Version Bump 4.8.0

Updates for project Alliance Auth

See merge request allianceauth/allianceauth!1732

.coveragerc

@@ -8,6 +8,8 @@ omit =
     */example/*
     */project_template/*
     */bin/*
+    */tests/*
+    */tests.py
 
 [report]
 exclude_lines =
@@ -17,5 +19,6 @@ exclude_lines =
     if __name__ == .__main__.:
     def __repr__
     raise AssertionError
+    if TYPE_CHECKING:
 
 ignore_errors = True

.editorconfig

@@ -0,0 +1,28 @@
+# http://editorconfig.org
+root = true
+
+[*]
+indent_style = space
+indent_size = 4
+tab_width = 4
+end_of_line = lf
+charset = utf-8
+trim_trailing_whitespace = true
+insert_final_newline = true
+
+[*.{yaml,yml,less}]
+indent_size = 2
+
+[*.md]
+indent_size = 2
+
+# Makefiles always use tabs for indentation
+[Makefile]
+indent_style = tab
+
+[*.bat]
+indent_style = tab
+
+[{Dockerfile,*.dockerfile}]
+indent_style = space
+indent_size = 4

.gitignore

@@ -38,7 +38,6 @@ htmlcov/
 .tox/
 .coverage
 .cache
-nosetests.xml
 coverage.xml
 
 # Translations
@@ -62,3 +61,16 @@ celerybeat-schedule
 
 #pycharm
 .idea/*
+/nbproject/
+
+#VSCode
+.vscode/
+
+#gitlab configs
+.gitlab/
+
+#other
+.flake8
+.pylintrc
+Makefile
+alliance_auth.sqlite3

.gitlab-ci.yml

@@ -0,0 +1,280 @@
+.only-default: &only-default
+  only:
+    - master
+    - branches
+    - merge_requests
+
+stages:
+  - pre-commit
+  - gitlab
+  - test
+  - deploy
+  - docker
+
+include:
+  - template: Dependency-Scanning.gitlab-ci.yml
+  - template: Security/SAST.gitlab-ci.yml
+  - template: Security/Secret-Detection.gitlab-ci.yml
+
+before_script:
+  - apt-get update && apt-get install redis-server -y
+  - redis-server --daemonize yes
+  - python -V
+  - pip install wheel tox
+
+pre-commit-check:
+  <<: *only-default
+  stage: pre-commit
+  image: python:3.11-bookworm
+  # variables:
+  #   PRE_COMMIT_HOME: ${CI_PROJECT_DIR}/.cache/pre-commit
+  # cache:
+  #   paths:
+  #     - ${PRE_COMMIT_HOME}
+  script:
+    - pip install pre-commit
+    - pre-commit run --all-files
+
+sast:
+  stage: gitlab
+  before_script: []
+
+dependency_scanning:
+  stage: gitlab
+  before_script:
+    - apt-get update && apt-get install redis-server libmariadb-dev -y
+    - redis-server --daemonize yes
+    - python -V
+    - pip install wheel tox
+
+secret_detection:
+  stage: gitlab
+  before_script: []
+
+test-3.8-core:
+  <<: *only-default
+  image: python:3.8-bookworm
+  script:
+    - tox -e py38-core
+  artifacts:
+    when: always
+    reports:
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
+
+test-3.9-core:
+  <<: *only-default
+  image: python:3.9-bookworm
+  script:
+    - tox -e py39-core
+  artifacts:
+    when: always
+    reports:
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
+
+test-3.10-core:
+  <<: *only-default
+  image: python:3.10-bookworm
+  script:
+    - tox -e py310-core
+  artifacts:
+    when: always
+    reports:
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
+
+test-3.11-core:
+  <<: *only-default
+  image: python:3.11-bookworm
+  script:
+    - tox -e py311-core
+  artifacts:
+    when: always
+    reports:
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
+
+test-3.12-core:
+  <<: *only-default
+  image: python:3.12-bookworm
+  script:
+    - tox -e py312-core
+  artifacts:
+    when: always
+    reports:
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
+
+test-3.8-all:
+  <<: *only-default
+  image: python:3.8-bookworm
+  script:
+    - tox -e py38-all
+  artifacts:
+    when: always
+    reports:
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
+
+test-3.9-all:
+  <<: *only-default
+  image: python:3.9-bookworm
+  script:
+    - tox -e py39-all
+  artifacts:
+    when: always
+    reports:
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
+
+test-3.10-all:
+  <<: *only-default
+  image: python:3.10-bookworm
+  script:
+    - tox -e py310-all
+  artifacts:
+    when: always
+    reports:
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
+
+test-3.11-all:
+  <<: *only-default
+  image: python:3.11-bookworm
+  script:
+    - tox -e py311-all
+  artifacts:
+    when: always
+    reports:
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
+  coverage: '/(?i)total.*? (100(?:\.0+)?\%|[1-9]?\d(?:\.\d+)?\%)$/'
+
+test-3.12-all:
+  <<: *only-default
+  image: python:3.12-bookworm
+  script:
+    - tox -e py312-all
+  artifacts:
+    when: always
+    reports:
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
+
+build-test:
+  stage: test
+  image: python:3.11-bookworm
+
+  before_script:
+    - python -m pip install --upgrade pip
+    - python -m pip install --upgrade build
+    - python -m pip install --upgrade setuptools wheel
+
+  script:
+    - python -m build
+
+  artifacts:
+    when: always
+    name: "$CI_JOB_NAME-$CI_COMMIT_REF_SLUG"
+    paths:
+      - dist/*
+    expire_in: 1 year
+
+test-docs:
+  <<: *only-default
+  image: python:3.11-bookworm
+  script:
+    - tox -e docs
+
+deploy_production:
+  stage: deploy
+  image: python:3.11-bookworm
+
+  before_script:
+    - python -m pip install --upgrade pip
+    - python -m pip install --upgrade build
+    - python -m pip install --upgrade setuptools wheel twine
+
+  script:
+    - python -m build
+    - python -m twine upload dist/*
+
+  rules:
+    - if: $CI_COMMIT_TAG
+
+build-image:
+  before_script: []
+  image: docker:24.0
+  stage: docker
+  services:
+    - docker:24.0-dind
+  script: |
+    CURRENT_DATE=$(echo $CI_COMMIT_TIMESTAMP | head -c 10 | tr -d -)
+    IMAGE_TAG=$CI_REGISTRY_IMAGE/auth:$CURRENT_DATE-$CI_COMMIT_SHORT_SHA
+    CURRENT_TAG=$CI_REGISTRY_IMAGE/auth:$CI_COMMIT_TAG
+    MINOR_TAG=$CI_REGISTRY_IMAGE/auth:$(echo $CI_COMMIT_TAG | cut -d '.' -f 1-2)
+    MAJOR_TAG=$CI_REGISTRY_IMAGE/auth:$(echo $CI_COMMIT_TAG | cut -d '.' -f 1)
+    LATEST_TAG=$CI_REGISTRY_IMAGE/auth:latest
+
+    docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+    docker run --privileged --rm tonistiigi/binfmt --uninstall qemu-*
+    docker run --privileged --rm tonistiigi/binfmt --install all
+    docker buildx create --use --name new-builder
+    docker buildx build . --tag $IMAGE_TAG --tag $CURRENT_TAG --tag $MINOR_TAG --tag $MAJOR_TAG --tag $LATEST_TAG --file docker/Dockerfile --platform linux/amd64,linux/arm64 --push --build-arg AUTH_VERSION=$(echo $CI_COMMIT_TAG | cut -c 2-)
+  rules:
+    - if: $CI_COMMIT_TAG
+      when: delayed
+      start_in: 10 minutes
+
+build-image-dev:
+  before_script: []
+  image: docker:24.0
+  stage: docker
+  services:
+    - docker:24.0-dind
+  script: |
+    CURRENT_DATE=$(echo $CI_COMMIT_TIMESTAMP | head -c 10 | tr -d -)
+    IMAGE_TAG=$CI_REGISTRY_IMAGE/auth:$CURRENT_DATE-$CI_COMMIT_BRANCH-$CI_COMMIT_SHORT_SHA
+
+    docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+    docker run --privileged --rm tonistiigi/binfmt --uninstall qemu-*
+    docker run --privileged --rm tonistiigi/binfmt --install all
+    docker buildx create --use --name new-builder
+    docker buildx build . --tag $IMAGE_TAG --file docker/Dockerfile --platform linux/amd64,linux/arm64 --push --build-arg AUTH_PACKAGE=git+https://gitlab.com/allianceauth/allianceauth@$CI_COMMIT_BRANCH
+  rules:
+    - if: '$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME == ""'
+      when: manual
+    - if: '$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME != ""'
+      when: never
+
+build-image-mr:
+  before_script: []
+  image: docker:24.0
+  stage: docker
+  services:
+    - docker:24.0-dind
+  script: |
+    CURRENT_DATE=$(echo $CI_COMMIT_TIMESTAMP | head -c 10 | tr -d -)
+    IMAGE_TAG=$CI_REGISTRY_IMAGE/auth:$CURRENT_DATE-$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME-$CI_COMMIT_SHORT_SHA
+
+    docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+    docker run --privileged --rm tonistiigi/binfmt --uninstall qemu-*
+    docker run --privileged --rm tonistiigi/binfmt --install all
+    docker buildx create --use --name new-builder
+    docker buildx build . --tag $IMAGE_TAG --file docker/Dockerfile --platform linux/amd64,linux/arm64 --push --build-arg AUTH_PACKAGE=git+$CI_MERGE_REQUEST_SOURCE_PROJECT_URL@$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME
+  rules:
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
+      when: manual
+    - if: '$CI_PIPELINE_SOURCE != "merge_request_event"'
+      when: never

.gitlab/issue_templates/Bug.md

@@ -0,0 +1,14 @@
+# Bug
+
+- I have searched [issues](https://gitlab.com/allianceauth/allianceauth/issues?scope=all&utf8=%E2%9C%93&state=all) (Y/N):
+- What Version of Alliance Auth:
+- What Operating System:
+- Version of other components relevant to issue eg. Service, Database:
+
+Please include a brief description of your issue here.
+
+Please include steps to reproduce the issue
+
+Please include any tracebacks or logs
+
+Please include the results of the command `pip list`

.gitlab/issue_templates/Feature Request.md

@@ -0,0 +1,7 @@
+# Feature Request
+
+- Describe the feature are you requesting.
+
+- Is this a Service (external integration), a Module (Alliance Auth extension) or an enhancement to an existing service/module.
+
+- Describe why its useful to you or others.

.pre-commit-config.yaml

@@ -0,0 +1,95 @@
+# Apply to all files without committing:
+#   pre-commit run --all-files
+# Update this file:
+#   pre-commit autoupdate
+
+# Set the default language versions for the hooks
+default_language_version:
+  python: python3  # Force all Python hooks to use Python 3
+  node: 22.12.0  # Force all Node hooks to use Node 22.12.0
+
+# Globally exclude files
+# https://pre-commit.com/#top_level-exclude
+exclude: |
+  (?x)(
+    LICENSE|
+    allianceauth\/static\/allianceauth\/css\/themes\/bootstrap-locals.less|
+    \.min\.css|
+    \.min\.js|
+    \.po|
+    \.mo|
+    swagger\.json|
+    static/(.*)/libs/
+  )
+
+repos:
+  # Code Upgrades
+  - repo: https://github.com/asottile/pyupgrade
+    rev: v3.20.0
+    hooks:
+      - id: pyupgrade
+        args: [--py38-plus]
+  - repo: https://github.com/adamchainz/django-upgrade
+    rev: 1.25.0
+    hooks:
+      - id: django-upgrade
+        args: [--target-version=4.2]
+
+  # Formatting
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v5.0.0
+    hooks:
+      # Identify invalid files
+      - id: check-ast
+      - id: check-yaml
+      - id: check-json
+      - id: check-toml
+      - id: check-xml
+      # git checks
+      - id: check-merge-conflict
+      - id: check-added-large-files
+        args: [--maxkb=1000]
+      - id: detect-private-key
+      - id: check-case-conflict
+      # Python checks
+#      - id: check-docstring-first
+      - id: debug-statements
+#      - id: requirements-txt-fixer
+      - id: fix-encoding-pragma
+        args: [--remove]
+      - id: fix-byte-order-marker
+      # General quality checks
+      - id: mixed-line-ending
+        args: [--fix=lf]
+      - id: trailing-whitespace
+        args: [--markdown-linebreak-ext=md]
+      - id: check-executables-have-shebangs
+      - id: end-of-file-fixer
+  - repo: https://github.com/editorconfig-checker/editorconfig-checker.python
+    rev: 3.2.1
+    hooks:
+      - id: editorconfig-checker
+  - repo: https://github.com/igorshubovych/markdownlint-cli
+    rev: v0.45.0
+    hooks:
+      - id: markdownlint
+        language: node
+        args:
+          - --disable=MD013
+  # Infrastructure
+  - repo: https://github.com/tox-dev/pyproject-fmt
+    rev: v2.6.0
+    hooks:
+      - id: pyproject-fmt
+        name: pyproject.toml formatter
+        description: "Format the pyproject.toml file."
+        args:
+          - --indent=4
+        additional_dependencies:
+          - tox==4.24.1 # https://github.com/tox-dev/tox/releases/latest
+  - repo: https://github.com/abravalheri/validate-pyproject
+    rev: v0.24.1
+    hooks:
+      - id: validate-pyproject
+        name: Validate pyproject.toml
+        description: "Validate the pyproject.toml file."

.readthedocs.yml

@@ -0,0 +1,32 @@
+# .readthedocs.yml
+# Read the Docs configuration file
+# See https://docs.readthedocs.io/en/stable/config-file/v2.html for details
+
+# Required
+version: 2
+
+# Set the version of Python and other tools you might need
+build:
+  os: ubuntu-22.04
+  apt_packages:
+    - redis
+  tools:
+    python: "3.11"
+  jobs:
+    post_system_dependencies:
+      - redis-server --daemonize yes
+
+# Build documentation in the docs/ directory with Sphinx
+sphinx:
+  configuration: docs/conf.py
+
+# Optionally build your docs in additional formats such as PDF and ePub
+formats: all
+
+# Python requirements required to build your docs
+python:
+  install:
+    - method: pip
+      path: .
+      extra_requirements:
+        - docs

.travis.yml

@@ -1,25 +0,0 @@
-language: python
-sudo: false
-cache: pip
-dist: trusty
-install:
-  - pip install coveralls>=1.1 tox
-# command to run tests
-script:
-  - tox
-after_success:
-  coveralls
-matrix:
-  include:
-   - env: TOXENV=py35-dj111
-     python: '3.5'
-   - env: TOXENV=py36-dj111
-     python: '3.6'
-   - env: TOXENV=py35-dj20
-     python: '3.5'
-   - env: TOXENV=py36-dj20
-     python: '3.6'
-   - env: TOXENV=py37-dj20
-     python: '3.7-dev'
-  allow_failures:
-  - env: TOXENV=py37-dj20

.tx/transifex.yml

@@ -0,0 +1,10 @@
+filters:
+  - filter_type: file
+    file_format: PO
+    source_file: allianceauth/locale/en/LC_MESSAGES/django.po
+    source_language: en
+    translation_files_expression: allianceauth/locale/<lang>/LC_MESSAGES/django.po
+
+settings:
+  language_mapping:
+    zh-Hans: zh_Hans

LICENSE

@@ -337,4 +337,3 @@ proprietary programs.  If your program is a subroutine library, you may
 consider it more useful to permit linking proprietary applications with the
 library.  If this is what you want to do, use the GNU Lesser General
 Public License instead of this License.
-

MANIFEST.in

@@ -1,7 +0,0 @@
-include LICENSE
-include README.md
-include MANIFEST.in
-graft allianceauth
-
-global-exclude __pycache__
-global-exclude *.py[co]

README.md

@@ -1,34 +1,94 @@
-Alliance Auth
-============
+# Alliance Auth
 
-[![Join the chat at https://gitter.im/R4stl1n/allianceauth](https://badges.gitter.im/R4stl1n/allianceauth.svg)](https://gitter.im/R4stl1n/allianceauth?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
-[![Documentation Status](https://readthedocs.org/projects/allianceauth/badge/?version=latest)](http://allianceauth.readthedocs.io/?badge=latest)
-[![Build Status](https://travis-ci.org/allianceauth/allianceauth.svg?branch=master)](https://travis-ci.org/allianceauth/allianceauth)
-[![Coverage Status](https://coveralls.io/repos/github/allianceauth/allianceauth/badge.svg?branch=master)](https://coveralls.io/github/allianceauth/allianceauth?branch=master)
+[![License](https://img.shields.io/badge/license-GPLv2-green)](https://pypi.org/project/allianceauth/)
+[![Python Versions](https://img.shields.io/pypi/pyversions/allianceauth)](https://pypi.org/project/allianceauth/)
+[![Django Versions](https://img.shields.io/pypi/djversions/allianceauth?label=django)](https://pypi.org/project/allianceauth/)
+[![Stable AA Version](https://img.shields.io/pypi/v/allianceauth?label=release)](https://pypi.org/project/allianceauth/)
+[![Pipeline Status](https://gitlab.com/allianceauth/allianceauth/badges/master/pipeline.svg)](https://gitlab.com/allianceauth/allianceauth/commits/master)
+[![Documentation Status](https://readthedocs.org/projects/allianceauth/badge/?version=latest)](https://allianceauth.readthedocs.io/?badge=latest)
+[![Test Coverage Report](https://gitlab.com/allianceauth/allianceauth/badges/master/coverage.svg)](https://gitlab.com/allianceauth/allianceauth/commits/master)
+[![Chat on Discord](https://img.shields.io/discord/399006117012832262.svg)](https://discord.gg/fjnHAmk)
 
+A flexible authentication platform for EVE Online to help in-game organizations manage access to applications and services. AA provides both, a stable core, and a robust framework for community development and custom applications.
 
-An auth system for EVE Online to help in-game organizations manage online service access.
+## Content
 
-[Read the docs here.](http://allianceauth.rtfd.io)
+- [Overview](#overview)
+- [Documentation](https://allianceauth.rtfd.io)
+- [Support](#support)
+- [Release Notes](https://gitlab.com/allianceauth/allianceauth/-/releases)
+- [Developer Team](#development-team)
+- [Contributing](#contributing)
 
-[Get help on gitter](https://gitter.im/R4stl1n/allianceauth) or submit an Issue.
+## Overview
 
+Alliance Auth (AA) is a platform that helps Eve Online organizations efficiently manage access to applications and services.
 
-Active Developers:
+Main features:
 
- - [Adarnof](https://github.com/adarnof/)
- - [Basraah](https://github.com/basraah/)
+- Automatically grants or revokes user access to external services (e.g.: Discord, Mumble) based on the user's current membership to [a variety of EVE Online affiliation](https://allianceauth.readthedocs.io/en/latest/features/core/states/) and [groups](https://allianceauth.readthedocs.io/en/latest/features/core/groups/)
 
-Beta Testers / Bug Fixers:
+- Provides a central web site where users can directly access web apps (e.g. SRP requests, Fleet Schedule) and manage their access to external services and groups.
 
- - [ghoti](https://github.com/ghoti/)
- - [mmolitor87](https://github.com/mmolitor87/)
- - [TargetZ3R0](https://github.com/TargetZ3R0)
+- Includes a set of connectors (called ["Services"](https://allianceauth.readthedocs.io/en/latest/features/services/)) for integrating access management with many popular external applications / services like Discord, Mumble, Teamspeak 3, SMF and others
+
+- Includes a set of web [Apps](https://allianceauth.readthedocs.io/en/latest/features/apps/) which add many useful functions, e.g.: fleet schedule, timer board, SRP request management, fleet activity tracker
+
+- Can be easily extended with additional services and apps. Many are provided by the community and can be found here: [Community Creations](https://gitlab.com/allianceauth/community-creations)
+
+- English :flag_gb:, Chinese :flag_cn:, German :flag_de:, Spanish :flag_es:, Korean :flag_kr:, Russian :flag_ru:, Italian :flag_it:, French :flag_fr:, Japanese :flag_jp: and Ukrainian :flag_ua: Localization
+
+For further details about AA - including an installation guide and a full list of included services and plugin apps - please see the [official documentation](https://allianceauth.rtfd.io).
+
+## Screenshot
+
+Here is an example of the Alliance Auth web site with a mixture of Services, Apps and Community Creations enabled:
+
+### Flatly Theme
+
+![Flatly Theme](docs/_static/images/promotion/SampleInstallation-Flatly.png)
+
+### Darkly Theme
+
+![Darkly Theme](docs/_static/images/promotion/SampleInstallation-Darkly.png)
+
+## Support
+
+[Get help on Discord](https://discord.gg/fjnHAmk) or submit an [issue](https://gitlab.com/allianceauth/allianceauth/issues).
+
+## Development Team
+
+### Active Developers
+
+- [Aaron Kable](https://gitlab.com/aaronkable/)
+- [Ariel Rin](https://gitlab.com/soratidus999/)
+- [Col Crunch](https://gitlab.com/colcrunch/)
+- [Erik Kalkoken](https://gitlab.com/ErikKalkoken/)
+- [Rounon Dax](https://gitlab.com/ppfeufer)
+- [snipereagle1](https://gitlab.com/mckernanin)
+
+### Former Developers
+
+- [Adarnof](https://gitlab.com/adarnof/)
+- [Basraah](https://gitlab.com/basraah/)
+
+### Beta Testers / Bug Fixers
+
+- [ghoti](https://gitlab.com/ChainsawMcGinny/)
 - [kaezon](https://github.com/kaezon/)
+- [mmolitor87](https://gitlab.com/mmolitor87/)
 - [orbitroom](https://github.com/orbitroom/)
+- [TargetZ3R0](https://github.com/TargetZ3R0)
 - [tehfiend](https://github.com/tehfiend/)
 
 Special thanks to [Nikdoof](https://github.com/nikdoof/), as his [auth](https://github.com/nikdoof/test-auth) was the foundation for the original work on this project.
 
-### Contributing
-Make sure you have signed the [License Agreement](https://developers.eveonline.com/resource/license-agreement) by logging in at [https://developers.eveonline.com](https://developers.eveonline.com) before submitting any pull requests.
+## Contributing
+
+Alliance Auth is maintained and developed by the community and we welcome every contribution!
+
+To see what needs to be worked on please review our issue list or chat with our active developers on Discord.
+
+Also, please make sure you have signed the [License Agreement](https://developers.eveonline.com/resource/license-agreement) by logging in at [https://developers.eveonline.com](https://developers.eveonline.com) before submitting any pull requests.
+
+In addition to the core AA system we also very much welcome contributions to our growing list of 3rd party services and plugin apps. Please see [AA Community Creations](https://gitlab.com/allianceauth/community-creations) for details.

allianceauth/__init__.py

@@ -1,6 +1,11 @@
+"""An auth system for EVE Online to help in-game organizations
+manage online service access.
+"""
+
 # This will make sure the app is always imported when
 # Django starts so that shared_task will use this app.
 
-__version__ = '2.0.4'
-NAME = 'Alliance Auth v%s' % __version__
-default_app_config = 'allianceauth.apps.AllianceAuthConfig'
+__version__ = '4.8.0'
+__title__ = 'Alliance Auth'
+__url__ = 'https://gitlab.com/allianceauth/allianceauth'
+NAME = f'{__title__} v{__version__}'

allianceauth/analytics/admin.py

@@ -0,0 +1,16 @@
+from django.contrib import admin
+
+from .models import AnalyticsIdentifier, AnalyticsTokens
+from solo.admin import SingletonModelAdmin
+
+
+@admin.register(AnalyticsIdentifier)
+class AnalyticsIdentifierAdmin(SingletonModelAdmin):
+    search_fields = ['identifier', ]
+    list_display = ['identifier', ]
+
+
+@admin.register(AnalyticsTokens)
+class AnalyticsTokensAdmin(admin.ModelAdmin):
+    search_fields = ['name', ]
+    list_display = ['name', 'type', ]

allianceauth/analytics/apps.py

@@ -0,0 +1,8 @@
+from django.apps import AppConfig
+from django.utils.translation import gettext_lazy as _
+
+
+class AnalyticsConfig(AppConfig):
+    name = 'allianceauth.analytics'
+    label = 'analytics'
+    verbose_name = _('Analytics')

allianceauth/analytics/fixtures/disable_analytics.json

@@ -0,0 +1,20 @@
+[
+    {
+    "model": "analytics.AnalyticsTokens",
+    "pk": 1,
+    "fields": {
+        "name": "AA Team Public Google Analytics (V4)",
+        "type": "GA-V4",
+        "token": "G-6LYSMYK8DE",
+        "secret": "KLlpjLZ-SRGozS5f5wb_kw",
+        "send_stats": "False"
+        }
+    },
+    {
+        "model": "analytics.AnalyticsIdentifier",
+        "pk": 1,
+        "fields": {
+            "identifier": "ab33e241fbf042b6aa77c7655a768af7"
+        }
+    }
+]

allianceauth/analytics/migrations/0001_initial.py

@@ -0,0 +1,42 @@
+# Generated by Django 3.1.4 on 2020-12-30 13:11
+
+from django.db import migrations, models
+import uuid
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='AnalyticsIdentifier',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('identifier', models.UUIDField(default=uuid.uuid4, editable=False)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='AnalyticsPath',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('ignore_path', models.CharField(default='/example/', max_length=254)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='AnalyticsTokens',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('name', models.CharField(max_length=254)),
+                ('type', models.CharField(choices=[('GA-U', 'Google Analytics Universal'), ('GA-V4', 'Google Analytics V4')], max_length=254)),
+                ('token', models.CharField(max_length=254)),
+                ('send_page_views', models.BooleanField(default=False)),
+                ('send_celery_tasks', models.BooleanField(default=False)),
+                ('send_stats', models.BooleanField(default=False)),
+                ('ignore_paths', models.ManyToManyField(blank=True, to='analytics.AnalyticsPath')),
+            ],
+        ),
+    ]

allianceauth/analytics/migrations/0002_add_AA_Team_Token.py

@@ -0,0 +1,34 @@
+# Generated by Django 3.1.4 on 2020-12-30 08:53
+
+from django.db import migrations
+
+
+def add_aa_team_token(apps, schema_editor):
+    # We can't import the Person model directly as it may be a newer
+    # version than this migration expects. We use the historical version.
+    Tokens = apps.get_model('analytics', 'AnalyticsTokens')
+    token = Tokens()
+    token.type = 'GA-U'
+    token.token = 'UA-186249766-2'
+    token.send_page_views = True
+    token.send_celery_tasks = True
+    token.send_stats = True
+    token.name = 'AA Team Public Google Analytics (Universal)'
+    token.save()
+
+
+def remove_aa_team_token(apps, schema_editor):
+    # Have to define some code to remove this identifier
+    # In case of migration rollback?
+    Tokens = apps.get_model('analytics', 'AnalyticsTokens')
+    token = Tokens.objects.filter(token="UA-186249766-2").delete()
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('analytics', '0001_initial'),
+        ]
+
+    operations = [migrations.RunPython(add_aa_team_token, remove_aa_team_token)
+                    ]

allianceauth/analytics/migrations/0003_Generate_Identifier.py

@@ -0,0 +1,30 @@
+# Generated by Django 3.1.4 on 2020-12-30 08:53
+
+from uuid import uuid4
+from django.db import migrations
+
+
+def generate_identifier(apps, schema_editor):
+    # We can't import the Person model directly as it may be a newer
+    # version than this migration expects. We use the historical version.
+    Identifier = apps.get_model('analytics', 'AnalyticsIdentifier')
+    identifier = Identifier()
+    identifier.id = 1
+    identifier.save()
+
+
+def zero_identifier(apps, schema_editor):
+    # Have to define some code to remove this identifier
+    # In case of migration rollback?
+    Identifier = apps.get_model('analytics', 'AnalyticsIdentifier')
+    Identifier.objects.filter(id=1).delete()
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('analytics', '0002_add_AA_Team_Token'),
+    ]
+
+    operations = [migrations.RunPython(generate_identifier, zero_identifier)
+                    ]

allianceauth/analytics/migrations/0004_auto_20211015_0502.py

@@ -0,0 +1,42 @@
+# Generated by Django 3.1.13 on 2021-10-15 05:02
+
+from django.core.exceptions import ObjectDoesNotExist
+from django.db import migrations
+
+
+def modify_aa_team_token_add_page_ignore_paths(apps, schema_editor):
+    # Add /admin/ and /user_notifications_count/ path to ignore
+
+    AnalyticsPath = apps.get_model('analytics', 'AnalyticsPath')
+    admin = AnalyticsPath.objects.create(ignore_path=r"^\/admin\/.*")
+    user_notifications_count = AnalyticsPath.objects.create(ignore_path=r"^\/user_notifications_count\/.*")
+
+    Tokens = apps.get_model('analytics', 'AnalyticsTokens')
+    token = Tokens.objects.get(token="UA-186249766-2")
+    token.ignore_paths.add(admin, user_notifications_count)
+
+
+def undo_modify_aa_team_token_add_page_ignore_paths(apps, schema_editor):
+    #
+    AnalyticsPath = apps.get_model('analytics', 'AnalyticsPath')
+    Tokens = apps.get_model('analytics', 'AnalyticsTokens')
+
+    token = Tokens.objects.get(token="UA-186249766-2")
+    try:
+        admin = AnalyticsPath.objects.get(ignore_path=r"^\/admin\/.*", analyticstokens=token)
+        user_notifications_count = AnalyticsPath.objects.get(ignore_path=r"^\/user_notifications_count\/.*", analyticstokens=token)
+        admin.delete()
+        user_notifications_count.delete()
+    except ObjectDoesNotExist:
+        # Its fine if it doesnt exist, we just dont want them building up when re-migrating
+        pass
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('analytics', '0003_Generate_Identifier'),
+    ]
+
+    operations = [migrations.RunPython(modify_aa_team_token_add_page_ignore_paths, undo_modify_aa_team_token_add_page_ignore_paths)
+    ]

allianceauth/analytics/migrations/0005_alter_analyticspath_ignore_path.py

@@ -0,0 +1,18 @@
+# Generated by Django 3.2.8 on 2021-10-17 16:26
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('analytics', '0004_auto_20211015_0502'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='analyticspath',
+            name='ignore_path',
+            field=models.CharField(default='/example/', help_text='Regex Expression, If matched no Analytics Page View is sent', max_length=254),
+        ),
+    ]

allianceauth/analytics/migrations/0006_more_ignore_paths.py

@@ -0,0 +1,40 @@
+# Generated by Django 3.2.8 on 2021-10-19 01:47
+
+from django.core.exceptions import ObjectDoesNotExist
+from django.db import migrations
+
+
+def modify_aa_team_token_add_page_ignore_paths(apps, schema_editor):
+    # Add the /account/activate path to ignore
+
+    AnalyticsPath = apps.get_model('analytics', 'AnalyticsPath')
+    account_activate = AnalyticsPath.objects.create(ignore_path=r"^\/account\/activate\/.*")
+
+    Tokens = apps.get_model('analytics', 'AnalyticsTokens')
+    token = Tokens.objects.get(token="UA-186249766-2")
+    token.ignore_paths.add(account_activate)
+
+
+def undo_modify_aa_team_token_add_page_ignore_paths(apps, schema_editor):
+    #
+    AnalyticsPath = apps.get_model('analytics', 'AnalyticsPath')
+    Tokens = apps.get_model('analytics', 'AnalyticsTokens')
+
+    token = Tokens.objects.get(token="UA-186249766-2")
+
+    try:
+        account_activate = AnalyticsPath.objects.get(ignore_path=r"^\/account\/activate\/.*", analyticstokens=token)
+        account_activate.delete()
+    except ObjectDoesNotExist:
+        # Its fine if it doesnt exist, we just dont want them building up when re-migrating
+        pass
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('analytics', '0005_alter_analyticspath_ignore_path'),
+    ]
+
+    operations = [
+        migrations.RunPython(modify_aa_team_token_add_page_ignore_paths, undo_modify_aa_team_token_add_page_ignore_paths)
+    ]

allianceauth/analytics/migrations/0007_analyticstokens_secret.py

@@ -0,0 +1,18 @@
+# Generated by Django 4.0.6 on 2022-08-30 05:47
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('analytics', '0006_more_ignore_paths'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='analyticstokens',
+            name='secret',
+            field=models.CharField(blank=True, max_length=254),
+        ),
+    ]

allianceauth/analytics/migrations/0008_add_AA_GA-4_Team_Token .py

@@ -0,0 +1,64 @@
+# Generated by Django 3.1.4 on 2020-12-30 08:53
+
+from django.db import migrations
+from django.core.exceptions import ObjectDoesNotExist
+
+
+def add_aa_team_token(apps, schema_editor):
+    # We can't import the Person model directly as it may be a newer
+    # version than this migration expects. We use the historical version.
+    Tokens = apps.get_model('analytics', 'AnalyticsTokens')
+    AnalyticsPath = apps.get_model('analytics', 'AnalyticsPath')
+    token = Tokens()
+    try:
+        ua_token = Tokens.objects.get(token="UA-186249766-2")
+        original_send_page_views = ua_token.send_page_views
+        original_send_celery_tasks = ua_token.send_celery_tasks
+        original_send_stats = ua_token.send_stats
+    except ObjectDoesNotExist:
+        original_send_page_views = True
+        original_send_celery_tasks = True
+        original_send_stats = True
+
+    try:
+        user_notifications_count = AnalyticsPath.objects.get(ignore_path=r"^\/user_notifications_count\/.*",)
+    except ObjectDoesNotExist:
+        user_notifications_count = AnalyticsPath.objects.create(ignore_path=r"^\/user_notifications_count\/.*")
+
+    try:
+        admin = AnalyticsPath.objects.get(ignore_path=r"^\/admin\/.*")
+    except ObjectDoesNotExist:
+        admin = AnalyticsPath.objects.create(ignore_path=r"^\/admin\/.*")
+
+    try:
+        account_activate = AnalyticsPath.objects.get(ignore_path=r"^\/account\/activate\/.*")
+    except ObjectDoesNotExist:
+        account_activate = AnalyticsPath.objects.create(ignore_path=r"^\/account\/activate\/.*")
+
+    token.type = 'GA-V4'
+    token.token = 'G-6LYSMYK8DE'
+    token.secret = 'KLlpjLZ-SRGozS5f5wb_kw'
+    token.send_page_views = original_send_page_views
+    token.send_celery_tasks = original_send_celery_tasks
+    token.send_stats = original_send_stats
+    token.name = 'AA Team Public Google Analytics (V4)'
+    token.save()
+    token.ignore_paths.add(admin, user_notifications_count, account_activate)
+    token.save()
+
+
+def remove_aa_team_token(apps, schema_editor):
+    # Have to define some code to remove this identifier
+    # In case of migration rollback?
+    Tokens = apps.get_model('analytics', 'AnalyticsTokens')
+    token = Tokens.objects.filter(token="G-6LYSMYK8DE").delete()
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('analytics', '0007_analyticstokens_secret'),
+    ]
+
+    operations = [migrations.RunPython(
+        add_aa_team_token, remove_aa_team_token)]

allianceauth/analytics/migrations/0009_remove_analyticstokens_ignore_paths_and_more.py

@@ -0,0 +1,28 @@
+# Generated by Django 4.0.10 on 2023-05-08 05:24
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('analytics', '0008_add_AA_GA-4_Team_Token '),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='analyticstokens',
+            name='ignore_paths',
+        ),
+        migrations.RemoveField(
+            model_name='analyticstokens',
+            name='send_celery_tasks',
+        ),
+        migrations.RemoveField(
+            model_name='analyticstokens',
+            name='send_page_views',
+        ),
+        migrations.DeleteModel(
+            name='AnalyticsPath',
+        ),
+    ]

allianceauth/analytics/migrations/0010_alter_analyticsidentifier_options.py

@@ -0,0 +1,17 @@
+# Generated by Django 4.2.16 on 2024-12-11 02:17
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('analytics', '0009_remove_analyticstokens_ignore_paths_and_more'),
+    ]
+
+    operations = [
+        migrations.AlterModelOptions(
+            name='analyticsidentifier',
+            options={'verbose_name': 'Analytics Identifier'},
+        ),
+    ]

allianceauth/analytics/models.py

@@ -0,0 +1,29 @@
+from typing import Literal
+from django.db import models
+from django.utils.translation import gettext_lazy as _
+from solo.models import SingletonModel
+from uuid import uuid4
+
+
+class AnalyticsIdentifier(SingletonModel):
+
+    identifier = models.UUIDField(default=uuid4, editable=False)
+
+    def __str__(self) -> Literal['Analytics Identifier']:
+        return "Analytics Identifier"
+
+    class Meta:
+        verbose_name = "Analytics Identifier"
+
+
+class AnalyticsTokens(models.Model):
+
+    class Analytics_Type(models.TextChoices):
+        GA_U = 'GA-U', _('Google Analytics Universal')
+        GA_V4 = 'GA-V4', _('Google Analytics V4')
+
+    name = models.CharField(max_length=254)
+    type = models.CharField(max_length=254, choices=Analytics_Type.choices)
+    token = models.CharField(max_length=254, blank=False)
+    secret = models.CharField(max_length=254, blank=True)
+    send_stats = models.BooleanField(default=False)

allianceauth/analytics/tasks.py

@@ -0,0 +1,207 @@
+import requests
+import logging
+from django.conf import settings
+from django.apps import apps
+from celery import shared_task
+from .models import AnalyticsTokens, AnalyticsIdentifier
+from .utils import (
+    existence_baremetal_or_docker,
+    install_stat_addons,
+    install_stat_tokens,
+    install_stat_users)
+
+from allianceauth import __version__
+
+logger = logging.getLogger(__name__)
+
+BASE_URL = "https://www.google-analytics.com"
+
+DEBUG_URL = f"{BASE_URL}/debug/mp/collect"
+COLLECTION_URL = f"{BASE_URL}/mp/collect"
+
+if getattr(settings, "ANALYTICS_ENABLE_DEBUG", False) and settings.DEBUG:
+    # Force sending of analytics data during in a debug/test environment
+    # Useful for developers working on this feature.
+    logger.warning(
+        "You have 'ANALYTICS_ENABLE_DEBUG' Enabled! "
+        "This debug instance will send analytics data!")
+    DEBUG_URL = COLLECTION_URL
+
+ANALYTICS_URL = COLLECTION_URL
+
+if settings.DEBUG is True:
+    ANALYTICS_URL = DEBUG_URL
+
+
+def analytics_event(namespace: str,
+                    task: str,
+                    label: str = "",
+                    result: str = "",
+                    value: int = 1,
+                    event_type: str = 'Celery'):
+    """
+    Send a Google Analytics Event for each token stored
+    Includes check for if its enabled/disabled
+
+    Args:
+        `namespace` (str): Celery Namespace
+        `task` (str): Task Name
+        `label` (str): Optional, additional task label
+        `result` (str): Optional, Task Success/Exception
+        `value` (int): Optional, If bulk, Query size, can be a Boolean
+        `event_type` (str): Optional, Celery or Stats only, Default to Celery
+    """
+    for token in AnalyticsTokens.objects.filter(type='GA-V4'):
+        if event_type == 'Stats':
+            allowed = token.send_stats
+        else:
+            allowed = False
+
+        if allowed is True:
+            send_ga_tracking_celery_event.s(
+                measurement_id=token.token,
+                secret=token.secret,
+                namespace=namespace,
+                task=task,
+                label=label,
+                result=result,
+                value=value).apply_async(priority=9)
+
+
+@shared_task
+def analytics_daily_stats() -> None:
+    """Celery Task: Do not call directly
+
+    Gathers a series of daily statistics
+    Sends analytics events containing them
+    """
+    users = install_stat_users()
+    tokens = install_stat_tokens()
+    addons = install_stat_addons()
+    existence_type = existence_baremetal_or_docker()
+    logger.debug("Running Daily Analytics Upload")
+
+    analytics_event(namespace='allianceauth.analytics',
+                    task='send_install_stats',
+                    label='existence',
+                    value=1,
+                    event_type='Stats')
+    analytics_event(namespace='allianceauth.analytics',
+                    task='send_install_stats',
+                    label=existence_type,
+                    value=1,
+                    event_type='Stats')
+    analytics_event(namespace='allianceauth.analytics',
+                    task='send_install_stats',
+                    label='users',
+                    value=users,
+                    event_type='Stats')
+    analytics_event(namespace='allianceauth.analytics',
+                    task='send_install_stats',
+                    label='tokens',
+                    value=tokens,
+                    event_type='Stats')
+    analytics_event(namespace='allianceauth.analytics',
+                    task='send_install_stats',
+                    label='addons',
+                    value=addons,
+                    event_type='Stats')
+    for appconfig in apps.get_app_configs():
+        if appconfig.label in [
+            "django_celery_beat",
+            "bootstrapform",
+            "messages",
+            "sessions",
+            "auth",
+            "staticfiles",
+            "users",
+            "addons",
+            "admin",
+            "humanize",
+            "contenttypes",
+            "sortedm2m",
+            "django_bootstrap5",
+            "tokens",
+            "authentication",
+            "services",
+            "framework",
+            "notifications"
+            "eveonline",
+            "navhelper",
+            "analytics",
+            "menu",
+            "theme"
+        ]:
+            pass
+        else:
+            analytics_event(namespace='allianceauth.analytics',
+                            task='send_extension_stats',
+                            label=appconfig.label,
+                            value=1,
+                            event_type='Stats')
+
+
+@shared_task
+def send_ga_tracking_celery_event(
+        measurement_id: str,
+        secret: str,
+        namespace: str,
+        task: str,
+        label: str = "",
+        result: str = "",
+        value: int = 1):
+    """Celery Task: Do not call directly
+
+    Sends an events to GA
+
+    Parameters
+    ----------
+    `measurement_id` (str): GA Token
+    `secret` (str): GA Authentication Secret
+    `namespace` (str): Celery Namespace
+    `task` (str): Task Name
+    `label` (str): Optional, additional task label
+    `result` (str): Optional, Task Success/Exception
+    `value` (int): Optional, If bulk, Query size, can be a binary True/False
+    """
+
+    parameters = {
+        'measurement_id': measurement_id,
+        'api_secret': secret
+    }
+
+    payload = {
+        'client_id': AnalyticsIdentifier.get_solo().identifier.hex,
+        "user_properties": {
+            "allianceauth_version": {
+                "value": __version__
+            }
+        },
+        'non_personalized_ads': True,
+        "events": [{
+            "name": "celery_event",
+            "params": {
+                    "namespace": namespace,
+                    "task": task,
+                    'result': result,
+                    'label': label,
+                    "value": value
+            }
+        }]
+    }
+    try:
+        response = requests.post(
+            ANALYTICS_URL,
+            params=parameters,
+            json=payload,
+            timeout=10)
+        response.raise_for_status()
+        logger.debug(
+            f"Analytics Celery/Stats Event HTTP{response.status_code}")
+        return response.status_code
+    except requests.exceptions.HTTPError as e:
+        logger.debug(e)
+        return response.status_code
+    except requests.exceptions.ConnectionError as e:
+        logger.debug(e)
+        return "Failed"

allianceauth/analytics/tests/test_models.py

@@ -0,0 +1,16 @@
+from allianceauth.analytics.models import AnalyticsIdentifier
+
+from django.test.testcases import TestCase
+
+from uuid import uuid4
+
+
+# Identifiers
+uuid_1 = "ab33e241fbf042b6aa77c7655a768af7"
+uuid_2 = "7aa6bd70701f44729af5e3095ff4b55c"
+
+
+class TestAnalyticsIdentifier(TestCase):
+
+    def test_identifier_random(self):
+        self.assertNotEqual(AnalyticsIdentifier.get_solo(), uuid4)

allianceauth/analytics/tests/test_tasks.py

@@ -0,0 +1,69 @@
+import requests_mock
+
+from django.test.utils import override_settings
+
+from allianceauth.analytics.tasks import (
+    analytics_event,
+    send_ga_tracking_celery_event)
+from allianceauth.utils.testing import NoSocketsTestCase
+
+
+GOOGLE_ANALYTICS_DEBUG_URL = 'https://www.google-analytics.com/debug/mp/collect'
+
+
+@override_settings(CELERY_ALWAYS_EAGER=True, CELERY_EAGER_PROPAGATES_EXCEPTIONS=True)
+@requests_mock.Mocker()
+class TestAnalyticsTasks(NoSocketsTestCase):
+    def test_analytics_event(self, requests_mocker):
+        requests_mocker.register_uri('POST', GOOGLE_ANALYTICS_DEBUG_URL)
+        analytics_event(
+            namespace='allianceauth.analytics',
+            task='send_tests',
+            label='test',
+            value=1,
+            result="Success",
+            event_type='Stats')
+
+    def test_send_ga_tracking_celery_event_sent(self, requests_mocker):
+        # given
+        requests_mocker.register_uri('POST', GOOGLE_ANALYTICS_DEBUG_URL)
+        token = 'G-6LYSMYK8DE'
+        secret = 'KLlpjLZ-SRGozS5f5wb_kw',
+        category = 'test'
+        action = 'test'
+        label = 'test'
+        value = '1'
+        # when
+        task = send_ga_tracking_celery_event(
+            token,
+            secret,
+            category,
+            action,
+            label,
+            value)
+        # then
+        self.assertEqual(task, 200)
+
+    def test_send_ga_tracking_celery_event_success(self, requests_mocker):
+        # given
+        requests_mocker.register_uri(
+            'POST',
+            GOOGLE_ANALYTICS_DEBUG_URL,
+            json={"validationMessages": []}
+        )
+        token = 'G-6LYSMYK8DE'
+        secret = 'KLlpjLZ-SRGozS5f5wb_kw',
+        category = 'test'
+        action = 'test'
+        label = 'test'
+        value = '1'
+        # when
+        task = send_ga_tracking_celery_event(
+            token,
+            secret,
+            category,
+            action,
+            label,
+            value)
+        # then
+        self.assertTrue(task, 200)

allianceauth/analytics/tests/test_utils.py

@@ -0,0 +1,55 @@
+from django.apps import apps
+from allianceauth.authentication.models import User
+from esi.models import Token
+from allianceauth.analytics.utils import install_stat_users, install_stat_tokens, install_stat_addons
+
+from django.test.testcases import TestCase
+
+
+def create_testdata():
+    User.objects.all().delete()
+    User.objects.create_user(
+        'user_1'
+        'abc@example.com',
+        'password'
+    )
+    User.objects.create_user(
+        'user_2'
+        'abc@example.com',
+        'password'
+    )
+    # Token.objects.all().delete()
+    # Token.objects.create(
+    #            character_id=101,
+    #            character_name='character1',
+    #            access_token='my_access_token'
+    # )
+    # Token.objects.create(
+    #            character_id=102,
+    #            character_name='character2',
+    #            access_token='my_access_token'
+    # )
+
+
+class TestAnalyticsUtils(TestCase):
+
+    def test_install_stat_users(self):
+        create_testdata()
+        expected = 2
+
+        users = install_stat_users()
+        self.assertEqual(users, expected)
+
+    # def test_install_stat_tokens(self):
+    #    create_testdata()
+    #    expected = 2
+    #
+    #   tokens = install_stat_tokens()
+    #   self.assertEqual(tokens, expected)
+
+    def test_install_stat_addons(self):
+        # this test does what its testing...
+        # but helpful for existing as a sanity check
+        expected = len(list(apps.get_app_configs()))
+        addons = install_stat_addons()
+        self.assertEqual(addons, expected)

allianceauth/analytics/utils.py

@@ -0,0 +1,50 @@
+import os
+from django.apps import apps
+from allianceauth.authentication.models import User
+from esi.models import Token
+
+
+def install_stat_users() -> int:
+    """Count and Return the number of User accounts
+
+    Returns
+    -------
+    int
+        The Number of User objects"""
+    users = User.objects.count()
+    return users
+
+
+def install_stat_tokens() -> int:
+    """Count and Return the number of ESI Tokens Stored
+
+    Returns
+    -------
+    int
+        The Number of Token Objects"""
+    tokens = Token.objects.count()
+    return tokens
+
+
+def install_stat_addons() -> int:
+    """Count and Return the number of Django Applications Installed
+
+    Returns
+    -------
+    int
+        The Number of Installed Apps"""
+    addons = len(list(apps.get_app_configs()))
+    return addons
+
+
+def existence_baremetal_or_docker() -> str:
+    """Checks the Installation Type of an install
+
+    Returns
+    -------
+    str
+        existence_baremetal or existence_docker"""
+    docker_tag = os.getenv('AA_DOCKER_TAG')
+    if docker_tag:
+        return "existence_docker"
+    return "existence_baremetal"

allianceauth/apps.py

@@ -3,3 +3,6 @@ from django.apps import AppConfig
 
 class AllianceAuthConfig(AppConfig):
     name = 'allianceauth'
+
+    def ready(self) -> None:
+        import allianceauth.checks # noqa

allianceauth/authentication/__init__.py

@@ -1 +0,0 @@
-default_app_config = 'allianceauth.authentication.apps.AuthenticationConfig'

allianceauth/authentication/admin.py

@@ -1,15 +1,44 @@
 from django.contrib import admin
 from django.contrib.auth.admin import UserAdmin as BaseUserAdmin
-from django.contrib.auth.models import User as BaseUser, Permission as BasePermission
-from django.utils.text import slugify
-from django.db.models import Q
-from allianceauth.services.hooks import ServicesHook
-from django.db.models.signals import pre_save, post_save, pre_delete, post_delete, m2m_changed
+from django.contrib.auth.models import Group
+from django.contrib.auth.models import Permission as BasePermission
+from django.contrib.auth.models import User as BaseUser
+from django.db.models import Count, Q
+from django.db.models.functions import Lower
+from django.db.models.signals import (
+    m2m_changed,
+    post_delete,
+    post_save,
+    pre_delete,
+    pre_save
+)
 from django.dispatch import receiver
-from allianceauth.authentication.models import State, get_guest_state, CharacterOwnership, UserProfile, OwnershipRecord
+from django.urls import reverse
+from django.utils.html import format_html
+from django.utils.text import slugify
+
+from allianceauth.authentication.models import (
+    CharacterOwnership,
+    OwnershipRecord,
+    State,
+    UserProfile,
+    get_guest_state
+)
+from allianceauth.eveonline.models import (
+    EveAllianceInfo,
+    EveCharacter,
+    EveCorporationInfo,
+    EveFactionInfo
+)
+from allianceauth.eveonline.tasks import update_character
 from allianceauth.hooks import get_hooks
-from allianceauth.eveonline.models import EveCharacter
-from django.forms import ModelForm
+from allianceauth.services.hooks import ServicesHook
+
+from .app_settings import (
+    AUTHENTICATION_ADMIN_USERS_MAX_CHARS,
+    AUTHENTICATION_ADMIN_USERS_MAX_GROUPS
+)
+from .forms import UserChangeForm, UserProfileForm
 
 
 def make_service_hooks_update_groups_action(service):
@@ -19,11 +48,14 @@ def make_service_hooks_update_groups_action(service):
     :return: fn to update services groups for the selected users
     """
     def update_service_groups(modeladmin, request, queryset):
+        if hasattr(service, 'update_groups_bulk'):
+            service.update_groups_bulk(queryset)
+        else:
             for user in queryset:  # queryset filtering doesn't work here?
                 service.update_groups(user)
 
-    update_service_groups.__name__ = str('update_{}_groups'.format(slugify(service.name)))
-    update_service_groups.short_description = "Sync groups for selected {} accounts".format(service.title)
+    update_service_groups.__name__ = str(f'update_{slugify(service.name)}_groups')
+    update_service_groups.short_description = f"Sync groups for selected {service.title} accounts"
     return update_service_groups
 
 
@@ -34,27 +66,21 @@ def make_service_hooks_sync_nickname_action(service):
     :return: fn to sync nickname for the selected users
     """
     def sync_nickname(modeladmin, request, queryset):
+        if hasattr(service, 'sync_nicknames_bulk'):
+            service.sync_nicknames_bulk(queryset)
+        else:
             for user in queryset:  # queryset filtering doesn't work here?
                 service.sync_nickname(user)
 
-    sync_nickname.__name__ = str('sync_{}_nickname'.format(slugify(service.name)))
-    sync_nickname.short_description = "Sync nicknames for selected {} accounts".format(service.title)
+    sync_nickname.__name__ = str(f'sync_{slugify(service.name)}_nickname')
+    sync_nickname.short_description = f"Sync nicknames for selected {service.title} accounts"
     return sync_nickname
 
 
-class QuerysetModelForm(ModelForm):
-    # allows specifying FK querysets through kwarg
-    def __init__(self, querysets=None, *args, **kwargs):
-        querysets = querysets or {}
-        super().__init__(*args, **kwargs)
-        for field, qs in querysets.items():
-            self.fields[field].queryset = qs
-
-
 class UserProfileInline(admin.StackedInline):
     model = UserProfile
     readonly_fields = ('state',)
-    form = QuerysetModelForm
+    form = UserProfileForm
     verbose_name = ''
     verbose_name_plural = 'Profile'
 
@@ -68,7 +94,6 @@ class UserProfileInline(admin.StackedInline):
                 query |= Q(userprofile__isnull=True)
             else:
                 query |= Q(character_ownership__user=obj)
-        qs = EveCharacter.objects.filter(query)
         formset = super().get_formset(request, obj=obj, **kwargs)
 
         def get_kwargs(self, index):
@@ -76,47 +101,318 @@ class UserProfileInline(admin.StackedInline):
         formset.get_form_kwargs = get_kwargs
         return formset
 
-    def has_add_permission(self, request):
+    def has_add_permission(self, request, obj=None):
         return False
 
     def has_delete_permission(self, request, obj=None):
         return False
 
 
+@admin.display(description="")
+def user_profile_pic(obj):
+    """profile pic column data for user objects
+
+    works for both User objects and objects with `user` as FK to User
+    To be used for all user based admin lists (requires CSS)
+    """
+    user_obj = obj.user if hasattr(obj, 'user') else obj
+    if user_obj.profile.main_character:
+        return format_html(
+            '<img src="{}" class="img-circle">',
+            user_obj.profile.main_character.portrait_url(size=32)
+        )
+    return None
+
+
+@admin.display(description="user / main", ordering="username")
+def user_username(obj):
+    """user column data for user objects
+
+    works for both User objects and objects with `user` as FK to User
+    To be used for all user based admin lists
+    """
+    link = reverse(
+        'admin:{}_{}_change'.format(
+            obj._meta.app_label,
+            type(obj).__name__.lower()
+        ),
+        args=(obj.pk,)
+    )
+    user_obj = obj.user if hasattr(obj, 'user') else obj
+    if user_obj.profile.main_character:
+        return format_html(
+            '<strong><a href="{}">{}</a></strong><br>{}',
+            link,
+            user_obj.username,
+            user_obj.profile.main_character.character_name
+        )
+    return format_html(
+        '<strong><a href="{}">{}</a></strong>',
+        link,
+        user_obj.username,
+    )
+
+
+@admin.display(
+    description="Corporation / Alliance (Main)",
+    ordering="profile__main_character__corporation_name"
+)
+def user_main_organization(obj):
+    """main organization column data for user objects
+
+    works for both User objects and objects with `user` as FK to User
+    To be used for all user based admin lists
+    """
+    user_obj = obj.user if hasattr(obj, 'user') else obj
+    if not user_obj.profile.main_character:
+        return ''
+    result = user_obj.profile.main_character.corporation_name
+    if user_obj.profile.main_character.alliance_id:
+        result += f'<br>{user_obj.profile.main_character.alliance_name}'
+    elif user_obj.profile.main_character.faction_name:
+        result += f'<br>{user_obj.profile.main_character.faction_name}'
+    return format_html(result)
+
+
+class MainCorporationsFilter(admin.SimpleListFilter):
+    """Custom filter to filter on corporations from mains only
+
+    works for both User objects and objects with `user` as FK to User
+    To be used for all user based admin lists
+    """
+    title = 'corporation'
+    parameter_name = 'main_corporation_id__exact'
+
+    def lookups(self, request, model_admin):
+        qs = EveCharacter.objects\
+            .exclude(userprofile=None)\
+            .values('corporation_id', 'corporation_name')\
+            .distinct()\
+            .order_by(Lower('corporation_name'))
+        return tuple(
+            (x['corporation_id'], x['corporation_name']) for x in qs
+        )
+
+    def queryset(self, request, qs):
+        if self.value() is None:
+            return qs.all()
+        if qs.model == User:
+            return qs.filter(
+                profile__main_character__corporation_id=self.value()
+            )
+        return qs.filter(
+            user__profile__main_character__corporation_id=self.value()
+        )
+
+
+class MainAllianceFilter(admin.SimpleListFilter):
+    """Custom filter to filter on alliances from mains only
+
+    works for both User objects and objects with `user` as FK to User
+    To be used for all user based admin lists
+    """
+    title = 'alliance'
+    parameter_name = 'main_alliance_id__exact'
+
+    def lookups(self, request, model_admin):
+        qs = (
+            EveCharacter.objects
+            .exclude(alliance_id=None)
+            .exclude(userprofile=None)
+            .values('alliance_id', 'alliance_name')
+            .distinct()
+            .order_by(Lower('alliance_name'))
+        )
+        return tuple(
+            (x['alliance_id'], x['alliance_name']) for x in qs
+        )
+
+    def queryset(self, request, qs):
+        if self.value() is None:
+            return qs.all()
+        if qs.model == User:
+            return qs.filter(profile__main_character__alliance_id=self.value())
+        return qs.filter(
+            user__profile__main_character__alliance_id=self.value()
+        )
+
+
+class MainFactionFilter(admin.SimpleListFilter):
+    """Custom filter to filter on factions from mains only
+
+    works for both User objects and objects with `user` as FK to User
+    To be used for all user based admin lists
+    """
+    title = 'faction'
+    parameter_name = 'main_faction_id__exact'
+
+    def lookups(self, request, model_admin):
+        qs = (
+            EveCharacter.objects
+            .exclude(faction_id=None)
+            .exclude(userprofile=None)
+            .values('faction_id', 'faction_name')
+            .distinct()
+            .order_by(Lower('faction_name'))
+        )
+        return tuple(
+            (x['faction_id'], x['faction_name']) for x in qs
+        )
+
+    def queryset(self, request, qs):
+        if self.value() is None:
+            return qs.all()
+        if qs.model == User:
+            return qs.filter(profile__main_character__faction_id=self.value())
+        return qs.filter(
+            user__profile__main_character__faction_id=self.value()
+        )
+
+
+@admin.display(description="Update main character model from ESI")
+def update_main_character_model(modeladmin, request, queryset):
+    tasks_count = 0
+    for obj in queryset:
+        if obj.profile.main_character:
+            update_character.delay(obj.profile.main_character.character_id)
+            tasks_count += 1
+
+    modeladmin.message_user(
+        request, f'Update from ESI started for {tasks_count} characters'
+    )
+
+
 class UserAdmin(BaseUserAdmin):
+    """Extending Django's UserAdmin model
+
+    Behavior of groups and characters columns can be configured via settings
     """
-    Extending Django's UserAdmin model
-    """
+
+    inlines = [UserProfileInline]
+    ordering = ('username', )
+    list_select_related = ('profile__state', 'profile__main_character')
+    show_full_result_count = True
+    list_display = (
+        user_profile_pic,
+        user_username,
+        '_state',
+        '_groups',
+        user_main_organization,
+        '_characters',
+        'is_active',
+        'date_joined',
+        '_role'
+    )
+    list_display_links = None
+    list_filter = (
+        'profile__state',
+        'groups',
+        MainCorporationsFilter,
+        MainAllianceFilter,
+        MainFactionFilter,
+        'is_active',
+        'date_joined',
+        'is_staff',
+        'is_superuser'
+    )
+    search_fields = ('username', 'character_ownerships__character__character_name')
+    readonly_fields = ('date_joined', 'last_login')
+    filter_horizontal = ('groups', 'user_permissions',)
+    form = UserChangeForm
+
+    class Media:
+        css = {
+            "all": ("allianceauth/authentication/css/admin.css",)
+        }
+
+    def get_queryset(self, request):
+        qs = super().get_queryset(request)
+        return qs.prefetch_related("character_ownerships__character", "groups")
+
+    def get_form(self, request, obj=None, **kwargs):
+        """Inject current request into change form object."""
+
+        MyForm = super().get_form(request, obj, **kwargs)
+        if obj:
+            class MyFormInjected(MyForm):
+                def __new__(cls, *args, **kwargs):
+                    kwargs['request'] = request
+                    return MyForm(*args, **kwargs)
+
+            return MyFormInjected
+        return MyForm
+
     def get_actions(self, request):
-        actions = super(BaseUserAdmin, self).get_actions(request)
+        actions = super().get_actions(request)
+        actions[update_main_character_model.__name__] = (
+            update_main_character_model,
+            update_main_character_model.__name__,
+            update_main_character_model.short_description
+        )
 
         for hook in get_hooks('services_hook'):
             svc = hook()
             # Check update_groups is redefined/overloaded
             if svc.update_groups.__module__ != ServicesHook.update_groups.__module__:
                 action = make_service_hooks_update_groups_action(svc)
-                actions[action.__name__] = (action,
+                actions[action.__name__] = (
+                    action,
                     action.__name__,
-                                            action.short_description)
+                    action.short_description
+                )
+
             # Create sync nickname action if service implements it
             if svc.sync_nickname.__module__ != ServicesHook.sync_nickname.__module__:
                 action = make_service_hooks_sync_nickname_action(svc)
-                actions[action.__name__] = (action,
-                                            action.__name__,
-                                            action.short_description)
-
+                actions[action.__name__] = (
+                    action, action.__name__,
+                    action.short_description
+                )
         return actions
-    list_filter = BaseUserAdmin.list_filter + ('profile__state',)
-    inlines = BaseUserAdmin.inlines + [UserProfileInline]
-    list_display = ('username', 'email', 'get_main_character', 'get_state', 'is_active')
 
-    def get_main_character(self, obj):
-        return obj.profile.main_character
-    get_main_character.short_description = "Main Character"
+    def _list_2_html_w_tooltips(self, my_items: list, max_items: int) -> str:
+        """converts list of strings into HTML with cutoff and tooltip"""
+        items_truncated_str = ', '.join(my_items[:max_items])
+        if not my_items:
+            result = None
+        elif len(my_items) <= max_items:
+            result = items_truncated_str
+        else:
+            items_truncated_str += ', (...)'
+            items_all_str = ', '.join(my_items)
+            result = format_html(
+                '<span data-tooltip="{}" class="tooltip">{}</span>',
+                items_all_str,
+                items_truncated_str
+            )
+        return result
 
-    def get_state(self, obj):
-        return obj.profile.state
-    get_state.short_description = "State"
+    def _characters(self, obj):
+        character_ownerships = list(obj.character_ownerships.all())
+        characters = [obj.character.character_name for obj in character_ownerships]
+        return self._list_2_html_w_tooltips(
+            sorted(characters),
+            AUTHENTICATION_ADMIN_USERS_MAX_CHARS
+        )
+
+    @admin.display(ordering="profile__state")
+    def _state(self, obj):
+        return obj.profile.state.name
+
+    def _groups(self, obj):
+        my_groups = sorted(group.name for group in list(obj.groups.all()))
+        return self._list_2_html_w_tooltips(
+            my_groups, AUTHENTICATION_ADMIN_USERS_MAX_GROUPS
+        )
+
+    def _role(self, obj):
+        if obj.is_superuser:
+            role = 'Superuser'
+        elif obj.is_staff:
+            role = 'Staff'
+        else:
+            role = 'User'
+        return role
 
     def has_change_permission(self, request, obj=None):
         return request.user.has_perm('auth.change_user')
@@ -127,24 +423,86 @@ class UserAdmin(BaseUserAdmin):
     def has_delete_permission(self, request, obj=None):
         return request.user.has_perm('auth.delete_user')
 
+    def get_object(self, *args , **kwargs):
+        obj = super().get_object(*args , **kwargs)
+        self.obj = obj  # storing current object for use in formfield_for_manytomany
+        return obj
+
+    def formfield_for_manytomany(self, db_field, request, **kwargs):
+        if db_field.name == "groups":
+            groups_qs = Group.objects.filter(authgroup__states__isnull=True)
+            obj_state = self.obj.profile.state
+            if obj_state:
+                matching_groups_qs = Group.objects.filter(authgroup__states=obj_state)
+                groups_qs = groups_qs | matching_groups_qs
+            kwargs["queryset"] = groups_qs.order_by(Lower("name"))
+        return super().formfield_for_manytomany(db_field, request, **kwargs)
+
+    def get_readonly_fields(self, request, obj=None):
+        if obj and not request.user.is_superuser:
+            return self.readonly_fields + (
+                "is_staff", "is_superuser", "user_permissions"
+            )
+        return self.readonly_fields
+
 
 @admin.register(State)
 class StateAdmin(admin.ModelAdmin):
+    list_select_related = True
+    list_display = ('name', 'priority', '_user_count')
+
+    def get_queryset(self, request):
+        qs = super().get_queryset(request)
+        return qs.annotate(user_count=Count("userprofile__id"))
+
+    @admin.display(description="Users", ordering="user_count")
+    def _user_count(self, obj):
+        return obj.user_count
+
     fieldsets = (
         (None, {
             'fields': ('name', 'permissions', 'priority'),
         }),
         ('Membership', {
-            'fields': ('public', 'member_characters', 'member_corporations', 'member_alliances'),
+            'fields': (
+                'public',
+                'member_characters',
+                'member_corporations',
+                'member_alliances',
+                'member_factions'
+            ),
         })
     )
-    filter_horizontal = ['member_characters', 'member_corporations', 'member_alliances', 'permissions']
-    list_display = ('name', 'priority', 'user_count')
+    filter_horizontal = [
+        'member_characters',
+        'member_corporations',
+        'member_alliances',
+        'member_factions',
+        'permissions'
+    ]
+
+    def formfield_for_manytomany(self, db_field, request, **kwargs):
+        """overriding this formfield to have sorted lists in the form"""
+        if db_field.name == "member_characters":
+            kwargs["queryset"] = EveCharacter.objects.all()\
+                .order_by(Lower('character_name'))
+        elif db_field.name == "member_corporations":
+            kwargs["queryset"] = EveCorporationInfo.objects.all()\
+                .order_by(Lower('corporation_name'))
+        elif db_field.name == "member_alliances":
+            kwargs["queryset"] = EveAllianceInfo.objects.all()\
+                .order_by(Lower('alliance_name'))
+        elif db_field.name == "member_factions":
+            kwargs["queryset"] = EveFactionInfo.objects.all()\
+                .order_by(Lower('faction_name'))
+        elif db_field.name == "permissions":
+            kwargs["queryset"] = Permission.objects.select_related("content_type").all()
+        return super().formfield_for_manytomany(db_field, request, **kwargs)
 
     def has_delete_permission(self, request, obj=None):
         if obj == get_guest_state():
             return False
-        return super(StateAdmin, self).has_delete_permission(request, obj=obj)
+        return super().has_delete_permission(request, obj=obj)
 
     def get_fieldsets(self, request, obj=None):
         if obj == get_guest_state():
@@ -153,16 +511,39 @@ class StateAdmin(admin.ModelAdmin):
                     'fields': ('permissions', 'priority'),
                 }),
             )
-        return super(StateAdmin, self).get_fieldsets(request, obj=obj)
+        return super().get_fieldsets(request, obj=obj)
 
-    @staticmethod
-    def user_count(obj):
-        return obj.userprofile_set.all().count()
+    def get_readonly_fields(self, request, obj=None):
+        if not request.user.is_superuser:
+            return self.readonly_fields + ("permissions",)
+        return self.readonly_fields
 
 
 class BaseOwnershipAdmin(admin.ModelAdmin):
-    list_display = ('user', 'character')
-    search_fields = ('user__username', 'character__character_name', 'character__corporation_name', 'character__alliance_name')
+    list_select_related = (
+        'user__profile__state', 'user__profile__main_character', 'character')
+    list_display = (
+        user_profile_pic,
+        user_username,
+        user_main_organization,
+        'character',
+    )
+    search_fields = (
+        'user__username',
+        'character__character_name',
+        'character__corporation_name',
+        'character__alliance_name',
+        'character__faction_name'
+    )
+    list_filter = (
+        MainCorporationsFilter,
+        MainAllianceFilter,
+    )
+
+    class Media:
+        css = {
+            "all": ("allianceauth/authentication/css/admin.css",)
+        }
 
     def get_readonly_fields(self, request, obj=None):
         if obj and obj.pk:
@@ -184,6 +565,7 @@ class CharacterOwnershipAdmin(BaseOwnershipAdmin):
 class PermissionAdmin(admin.ModelAdmin):
     actions = None
     readonly_fields = [field.name for field in BasePermission._meta.fields]
+    search_fields = ('codename', )
     list_display = ('admin_name', 'name', 'codename', 'content_type')
     list_filter = ('content_type__app_label',)
 
@@ -191,7 +573,7 @@ class PermissionAdmin(admin.ModelAdmin):
     def admin_name(obj):
         return str(obj)
 
-    def has_add_permission(self, request):
+    def has_add_permission(self, request, obj=None):
         return False
 
     def has_delete_permission(self, request, obj=None):

allianceauth/authentication/app_settings.py

@@ -0,0 +1,45 @@
+from django.conf import settings
+
+
+def _clean_setting(
+    name: str,
+    default_value: object,
+    min_value: int = None,
+    max_value: int = None,
+    required_type: type = None
+):
+    """cleans the input for a custom setting
+
+    Will use `default_value` if settings does not exit or has the wrong type
+    or is outside define boundaries (for int only)
+
+    Need to define `required_type` if `default_value` is `None`
+
+    Will assume `min_value` of 0 for int (can be overriden)
+
+    Returns cleaned value for setting
+    """
+    if default_value is None and not required_type:
+        raise ValueError('You must specify a required_type for None defaults')
+
+    if not required_type:
+        required_type = type(default_value)
+
+    if min_value is None and required_type == int:
+        min_value = 0
+
+    if (hasattr(settings, name)
+        and isinstance(getattr(settings, name), required_type)
+        and (min_value is None or getattr(settings, name) >= min_value)
+        and (max_value is None or getattr(settings, name) <= max_value)
+    ):
+        return getattr(settings, name)
+    else:
+        return default_value
+
+
+AUTHENTICATION_ADMIN_USERS_MAX_GROUPS = \
+    _clean_setting('AUTHENTICATION_ADMIN_USERS_MAX_GROUPS', 10)
+
+AUTHENTICATION_ADMIN_USERS_MAX_CHARS = \
+    _clean_setting('AUTHENTICATION_ADMIN_USERS_MAX_CHARS', 5)

allianceauth/authentication/apps.py

@@ -1,12 +1,18 @@
 from django.apps import AppConfig
 from django.core.checks import register, Tags
+from django.utils.translation import gettext_lazy as _
 
 
 class AuthenticationConfig(AppConfig):
-    name = 'allianceauth.authentication'
-    label = 'authentication'
+    name = "allianceauth.authentication"
+    label = "authentication"
+    verbose_name = _("Authentication")
 
     def ready(self):
-        super(AuthenticationConfig, self).ready()
-        from allianceauth.authentication import checks, signals
+        from allianceauth.authentication import checks, signals  # noqa: F401
+        from allianceauth.authentication.task_statistics import (
+            signals as celery_signals,
+        )
+
         register(Tags.security)(checks.check_login_scopes_setting)
+        celery_signals.reset_counters()

allianceauth/authentication/auth_hooks.py

@@ -0,0 +1,59 @@
+from allianceauth.hooks import DashboardItemHook
+from allianceauth import hooks
+from .views import dashboard_characters, dashboard_esi_check, dashboard_groups, dashboard_admin
+
+
+class UserCharactersHook(DashboardItemHook):
+    def __init__(self):
+        DashboardItemHook.__init__(
+            self,
+            dashboard_characters,
+            5
+        )
+
+
+class UserGroupsHook(DashboardItemHook):
+    def __init__(self):
+        DashboardItemHook.__init__(
+            self,
+            dashboard_groups,
+            5
+        )
+
+
+class AdminHook(DashboardItemHook):
+    def __init__(self):
+        DashboardItemHook.__init__(
+            self,
+            dashboard_admin,
+            1
+        )
+
+
+class ESICheckHook(DashboardItemHook):
+    def __init__(self):
+        DashboardItemHook.__init__(
+            self,
+            dashboard_esi_check,
+            0
+        )
+
+
+@hooks.register('dashboard_hook')
+def register_character_hook():
+    return UserCharactersHook()
+
+
+@hooks.register('dashboard_hook')
+def register_groups_hook():
+    return UserGroupsHook()
+
+
+@hooks.register('dashboard_hook')
+def register_admin_hook():
+    return AdminHook()
+
+
+@hooks.register('dashboard_hook')
+def register_esi_hook():
+    return ESICheckHook()

allianceauth/authentication/backends.py

@@ -1,7 +1,8 @@
-from django.contrib.auth.backends import ModelBackend
-from django.contrib.auth.models import Permission
-from django.contrib.auth.models import User
 import logging
+
+from django.contrib.auth.backends import ModelBackend
+from django.contrib.auth.models import User, Permission
+
 from .models import UserProfile, CharacterOwnership, OwnershipRecord
 
 
@@ -11,9 +12,11 @@ logger = logging.getLogger(__name__)
 class StateBackend(ModelBackend):
     @staticmethod
     def _get_state_permissions(user_obj):
-        profile_state_field = UserProfile._meta.get_field('state')
-        user_state_query = 'state__%s__user' % profile_state_field.related_query_name()
-        return Permission.objects.filter(**{user_state_query: user_obj})
+        """returns permissions for state of given user object"""
+        if hasattr(user_obj, "profile") and user_obj.profile:
+            return Permission.objects.filter(state=user_obj.profile.state)
+        else:
+            return Permission.objects.none()
 
     def get_state_permissions(self, user_obj, obj=None):
         return self._get_permissions(user_obj, obj, 'state')
@@ -27,23 +30,27 @@ class StateBackend(ModelBackend):
             user_obj._perm_cache.update(self.get_state_permissions(user_obj))
         return user_obj._perm_cache
 
-    def authenticate(self, token=None):
+    def authenticate(self, request=None, token=None, **credentials):
         if not token:
             return None
         try:
             ownership = CharacterOwnership.objects.get(character__character_id=token.character_id)
             if ownership.owner_hash == token.character_owner_hash:
-                logger.debug('Authenticating {0} by ownership of character {1}'.format(ownership.user, token.character_name))
+                logger.debug(f'Authenticating {ownership.user} by ownership of character {token.character_name}')
+                if ownership.user.profile.main_character:
+                    if ownership.user.profile.main_character.character_id == token.character_id:
                         return ownership.user
+                    else:  # this is an alt, enforce main only.
+                        return None
             else:
-                logger.debug('{0} has changed ownership. Creating new user account.'.format(token.character_name))
+                logger.debug(f'{token.character_name} has changed ownership. Creating new user account.')
                 ownership.delete()
                 return self.create_user(token)
         except CharacterOwnership.DoesNotExist:
             try:
                 # insecure legacy main check for pre-sso registration auth installs
                 profile = UserProfile.objects.get(main_character__character_id=token.character_id)
-                logger.debug('Authenticating {0} by their main character {1} without active ownership.'.format(profile.user, profile.main_character))
+                logger.debug(f'Authenticating {profile.user} by their main character {profile.main_character} without active ownership.')
                 # attach an ownership
                 token.user = profile.user
                 CharacterOwnership.objects.create_by_token(token)
@@ -54,15 +61,20 @@ class StateBackend(ModelBackend):
                 if records.exists():
                     # we've seen this character owner before. Re-attach to their old user account
                     user = records[0].user
+                    if user.profile.main_character:
+                        if user.profile.main_character.character_id != token.character_id:
+                            # this is an alt, enforce main only due to trust issues in SSO.
+                            return None
+
                     token.user = user
                     co = CharacterOwnership.objects.create_by_token(token)
-                    logger.debug('Authenticating {0} by matching owner hash record of character {1}'.format(user, co.character))
-                    if not user.profile.main_character:
-                        # set this as their main by default if they have none
+                    logger.debug(f'Authenticating {user} by matching owner hash record of character {co.character}')
+
+                    # set this as their main by default as they have none
                     user.profile.main_character = co.character
                     user.profile.save()
                     return user
-            logger.debug('Unable to authenticate character {0}. Creating new user.'.format(token.character_name))
+            logger.debug(f'Unable to authenticate character {token.character_name}. Creating new user.')
             return self.create_user(token)
 
     def create_user(self, token):
@@ -74,7 +86,7 @@ class StateBackend(ModelBackend):
         co = CharacterOwnership.objects.create_by_token(token)  # assign ownership to this user
         user.profile.main_character = co.character  # assign main character as token character
         user.profile.save()
-        logger.debug('Created new user {0}'.format(user))
+        logger.debug(f'Created new user {user}')
         return user
 
     @staticmethod
@@ -84,10 +96,10 @@ class StateBackend(ModelBackend):
         if User.objects.filter(username__startswith=name).exists():
             u = User.objects.filter(username__startswith=name)
             num = len(u)
-            username = "%s_%s" % (name, num)
+            username = f"{name}_{num}"
             while u.filter(username=username).exists():
                 num += 1
-                username = "%s_%s" % (name, num)
+                username = f"{name}_{num}"
         else:
             username = name
         return username

allianceauth/authentication/constants.py

@@ -0,0 +1,12 @@
+from django.utils.translation import gettext_lazy as _
+
+# Overide ESI messages in the dashboard widget
+# when the returned messages are not helpful or out of date
+ESI_ERROR_MESSAGE_OVERRIDES = {
+    420: _("This software has exceeded the error limit for ESI. "
+            "If you are a user, please contact the maintainer of this software."
+            " If you are a developer/maintainer, please make a greater "
+            "effort in the future to receive valid responses. For tips on how, "
+            "come have a chat with us in ##3rd-party-dev-and-esi on the EVE "
+            "Online Discord. https://www.eveonline.com/discord")
+}

allianceauth/authentication/core/celery_workers.py

@@ -0,0 +1,48 @@
+"""API for interacting with celery workers."""
+
+import itertools
+import logging
+from typing import Optional
+
+from amqp.exceptions import ChannelError
+from celery import current_app
+
+from django.conf import settings
+
+logger = logging.getLogger(__name__)
+
+
+def active_tasks_count() -> Optional[int]:
+    """Return count of currently active tasks
+    or None if celery workers are not online.
+    """
+    inspect = current_app.control.inspect()
+    return _tasks_count(inspect.active())
+
+
+def _tasks_count(data: dict) -> Optional[int]:
+    """Return count of tasks in data from celery inspect API."""
+    try:
+        tasks = itertools.chain(*data.values())
+    except AttributeError:
+        return None
+    return len(list(tasks))
+
+
+def queued_tasks_count() -> Optional[int]:
+    """Return count of queued tasks. Return None if there was an error."""
+    try:
+        with current_app.connection_or_acquire() as conn:
+            result = conn.default_channel.queue_declare(
+                queue=getattr(settings, "CELERY_DEFAULT_QUEUE", "celery"), passive=True
+            )
+            return result.message_count
+
+    except ChannelError:
+        # Queue doesn't exist, probably empty
+        return 0
+
+    except Exception:
+        logger.exception("Failed to get celery queue length")
+
+    return None

allianceauth/authentication/decorators.py

@@ -1,16 +1,31 @@
-from django.conf.urls import include
+from django.urls import include
+from django.contrib.auth.decorators import user_passes_test
+from django.core.exceptions import PermissionDenied
 from functools import wraps
-from django.shortcuts import redirect
+from typing import Callable, Iterable, Optional
+
+from django.urls import include
 from django.contrib import messages
+from django.contrib.auth.decorators import login_required, user_passes_test
+from django.core.exceptions import PermissionDenied
+from django.shortcuts import redirect
 from django.utils.translation import gettext_lazy as _
-from django.contrib.auth.decorators import login_required
 
 
 def user_has_main_character(user):
     return bool(user.profile.main_character)
 
 
-def decorate_url_patterns(urls, decorator):
+def decorate_url_patterns(
+    urls, decorator: Callable, excluded_views: Optional[Iterable] = None
+):
+    """Decorate views given in url patterns except when they are explicitly excluded.
+
+    Args:
+        - urls: Django URL patterns
+        - decorator: Decorator to be added to each view
+        - exclude_views: Optional iterable of view names to be excluded
+    """
     url_list, app_name, namespace = include(urls)
 
     def process_patterns(url_patterns):
@@ -20,6 +35,8 @@ def decorate_url_patterns(urls, decorator):
                 process_patterns(pattern.url_patterns)
             else:
                 # this is a pattern
+                if excluded_views and pattern.lookup_str in excluded_views:
+                    return
                 pattern.callback = decorator(pattern.callback)
 
     process_patterns(url_list)
@@ -35,3 +52,32 @@ def main_character_required(view_func):
         messages.error(request, _('A main character is required to perform that action. Add one below.'))
         return redirect('authentication:dashboard')
     return login_required(_wrapped_view)
+
+
+def permissions_required(perm, login_url=None, raise_exception=False):
+    """
+    Decorator for views that checks whether a user has a particular permission
+    enabled, redirecting to the log-in page if necessary.
+    If the raise_exception parameter is given the PermissionDenied exception
+    is raised.
+
+    This decorator is identical to the django permission_required except it
+    allows for passing a tuple/list of perms that will return true if any one
+    of them is present.
+    """
+    def check_perms(user):
+        if isinstance(perm, str):
+            perms = (perm,)
+        else:
+            perms = perm
+        # First check if the user has the permission (even anon users)
+        for perm_ in perms:
+            perm_ = (perm_,)
+            if user.has_perms(perm_):
+                return True
+        # In case the 403 handler should be called raise the exception
+        if raise_exception:
+            raise PermissionDenied
+        # As the last resort, show the login form
+        return False
+    return user_passes_test(check_perms, login_url=login_url)

allianceauth/authentication/forms.py

@@ -1,6 +1,66 @@
 from django import forms
-from django.utils.translation import ugettext_lazy as _
+from django.contrib.auth.forms import UserChangeForm as BaseUserChangeForm
+from django.contrib.auth.models import Group
+from django.core.exceptions import ValidationError
+from django.forms import ModelForm
+from django.utils.translation import gettext_lazy as _
+
+from allianceauth.authentication.models import User
 
 
 class RegistrationForm(forms.Form):
     email = forms.EmailField(label=_('Email'), max_length=254, required=True)
+
+    class _meta:
+        model = User
+
+
+class UserProfileForm(ModelForm):
+    """Allows specifying FK querysets through kwarg"""
+
+    def __init__(self, querysets=None, *args, **kwargs):
+        querysets = querysets or {}
+        super().__init__(*args, **kwargs)
+        for field, qs in querysets.items():
+            self.fields[field].queryset = qs
+
+
+class UserChangeForm(BaseUserChangeForm):
+    """Add custom cleaning to UserChangeForm"""
+
+    def __init__(self, *args, **kwargs):
+        self.request = kwargs.pop("request")  # Inject current request into form object
+        super().__init__(*args, **kwargs)
+
+    def clean(self):
+        cleaned_data = super().clean()
+        if not self.request.user.is_superuser:
+            if self.instance:
+                current_restricted = set(
+                    self.instance.groups.filter(
+                        authgroup__restricted=True
+                    ).values_list("pk", flat=True)
+                )
+            else:
+                current_restricted = set()
+            new_restricted = set(
+                cleaned_data["groups"].filter(
+                    authgroup__restricted=True
+                ).values_list("pk", flat=True)
+            )
+            if current_restricted != new_restricted:
+                restricted_removed = current_restricted - new_restricted
+                restricted_added = new_restricted - current_restricted
+                restricted_changed = restricted_removed | restricted_added
+                restricted_names_qs = Group.objects.filter(
+                    pk__in=restricted_changed
+                ).values_list("name", flat=True)
+                restricted_names = ",".join(list(restricted_names_qs))
+                raise ValidationError(
+                    {
+                        "groups": _(
+                            "You are not allowed to add or remove these "
+                            "restricted groups: %s" % restricted_names
+                        )
+                    }
+                )

allianceauth/authentication/hmac_urls.py

@@ -1,14 +1,13 @@
-from django.conf.urls import url, include
-
 from allianceauth.authentication import views
+from django.urls import include, re_path, path
 
 urlpatterns = [
-    url(r'^activate/complete/$', views.activation_complete, name='registration_activation_complete'),
+    path('activate/complete/', views.activation_complete, name='registration_activation_complete'),
     # The activation key can make use of any character from the
     # URL-safe base64 alphabet, plus the colon as a separator.
-    url(r'^activate/(?P<activation_key>[-:\w]+)/$', views.ActivationView.as_view(), name='registration_activate'),
-    url(r'^register/$', views.RegistrationView.as_view(), name='registration_register'),
-    url(r'^register/complete/$', views.registration_complete, name='registration_complete'),
-    url(r'^register/closed/$', views.registration_closed, name='registration_disallowed'),
-    url(r'', include('registration.auth_urls')),
+    re_path(r'^activate/(?P<activation_key>[-:\w]+)/$', views.ActivationView.as_view(), name='registration_activate'),
+    path('register/', views.RegistrationView.as_view(), name='registration_register'),
+    path('register/complete/', views.registration_complete, name='registration_complete'),
+    path('register/closed/', views.registration_closed, name='registration_disallowed'),
+    path('', include('django.contrib.auth.urls')),
 ]

allianceauth/authentication/management/commands/checkmains.py

@@ -11,10 +11,10 @@ class Command(BaseCommand):
         if profiles.exists():
             for profile in profiles:
                 self.stdout.write(self.style.ERROR(
-                    '{0} does not have an ownership. Resetting user {1} main character.'.format(profile.main_character,
+                    '{} does not have an ownership. Resetting user {} main character.'.format(profile.main_character,
                                                                                                 profile.user)))
                 profile.main_character = None
                 profile.save()
-            self.stdout.write(self.style.WARNING('Reset {0} main characters.'.format(profiles.count())))
+            self.stdout.write(self.style.WARNING(f'Reset {profiles.count()} main characters.'))
         else:
             self.stdout.write(self.style.SUCCESS('All main characters have active ownership.'))

allianceauth/authentication/managers.py

@@ -16,6 +16,8 @@ def available_states_query(character):
         query |= Q(member_corporations__corporation_id=character.corporation_id)
     if character.alliance_id:
         query |= Q(member_alliances__alliance_id=character.alliance_id)
+    if character.faction_id:
+        query |= Q(member_factions__faction_id=character.faction_id)
     return query
 
 
@@ -23,8 +25,7 @@ class CharacterOwnershipManager(Manager):
     def create_by_token(self, token):
         if not EveCharacter.objects.filter(character_id=token.character_id).exists():
             EveCharacter.objects.create_character(token.character_id)
-        return self.create(character=EveCharacter.objects.get(character_id=token.character_id), user=token.user,
-                           owner_hash=token.character_owner_hash)
+        return self.create(character=EveCharacter.objects.get(character_id=token.character_id), user=token.user, owner_hash=token.character_owner_hash)
 
 
 class StateQuerySet(QuerySet):
@@ -50,7 +51,7 @@ class StateQuerySet(QuerySet):
             for state in self:
                 for profile in state.userprofile_set.all():
                     profile.assign_state(state=self.model.objects.exclude(pk=state.pk).get_for_user(profile.user))
-        super(StateQuerySet, self).delete()
+        super().delete()
 
 
 class StateManager(Manager):

allianceauth/authentication/middleware.py

@@ -0,0 +1,55 @@
+from django.conf import settings
+from django.utils.deprecation import MiddlewareMixin
+
+import logging
+
+logger = logging.getLogger(__name__)
+
+
+class UserSettingsMiddleware(MiddlewareMixin):
+    def process_response(self, request, response):
+        """Django Middleware: User Settings."""
+
+        # Intercept the built in django /setlang/ view and also save it to Database.
+        # Note the annoymous user check, only logged in users will ever hit the DB here
+        if request.path == '/i18n/setlang/' and not request.user.is_anonymous:
+            try:
+                request.user.profile.language = request.POST['language']
+                request.user.profile.save()
+            except Exception as e:
+                logger.exception(e)
+
+        # Only act during the login flow, _after_ user is activated (step 2: post-sso)
+        elif request.path == '/sso/login' and not request.user.is_anonymous:
+            # Set the Language Cookie, if it doesnt match the DB
+            # Null = hasnt been set by the user ever, dont act.
+            try:
+                if request.user.profile.language != request.LANGUAGE_CODE and request.user.profile.language is not None:
+                    response.set_cookie(key=settings.LANGUAGE_COOKIE_NAME,
+                                        value=request.user.profile.language,
+                                        max_age=settings.LANGUAGE_COOKIE_AGE)
+            except Exception as e:
+                logger.exception(e)
+
+            # AA v3 NIGHT_MODE
+            # Set our Night mode flag from the DB
+            # Null = hasnt been set by the user ever, dont act.
+            #
+            # Night mode intercept is not needed in this middleware.
+            # is saved direct to DB in NightModeRedirectView
+            try:
+                if request.user.profile.night_mode is not None:
+                    request.session["NIGHT_MODE"] = request.user.profile.night_mode
+            except Exception as e:
+                logger.exception(e)
+
+            # AA v4 Themes
+            # Null = has not been set by the user ever, dont act
+            # DEFAULT_THEME or DEFAULT_THEME_DARK will be used in get_theme()
+            try:
+                if request.user.profile.theme is not None:
+                    request.session["THEME"] = request.user.profile.theme
+            except Exception as e:
+                logger.exception(e)
+
+        return response

allianceauth/authentication/migrations/0001_initial.py

@@ -1,6 +1,4 @@
-# -*- coding: utf-8 -*-
 # Generated by Django 1.10.1 on 2016-09-05 21:38
-from __future__ import unicode_literals
 
 from django.conf import settings
 from django.db import migrations, models

allianceauth/authentication/migrations/0002_auto_20160907_1914.py

@@ -1,6 +1,4 @@
-# -*- coding: utf-8 -*-
 # Generated by Django 1.10.1 on 2016-09-07 19:14
-from __future__ import unicode_literals
 
 from django.db import migrations
 

allianceauth/authentication/migrations/0003_authservicesinfo_state.py

@@ -1,6 +1,4 @@
-# -*- coding: utf-8 -*-
 # Generated by Django 1.10.1 on 2016-09-09 20:29
-from __future__ import unicode_literals
 
 from django.db import migrations, models
 

allianceauth/authentication/migrations/0004_create_permissions.py

@@ -1,6 +1,4 @@
-# -*- coding: utf-8 -*-
 # Generated by Django 1.10.1 on 2016-09-09 23:19
-from __future__ import unicode_literals
 
 from django.db import migrations
 

allianceauth/authentication/migrations/0005_delete_perms.py

@@ -1,6 +1,4 @@
-# -*- coding: utf-8 -*-
 # Generated by Django 1.10.1 on 2016-09-09 23:11
-from __future__ import unicode_literals
 
 from django.db import migrations
 

allianceauth/authentication/migrations/0006_auto_20160910_0542.py

@@ -1,6 +1,4 @@
-# -*- coding: utf-8 -*-
 # Generated by Django 1.10.1 on 2016-09-10 05:42
-from __future__ import unicode_literals
 
 from django.db import migrations
 

allianceauth/authentication/migrations/0007_remove_authservicesinfo_is_blue.py

@@ -1,6 +1,4 @@
-# -*- coding: utf-8 -*-
 # Generated by Django 1.10.1 on 2016-09-10 21:50
-from __future__ import unicode_literals
 
 from django.db import migrations
 

allianceauth/authentication/migrations/0008_set_state.py

@@ -1,6 +1,4 @@
-# -*- coding: utf-8 -*-
 # Generated by Django 1.10.1 on 2016-09-12 13:04
-from __future__ import unicode_literals
 
 from django.db import migrations
 

allianceauth/authentication/migrations/0009_auto_20161021_0228.py

@@ -1,6 +1,4 @@
-# -*- coding: utf-8 -*-
 # Generated by Django 1.10.2 on 2016-10-21 02:28
-from __future__ import unicode_literals
 
 from django.db import migrations, models
 

allianceauth/authentication/migrations/0010_only_one_authservicesinfo.py

@@ -1,6 +1,4 @@
-# -*- coding: utf-8 -*-
 # Generated by Django 1.10.1 on 2017-01-07 06:47
-from __future__ import unicode_literals
 
 from django.db import migrations
 
@@ -10,7 +8,7 @@ def count_completed_fields(model):
 def forward(apps, schema_editor):
     # this ensures only one model exists per user
     AuthServicesInfo = apps.get_model('authentication', 'AuthServicesInfo')
-    users = set([a.user for a in AuthServicesInfo.objects.all()])
+    users = {a.user for a in AuthServicesInfo.objects.all()}
     for u in users:
         auths = AuthServicesInfo.objects.filter(user=u)
         if auths.count() > 1:

allianceauth/authentication/migrations/0011_authservicesinfo_user_onetoonefield.py

@@ -1,6 +1,4 @@
-# -*- coding: utf-8 -*-
 # Generated by Django 1.10.1 on 2017-01-07 07:11
-from __future__ import unicode_literals
 
 from django.conf import settings
 from django.db import migrations, models

allianceauth/authentication/migrations/0012_remove_add_delete_authservicesinfo_permissions.py

@@ -1,6 +1,4 @@
-# -*- coding: utf-8 -*-
 # Generated by Django 1.10.5 on 2017-01-12 00:59
-from __future__ import unicode_literals
 
 from django.db import migrations, models
 

allianceauth/authentication/migrations/0013_service_modules.py

@@ -1,6 +1,4 @@
-# -*- coding: utf-8 -*-
 # Generated by Django 1.10.2 on 2016-12-11 23:14
-from __future__ import unicode_literals
 
 from django.db import migrations
 

allianceauth/authentication/migrations/0014_fleetup_permission.py

@@ -1,6 +1,4 @@
-# -*- coding: utf-8 -*-
 # Generated by Django 1.10.1 on 2016-09-09 23:19
-from __future__ import unicode_literals
 
 from django.db import migrations
 

allianceauth/authentication/migrations/0015_user_profiles.py

@@ -1,6 +1,4 @@
-# -*- coding: utf-8 -*-
 # Generated by Django 1.10.5 on 2017-03-22 23:09
-from __future__ import unicode_literals
 
 import allianceauth.authentication.models
 import django.db.models.deletion
@@ -171,8 +169,7 @@ def recreate_authservicesinfo(apps, schema_editor):
 
     # repopulate main characters
     for profile in UserProfile.objects.exclude(main_character__isnull=True).select_related('user', 'main_character'):
-        AuthServicesInfo.objects.update_or_create(user=profile.user,
-                                                  defaults={'main_char_id': profile.main_character.character_id})
+        AuthServicesInfo.objects.update_or_create(user=profile.user, defaults={'main_char_id': profile.main_character.character_id})
 
     # repopulate states we understand
     for profile in UserProfile.objects.exclude(state__name='Guest').filter(

allianceauth/authentication/migrations/0017_remove_fleetup_permission.py

@@ -0,0 +1,20 @@
+from django.db import migrations
+
+
+def remove_permission(apps, schema_editor):
+    User = apps.get_model('auth', 'User')
+    ContentType = apps.get_model('contenttypes', 'ContentType')
+    Permission = apps.get_model('auth', 'Permission')
+    ct = ContentType.objects.get_for_model(User)
+    Permission.objects.filter(codename="view_fleetup", content_type=ct, name="view_fleetup").delete()
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('authentication', '0016_ownershiprecord'),
+    ]
+
+    operations = [
+        migrations.RunPython(remove_permission, migrations.RunPython.noop)
+    ]

allianceauth/authentication/migrations/0018_alter_state_name_length.py

@@ -0,0 +1,18 @@
+# Generated by Django 3.2.8 on 2021-10-20 05:22
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('authentication', '0017_remove_fleetup_permission'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='state',
+            name='name',
+            field=models.CharField(max_length=32, unique=True),
+        ),
+    ]

allianceauth/authentication/migrations/0018_state_member_factions.py

@@ -0,0 +1,19 @@
+# Generated by Django 3.1.13 on 2021-10-12 20:21
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('eveonline', '0015_factions'),
+        ('authentication', '0017_remove_fleetup_permission'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='state',
+            name='member_factions',
+            field=models.ManyToManyField(blank=True, help_text='Factions to whose members this state is available.', to='eveonline.EveFactionInfo'),
+        ),
+    ]

allianceauth/authentication/migrations/0019_merge_20211026_0919.py

@@ -0,0 +1,14 @@
+# Generated by Django 3.2.8 on 2021-10-26 09:19
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('authentication', '0018_alter_state_name_length'),
+        ('authentication', '0018_state_member_factions'),
+    ]
+
+    operations = [
+    ]

allianceauth/authentication/migrations/0020_userprofile_language_userprofile_night_mode.py

@@ -0,0 +1,23 @@
+# Generated by Django 4.0.2 on 2022-02-26 03:45
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('authentication', '0019_merge_20211026_0919'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='userprofile',
+            name='language',
+            field=models.CharField(blank=True, choices=[('en', 'English'), ('de', 'German'), ('es', 'Spanish'), ('zh-hans', 'Chinese Simplified'), ('ru', 'Russian'), ('ko', 'Korean'), ('fr', 'French'), ('ja', 'Japanese'), ('it', 'Italian')], default='', max_length=10, verbose_name='Language'),
+        ),
+        migrations.AddField(
+            model_name='userprofile',
+            name='night_mode',
+            field=models.BooleanField(blank=True, null=True, verbose_name='Night Mode'),
+        ),
+    ]

allianceauth/authentication/migrations/0021_alter_userprofile_language.py

@@ -0,0 +1,34 @@
+# Generated by Django 4.0.10 on 2023-05-28 15:36
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("authentication", "0020_userprofile_language_userprofile_night_mode"),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name="userprofile",
+            name="language",
+            field=models.CharField(
+                blank=True,
+                choices=[
+                    ("en", "English"),
+                    ("de", "German"),
+                    ("es", "Spanish"),
+                    ("zh-hans", "Chinese Simplified"),
+                    ("ru", "Russian"),
+                    ("ko", "Korean"),
+                    ("fr", "French"),
+                    ("ja", "Japanese"),
+                    ("it", "Italian"),
+                    ("uk", "Ukrainian"),
+                ],
+                default="",
+                max_length=10,
+                verbose_name="Language",
+            ),
+        ),
+    ]

allianceauth/authentication/migrations/0022_userprofile_theme.py

@@ -0,0 +1,18 @@
+# Generated by Django 4.0.10 on 2023-10-07 07:59
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('authentication', '0021_alter_userprofile_language'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='userprofile',
+            name='theme',
+            field=models.CharField(blank=True, help_text='Bootstrap 5 Themes from https://bootswatch.com/ or Community Apps', max_length=200, null=True, verbose_name='Theme'),
+        ),
+    ]

allianceauth/authentication/migrations/0023_alter_userprofile_language.py

@@ -0,0 +1,18 @@
+# Generated by Django 4.2.13 on 2024-05-12 09:44
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('authentication', '0022_userprofile_theme'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='userprofile',
+            name='language',
+            field=models.CharField(blank=True, choices=[('en', 'English'), ('de', 'German'), ('es', 'Spanish'), ('zh-hans', 'Chinese Simplified'), ('ru', 'Russian'), ('ko', 'Korean'), ('fr', 'French'), ('ja', 'Japanese'), ('it', 'Italian'), ('uk', 'Ukrainian'), ('pl', 'Polish')], default='', max_length=10, verbose_name='Language'),
+        ),
+    ]

allianceauth/authentication/migrations/0024_alter_userprofile_language.py

@@ -0,0 +1,18 @@
+# Generated by Django 4.2 on 2024-09-13 09:46
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('authentication', '0023_alter_userprofile_language'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='userprofile',
+            name='language',
+            field=models.CharField(blank=True, choices=[('en', 'English'), ('cs-cz', 'Czech'), ('de', 'German'), ('es', 'Spanish'), ('it-it', 'Italian'), ('ja', 'Japanese'), ('ko-kr', 'Korean'), ('fr-fr', 'French'), ('ru', 'Russian'), ('nl-nl', 'Dutch'), ('pl-pl', 'Polish'), ('uk', 'Ukrainian'), ('zh-hans', 'Simplified Chinese')], default='', max_length=10, verbose_name='Language'),
+        ),
+    ]

allianceauth/authentication/models.py

@@ -1,10 +1,12 @@
 import logging
+from typing import ClassVar
 
 from django.contrib.auth.models import User, Permission
 from django.db import models, transaction
-from django.utils.translation import ugettext_lazy as _
-from allianceauth.eveonline.models import EveCharacter, EveCorporationInfo, EveAllianceInfo
+from django.utils.translation import gettext_lazy as _
+from allianceauth.eveonline.models import EveCharacter, EveCorporationInfo, EveAllianceInfo, EveFactionInfo
 from allianceauth.notifications import notify
+from django.conf import settings
 
 from .managers import CharacterOwnershipManager, StateManager
 
@@ -12,10 +14,9 @@ logger = logging.getLogger(__name__)
 
 
 class State(models.Model):
-    name = models.CharField(max_length=20, unique=True)
+    name = models.CharField(max_length=32, unique=True)
     permissions = models.ManyToManyField(Permission, blank=True)
-    priority = models.IntegerField(unique=True,
-                                   help_text="Users get assigned the state with the highest priority available to them.")
+    priority = models.IntegerField(unique=True, help_text="Users get assigned the state with the highest priority available to them.")
 
     member_characters = models.ManyToManyField(EveCharacter, blank=True,
                                                 help_text="Characters to which this state is available.")
@@ -23,9 +24,11 @@ class State(models.Model):
                                                 help_text="Corporations to whose members this state is available.")
     member_alliances = models.ManyToManyField(EveAllianceInfo, blank=True,
                                             help_text="Alliances to whose members this state is available.")
+    member_factions = models.ManyToManyField(EveFactionInfo, blank=True,
+                                            help_text="Factions to whose members this state is available.")
     public = models.BooleanField(default=False, help_text="Make this state available to any character.")
 
-    objects = StateManager()
+    objects: ClassVar[StateManager] = StateManager()
 
     class Meta:
         ordering = ['-priority']
@@ -43,7 +46,7 @@ class State(models.Model):
         with transaction.atomic():
             for profile in self.userprofile_set.all():
                 profile.assign_state(state=State.objects.exclude(pk=self.pk).get_for_user(profile.user))
-        super(State, self).delete(**kwargs)
+        super().delete(**kwargs)
 
 
 def get_guest_state():
@@ -61,9 +64,54 @@ class UserProfile(models.Model):
     class Meta:
         default_permissions = ('change',)
 
-    user = models.OneToOneField(User, related_name='profile', on_delete=models.CASCADE)
-    main_character = models.OneToOneField(EveCharacter, blank=True, null=True, on_delete=models.SET_NULL)
-    state = models.ForeignKey(State, on_delete=models.SET_DEFAULT, default=get_guest_state_pk)
+    class Language(models.TextChoices):
+        """
+        Choices for UserProfile.language
+        """
+        # Sorted by Language Code alphabetical order + English at top
+        ENGLISH = 'en', _('English')
+        CZECH = 'cs-cz', _("Czech")  # Not yet at 50% translated
+        GERMAN = 'de', _('German')
+        SPANISH = 'es', _('Spanish')
+        ITALIAN = 'it-it', _('Italian')
+        JAPANESE = 'ja', _('Japanese')
+        KOREAN = 'ko-kr', _('Korean')
+        FRENCH = 'fr-fr', _('French')
+        RUSSIAN = 'ru', _('Russian')
+        DUTCH = 'nl-nl', _("Dutch")
+        POLISH = 'pl-pl', _("Polish")
+        UKRAINIAN = 'uk', _('Ukrainian')
+        CHINESE = 'zh-hans', _('Simplified Chinese')
+
+    user = models.OneToOneField(
+        User,
+        related_name='profile',
+        on_delete=models.CASCADE)
+    main_character = models.OneToOneField(
+        EveCharacter,
+        blank=True,
+        null=True,
+        on_delete=models.SET_NULL)
+    state = models.ForeignKey(
+        State,
+        on_delete=models.SET_DEFAULT,
+        default=get_guest_state_pk)
+    language = models.CharField(
+        _("Language"), max_length=10,
+        choices=Language.choices,
+        blank=True,
+        default='')
+    night_mode = models.BooleanField(
+        _("Night Mode"),
+        blank=True,
+        null=True)
+    theme = models.CharField(
+        _("Theme"),
+        max_length=200,
+        blank=True,
+        null=True,
+        help_text="Bootstrap 5 Themes from https://bootswatch.com/ or Community Apps"
+    )
 
     def assign_state(self, state=None, commit=True):
         if not state:
@@ -71,15 +119,26 @@ class UserProfile(models.Model):
         if self.state != state:
             self.state = state
             if commit:
-                logger.info('Updating {} state to {}'.format(self.user, self.state))
+                logger.info(f'Updating {self.user} state to {self.state}')
                 self.save(update_fields=['state'])
-                notify(self.user, _('State Changed'),
-                       _('Your user state has been changed to %(state)s') % ({'state': state}),
-                       'info')
+                notify(
+                    self.user,
+                    _('State changed to: %s' % state),
+                    _('Your user\'s state is now: %(state)s')
+                    % ({'state': state}),
+                    'info'
+                )
                 from allianceauth.authentication.signals import state_changed
-                state_changed.send(sender=self.__class__, user=self.user, state=self.state)
 
-    def __str__(self):
+                # We need to ensure we get up to date perms here as they will have just changed.
+                # Clear all attribute caches and reload the model that will get passed to the signals!
+                self.refresh_from_db()
+
+                state_changed.send(
+                    sender=self.__class__, user=self.user, state=self.state
+                )
+
+    def __str__(self) -> str:
         return str(self.user)
 
 
@@ -92,10 +151,10 @@ class CharacterOwnership(models.Model):
     owner_hash = models.CharField(max_length=28, unique=True)
     user = models.ForeignKey(User, on_delete=models.CASCADE, related_name='character_ownerships')
 
-    objects = CharacterOwnershipManager()
+    objects: ClassVar[CharacterOwnershipManager] = CharacterOwnershipManager()
 
     def __str__(self):
-        return "%s: %s" % (self.user, self.character)
+        return f"{self.user}: {self.character}"
 
 
 class OwnershipRecord(models.Model):
@@ -108,4 +167,4 @@ class OwnershipRecord(models.Model):
         ordering = ['-created']
 
     def __str__(self):
-        return "%s: %s on %s" % (self.user, self.character, self.created)
+        return f"{self.user}: {self.character} on {self.created}"

allianceauth/authentication/signals.py

@@ -1,6 +1,11 @@
 import logging
 
-from .models import CharacterOwnership, UserProfile, get_guest_state, State, OwnershipRecord
+from .models import (
+    CharacterOwnership,
+    UserProfile,
+    get_guest_state,
+    State,
+    OwnershipRecord)
 from django.contrib.auth.models import User
 from django.db.models import Q
 from django.db.models.signals import pre_save, post_save, pre_delete, post_delete, m2m_changed
@@ -11,7 +16,7 @@ from allianceauth.eveonline.models import EveCharacter
 
 logger = logging.getLogger(__name__)
 
-state_changed = Signal(providing_args=['user', 'state'])
+state_changed = Signal()
 
 
 def trigger_state_check(state):
@@ -23,35 +28,38 @@ def trigger_state_check(state):
     check_states = State.objects.filter(priority__lt=state.priority)
     for profile in UserProfile.objects.filter(state__in=check_states):
         if state.available_to_user(profile.user):
-            profile.state = state
-            profile.save(update_fields=['state'])
-            state_changed.send(sender=state.__class__, user=profile.user, state=state)
+            profile.assign_state(state)
 
 
 @receiver(m2m_changed, sender=State.member_characters.through)
 def state_member_characters_changed(sender, instance, action, *args, **kwargs):
     if action.startswith('post_'):
-        logger.debug('State {} member characters changed. Re-evaluating membership.'.format(instance))
+        logger.debug(f'State {instance} member characters changed. Re-evaluating membership.')
         trigger_state_check(instance)
 
 
 @receiver(m2m_changed, sender=State.member_corporations.through)
 def state_member_corporations_changed(sender, instance, action, *args, **kwargs):
     if action.startswith('post_'):
-        logger.debug('State {} member corporations changed. Re-evaluating membership.'.format(instance))
+        logger.debug(f'State {instance} member corporations changed. Re-evaluating membership.')
         trigger_state_check(instance)
 
 
 @receiver(m2m_changed, sender=State.member_alliances.through)
 def state_member_alliances_changed(sender, instance, action, *args, **kwargs):
     if action.startswith('post_'):
-        logger.debug('State {} member alliances changed. Re-evaluating membership.'.format(instance))
+        logger.debug(f'State {instance} member alliances changed. Re-evaluating membership.')
         trigger_state_check(instance)
 
+@receiver(m2m_changed, sender=State.member_factions.through)
+def state_member_factions_changed(sender, instance, action, *args, **kwargs):
+    if action.startswith('post_'):
+        logger.debug(f'State {instance} member factions changed. Re-evaluating membership.')
+        trigger_state_check(instance)
 
 @receiver(post_save, sender=State)
 def state_saved(sender, instance, *args, **kwargs):
-    logger.debug('State {} saved. Re-evaluating membership.'.format(instance))
+    logger.debug(f'State {instance} saved. Re-evaluating membership.')
     trigger_state_check(instance)
 
 
@@ -62,23 +70,22 @@ def reassess_on_profile_save(sender, instance, created, *args, **kwargs):
     if not created:
         update_fields = kwargs.pop('update_fields', []) or []
         if 'state' not in update_fields:
-            logger.debug('Profile for {} saved without state change. Re-evaluating state.'.format(instance.user))
+            logger.debug(f'Profile for {instance.user} saved without state change. Re-evaluating state.')
             instance.assign_state()
 
 
 @receiver(post_save, sender=User)
 def create_required_models(sender, instance, created, *args, **kwargs):
-    # ensure all users have a model
+    # ensure all users have our Sub-Models
     if created:
-        logger.debug('User {} created. Creating default UserProfile.'.format(instance))
+        logger.debug(f'User {instance} created. Creating default UserProfile.')
         UserProfile.objects.get_or_create(user=instance)
 
 
 @receiver(post_save, sender=Token)
 def record_character_ownership(sender, instance, created, *args, **kwargs):
     if created:
-        logger.debug('New token for {0} character {1} saved. Evaluating ownership.'.format(instance.user,
-                                                                                           instance.character_name))
+        logger.debug(f'New token for {instance.user} character {instance.character_name} saved. Evaluating ownership.')
         if instance.user:
             query = Q(owner_hash=instance.character_owner_hash) & Q(user=instance.user)
         else:
@@ -87,25 +94,21 @@ def record_character_ownership(sender, instance, created, *args, **kwargs):
         CharacterOwnership.objects.filter(character__character_id=instance.character_id).exclude(query).delete()
         # create character if needed
         if EveCharacter.objects.filter(character_id=instance.character_id).exists() is False:
-            logger.debug('Token is for a new character. Creating model for {0} ({1})'.format(instance.character_name,
-                                                                                             instance.character_id))
+            logger.debug(f'Token is for a new character. Creating model for {instance.character_name} ({instance.character_id})')
             EveCharacter.objects.create_character(instance.character_id)
         char = EveCharacter.objects.get(character_id=instance.character_id)
         # check if we need to create ownership
         if instance.user and not CharacterOwnership.objects.filter(
                 character__character_id=instance.character_id).exists():
-            logger.debug("Character {0} is not yet owned. Assigning ownership to {1}".format(instance.character_name,
-                                                                                             instance.user))
-            CharacterOwnership.objects.update_or_create(character=char,
-                                                        defaults={'owner_hash': instance.character_owner_hash,
-                                                                  'user': instance.user})
+            logger.debug(f"Character {instance.character_name} is not yet owned. Assigning ownership to {instance.user}")
+            CharacterOwnership.objects.update_or_create(character=char, defaults={'owner_hash': instance.character_owner_hash, 'user': instance.user})
 
 
 @receiver(pre_delete, sender=CharacterOwnership)
 def validate_main_character(sender, instance, *args, **kwargs):
     try:
         if instance.user.profile.main_character == instance.character:
-            logger.info("Ownership of a main character {0} has been revoked. Resetting {1} main character.".format(
+            logger.info("Ownership of a main character {} has been revoked. Resetting {} main character.".format(
                 instance.character, instance.user))
             # clear main character as user no longer owns them
             instance.user.profile.main_character = None
@@ -118,7 +121,7 @@ def validate_main_character(sender, instance, *args, **kwargs):
 @receiver(post_delete, sender=Token)
 def validate_ownership(sender, instance, *args, **kwargs):
     if not Token.objects.filter(character_owner_hash=instance.character_owner_hash).filter(refresh_token__isnull=False).exists():
-        logger.info("No remaining tokens to validate ownership of character {0}. Revoking ownership.".format(instance.character_name))
+        logger.info(f"No remaining tokens to validate ownership of character {instance.character_name}. Revoking ownership.")
         CharacterOwnership.objects.filter(owner_hash=instance.character_owner_hash).delete()
 
 
@@ -129,11 +132,11 @@ def assign_state_on_active_change(sender, instance, *args, **kwargs):
         old_instance = User.objects.get(pk=instance.pk)
         if old_instance.is_active != instance.is_active:
             if instance.is_active:
-                logger.debug("User {0} has been activated. Assigning state.".format(instance))
+                logger.debug(f"User {instance} has been activated. Assigning state.")
                 instance.profile.assign_state()
             else:
                 logger.debug(
-                    "User {0} has been deactivated. Revoking state and assigning to guest state.".format(instance))
+                    f"User {instance} has been deactivated. Revoking state and assigning to guest state.")
                 instance.profile.state = get_guest_state()
                 instance.profile.save(update_fields=['state'])
 
@@ -142,10 +145,10 @@ def assign_state_on_active_change(sender, instance, *args, **kwargs):
 def check_state_on_character_update(sender, instance, *args, **kwargs):
     # if this is a main character updating, check that user's state
     try:
-        logger.debug("Character {0} has been saved. Assessing owner's state for changes.".format(instance))
+        logger.debug(f"Character {instance} has been saved. Assessing owner's state for changes.")
         instance.userprofile.assign_state()
     except UserProfile.DoesNotExist:
-        logger.debug("Character {0} is not a main character. No state assessment required.".format(instance))
+        logger.debug(f"Character {instance} is not a main character. No state assessment required.")
         pass
 
 
@@ -155,7 +158,7 @@ def ownership_record_creation(sender, instance, created, *args, **kwargs):
         records = OwnershipRecord.objects.filter(owner_hash=instance.owner_hash).filter(character=instance.character)
         if records.exists():
             if records[0].user == instance.user:  # most recent record is sorted first
-                logger.debug("Already have ownership record of {0} by user {1}".format(instance.character, instance.user))
+                logger.debug(f"Already have ownership record of {instance.character} by user {instance.user}")
                 return
-        logger.info("Character {0} has a new owner {1}. Creating ownership record.".format(instance.character, instance.user))
+        logger.info(f"Character {instance.character} has a new owner {instance.user}. Creating ownership record.")
         OwnershipRecord.objects.create(user=instance.user, character=instance.character, owner_hash=instance.owner_hash)

allianceauth/authentication/static/allianceauth/authentication/css/admin.css

@@ -0,0 +1,31 @@
+/*
+CSS for allianceauth admin site
+*/
+
+/* styling for profile pic */
+.img-circle {
+    border-radius: 50%;
+}
+
+.column-user_profile_pic {
+    white-space: nowrap;
+    width: 1px;
+}
+
+/* tooltip */
+.tooltip {
+    position: relative;
+}
+
+.tooltip:hover::after {
+    background-color: rgb(255 255 204);
+    border: 1px rgb(128 128 128) solid;
+    color: rgb(0 0 0);
+    content: attr(data-tooltip);
+    left: 1em;
+    min-width: 200px;
+    padding: 8px;
+    position: absolute;
+    top: 1.1em;
+    z-index: 1;
+}

allianceauth/authentication/task_statistics/counters.py

@@ -0,0 +1,45 @@
+"""Counters for Task Statistics."""
+
+import datetime as dt
+from typing import NamedTuple, Optional
+
+from .event_series import EventSeries
+
+# Global series for counting task events.
+succeeded_tasks = EventSeries("SUCCEEDED_TASKS")
+retried_tasks = EventSeries("RETRIED_TASKS")
+failed_tasks = EventSeries("FAILED_TASKS")
+
+
+class _TaskCounts(NamedTuple):
+    succeeded: int
+    retried: int
+    failed: int
+    total: int
+    earliest_task: Optional[dt.datetime]
+    hours: int
+
+
+def dashboard_results(hours: int) -> _TaskCounts:
+    """Counts of all task events within the given time frame."""
+
+    def earliest_if_exists(events: EventSeries, earliest: dt.datetime) -> list:
+        my_earliest = events.first_event(earliest=earliest)
+        return [my_earliest] if my_earliest else []
+
+    earliest = dt.datetime.utcnow() - dt.timedelta(hours=hours)
+    earliest_events = []
+    succeeded_count = succeeded_tasks.count(earliest=earliest)
+    earliest_events += earliest_if_exists(succeeded_tasks, earliest)
+    retried_count = retried_tasks.count(earliest=earliest)
+    earliest_events += earliest_if_exists(retried_tasks, earliest)
+    failed_count = failed_tasks.count(earliest=earliest)
+    earliest_events += earliest_if_exists(failed_tasks, earliest)
+    return _TaskCounts(
+        succeeded=succeeded_count,
+        retried=retried_count,
+        failed=failed_count,
+        total=succeeded_count + retried_count + failed_count,
+        earliest_task=min(earliest_events) if earliest_events else None,
+        hours=hours,
+    )

allianceauth/authentication/task_statistics/event_series.py

@@ -0,0 +1,100 @@
+"""Event series for Task Statistics."""
+
+import datetime as dt
+import logging
+from typing import List, Optional
+
+from pytz import utc
+from redis import Redis
+
+from .helpers import get_redis_client_or_stub
+
+logger = logging.getLogger(__name__)
+
+
+class EventSeries:
+    """API for recording and analyzing a series of events."""
+
+    _ROOT_KEY = "ALLIANCEAUTH_EVENT_SERIES"
+
+    def __init__(self, key_id: str, redis: Optional[Redis] = None) -> None:
+        self._redis = get_redis_client_or_stub() if not redis else redis
+        self._key_id = str(key_id)
+        self.clear()
+
+    @property
+    def is_disabled(self):
+        """True when this object is disabled, e.g. Redis was not available at startup."""
+        return hasattr(self._redis, "IS_STUB")
+
+    @property
+    def _key_counter(self):
+        return f"{self._ROOT_KEY}_{self._key_id}_COUNTER"
+
+    @property
+    def _key_sorted_set(self):
+        return f"{self._ROOT_KEY}_{self._key_id}_SORTED_SET"
+
+    def add(self, event_time: dt.datetime = None) -> None:
+        """Add event.
+
+        Args:
+        - event_time: timestamp of event. Will use current time if not specified.
+        """
+        if not event_time:
+            event_time = dt.datetime.utcnow()
+        my_id = self._redis.incr(self._key_counter)
+        self._redis.zadd(self._key_sorted_set, {my_id: event_time.timestamp()})
+
+    def all(self) -> List[dt.datetime]:
+        """List of all known events."""
+        return [
+            event[1]
+            for event in self._redis.zrangebyscore(
+                self._key_sorted_set,
+                "-inf",
+                "+inf",
+                withscores=True,
+                score_cast_func=self._cast_scores_to_dt,
+            )
+        ]
+
+    def clear(self) -> None:
+        """Clear all events."""
+        self._redis.delete(self._key_sorted_set)
+        self._redis.delete(self._key_counter)
+
+    def count(self, earliest: dt.datetime = None, latest: dt.datetime = None) -> int:
+        """Count of events, can be restricted to given time frame.
+
+        Args:
+        - earliest: Date of first events to count(inclusive), or -infinite if not specified
+        - latest: Date of last events to count(inclusive), or +infinite if not specified
+        """
+        minimum = "-inf" if not earliest else earliest.timestamp()
+        maximum = "+inf" if not latest else latest.timestamp()
+        return self._redis.zcount(self._key_sorted_set, min=minimum, max=maximum)
+
+    def first_event(self, earliest: dt.datetime = None) -> Optional[dt.datetime]:
+        """Date/Time of first event. Returns `None` if series has no events.
+
+        Args:
+        - earliest: Date of first events to count(inclusive), or any if not specified
+        """
+        minimum = "-inf" if not earliest else earliest.timestamp()
+        event = self._redis.zrangebyscore(
+            self._key_sorted_set,
+            minimum,
+            "+inf",
+            withscores=True,
+            start=0,
+            num=1,
+            score_cast_func=self._cast_scores_to_dt,
+        )
+        if not event:
+            return None
+        return event[0][1]
+
+    @staticmethod
+    def _cast_scores_to_dt(score) -> dt.datetime:
+        return dt.datetime.fromtimestamp(float(score), tz=utc)

allianceauth/authentication/task_statistics/helpers.py

@@ -0,0 +1,49 @@
+"""Helpers for Task Statistics."""
+
+import logging
+
+from redis import Redis, RedisError
+
+from allianceauth.utils.cache import get_redis_client
+
+logger = logging.getLogger(__name__)
+
+
+class _RedisStub:
+    """Stub of a Redis client.
+
+    It's purpose is to prevent EventSeries objects from trying to access Redis
+    when it is not available. e.g. when the Sphinx docs are rendered by readthedocs.org.
+    """
+
+    IS_STUB = True
+
+    def delete(self, *args, **kwargs):
+        pass
+
+    def incr(self, *args, **kwargs):
+        return 0
+
+    def zadd(self, *args, **kwargs):
+        pass
+
+    def zcount(self, *args, **kwargs):
+        pass
+
+    def zrangebyscore(self, *args, **kwargs):
+        pass
+
+
+def get_redis_client_or_stub() -> Redis:
+    """Return AA's default cache client or a stub if Redis is not available."""
+    redis = get_redis_client()
+    try:
+        if not redis.ping():
+            raise RuntimeError()
+    except (AttributeError, RedisError, RuntimeError):
+        logger.exception(
+            "Failed to establish a connection with Redis. "
+            "This EventSeries object is disabled.",
+        )
+        return _RedisStub()
+    return redis

allianceauth/authentication/task_statistics/signals.py

@@ -0,0 +1,53 @@
+"""Signals for Task Statistics."""
+
+from celery.signals import (
+    task_failure, task_internal_error, task_retry, task_success, worker_ready,
+)
+
+from django.conf import settings
+
+from .counters import failed_tasks, retried_tasks, succeeded_tasks
+
+
+def reset_counters():
+    """Reset all counters for the celery status."""
+    succeeded_tasks.clear()
+    failed_tasks.clear()
+    retried_tasks.clear()
+
+
+def is_enabled() -> bool:
+    """Return True if task statistics are enabled, else return False."""
+    return not bool(
+        getattr(settings, "ALLIANCEAUTH_DASHBOARD_TASK_STATISTICS_DISABLED", False)
+    )
+
+
+@worker_ready.connect
+def reset_counters_when_celery_restarted(*args, **kwargs):
+    if is_enabled():
+        reset_counters()
+
+
+@task_success.connect
+def record_task_succeeded(*args, **kwargs):
+    if is_enabled():
+        succeeded_tasks.add()
+
+
+@task_retry.connect
+def record_task_retried(*args, **kwargs):
+    if is_enabled():
+        retried_tasks.add()
+
+
+@task_failure.connect
+def record_task_failed(*args, **kwargs):
+    if is_enabled():
+        failed_tasks.add()
+
+
+@task_internal_error.connect
+def record_task_internal_error(*args, **kwargs):
+    if is_enabled():
+        failed_tasks.add()

allianceauth/authentication/task_statistics/tests/test_counters.py

@@ -0,0 +1,52 @@
+import datetime as dt
+
+from django.test import TestCase
+from django.utils.timezone import now
+
+from allianceauth.authentication.task_statistics.counters import (
+    dashboard_results, failed_tasks, retried_tasks, succeeded_tasks,
+)
+
+
+class TestDashboardResults(TestCase):
+    def test_should_return_counts_for_given_time_frame_only(self):
+        # given
+        earliest_task = now() - dt.timedelta(minutes=15)
+
+        succeeded_tasks.clear()
+        succeeded_tasks.add(now() - dt.timedelta(hours=1, seconds=1))
+        succeeded_tasks.add(earliest_task)
+        succeeded_tasks.add()
+        succeeded_tasks.add()
+
+        retried_tasks.clear()
+        retried_tasks.add(now() - dt.timedelta(hours=1, seconds=1))
+        retried_tasks.add(now() - dt.timedelta(seconds=30))
+        retried_tasks.add()
+
+        failed_tasks.clear()
+        failed_tasks.add(now() - dt.timedelta(hours=1, seconds=1))
+        failed_tasks.add()
+
+        # when
+        results = dashboard_results(hours=1)
+        # then
+        self.assertEqual(results.succeeded, 3)
+        self.assertEqual(results.retried, 2)
+        self.assertEqual(results.failed, 1)
+        self.assertEqual(results.total, 6)
+        self.assertEqual(results.earliest_task, earliest_task)
+
+    def test_should_work_with_no_data(self):
+        # given
+        succeeded_tasks.clear()
+        retried_tasks.clear()
+        failed_tasks.clear()
+        # when
+        results = dashboard_results(hours=1)
+        # then
+        self.assertEqual(results.succeeded, 0)
+        self.assertEqual(results.retried, 0)
+        self.assertEqual(results.failed, 0)
+        self.assertEqual(results.total, 0)
+        self.assertIsNone(results.earliest_task)

allianceauth/authentication/task_statistics/tests/test_event_series.py

@@ -0,0 +1,151 @@
+import datetime as dt
+
+from pytz import utc
+
+from django.test import TestCase
+from django.utils.timezone import now
+
+from allianceauth.authentication.task_statistics.event_series import (
+    EventSeries,
+)
+from allianceauth.authentication.task_statistics.helpers import _RedisStub
+
+MODULE_PATH = "allianceauth.authentication.task_statistics.event_series"
+
+
+class TestEventSeries(TestCase):
+    def test_should_add_event(self):
+        # given
+        events = EventSeries("dummy")
+        # when
+        events.add()
+        # then
+        result = events.all()
+        self.assertEqual(len(result), 1)
+        self.assertAlmostEqual(result[0], now(), delta=dt.timedelta(seconds=30))
+
+    def test_should_add_event_with_specified_time(self):
+        # given
+        events = EventSeries("dummy")
+        my_time = dt.datetime(2021, 11, 1, 12, 15, tzinfo=utc)
+        # when
+        events.add(my_time)
+        # then
+        result = events.all()
+        self.assertEqual(len(result), 1)
+        self.assertAlmostEqual(result[0], my_time, delta=dt.timedelta(seconds=30))
+
+    def test_should_count_events(self):
+        # given
+        events = EventSeries("dummy")
+        events.add()
+        events.add()
+        # when
+        result = events.count()
+        # then
+        self.assertEqual(result, 2)
+
+    def test_should_count_zero(self):
+        # given
+        events = EventSeries("dummy")
+        # when
+        result = events.count()
+        # then
+        self.assertEqual(result, 0)
+
+    def test_should_count_events_within_timeframe_1(self):
+        # given
+        events = EventSeries("dummy")
+        events.add(dt.datetime(2021, 12, 1, 12, 0, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 10, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 15, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 30, tzinfo=utc))
+        # when
+        result = events.count(
+            earliest=dt.datetime(2021, 12, 1, 12, 8, tzinfo=utc),
+            latest=dt.datetime(2021, 12, 1, 12, 17, tzinfo=utc),
+        )
+        # then
+        self.assertEqual(result, 2)
+
+    def test_should_count_events_within_timeframe_2(self):
+        # given
+        events = EventSeries("dummy")
+        events.add(dt.datetime(2021, 12, 1, 12, 0, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 10, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 15, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 30, tzinfo=utc))
+        # when
+        result = events.count(earliest=dt.datetime(2021, 12, 1, 12, 8))
+        # then
+        self.assertEqual(result, 3)
+
+    def test_should_count_events_within_timeframe_3(self):
+        # given
+        events = EventSeries("dummy")
+        events.add(dt.datetime(2021, 12, 1, 12, 0, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 10, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 15, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 30, tzinfo=utc))
+        # when
+        result = events.count(latest=dt.datetime(2021, 12, 1, 12, 12))
+        # then
+        self.assertEqual(result, 2)
+
+    def test_should_clear_events(self):
+        # given
+        events = EventSeries("dummy")
+        events.add()
+        events.add()
+        # when
+        events.clear()
+        # then
+        self.assertEqual(events.count(), 0)
+
+    def test_should_return_date_of_first_event(self):
+        # given
+        events = EventSeries("dummy")
+        events.add(dt.datetime(2021, 12, 1, 12, 0, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 10, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 15, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 30, tzinfo=utc))
+        # when
+        result = events.first_event()
+        # then
+        self.assertEqual(result, dt.datetime(2021, 12, 1, 12, 0, tzinfo=utc))
+
+    def test_should_return_date_of_first_event_with_range(self):
+        # given
+        events = EventSeries("dummy")
+        events.add(dt.datetime(2021, 12, 1, 12, 0, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 10, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 15, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 30, tzinfo=utc))
+        # when
+        result = events.first_event(
+            earliest=dt.datetime(2021, 12, 1, 12, 8, tzinfo=utc)
+        )
+        # then
+        self.assertEqual(result, dt.datetime(2021, 12, 1, 12, 10, tzinfo=utc))
+
+    def test_should_return_all_events(self):
+        # given
+        events = EventSeries("dummy")
+        events.add()
+        events.add()
+        # when
+        results = events.all()
+        # then
+        self.assertEqual(len(results), 2)
+
+    def test_should_not_report_as_disabled_when_initialized_normally(self):
+        # given
+        events = EventSeries("dummy")
+        # when/then
+        self.assertFalse(events.is_disabled)
+
+    def test_should_report_as_disabled_when_initialized_with_redis_stub(self):
+        # given
+        events = EventSeries("dummy", redis=_RedisStub())
+        # when/then
+        self.assertTrue(events.is_disabled)

allianceauth/authentication/task_statistics/tests/test_helpers.py

@@ -0,0 +1,28 @@
+from unittest import TestCase
+from unittest.mock import patch
+
+from redis import RedisError
+
+from allianceauth.authentication.task_statistics.helpers import (
+    _RedisStub, get_redis_client_or_stub,
+)
+
+MODULE_PATH = "allianceauth.authentication.task_statistics.helpers"
+
+
+class TestGetRedisClient(TestCase):
+    def test_should_return_mock_if_redis_not_available_1(self):
+        # when
+        with patch(MODULE_PATH + ".get_redis_client") as mock_get_master_client:
+            mock_get_master_client.return_value.ping.side_effect = RedisError
+            result = get_redis_client_or_stub()
+        # then
+        self.assertIsInstance(result, _RedisStub)
+
+    def test_should_return_mock_if_redis_not_available_2(self):
+        # when
+        with patch(MODULE_PATH + ".get_redis_client") as mock_get_master_client:
+            mock_get_master_client.return_value.ping.return_value = False
+            result = get_redis_client_or_stub()
+        # then
+        self.assertIsInstance(result, _RedisStub)

allianceauth/authentication/task_statistics/tests/test_signals.py

@@ -0,0 +1,86 @@
+from unittest.mock import patch
+
+from celery.exceptions import Retry
+
+from django.test import TestCase, override_settings
+
+from allianceauth.authentication.task_statistics.counters import (
+    failed_tasks,
+    retried_tasks,
+    succeeded_tasks,
+)
+from allianceauth.authentication.task_statistics.signals import (
+    reset_counters,
+    is_enabled,
+)
+from allianceauth.eveonline.tasks import update_character
+
+
+@override_settings(
+    CELERY_ALWAYS_EAGER=True, ALLIANCEAUTH_DASHBOARD_TASK_STATISTICS_DISABLED=False
+)
+class TestTaskSignals(TestCase):
+    fixtures = ["disable_analytics"]
+
+    def setUp(self) -> None:
+        succeeded_tasks.clear()
+        retried_tasks.clear()
+        failed_tasks.clear()
+
+    def test_should_record_successful_task(self):
+        # when
+        with patch(
+            "allianceauth.eveonline.tasks.EveCharacter.objects.update_character"
+        ) as mock_update:
+            mock_update.return_value = None
+            update_character.delay(1)
+        # then
+        self.assertEqual(succeeded_tasks.count(), 1)
+        self.assertEqual(retried_tasks.count(), 0)
+        self.assertEqual(failed_tasks.count(), 0)
+
+    def test_should_record_retried_task(self):
+        # when
+        with patch(
+            "allianceauth.eveonline.tasks.EveCharacter.objects.update_character"
+        ) as mock_update:
+            mock_update.side_effect = Retry
+            update_character.delay(1)
+        # then
+        self.assertEqual(succeeded_tasks.count(), 0)
+        self.assertEqual(failed_tasks.count(), 0)
+        self.assertEqual(retried_tasks.count(), 1)
+
+    def test_should_record_failed_task(self):
+        # when
+        with patch(
+            "allianceauth.eveonline.tasks.EveCharacter.objects.update_character"
+        ) as mock_update:
+            mock_update.side_effect = RuntimeError
+            update_character.delay(1)
+        # then
+        self.assertEqual(succeeded_tasks.count(), 0)
+        self.assertEqual(retried_tasks.count(), 0)
+        self.assertEqual(failed_tasks.count(), 1)
+
+    def test_should_reset_counters(self):
+        # given
+        succeeded_tasks.add()
+        retried_tasks.add()
+        failed_tasks.add()
+        # when
+        reset_counters()
+        # then
+        self.assertEqual(succeeded_tasks.count(), 0)
+        self.assertEqual(retried_tasks.count(), 0)
+        self.assertEqual(failed_tasks.count(), 0)
+
+
+class TestIsEnabled(TestCase):
+    @override_settings(ALLIANCEAUTH_DASHBOARD_TASK_STATISTICS_DISABLED=False)
+    def test_enabled(self):
+        self.assertTrue(is_enabled())
+
+    @override_settings(ALLIANCEAUTH_DASHBOARD_TASK_STATISTICS_DISABLED=True)
+    def test_disabled(self):
+        self.assertFalse(is_enabled())

allianceauth/authentication/tasks.py

@@ -22,13 +22,13 @@ def check_character_ownership(owner_hash):
                 continue
             except (KeyError, IncompleteResponseError):
                 # We can't validate the hash hasn't changed but also can't assume it has. Abort for now.
-                logger.warning("Failed to validate owner hash of {0} due to problems contacting SSO servers.".format(
+                logger.warning("Failed to validate owner hash of {} due to problems contacting SSO servers.".format(
                     tokens[0].character_name))
                 break
 
             if not t.character_owner_hash == old_hash:
                 logger.info(
-                    'Character %s has changed ownership. Revoking %s tokens.' % (t.character_name, tokens.count()))
+                    f'Character {t.character_name} has changed ownership. Revoking {tokens.count()} tokens.')
                 tokens.delete()
             break
 

allianceauth/authentication/templates/authentication/dashboard.html

@@ -1,117 +1,15 @@
-{% extends "allianceauth/base.html" %}
-{% load staticfiles %}
+{% extends "allianceauth/base-bs5.html" %}
+{% load static %}
 {% load i18n %}
 
-{% block page_title %}{% trans "Dashboard" %}{% endblock %}
-
+{% block page_title %}{% translate "Dashboard" %}{% endblock %}
+{% block header_nav_brand %}
+    {% translate "Dashboard" %}
+{% endblock %}
 {% block content %}
-    <h1 class="page-header text-center">{% trans "Dashboard" %}</h1>
-    {% if user.is_staff %}
-        {% include 'allianceauth/admin-status/include.html' %}
-    {% endif %}
-    <div class="col-sm-12">
-        <div class="row vertical-flexbox-row">
-            <div class="col-sm-6 text-center">
-                <div class="panel panel-primary" style="height:100%">
-                    <div class="panel-heading"><h3 class="panel-title">{% trans "Main Character" %}</h3></div>
-                    <div class="panel-body">
-                        {% if request.user.profile.main_character %}
-                        {% with request.user.profile.main_character as main %}
-                        <div class="col-lg-4 col-sm-2">
-                            <table class="table">
-                                <tr>
-                                    <td class="text-center"><img class="ra-avatar"
-                                                                 src="{{ main.portrait_url_128 }}">
-                                    </td>
-                                </tr>
-                                <tr>
-                                    <td class="text-center">{{ main.character_name }}</td>
-                                </tr>
-                            </table>
-                        </div>
-                        <div class="col-lg-4 col-sm-2">
-                            <table class="table">
-                                <tr>
-                                    <td class="text-center"><img class="ra-avatar"
-                                                                 src="https://image.eveonline.com/Corporation/{{ main.corporation_id }}_128.png">
-                                    </td>
-                                </tr>
-                                <tr>
-                                    <td class="text-center">{{ main.corporation_name }}</td>
-                                </tr>
-                            </table>
-                        </div>
-                        <div class="col-lg-4 col-sm-2">
-                            {% if main.alliance_id %}
-                            <table class="table">
-                                <tr>
-                                    <td class="text-center"><img class="ra-avatar"
-                                                                 src="https://image.eveonline.com/Alliance/{{ main.alliance_id }}_128.png">
-                                    </td>
-                                </tr>
-                                <tr>
-                                    <td class="text-center">{{ main.alliance_name }}</td>
-                                <tr>
-                            </table>
-                            {% endif %}
-                        </div>
-                        {% endwith %}
-                        {% else %}
-                        <div class="alert alert-danger" role="alert">{% trans "No main character set." %}</div>
-                        {% endif %}
-                        <div class="clearfix"></div>
-                        <div class="col-xs-6">
-                            <a href="{% url 'authentication:add_character' %}" class="btn btn-block btn-info"
-                               title="Add Character">{% trans 'Add Character' %}</a>
-                        </div>
-                        <div class="col-xs-6">
-                            <a href="{% url 'authentication:change_main_character' %}" class="btn btn-block btn-info"
-                               title="Change Main Character">{% trans "Change Main" %}</a>
-                        </div>
-                    </div>
-                </div>
-            </div>
-            <div class="col-sm-6 text-center">
-                <div class="panel panel-success" style="height:100%">
-                    <div class="panel-heading"><h3 class="panel-title">{% trans "Groups" %}</h3></div>
-                    <div class="panel-body">
-                        <div style="height: 240px;overflow:-moz-scrollbars-vertical;overflow-y:auto;">
-                            <table class="table table-striped">
-                                {% for group in user.groups.all %}
-                                <tr>
-                                    <td>{{ group.name }}</td>
-                                </tr>
+    <div class="row">
+        {% for dash in views %}
+            {{ dash | safe }}
         {% endfor %}
-                            </table>
-                        </div>
-                    </div>
-                </div>
-            </div>
-        </div>
-        <div class="clearfix"></div>
-        <div class="panel panel-default">
-            <div class="panel-heading" style="display:flex;"><h3 class="panel-title">{% trans 'Characters' %}</h3></div>
-            <div class="panel-body">
-                <table class="table table-hover">
-                    <tr>
-                        <th class="text-center"></th>
-                        <th class="text-center">{% trans 'Name' %}</th>
-                        <th class="text-center">{% trans 'Corp' %}</th>
-                        <th class="text-center">{% trans 'Alliance' %}</th>
-                    </tr>
-                    {% for ownership in request.user.character_ownerships.all %}
-                    {% with ownership.character as char %}
-                    <tr>
-                        <td class="text-center"><img class="ra-avatar img-circle" src="{{ char.portrait_url_32 }}">
-                        </td>
-                        <td class="text-center">{{ char.character_name }}</td>
-                        <td class="text-center">{{ char.corporation_name }}</td>
-                        <td class="text-center">{{ char.alliance_name }}</td>
-                    </tr>
-                    {% endwith %}
-                    {% endfor %}
-                </table>
-            </div>
-        </div>
     </div>
 {% endblock %}

allianceauth/authentication/templates/authentication/dashboard_bs3.html

@@ -0,0 +1,10 @@
+{% extends 'allianceauth/base.html' %}
+
+
+{% block page_title %}Dashboard{% endblock page_title %}
+
+{% block content %}
+    <div>
+        <h1>Dashboard Dummy</h1>
+    </div>
+{% endblock %}

allianceauth/authentication/templates/authentication/dashboard_characters.html

@@ -0,0 +1,44 @@
+{% load i18n %}
+<div id="aa-dashboard-panel-characters" class="col-12 col-xl-8 mb-3">
+    <div class="card h-100">
+        <div class="card-body">
+            {% translate "Characters" as widget_title %}
+            {% include "framework/dashboard/widget-title.html" with title=widget_title %}
+
+            <div>
+                <div style="height: 300px; overflow-y:auto;">
+                    <div class="d-flex">
+                        <a href="{% url 'authentication:add_character' %}" class="btn btn-primary flex-fill m-1" title="{% translate 'Add Character' %}">
+                            <span class="d-md-inline m-2">{% translate 'Add Character' %}</span>
+                        </a>
+                        <a href="{% url 'authentication:change_main_character' %}" class="btn btn-primary flex-fill m-1" title="{% translate 'Change Main' %}">
+                            <span class="d-md-inline m-2">{% translate 'Change Main' %}</span>
+                        </a>
+                    </div>
+                    <table class="table">
+                        <thead>
+                            <tr>
+                                <th class="text-center"></th>
+                                <th class="text-center">{% translate "Name" %}</th>
+                                <th class="text-center">{% translate "Corp" %}</th>
+                                <th class="text-center">{% translate "Alliance" %}</th>
+                            </tr>
+                        </thead>
+                        <tbody>
+                            {% for char in characters %}
+                                <tr>
+                                    <td class="text-center">
+                                        <img class="ra-avatar rounded-circle" src="{{ char.portrait_url_32 }}" alt="{{ char.character_name }}">
+                                    </td>
+                                    <td class="text-center">{{ char.character_name }}</td>
+                                    <td class="text-center">{{ char.corporation_name }}</td>
+                                    <td class="text-center">{{ char.alliance_name|default_if_none:"" }}</td>
+                                </tr>
+                            {% endfor %}
+                        </tbody>
+                    </table>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>

allianceauth/authentication/templates/authentication/dashboard_groups.html

@@ -0,0 +1,22 @@
+{% load i18n %}
+<div id="aa-dashboard-panel-membership" class="col-12 col-xl-4 mb-3">
+    <div class="card h-100">
+        <div class="card-body">
+            {% translate "Membership" as widget_title %}
+            {% include "framework/dashboard/widget-title.html" with title=widget_title %}
+
+            <div>
+                <div style="height: 300px; overflow-y:auto;">
+                    <h5 class="text-center">{% translate "State:" %} {{ request.user.profile.state }}</h5>
+                    <table class="table">
+                        {% for group in groups %}
+                            <tr>
+                                <td class="text-center">{{ group.name }}</td>
+                            </tr>
+                        {% endfor %}
+                    </table>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>

allianceauth/authentication/templates/authentication/tokens.html

@@ -0,0 +1,89 @@
+{% extends "allianceauth/base-bs5.html" %}
+
+{% load aa_i18n %}
+{% load i18n %}
+
+{% block page_title %}
+    {% translate "Token Management" %}
+{% endblock page_title %}
+
+{% block header_nav_brand %}
+    {% translate "Token Management" %}
+{% endblock header_nav_brand %}
+
+{% block content %}
+    <div>
+        <p class="mb-3">
+            {% translate "This page is a best attempt, but backups or database logs can still contain your tokens. Always revoke tokens on https://developers.eveonline.com/authorized-apps where possible."|urlize %}
+        </p>
+
+        <table class="table w-100" id="table_tokens">
+            <thead>
+                <tr>
+                    <th>{% translate "Scopes" %}</th>
+                    <th class="text-end">{% translate "Actions" %}</th>
+                    <th>{% translate "Character" %}</th>
+                </tr>
+            </thead>
+
+            <tbody>
+                {% for t in tokens %}
+                    <tr>
+                        <td style="white-space:initial;">
+                            {% for s in t.scopes.all %}
+                                <span class="badge text-bg-secondary">{{ s.name }}</span>
+                            {% endfor %}
+                        </td>
+
+                        <td nowrap class="text-end">
+                            <a href="{% url 'authentication:token_delete' t.id %}" class="btn btn-danger"><i class="fa-solid fa-trash-can"></i></a>
+                            <a href="{% url 'authentication:token_refresh' t.id %}" class="btn btn-success"><i class="fa-solid fa-rotate"></i></a>
+                        </td>
+
+                        <td>{{ t.character_name }}</td>
+                    </tr>
+                {% endfor %}
+            </tbody>
+        </table>
+    </div>
+{% endblock content %}
+
+{% block extra_javascript %}
+    {% include "bundles/datatables-js-bs5.html" %}
+
+    {% get_datatables_language_static LANGUAGE_CODE as DT_LANG_PATH %}
+
+    <script>
+        $(document).ready(() => {
+            let grp = 2;
+
+            $('#table_tokens').DataTable({
+                "language": {"url": '{{ DT_LANG_PATH }}'},
+                'columnDefs': [{orderable: false, targets: [0, 1]}, {
+                    'visible': false,
+                    'targets': grp
+                }],
+                'order': [[grp, 'asc']],
+                'drawCallback': function (settings) {
+                    const api = this.api();
+                    const rows = api.rows({page: 'current'}).nodes();
+                    let last = null;
+                    api.column(grp, {page: 'current'})
+                        .data()
+                        .each((group, i) => {
+                            if (last !== group) {
+                                $(rows).eq(i).before(`<tr class="h5 table-primary"><td colspan="3">${group}</td></tr>`);
+
+                                last = group;
+                            }
+                        });
+                },
+                'stateSave': true
+            });
+        });
+    </script>
+{% endblock extra_javascript %}
+
+{% block extra_css %}
+    {% include "bundles/datatables-css-bs5.html" %}
+{% endblock extra_css %}

allianceauth/authentication/templates/public/base.html

@@ -1,36 +1,41 @@
+{% load theme_tags %}
 {% load static %}
-<html lang="en">
+<!DOCTYPE html>
+<html lang="en" {% theme_html_tags %}>
     <head>
+        <!-- Required meta tags -->
         <meta charset="utf-8">
-        <meta http-equiv="X-UA-Compatible" content="IE=edge">
         <meta name="viewport" content="width=device-width, initial-scale=1">
-        <meta name="description" content="">
-        <meta name="author" content="">
+        <!-- End Required meta tags -->
+
+        <!-- Meta tags -->
+        {% include 'allianceauth/opengraph.html' %}
         {% include 'allianceauth/icons.html' %}
+        <!-- Meta tags -->
 
-        <title>{% block title %}{{ SITE_NAME }}{% endblock %}</title>
+        <title>{% block title %}{% block page_title %}{% endblock page_title %} - {{ SITE_NAME }}{% endblock title %}</title>
+
+        {% theme_css %}
 
-        {% include 'bundles/bootstrap-css.html' %}
         {% include 'bundles/fontawesome.html' %}
+        {% include 'bundles/auth-framework-css.html' %}
+
         {% block extra_include %}
         {% endblock %}
 
         <style>
             body {
-                background: url('{% static 'authentication/img/background.jpg' %}') no-repeat center center fixed;
+                background: url('{% static 'allianceauth/authentication/img/background.jpg' %}') no-repeat center center fixed;
                 -webkit-background-size: cover;
                 -moz-background-size: cover;
                 -o-background-size: cover;
                 background-size: cover;
             }
 
-            .panel-transparent {
-                background: rgba(48, 48, 48, 0.7);
-                color: #ffffff;
-            }
-
-            .panel-body {
-
+            .card-login {
+                background: rgba(48 48 48 / 0.7);
+                color: rgb(255 255 255);
+                padding-bottom: 21px;
             }
 
             #lang-select {
@@ -38,12 +43,14 @@
                 margin-left: auto;
                 margin-right: auto;
             }
+
             {% block extra_style %}
             {% endblock %}
         </style>
     </head>
+
     <body>
-        <div class="container" style="margin-top:150px">
+        <div class="container" style="margin-top:150px;">
             {% block content %}
             {% endblock %}
         </div>

allianceauth/authentication/templates/public/lang_select.html

@@ -1,14 +1,15 @@
 {% load i18n %}
-<div class="dropdown">
-    <form action="{% url 'set_language' %}" method="post">
+
+<form class="dropdown-item" action="{% url 'set_language' %}" method="post">
     {% csrf_token %}
-        <select onchange="this.form.submit()" class="form-control" id="lang-select" name="language">
-            {% get_language_info_list for LANGUAGES as languages %}
-            {% for language in languages %}
-                <option value="{{ language.code }}"{% if language.code == LANGUAGE_CODE %} selected="selected"{% endif %}>
-                    {{ language.name_local }} ({{ language.code }})
+
+    <select class="form-select" onchange="this.form.submit()" class="form-control" id="lang-select" name="language">
+        {% get_available_languages as LANGUAGES %}
+
+        {% for lang_code, lang_name in LANGUAGES %}
+            <option lang="{{ lang_code }}" value="{{ lang_code }}"{% if lang_code == LANGUAGE_CODE %} selected{% endif %}>
+                {{ lang_code|language_name_local|capfirst }} ({{ lang_code }})
             </option>
         {% endfor %}
     </select>
 </form>
-</div>