check_states = State.objects.filter(priority__lt=state.priority)
    for profile in UserProfile.objects.filter(state__in=check_states):
        if state.available_to_user(profile.user):
            profile.assign_state(state)
@receiver(m2m_changed, sender=State.member_characters.through)
 def state_member_characters_changed(sender, instance, action, *args, **kwargs):
    if action.startswith('post_'):
        logger.debug(f'State {instance} member characters changed. Re-evaluating membership.')
        trigger_state_check(instance)
@receiver(m2m_changed, sender=State.member_corporations.through)
 def state_member_corporations_changed(sender, instance, action, *args, **kwargs):
    if action.startswith('post_'):
        logger.debug(f'State {instance} member corporations changed. Re-evaluating membership.')
        trigger_state_check(instance)
@receiver(m2m_changed, sender=State.member_alliances.through)
 def state_member_alliances_changed(sender, instance, action, *args, **kwargs):
    if action.startswith('post_'):
        logger.debug(f'State {instance} member alliances changed. Re-evaluating membership.')
        trigger_state_check(instance)
@receiver(m2m_changed, sender=State.member_factions.through)
 def state_member_factions_changed(sender, instance, action, *args, **kwargs):
    if action.startswith('post_'):
        logger.debug(f'State {instance} member factions changed. Re-evaluating membership.')
        trigger_state_check(instance)
@receiver(post_save, sender=State)
 def state_saved(sender, instance, *args, **kwargs):
    logger.debug(f'State {instance} saved. Re-evaluating membership.')
    trigger_state_check(instance)
 # Is there a smarter way to intercept pre_save with a diff main_character or state?
@receiver(post_save, sender=UserProfile)
 def reassess_on_profile_save(sender, instance, created, *args, **kwargs):
    # catches post_save from profiles to trigger necessary service and state checks
    if not created:
        update_fields = kwargs.pop('update_fields', []) or []
        if 'state' not in update_fields:
            logger.debug(f'Profile for {instance.user} saved without state change. Re-evaluating state.')
            instance.assign_state()
@receiver(post_save, sender=User)
 def create_required_models(sender, instance, created, *args, **kwargs):
    # ensure all users have our Sub-Models
    if created:
        logger.debug(f'User {instance} created. Creating default UserProfile.')
        UserProfile.objects.get_or_create(user=instance)
@receiver(post_save, sender=Token)
 def record_character_ownership(sender, instance, created, *args, **kwargs):
    if created:
        logger.debug(f'New token for {instance.user} character {instance.character_name} saved. Evaluating ownership.')
        if instance.user:
            query = Q(owner_hash=instance.character_owner_hash) & Q(user=instance.user)
        else:
            query = Q(owner_hash=instance.character_owner_hash)
        # purge ownership records if the hash or auth user account has changed
        CharacterOwnership.objects.filter(character__character_id=instance.character_id).exclude(query).delete()
        # create character if needed
        if EveCharacter.objects.filter(character_id=instance.character_id).exists() is False:
            logger.debug(f'Token is for a new character. Creating model for {instance.character_name} ({instance.character_id})')
            EveCharacter.objects.create_character(instance.character_id)
        char = EveCharacter.objects.get(character_id=instance.character_id)
        # check if we need to create ownership
        if instance.user and not CharacterOwnership.objects.filter(
                character__character_id=instance.character_id).exists():
            logger.debug(f"Character {instance.character_name} is not yet owned. Assigning ownership to {instance.user}")
            CharacterOwnership.objects.update_or_create(character=char, defaults={'owner_hash': instance.character_owner_hash, 'user': instance.user})
@receiver(pre_delete, sender=CharacterOwnership)
 def validate_main_character(sender, instance, *args, **kwargs):
    try:
        if instance.user.profile.main_character == instance.character:
            logger.info("Ownership of a main character {} has been revoked. Resetting {} main character.".format(
                instance.character, instance.user))
            # clear main character as user no longer owns them
            instance.user.profile.main_character = None
            instance.user.profile.save()
    except UserProfile.DoesNotExist:
        # a user is being deleted
        pass
@receiver(post_delete, sender=Token)
 def validate_ownership(sender, instance, *args, **kwargs):
    if not Token.objects.filter(character_owner_hash=instance.character_owner_hash).filter(refresh_token__isnull=False).exists():
        logger.info(f"No remaining tokens to validate ownership of character {instance.character_name}. Revoking ownership.")
        CharacterOwnership.objects.filter(owner_hash=instance.character_owner_hash).delete()
@receiver(pre_save, sender=User)
 def assign_state_on_active_change(sender, instance, *args, **kwargs):
    # set to guest state if inactive, assign proper state if reactivated
    if instance.pk:
        old_instance = User.objects.get(pk=instance.pk)
        if old_instance.is_active != instance.is_active:
            if instance.is_active:
                logger.debug(f"User {instance} has been activated. Assigning state.")
                instance.profile.assign_state()
            else:
                logger.debug(
                    f"User {instance} has been deactivated. Revoking state and assigning to guest state.")
                instance.profile.state = get_guest_state()
                instance.profile.save(update_fields=['state'])
@receiver(post_save, sender=EveCharacter)
 def check_state_on_character_update(sender, instance, *args, **kwargs):
    # if this is a main character updating, check that user's state
    try:
        logger.debug(f"Character {instance} has been saved. Assessing owner's state for changes.")
        instance.userprofile.assign_state()
    except UserProfile.DoesNotExist:
        logger.debug(f"Character {instance} is not a main character. No state assessment required.")
        pass
@receiver(post_save, sender=CharacterOwnership)
 def ownership_record_creation(sender, instance, created, *args, **kwargs):
    if created:
        records = OwnershipRecord.objects.filter(owner_hash=instance.owner_hash).filter(character=instance.character)
        if records.exists():
            if records[0].user == instance.user:  # most recent record is sorted first
                logger.debug(f"Already have ownership record of {instance.character} by user {instance.user}")
                return
        logger.info(f"Character {instance.character} has a new owner {instance.user}. Creating ownership record.")
        OwnershipRecord.objects.create(user=instance.user, character=instance.character, owner_hash=instance.owner_hash)
--- a/allianceauth/authentication/static/allianceauth/authentication/css/admin.css
+++ b/allianceauth/authentication/static/allianceauth/authentication/css/admin.css
@@ -0,0 +1,31 @@
 /*
 CSS for allianceauth admin site
 */
 /* styling for profile pic */
 .img-circle {
    border-radius: 50%;
 }
 .column-user_profile_pic {
    white-space: nowrap;
    width: 1px;
 }
 /* tooltip */
 .tooltip {
    position: relative;
 }
 .tooltip:hover::after {
    background-color: rgb(255 255 204);
    border: 1px rgb(128 128 128) solid;
    color: rgb(0 0 0);
    content: attr(data-tooltip);
    left: 1em;
    min-width: 200px;
    padding: 8px;
    position: absolute;
    top: 1.1em;
    z-index: 1;
 }
--- a/allianceauth/authentication/static/allianceauth/authentication/img/background.jpg
+++ b/allianceauth/authentication/static/allianceauth/authentication/img/background.jpg
--- a/allianceauth/authentication/static/allianceauth/authentication/img/sso/EVE_SSO_Login_Buttons_Large_Black.png
+++ b/allianceauth/authentication/static/allianceauth/authentication/img/sso/EVE_SSO_Login_Buttons_Large_Black.png
--- a/allianceauth/authentication/static/allianceauth/authentication/img/sso/EVE_SSO_Login_Buttons_Large_White.png
+++ b/allianceauth/authentication/static/allianceauth/authentication/img/sso/EVE_SSO_Login_Buttons_Large_White.png
--- a/allianceauth/authentication/task_statistics/init.py
+++ b/allianceauth/authentication/task_statistics/init.py
--- a/allianceauth/authentication/task_statistics/counters.py
+++ b/allianceauth/authentication/task_statistics/counters.py
@@ -0,0 +1,40 @@
 from collections import namedtuple
 import datetime as dt
 from .event_series import EventSeries
 """Global series for counting task events."""
 succeeded_tasks = EventSeries("SUCCEEDED_TASKS")
 retried_tasks = EventSeries("RETRIED_TASKS")
 failed_tasks = EventSeries("FAILED_TASKS")
 _TaskCounts = namedtuple(
    "_TaskCounts", ["succeeded", "retried", "failed", "total", "earliest_task", "hours"]
 )
 def dashboard_results(hours: int) -> _TaskCounts:
    """Counts of all task events within the given timeframe."""
    def earliest_if_exists(events: EventSeries, earliest: dt.datetime) -> list:
        my_earliest = events.first_event(earliest=earliest)
        return [my_earliest] if my_earliest else []
    earliest = dt.datetime.utcnow() - dt.timedelta(hours=hours)
    earliest_events = list()
    succeeded_count = succeeded_tasks.count(earliest=earliest)
    earliest_events += earliest_if_exists(succeeded_tasks, earliest)
    retried_count = retried_tasks.count(earliest=earliest)
    earliest_events += earliest_if_exists(retried_tasks, earliest)
    failed_count = failed_tasks.count(earliest=earliest)
    earliest_events += earliest_if_exists(failed_tasks, earliest)
    return _TaskCounts(
        succeeded=succeeded_count,
        retried=retried_count,
        failed=failed_count,
        total=succeeded_count + retried_count + failed_count,
        earliest_task=min(earliest_events) if earliest_events else None,
        hours=hours,
    )
--- a/allianceauth/authentication/task_statistics/event_series.py
+++ b/allianceauth/authentication/task_statistics/event_series.py
@@ -0,0 +1,130 @@
 import datetime as dt
 import logging
 from typing import List, Optional
 from pytz import utc
 from redis import Redis, RedisError
 from allianceauth.utils.cache import get_redis_client
 logger = logging.getLogger(__name__)
 class _RedisStub:
    """Stub of a Redis client.
    It's purpose is to prevent EventSeries objects from trying to access Redis
    when it is not available. e.g. when the Sphinx docs are rendered by readthedocs.org.
    """
    def delete(self, *args, **kwargs):
        pass
    def incr(self, *args, **kwargs):
        return 0
    def zadd(self, *args, **kwargs):
        pass
    def zcount(self, *args, **kwargs):
        pass
    def zrangebyscore(self, *args, **kwargs):
        pass
 class EventSeries:
    """API for recording and analyzing a series of events."""
    _ROOT_KEY = "ALLIANCEAUTH_EVENT_SERIES"
    def __init__(self, key_id: str, redis: Redis = None) -> None:
        self._redis = get_redis_client() if not redis else redis
        try:
            if not self._redis.ping():
                raise RuntimeError()
        except (AttributeError, RedisError, RuntimeError):
            logger.exception(
                "Failed to establish a connection with Redis. "
                "This EventSeries object is disabled.",
            )
            self._redis = _RedisStub()
        self._key_id = str(key_id)
        self.clear()
    @property
    def is_disabled(self):
        """True when this object is disabled, e.g. Redis was not available at startup."""
        return isinstance(self._redis, _RedisStub)
    @property
    def _key_counter(self):
        return f"{self._ROOT_KEY}_{self._key_id}_COUNTER"
    @property
    def _key_sorted_set(self):
        return f"{self._ROOT_KEY}_{self._key_id}_SORTED_SET"
    def add(self, event_time: dt.datetime = None) -> None:
        """Add event.
        Args:
        - event_time: timestamp of event. Will use current time if not specified.
        """
        if not event_time:
            event_time = dt.datetime.utcnow()
        id = self._redis.incr(self._key_counter)
        self._redis.zadd(self._key_sorted_set, {id: event_time.timestamp()})
    def all(self) -> List[dt.datetime]:
        """List of all known events."""
        return [
            event[1]
            for event in self._redis.zrangebyscore(
                self._key_sorted_set,
                "-inf",
                "+inf",
                withscores=True,
                score_cast_func=self._cast_scores_to_dt,
            )
        ]
    def clear(self) -> None:
        """Clear all events."""
        self._redis.delete(self._key_sorted_set)
        self._redis.delete(self._key_counter)
    def count(self, earliest: dt.datetime = None, latest: dt.datetime = None) -> int:
        """Count of events, can be restricted to given timeframe.
        Args:
        - earliest: Date of first events to count(inclusive), or -infinite if not specified
        - latest: Date of last events to count(inclusive), or +infinite if not specified
        """
        min = "-inf" if not earliest else earliest.timestamp()
        max = "+inf" if not latest else latest.timestamp()
        return self._redis.zcount(self._key_sorted_set, min=min, max=max)
    def first_event(self, earliest: dt.datetime = None) -> Optional[dt.datetime]:
        """Date/Time of first event. Returns `None` if series has no events.
        Args:
        - earliest: Date of first events to count(inclusive), or any if not specified
        """
        min = "-inf" if not earliest else earliest.timestamp()
        event = self._redis.zrangebyscore(
            self._key_sorted_set,
            min,
            "+inf",
            withscores=True,
            start=0,
            num=1,
            score_cast_func=self._cast_scores_to_dt,
        )
        if not event:
            return None
        return event[0][1]
    @staticmethod
    def _cast_scores_to_dt(score) -> dt.datetime:
        return dt.datetime.fromtimestamp(float(score), tz=utc)
--- a/allianceauth/authentication/task_statistics/signals.py
+++ b/allianceauth/authentication/task_statistics/signals.py
@@ -0,0 +1,54 @@
 from celery.signals import (
    task_failure,
    task_internal_error,
    task_retry,
    task_success,
    worker_ready
 )
 from django.conf import settings
 from .counters import failed_tasks, retried_tasks, succeeded_tasks
 def reset_counters():
    """Reset all counters for the celery status."""
    succeeded_tasks.clear()
    failed_tasks.clear()
    retried_tasks.clear()
 def is_enabled() -> bool:
    return not bool(
        getattr(settings, "ALLIANCEAUTH_DASHBOARD_TASK_STATISTICS_DISABLED", False)
    )
@worker_ready.connect
 def reset_counters_when_celery_restarted(*args, **kwargs):
    if is_enabled():
        reset_counters()
@task_success.connect
 def record_task_succeeded(*args, **kwargs):
    if is_enabled():
        succeeded_tasks.add()
@task_retry.connect
 def record_task_retried(*args, **kwargs):
    if is_enabled():
        retried_tasks.add()
@task_failure.connect
 def record_task_failed(*args, **kwargs):
    if is_enabled():
        failed_tasks.add()
@task_internal_error.connect
 def record_task_internal_error(*args, **kwargs):
    if is_enabled():
        failed_tasks.add()
--- a/allianceauth/authentication/task_statistics/tests/init.py
+++ b/allianceauth/authentication/task_statistics/tests/init.py
--- a/allianceauth/authentication/task_statistics/tests/test_counters.py
+++ b/allianceauth/authentication/task_statistics/tests/test_counters.py
@@ -0,0 +1,51 @@
 import datetime as dt
 from django.test import TestCase
 from django.utils.timezone import now
 from allianceauth.authentication.task_statistics.counters import (
    dashboard_results,
    succeeded_tasks,
    retried_tasks,
    failed_tasks,
 )
 class TestDashboardResults(TestCase):
    def test_should_return_counts_for_given_timeframe_only(self):
        # given
        earliest_task = now() - dt.timedelta(minutes=15)
        succeeded_tasks.clear()
        succeeded_tasks.add(now() - dt.timedelta(hours=1, seconds=1))
        succeeded_tasks.add(earliest_task)
        succeeded_tasks.add()
        succeeded_tasks.add()
        retried_tasks.clear()
        retried_tasks.add(now() - dt.timedelta(hours=1, seconds=1))
        retried_tasks.add(now() - dt.timedelta(seconds=30))
        retried_tasks.add()
        failed_tasks.clear()
        failed_tasks.add(now() - dt.timedelta(hours=1, seconds=1))
        failed_tasks.add()
        # when
        results = dashboard_results(hours=1)
        # then
        self.assertEqual(results.succeeded, 3)
        self.assertEqual(results.retried, 2)
        self.assertEqual(results.failed, 1)
        self.assertEqual(results.total, 6)
        self.assertEqual(results.earliest_task, earliest_task)
    def test_should_work_with_no_data(self):
        # given
        succeeded_tasks.clear()
        retried_tasks.clear()
        failed_tasks.clear()
        # when
        results = dashboard_results(hours=1)
        # then
        self.assertEqual(results.succeeded, 0)
        self.assertEqual(results.retried, 0)
        self.assertEqual(results.failed, 0)
        self.assertEqual(results.total, 0)
        self.assertIsNone(results.earliest_task)
--- a/allianceauth/authentication/task_statistics/tests/test_event_series.py
+++ b/allianceauth/authentication/task_statistics/tests/test_event_series.py
@@ -0,0 +1,168 @@
 import datetime as dt
 from unittest.mock import patch
 from pytz import utc
 from redis import RedisError
 from django.test import TestCase
 from django.utils.timezone import now
 from allianceauth.authentication.task_statistics.event_series import (
    EventSeries,
    _RedisStub,
 )
 MODULE_PATH = "allianceauth.authentication.task_statistics.event_series"
 class TestEventSeries(TestCase):
    def test_should_abort_without_redis_client(self):
        # when
        with patch(MODULE_PATH + ".get_redis_client") as mock:
            mock.return_value = None
            events = EventSeries("dummy")
        # then
        self.assertTrue(events._redis, _RedisStub)
        self.assertTrue(events.is_disabled)
    def test_should_disable_itself_if_redis_not_available_1(self):
        # when
        with patch(MODULE_PATH + ".get_redis_client") as mock_get_master_client:
            mock_get_master_client.return_value.ping.side_effect = RedisError
            events = EventSeries("dummy")
        # then
        self.assertIsInstance(events._redis, _RedisStub)
        self.assertTrue(events.is_disabled)
    def test_should_disable_itself_if_redis_not_available_2(self):
        # when
        with patch(MODULE_PATH + ".get_redis_client") as mock_get_master_client:
            mock_get_master_client.return_value.ping.return_value = False
            events = EventSeries("dummy")
        # then
        self.assertIsInstance(events._redis, _RedisStub)
        self.assertTrue(events.is_disabled)
    def test_should_add_event(self):
        # given
        events = EventSeries("dummy")
        # when
        events.add()
        # then
        result = events.all()
        self.assertEqual(len(result), 1)
        self.assertAlmostEqual(result[0], now(), delta=dt.timedelta(seconds=30))
    def test_should_add_event_with_specified_time(self):
        # given
        events = EventSeries("dummy")
        my_time = dt.datetime(2021, 11, 1, 12, 15, tzinfo=utc)
        # when
        events.add(my_time)
        # then
        result = events.all()
        self.assertEqual(len(result), 1)
        self.assertAlmostEqual(result[0], my_time, delta=dt.timedelta(seconds=30))
    def test_should_count_events(self):
        # given
        events = EventSeries("dummy")
        events.add()
        events.add()
        # when
        result = events.count()
        # then
        self.assertEqual(result, 2)
    def test_should_count_zero(self):
        # given
        events = EventSeries("dummy")
        # when
        result = events.count()
        # then
        self.assertEqual(result, 0)
    def test_should_count_events_within_timeframe_1(self):
        # given
        events = EventSeries("dummy")
        events.add(dt.datetime(2021, 12, 1, 12, 0, tzinfo=utc))
        events.add(dt.datetime(2021, 12, 1, 12, 10, tzinfo=utc))
        events.add(dt.datetime(2021, 12, 1, 12, 15, tzinfo=utc))
        events.add(dt.datetime(2021, 12, 1, 12, 30, tzinfo=utc))
        # when
        result = events.count(
            earliest=dt.datetime(2021, 12, 1, 12, 8, tzinfo=utc),
            latest=dt.datetime(2021, 12, 1, 12, 17, tzinfo=utc),
        )
        # then
        self.assertEqual(result, 2)
    def test_should_count_events_within_timeframe_2(self):
        # given
        events = EventSeries("dummy")
        events.add(dt.datetime(2021, 12, 1, 12, 0, tzinfo=utc))
        events.add(dt.datetime(2021, 12, 1, 12, 10, tzinfo=utc))
        events.add(dt.datetime(2021, 12, 1, 12, 15, tzinfo=utc))
        events.add(dt.datetime(2021, 12, 1, 12, 30, tzinfo=utc))
        # when
        result = events.count(earliest=dt.datetime(2021, 12, 1, 12, 8))
        # then
        self.assertEqual(result, 3)
    def test_should_count_events_within_timeframe_3(self):
        # given
        events = EventSeries("dummy")
        events.add(dt.datetime(2021, 12, 1, 12, 0, tzinfo=utc))
        events.add(dt.datetime(2021, 12, 1, 12, 10, tzinfo=utc))
        events.add(dt.datetime(2021, 12, 1, 12, 15, tzinfo=utc))
        events.add(dt.datetime(2021, 12, 1, 12, 30, tzinfo=utc))
        # when
        result = events.count(latest=dt.datetime(2021, 12, 1, 12, 12))
        # then
        self.assertEqual(result, 2)
    def test_should_clear_events(self):
        # given
        events = EventSeries("dummy")
        events.add()
        events.add()
        # when
        events.clear()
        # then
        self.assertEqual(events.count(), 0)
    def test_should_return_date_of_first_event(self):
        # given
        events = EventSeries("dummy")
        events.add(dt.datetime(2021, 12, 1, 12, 0, tzinfo=utc))
        events.add(dt.datetime(2021, 12, 1, 12, 10, tzinfo=utc))
        events.add(dt.datetime(2021, 12, 1, 12, 15, tzinfo=utc))
        events.add(dt.datetime(2021, 12, 1, 12, 30, tzinfo=utc))
        # when
        result = events.first_event()
        # then
        self.assertEqual(result, dt.datetime(2021, 12, 1, 12, 0, tzinfo=utc))
    def test_should_return_date_of_first_event_with_range(self):
        # given
        events = EventSeries("dummy")
        events.add(dt.datetime(2021, 12, 1, 12, 0, tzinfo=utc))
        events.add(dt.datetime(2021, 12, 1, 12, 10, tzinfo=utc))
        events.add(dt.datetime(2021, 12, 1, 12, 15, tzinfo=utc))
        events.add(dt.datetime(2021, 12, 1, 12, 30, tzinfo=utc))
        # when
        result = events.first_event(
            earliest=dt.datetime(2021, 12, 1, 12, 8, tzinfo=utc)
        )
        # then
        self.assertEqual(result, dt.datetime(2021, 12, 1, 12, 10, tzinfo=utc))
    def test_should_return_all_events(self):
        # given
        events = EventSeries("dummy")
        events.add()
        events.add()
        # when
        results = events.all()
        # then
        self.assertEqual(len(results), 2)
--- a/allianceauth/authentication/task_statistics/tests/test_signals.py
+++ b/allianceauth/authentication/task_statistics/tests/test_signals.py
@@ -0,0 +1,93 @@
 from unittest.mock import patch
 from celery.exceptions import Retry
 from django.test import TestCase, override_settings
 from allianceauth.authentication.task_statistics.counters import (
    failed_tasks,
    retried_tasks,
    succeeded_tasks,
 )
 from allianceauth.authentication.task_statistics.signals import (
    reset_counters,
    is_enabled,
 )
 from allianceauth.eveonline.tasks import update_character
@override_settings(
    CELERY_ALWAYS_EAGER=True,ALLIANCEAUTH_DASHBOARD_TASK_STATISTICS_DISABLED=False
 )
 class TestTaskSignals(TestCase):
    fixtures = ["disable_analytics"]
    def test_should_record_successful_task(self):
        # given
        succeeded_tasks.clear()
        retried_tasks.clear()
        failed_tasks.clear()
        # when
        with patch(
            "allianceauth.eveonline.tasks.EveCharacter.objects.update_character"
        ) as mock_update:
            mock_update.return_value = None
            update_character.delay(1)
        # then
        self.assertEqual(succeeded_tasks.count(), 1)
        self.assertEqual(retried_tasks.count(), 0)
        self.assertEqual(failed_tasks.count(), 0)
    def test_should_record_retried_task(self):
        # given
        succeeded_tasks.clear()
        retried_tasks.clear()
        failed_tasks.clear()
        # when
        with patch(
            "allianceauth.eveonline.tasks.EveCharacter.objects.update_character"
        ) as mock_update:
            mock_update.side_effect = Retry
            update_character.delay(1)
        # then
        self.assertEqual(succeeded_tasks.count(), 0)
        self.assertEqual(failed_tasks.count(), 0)
        self.assertEqual(retried_tasks.count(), 1)
    def test_should_record_failed_task(self):
        # given
        succeeded_tasks.clear()
        retried_tasks.clear()
        failed_tasks.clear()
        # when
        with patch(
            "allianceauth.eveonline.tasks.EveCharacter.objects.update_character"
        ) as mock_update:
            mock_update.side_effect = RuntimeError
            update_character.delay(1)
        # then
        self.assertEqual(succeeded_tasks.count(), 0)
        self.assertEqual(retried_tasks.count(), 0)
        self.assertEqual(failed_tasks.count(), 1)
    def test_should_reset_counters(self):
        # given
        succeeded_tasks.add()
        retried_tasks.add()
        failed_tasks.add()
        # when
        reset_counters()
        # then
        self.assertEqual(succeeded_tasks.count(), 0)
        self.assertEqual(retried_tasks.count(), 0)
        self.assertEqual(failed_tasks.count(), 0)
 class TestIsEnabled(TestCase):
    @override_settings(ALLIANCEAUTH_DASHBOARD_TASK_STATISTICS_DISABLED=False)
    def test_enabled(self):
        self.assertTrue(is_enabled())
    @override_settings(ALLIANCEAUTH_DASHBOARD_TASK_STATISTICS_DISABLED=True)
    def test_disabled(self):
        self.assertFalse(is_enabled())
--- a/allianceauth/authentication/tasks.py
+++ b/allianceauth/authentication/tasks.py
@@ -0,0 +1,43 @@
 import logging
 from esi.errors import TokenExpiredError, TokenInvalidError, IncompleteResponseError
 from esi.models import Token
 from celery import shared_task
 from allianceauth.authentication.models import CharacterOwnership
 logger = logging.getLogger(__name__)
@shared_task
 def check_character_ownership(owner_hash):
    tokens = Token.objects.filter(character_owner_hash=owner_hash)
    if tokens:
        for t in tokens:
            old_hash = t.character_owner_hash
            try:
                t.update_token_data(commit=False)
            except (TokenExpiredError, TokenInvalidError):
                t.delete()
                continue
            except (KeyError, IncompleteResponseError):
                # We can't validate the hash hasn't changed but also can't assume it has. Abort for now.
                logger.warning("Failed to validate owner hash of {} due to problems contacting SSO servers.".format(
                    tokens[0].character_name))
                break
            if not t.character_owner_hash == old_hash:
                logger.info(
                    f'Character {t.character_name} has changed ownership. Revoking {tokens.count()} tokens.')
                tokens.delete()
            break
    if not Token.objects.filter(character_owner_hash=owner_hash).exists():
        logger.info('No tokens found with owner hash %s. Revoking ownership.' % owner_hash)
        CharacterOwnership.objects.filter(owner_hash=owner_hash).delete()
@shared_task
 def check_all_character_ownership():
    for c in CharacterOwnership.objects.all().only('owner_hash'):
        check_character_ownership.delay(c.owner_hash)
--- a/allianceauth/authentication/templates/authentication/dashboard.html
+++ b/allianceauth/authentication/templates/authentication/dashboard.html
@@ -0,0 +1,190 @@
 {% extends "allianceauth/base.html" %}
 {% load i18n %}
 {% block page_title %}{% translate "Dashboard" %}{% endblock %}
 {% block content %}
    <h1 class="page-header text-center">{% translate "Dashboard" %}</h1>
    {% if user.is_staff %}
        {% include 'allianceauth/admin-status/include.html' %}
    {% endif %}
    <div class="col-sm-12">
        <div class="row vertical-flexbox-row2">
            <div class="col-sm-6 text-center">
                <div class="panel panel-primary" style="height:100%">
                    <div class="panel-heading">
                        <h3 class="panel-title">
                            {% blocktranslate with state=request.user.profile.state %}
                                Main Character (State: {{ state }})
                            {% endblocktranslate %}
                        </h3>
                    </div>
                    <div class="panel-body">
                        {% if request.user.profile.main_character %}
                            {% with request.user.profile.main_character as main %}
                                <div class="hidden-xs">
                                    <div class="col-lg-4 col-sm-2">
                                        <table class="table">
                                            <tr>
                                                <td class="text-center">
                                                    <img class="ra-avatar" src="{{ main.portrait_url_128 }}" alt="{{ main.character_name }}">
                                                </td>
                                            </tr>
                                            <tr>
                                                <td class="text-center">{{ main.character_name }}</td>
                                            </tr>
                                        </table>
                                    </div>
                                    <div class="col-lg-4 col-sm-2">
                                        <table class="table">
                                            <tr>
                                                <td class="text-center">
                                                    <img class="ra-avatar" src="{{ main.corporation_logo_url_128 }}" alt="{{ main.corporation_name }}">
                                                </td>
                                            </tr>
                                            <tr>
                                                <td class="text-center">{{ main.corporation_name }}</td>
                                            </tr>
                                        </table>
                                    </div>
                                    <div class="col-lg-4 col-sm-2">
                                        {% if main.alliance_id %}
                                            <table class="table">
                                                <tr>
                                                    <td class="text-center">
                                                        <img class="ra-avatar" src="{{ main.alliance_logo_url_128 }}" alt="{{ main.alliance_name }}">
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td class="text-center">{{ main.alliance_name }}</td>
                                                <tr>
                                            </table>
                                        {% elif main.faction_id %}
                                            <table class="table">
                                                <tr>
                                                    <td class="text-center">
                                                        <img class="ra-avatar" src="{{ main.faction_logo_url_128 }}" alt="{{ main.faction_name }}">
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td class="text-center">{{ main.faction_name }}</td>
                                                <tr>
                                            </table>
                                        {% endif %}
                                    </div>
                                </div>
                                <div class="table visible-xs-block">
                                    <p>
                                        <img class="ra-avatar" src="{{ main.portrait_url_64 }}" alt="{{ main.corporation_name }}">
                                        <img class="ra-avatar" src="{{ main.corporation_logo_url_64 }}" alt="{{ main.corporation_name }}">
                                        {% if main.alliance_id %}
                                            <img class="ra-avatar" src="{{ main.alliance_logo_url_64 }}" alt="{{ main.alliance_name }}">
                                        {% endif %}
                                        {% if main.faction_id %}
                                            <img class="ra-avatar" src="{{ main.faction_logo_url_64 }}" alt="{{ main.faction_name }}">
                                        {% endif %}
                                    </p>
                                    <p>
                                        <strong>{{ main.character_name }}</strong><br>
                                        {{ main.corporation_name }}<br>
                                        {% if main.alliance_id %}
                                            {{ main.alliance_name }}<br>
                                        {% endif %}
                                        {% if main.faction_id %}
                                            {{ main.faction_name }}
                                        {% endif %}
                                    </p>
                                </div>
                            {% endwith %}
                        {% else %}
                            <div class="alert alert-danger" role="alert">
                                {% translate "No main character set." %}
                            </div>
                        {% endif %}
                        <div class="clearfix"></div>
                        <div class="row">
                            <div class="col-sm-6">
                                <p>
                                    <a href="{% url 'authentication:add_character' %}" class="btn btn-block btn-info"
                                    title="Add Character">{% translate 'Add Character' %}</a>
                                </p>
                            </div>
                            <div class="col-sm-6">
                                <p>
                                    <a href="{% url 'authentication:change_main_character' %}" class="btn btn-block btn-info"
                                    title="Change Main Character">{% translate "Change Main" %}</a>
                                </p>
                            </div>
                        </div>
                    </div>
                </div>
            </div>
            <div class="col-sm-6 text-center">
                <div class="panel panel-success" style="height:100%">
                    <div class="panel-heading">
                        <h3 class="panel-title">{% translate "Group Memberships" %}</h3>
                    </div>
                    <div class="panel-body">
                        <div style="height: 240px;overflow-y:auto;">
                            <table class="table table-aa">
                                {% for group in groups %}
                                    <tr>
                                        <td>{{ group.name }}</td>
                                    </tr>
                                {% endfor %}
                            </table>
                        </div>
                    </div>
                </div>
            </div>
        </div>
        <div class="clearfix"></div>
        <div class="panel panel-default">
            <div class="panel-heading">
                <h3 class="panel-title text-center" style="text-align: center">
                    {% translate 'Characters' %}
                </h3>
            </div>
            <div class="panel-body">
                <table class="table table-aa hidden-xs">
                    <thead>
                        <tr>
                            <th class="text-center"></th>
                            <th class="text-center">{% translate 'Name' %}</th>
                            <th class="text-center">{% translate 'Corp' %}</th>
                            <th class="text-center">{% translate 'Alliance' %}</th>
                        </tr>
                    </thead>
                    <tbody>
                        {% for char in characters %}
                            <tr>
                                <td class="text-center">
                                    <img class="ra-avatar img-circle" src="{{ char.portrait_url_32 }}" alt="{{ char.character_name }}">
                                </td>
                                <td class="text-center">{{ char.character_name }}</td>
                                <td class="text-center">{{ char.corporation_name }}</td>
                                <td class="text-center">{{ char.alliance_name|default:"" }}</td>
                            </tr>
                        {% endfor %}
                    </tbody>
                </table>
                <table class="table table-aa visible-xs-block" style="width: 100%">
                    <tbody>
                        {% for char in characters %}
                            <tr>
                                <td class="text-center" style="vertical-align: middle">
                                    <img class="ra-avatar img-circle" src="{{ char.portrait_url_32 }}" alt="{{ char.character_name }}">
                                </td>
                                <td class="text-center" style="vertical-align: middle; width: 100%">
                                    <strong>{{ char.character_name }}</strong><br>
                                    {{ char.corporation_name }}<br>
                                    {{ char.alliance_name|default:"" }}
                                </td>
                            </tr>
                        {% endfor %}
                    </tbody>
                </table>
            </div>
        </div>
    </div>
 {% endblock %}
--- a/allianceauth/authentication/templates/authentication/tokens.html
+++ b/allianceauth/authentication/templates/authentication/tokens.html
@@ -0,0 +1,62 @@
 {% extends "allianceauth/base.html" %}
 {% load i18n %}
 {% block page_title %}{% translate "Dashboard" %}{% endblock %}
 {% block content %}
    <h1 class="page-header text-center">{% translate "Token Management" %}</h1>
    <div class="col-sm-12">
        <table class="table table-aa" id="table_tokens" style="width:100%">
            <thead>
                <tr>
                    <th>{% translate "Scopes" %}</th>
                    <th class="text-right">{% translate "Actions" %}</th>
                    <th>{% translate "Character" %}</th>
                </tr>
            </thead>
            <tbody>
                {% for t in tokens %}
                    <tr>
                        <td styl="white-space:initial;">{% for s in t.scopes.all %}<span class="label label-default">{{s.name}}</span> {% endfor %}</td>
                        <td nowrap class="text-right"><a href="{% url 'authentication:token_delete' t.id %}" class="btn btn-danger"><i class="fas fa-trash"></i></a> <a href="{% url 'authentication:token_refresh' t.id %}" class="btn btn-success"><i class="fas fa-sync-alt"></i></a></td>
                        <td>{{t.character_name}}</td>
                    </tr>
                {% endfor %}
            </tbody>
        </table>
        {% translate "This page is a best attempt, but backups or database logs can still contain your tokens. Always revoke tokens on https://community.eveonline.com/support/third-party-applications/ where possible."|urlize %}
    </div>
 {% endblock %}
 {% block extra_javascript %}
    {% include 'bundles/datatables-js.html' %}
 {% endblock %}
 {% block extra_css %}
    {% include 'bundles/datatables-css.html' %}
 {% endblock %}
 {% block extra_script %}
    $(document).ready(function(){
        let grp = 2;
        var table = $('#table_tokens').DataTable({
            "columnDefs": [{ orderable: false, targets: [0,1] },{ "visible": false, "targets": grp }],
            "order": [[grp, 'asc']],
            "drawCallback": function (settings) {
                var api = this.api();
                var rows = api.rows({ page: 'current' }).nodes();
                var last = null;
                api.column(grp, { page: 'current' })
                    .data()
                    .each(function (group, i) {
                        if (last !== group) {
                            $(rows).eq(i).before('<tr class="info"><td colspan="3">' + group + '</td></tr>');
                            last = group;
                        }
                    });
            },
            "stateSave": true,
        });
    });
 {% endblock %}
--- a/allianceauth/authentication/templates/public/base.html
+++ b/allianceauth/authentication/templates/public/base.html
@@ -0,0 +1,57 @@
 {% load static %}
 <!DOCTYPE html>
 <html lang="en">
    <head>
        <meta charset="utf-8">
        <meta http-equiv="X-UA-Compatible" content="IE=edge">
        <meta name="viewport" content="width=device-width, initial-scale=1">
        <meta name="description" content="">
        <meta name="author" content="">
        <meta property="og:title" content="{{ SITE_NAME }}">
        <meta property="og:image" content="{{ SITE_URL }}{% static 'allianceauth/icons/apple-touch-icon.png' %}">
        <meta property="og:description" content="Alliance Auth - An auth system for EVE Online to help in-game organizations manage online service access.">
        {% include 'allianceauth/icons.html' %}
        <title>{% block title %}{% block page_title %}{% endblock page_title %} - {{ SITE_NAME }}{% endblock title %}</title>
        {% include 'bundles/bootstrap-css.html' %}
        {% include 'bundles/fontawesome.html' %}
        {% block extra_include %}
        {% endblock %}
        <style>
            body {
                background: url('{% static 'allianceauth/authentication/img/background.jpg' %}') no-repeat center center fixed;
                -webkit-background-size: cover;
                -moz-background-size: cover;
                -o-background-size: cover;
                background-size: cover;
            }
            .panel-transparent {
                background: rgba(48, 48, 48, 0.7);
                color: #ffffff;
                padding-bottom: 21px;
            }
            .panel-body {
            }
            #lang-select {
                width: 40%;
                margin-left: auto;
                margin-right: auto;
            }
            {% block extra_style %}
            {% endblock %}
        </style>
    </head>
    <body>
        <div class="container" style="margin-top:150px;">
            {% block content %}
            {% endblock %}
        </div>
    </body>
 </html>
--- a/allianceauth/authentication/templates/public/lang_select.html
+++ b/allianceauth/authentication/templates/public/lang_select.html
@@ -0,0 +1,14 @@
 {% load i18n %}
 <div class="dropdown">
    <form action="{% url 'set_language' %}" method="post">
        {% csrf_token %}
        <select onchange="this.form.submit()" class="form-control" id="lang-select" name="language">
            {% get_language_info_list for LANGUAGES as languages %}
            {% for language in languages %}
                <option value="{{ language.code }}"{% if language.code == LANGUAGE_CODE %} selected="selected"{% endif %}>
                    {{ language.name_local|capfirst }} ({{ language.code }})
                </option>
            {% endfor %}
        </select>
    </form>
 </div>
--- a/Show More
+++ b/Show More