Version bump to v2.2.0

Merge branch 'issue-templates' into 'master'
Create Issue Templates See merge request allianceauth/allianceauth!1111
2026-02-04 14:16:21 +01:00 · 2019-04-14 03:07:22 +00:00 · 2019-03-12 22:16:00 +00:00 · 2019-03-12 22:16:00 +00:00 · 2019-03-12 20:50:00 +10:00 · 2019-03-12 10:06:53 +00:00
206 changed files with 5600 additions and 2394 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -8,6 +8,7 @@ __pycache__/
 # Distribution / packaging
 .Python
 env/
 venv/
 build/
 develop-eggs/
 dist/
@@ -41,7 +42,6 @@ nosetests.xml
 coverage.xml
 # Translations
 *.mo
 *.pot
 # Django stuff:
@@ -62,3 +62,7 @@ celerybeat-schedule
 #pycharm
 .idea/*
 /nbproject/
 #gitlab configs
 .gitlab/
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -0,0 +1,33 @@
 # Official language image. Look for the different tagged releases at:
 # https://hub.docker.com/r/library/python/tags/
 .job_template: &job_definition
  # Change pip's cache directory to be inside the project directory since we can
  # only cache local items.
  variables:
    PIP_CACHE_DIR: "$CI_PROJECT_DIR/.cache"
  # Pip's cache doesn't store the python packages
  # https://pip.pypa.io/en/stable/reference/pip_install/#caching
  #
  # If you want to also cache the installed packages, you have to install
  # them in a virtualenv and cache it as well.
  cache:
    paths:
      - .cache/pip
      - venv/
  before_script:
    - python -V                  # Print out python version for debugging
    - pip install virtualenv tox
    - virtualenv venv
    - source venv/bin/activate
  coverage: '/TOTAL.+ ([0-9]{1,3}%)/'
 py36-dj20:
  <<: *job_definition
  image: python:3.6-stretch
  script:
  - export TOXENV=py36-dj20
  - tox
--- a/.gitlab/issue_templates/Bug.md
+++ b/.gitlab/issue_templates/Bug.md
@@ -0,0 +1,14 @@
 # Bug
 - I have searched [issues](https://gitlab.com/allianceauth/allianceauth/issues?scope=all&utf8=%E2%9C%93&state=all) (Y/N):
 - What Version of Alliance Auth: 
 - What Operating System: 
 - Version of other components relevant to issue eg. Service, Database:
 Please include a brief description of your issue here.
 Please include steps to reproduce the issue
 Please include any tracebacks or logs
 Please include the results of the command `pip list`
--- a/.gitlab/issue_templates/Feature
+++ b/.gitlab/issue_templates/Feature
@@ -0,0 +1,7 @@
 # Feature Request
 - Describe the feature are you requesting.
 - Is this a Service (external integration), a Module (Alliance Auth extension) or an enhancement to an existing service/module.
 - Describe why its useful to you or others.
--- a/README.md
+++ b/README.md
@@ -1,37 +1,35 @@
 Alliance Auth
 ============
-[![Join the chat at https://gitter.im/R4stl1n/allianceauth](https://badges.gitter.im/R4stl1n/allianceauth.svg)](https://gitter.im/R4stl1n/allianceauth?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
+[![Chat on Discord](https://img.shields.io/discord/399006117012832262.svg)](https://discord.gg/fjnHAmk)
 [![Documentation Status](https://readthedocs.org/projects/allianceauth/badge/?version=latest)](http://allianceauth.readthedocs.io/?badge=latest)
-[![Build Status](https://travis-ci.org/allianceauth/allianceauth.svg?branch=master)](https://travis-ci.org/allianceauth/allianceauth)
+[![pipeline status](https://gitlab.com/allianceauth/allianceauth/badges/master/pipeline.svg)](https://gitlab.com/allianceauth/allianceauth/commits/master)
-[![Coverage Status](https://coveralls.io/repos/github/allianceauth/allianceauth/badge.svg?branch=master)](https://coveralls.io/github/allianceauth/allianceauth?branch=master)
+[![coverage report](https://gitlab.com/allianceauth/allianceauth/badges/master/coverage.svg)](https://gitlab.com/allianceauth/allianceauth/commits/master)
-EVE service auth to help corps, alliances, and coalitions manage services.
+
-Built for "The 99 Percent" open for anyone to use.
+An auth system for EVE Online to help in-game organizations manage online service access.
 [Read the docs here.](http://allianceauth.rtfd.io)
-[Get help on gitter](https://gitter.im/R4stl1n/allianceauth) or submit an Issue.
+[Get help on Discord](https://discord.gg/fjnHAmk) or submit an Issue.
 Active Developers:
- - [Adarnof](https://github.com/Adarnof)
+ - [Adarnof](https://gitlab.com/adarnof/)
- - [Basraah](https://github.com/basraah)
+ - [Basraah](https://gitlab.com/basraah/)
 Beta Testers / Bug Fixers:
- - [ghoti](https://github.com/ghoti)
+ - [ghoti](https://gitlab.com/ChainsawMcGinny/)
 - [mmolitor87](https://gitlab.com/mmolitor87/)
 - [TargetZ3R0](https://github.com/TargetZ3R0)
 - [kaezon](https://github.com/kaezon/)
 - [orbitroom](https://github.com/orbitroom/)
 - [tehfiend](https://github.com/tehfiend/)
 Special thanks to [Nikdoof](https://github.com/nikdoof/), as his [auth](https://github.com/nikdoof/test-auth) was the foundation for the original work on this project.
-Past Beta Testers / Bug Fixers:
+### Contributing
-
+Make sure you have signed the [License Agreement](https://developers.eveonline.com/resource/license-agreement) by logging in at [https://developers.eveonline.com](https://developers.eveonline.com) before submitting any pull requests.
 - TrentBartlem (Testing and Bug Fixes)
 - IskFiend (Bug Fixes and Server Configuration)
 - Mr McClain (Bug Fixes and server configuration)
 Special Thanks:
 - Thanks to Nikdoof, without his old auth implementation this project wouldn't be as far as it is now.
--- a/allianceauth/init.py
+++ b/allianceauth/init.py
@@ -1,7 +1,6 @@
 # This will make sure the app is always imported when
 # Django starts so that shared_task will use this app.
-__version__ = '2.0-dev'
+__version__ = '2.2.0'
 NAME = 'Alliance Auth v%s' % __version__
 default_app_config = 'allianceauth.apps.AllianceAuthConfig'
--- a/allianceauth/authentication/admin.py
+++ b/allianceauth/authentication/admin.py
@@ -1,11 +1,15 @@
 from django.contrib import admin
 from django.contrib.auth.admin import UserAdmin as BaseUserAdmin
-from django.contrib.auth.models import User, Permission
+from django.contrib.auth.models import User as BaseUser, Permission as BasePermission
 from django.utils.text import slugify
 from django.db.models import Q
 from allianceauth.services.hooks import ServicesHook
-
+from django.db.models.signals import pre_save, post_save, pre_delete, post_delete, m2m_changed
-from allianceauth.authentication.models import State, get_guest_state, CharacterOwnership, UserProfile
+from django.dispatch import receiver
 from allianceauth.authentication.models import State, get_guest_state, CharacterOwnership, UserProfile, OwnershipRecord
 from allianceauth.hooks import get_hooks
 from allianceauth.eveonline.models import EveCharacter
 from django.forms import ModelForm
 def make_service_hooks_update_groups_action(service):
@@ -38,6 +42,47 @@ def make_service_hooks_sync_nickname_action(service):
    return sync_nickname
 class QuerysetModelForm(ModelForm):
    # allows specifying FK querysets through kwarg
    def __init__(self, querysets=None, *args, **kwargs):
        querysets = querysets or {}
        super().__init__(*args, **kwargs)
        for field, qs in querysets.items():
            self.fields[field].queryset = qs
 class UserProfileInline(admin.StackedInline):
    model = UserProfile
    readonly_fields = ('state',)
    form = QuerysetModelForm
    verbose_name = ''
    verbose_name_plural = 'Profile'
    def get_formset(self, request, obj=None, **kwargs):
        # main_character field can only show current value or unclaimed alts
        # if superuser, allow selecting from any unclaimed main
        query = Q()
        if obj and obj.profile.main_character:
            query |= Q(pk=obj.profile.main_character_id)
            if request.user.is_superuser:
                query |= Q(userprofile__isnull=True)
            else:
                query |= Q(character_ownership__user=obj)
        qs = EveCharacter.objects.filter(query)
        formset = super().get_formset(request, obj=obj, **kwargs)
        def get_kwargs(self, index):
            return {'querysets': {'main_character': EveCharacter.objects.filter(query)}}
        formset.get_form_kwargs = get_kwargs
        return formset
    def has_add_permission(self, request):
        return False
    def has_delete_permission(self, request, obj=None):
        return False
 class UserAdmin(BaseUserAdmin):
    """
    Extending Django's UserAdmin model
@@ -62,6 +107,25 @@ class UserAdmin(BaseUserAdmin):
        return actions
    list_filter = BaseUserAdmin.list_filter + ('profile__state',)
    inlines = BaseUserAdmin.inlines + [UserProfileInline]
    list_display = ('username', 'email', 'get_main_character', 'get_state', 'is_active')
    def get_main_character(self, obj):
        return obj.profile.main_character
    get_main_character.short_description = "Main Character"
    def get_state(self, obj):
        return obj.profile.state
    get_state.short_description = "State"
    def has_change_permission(self, request, obj=None):
        return request.user.has_perm('auth.change_user')
    def has_add_permission(self, request, obj=None):
        return request.user.has_perm('auth.add_user')
    def has_delete_permission(self, request, obj=None):
        return request.user.has_perm('auth.delete_user')
@admin.register(State)
@@ -96,31 +160,30 @@ class StateAdmin(admin.ModelAdmin):
        return obj.userprofile_set.all().count()
-@admin.register(UserProfile)
+class BaseOwnershipAdmin(admin.ModelAdmin):
-class UserProfileAdmin(admin.ModelAdmin):
+    list_display = ('user', 'character')
-    readonly_fields = ('user', 'state')
+    search_fields = ('user__username', 'character__character_name', 'character__corporation_name', 'character__alliance_name')
    search_fields = ('user__username', 'main_character__character_name')
    list_filter = ('state',)
    list_display = ('user', 'main_character')
    actions = None
-    def has_add_permission(self, request):
+    def get_readonly_fields(self, request, obj=None):
-        return False
+        if obj and obj.pk:
            return 'owner_hash', 'character'
        return tuple()
-    def has_delete_permission(self, request, obj=None):
+
-        return False
+@admin.register(OwnershipRecord)
 class OwnershipRecordAdmin(BaseOwnershipAdmin):
    list_display = BaseOwnershipAdmin.list_display + ('created',)
@admin.register(CharacterOwnership)
-class CharacterOwnershipAdmin(admin.ModelAdmin):
+class CharacterOwnershipAdmin(BaseOwnershipAdmin):
-    list_display = ('user', 'character')
+    def has_add_permission(self, request):
-    search_fields = ('user__username', 'character__character_name', 'character__corporation_name', 'character__alliance_name')
+        return False
    readonly_fields = ('owner_hash', 'character')
 class PermissionAdmin(admin.ModelAdmin):
    actions = None
-    readonly_fields = [field.name for field in Permission._meta.fields]
+    readonly_fields = [field.name for field in BasePermission._meta.fields]
    list_display = ('admin_name', 'name', 'codename', 'content_type')
    list_filter = ('content_type__app_label',)
@@ -134,23 +197,61 @@ class PermissionAdmin(admin.ModelAdmin):
    def has_delete_permission(self, request, obj=None):
        return False
    def has_module_permission(self, request):
        return True
    def has_change_permission(self, request, obj=None):
        # can see list but not edit it
        return not obj
 # Hack to allow registration of django.contrib.auth models in our authentication app
-class ProxyUser(User):
+class User(BaseUser):
    class Meta:
        proxy = True
-        verbose_name = User._meta.verbose_name
+        verbose_name = BaseUser._meta.verbose_name
-        verbose_name_plural = User._meta.verbose_name_plural
+        verbose_name_plural = BaseUser._meta.verbose_name_plural
-class ProxyPermission(Permission):
+class Permission(BasePermission):
    class Meta:
        proxy = True
-        verbose_name = Permission._meta.verbose_name
+        verbose_name = BasePermission._meta.verbose_name
-        verbose_name_plural = Permission._meta.verbose_name_plural
+        verbose_name_plural = BasePermission._meta.verbose_name_plural
 try:
-    admin.site.unregister(User)
+    admin.site.unregister(BaseUser)
 finally:
-    admin.site.register(ProxyUser, UserAdmin)
+    admin.site.register(User, UserAdmin)
-    admin.site.register(ProxyPermission, PermissionAdmin)
+    admin.site.register(Permission, PermissionAdmin)
@receiver(pre_save, sender=User)
 def redirect_pre_save(sender, signal=None, *args, **kwargs):
    pre_save.send(BaseUser, *args, **kwargs)
@receiver(post_save, sender=User)
 def redirect_post_save(sender, signal=None, *args, **kwargs):
    post_save.send(BaseUser, *args, **kwargs)
@receiver(pre_delete, sender=User)
 def redirect_pre_delete(sender, signal=None, *args, **kwargs):
    pre_delete.send(BaseUser, *args, **kwargs)
@receiver(post_delete, sender=User)
 def redirect_post_delete(sender, signal=None, *args, **kwargs):
    post_delete.send(BaseUser, *args, **kwargs)
@receiver(m2m_changed, sender=User.groups.through)
 def redirect_m2m_changed_groups(sender, signal=None, *args, **kwargs):
    m2m_changed.send(BaseUser, *args, **kwargs)
@receiver(m2m_changed, sender=User.user_permissions.through)
 def redirect_m2m_changed_permissions(sender, signal=None, *args, **kwargs):
    m2m_changed.send(BaseUser, *args, **kwargs)
--- a/allianceauth/authentication/backends.py
+++ b/allianceauth/authentication/backends.py
@@ -1,8 +1,11 @@
 from django.contrib.auth.backends import ModelBackend
 from django.contrib.auth.models import Permission
 from django.contrib.auth.models import User
 import logging
 from .models import UserProfile, CharacterOwnership, OwnershipRecord
-from .models import UserProfile, CharacterOwnership
+
 logger = logging.getLogger(__name__)
 class StateBackend(ModelBackend):
@@ -24,37 +27,54 @@ class StateBackend(ModelBackend):
            user_obj._perm_cache.update(self.get_state_permissions(user_obj))
        return user_obj._perm_cache
-    def authenticate(self, token=None):
+    def authenticate(self, request=None, token=None, **credentials):
        if not token:
            return None
        try:
            ownership = CharacterOwnership.objects.get(character__character_id=token.character_id)
            if ownership.owner_hash == token.character_owner_hash:
                logger.debug('Authenticating {0} by ownership of character {1}'.format(ownership.user, token.character_name))
                return ownership.user
            else:
                logger.debug('{0} has changed ownership. Creating new user account.'.format(token.character_name))
                ownership.delete()
                return self.create_user(token)
        except CharacterOwnership.DoesNotExist:
            try:
                # insecure legacy main check for pre-sso registration auth installs
                profile = UserProfile.objects.get(main_character__character_id=token.character_id)
                logger.debug('Authenticating {0} by their main character {1} without active ownership.'.format(profile.user, profile.main_character))
                # attach an ownership
                token.user = profile.user
                CharacterOwnership.objects.create_by_token(token)
                return profile.user
            except UserProfile.DoesNotExist:
-                pass
+                # now we check historical records to see if this is a returning user
                records = OwnershipRecord.objects.filter(owner_hash=token.character_owner_hash).filter(character__character_id=token.character_id)
                if records.exists():
                    # we've seen this character owner before. Re-attach to their old user account
                    user = records[0].user
                    token.user = user
                    co = CharacterOwnership.objects.create_by_token(token)
                    logger.debug('Authenticating {0} by matching owner hash record of character {1}'.format(user, co.character))
                    if not user.profile.main_character:
                        # set this as their main by default if they have none
                        user.profile.main_character = co.character
                        user.profile.save()
                    return user
            logger.debug('Unable to authenticate character {0}. Creating new user.'.format(token.character_name))
            return self.create_user(token)
    def create_user(self, token):
        username = self.iterate_username(token.character_name)  # build unique username off character name
-        user = User.objects.create_user(username)
+        user = User.objects.create_user(username, is_active=False)  # prevent login until email set
        user.set_unusable_password()  # prevent login via password
        user.is_active = False  # prevent login until email set
        user.save()
        token.user = user
        co = CharacterOwnership.objects.create_by_token(token)  # assign ownership to this user
        user.profile.main_character = co.character  # assign main character as token character
        user.profile.save()
        logger.debug('Created new user {0}'.format(user))
        return user
    @staticmethod
--- a/allianceauth/authentication/decorators.py
+++ b/allianceauth/authentication/decorators.py
@@ -0,0 +1,68 @@
 from django.conf.urls import include
 from django.contrib.auth.decorators import user_passes_test
 from django.core.exceptions import PermissionDenied
 from functools import wraps
 from django.shortcuts import redirect
 from django.contrib import messages
 from django.utils.translation import gettext_lazy as _
 from django.contrib.auth.decorators import login_required
 def user_has_main_character(user):
    return bool(user.profile.main_character)
 def decorate_url_patterns(urls, decorator):
    url_list, app_name, namespace = include(urls)
    def process_patterns(url_patterns):
        for pattern in url_patterns:
            if hasattr(pattern, 'url_patterns'):
                # this is an include - apply to all nested patterns
                process_patterns(pattern.url_patterns)
            else:
                # this is a pattern
                pattern.callback = decorator(pattern.callback)
    process_patterns(url_list)
    return url_list, app_name, namespace
 def main_character_required(view_func):
    @wraps(view_func)
    def _wrapped_view(request, *args, **kwargs):
        if user_has_main_character(request.user):
            return view_func(request, *args, **kwargs)
        messages.error(request, _('A main character is required to perform that action. Add one below.'))
        return redirect('authentication:dashboard')
    return login_required(_wrapped_view)
 def permissions_required(perm, login_url=None, raise_exception=False):
    """
    Decorator for views that checks whether a user has a particular permission
    enabled, redirecting to the log-in page if necessary.
    If the raise_exception parameter is given the PermissionDenied exception
    is raised.
    This decorator is identical to the django permission_required except it
    allows for passing a tuple/list of perms that will return true if any one
    of them is present.
    """
    def check_perms(user):
        if isinstance(perm, str):
            perms = (perm,)
        else:
            perms = perm
        # First check if the user has the permission (even anon users)
        for perm_ in perms:
            perm_ = (perm_,)
            if user.has_perms(perm_):
                return True
        # In case the 403 handler should be called raise the exception
        if raise_exception:
            raise PermissionDenied
        # As the last resort, show the login form
        return False
    return user_passes_test(check_perms, login_url=login_url)
--- a/allianceauth/authentication/management/init.py
+++ b/allianceauth/authentication/management/init.py
--- a/allianceauth/authentication/management/commands/init.py
+++ b/allianceauth/authentication/management/commands/init.py
--- a/allianceauth/authentication/management/commands/checkmains.py
+++ b/allianceauth/authentication/management/commands/checkmains.py
@@ -0,0 +1,20 @@
 from django.core.management.base import BaseCommand
 from allianceauth.authentication.models import UserProfile
 class Command(BaseCommand):
    help = 'Ensures all main characters have an active ownership'
    def handle(self, *args, **options):
        profiles = UserProfile.objects.filter(main_character__isnull=False).filter(
            main_character__character_ownership__isnull=True)
        if profiles.exists():
            for profile in profiles:
                self.stdout.write(self.style.ERROR(
                    '{0} does not have an ownership. Resetting user {1} main character.'.format(profile.main_character,
                                                                                                profile.user)))
                profile.main_character = None
                profile.save()
            self.stdout.write(self.style.WARNING('Reset {0} main characters.'.format(profiles.count())))
        else:
            self.stdout.write(self.style.SUCCESS('All main characters have active ownership.'))
--- a/allianceauth/authentication/migrations/0015_user_profiles.py
+++ b/allianceauth/authentication/migrations/0015_user_profiles.py
@@ -43,7 +43,7 @@ def create_member_group(apps, schema_editor):
    member_state_name = getattr(settings, 'DEFAULT_AUTH_GROUP', 'Member')
    try:
-        g = Group.objects.get(name=member_state_name)
+        g, _ = Group.objects.get_or_create(name=member_state_name)
        # move permissions back
        state = State.objects.get(name=member_state_name)
        [g.permissions.add(p.pk) for p in state.permissions.all()]
@@ -51,7 +51,7 @@ def create_member_group(apps, schema_editor):
        # move users back
        for profile in state.userprofile_set.all().select_related('user'):
            profile.user.groups.add(g.pk)
-    except (Group.DoesNotExist, State.DoesNotExist):
+    except State.DoesNotExist:
        pass
@@ -67,7 +67,7 @@ def create_blue_state(apps, schema_editor):
        # move group permissions to state
        g = Group.objects.get(name=blue_state_name)
        [s.permissions.add(p.pk) for p in g.permissions.all()]
-        g.permissions.clear()
+        g.delete()
    except Group.DoesNotExist:
        pass
@@ -84,7 +84,7 @@ def create_blue_group(apps, schema_editor):
    blue_state_name = getattr(settings, 'DEFAULT_BLUE_GROUP', 'Blue')
    try:
-        g = Group.objects.get(name=blue_state_name)
+        g, _ = Group.objects.get_or_create(name=blue_state_name)
        # move permissions back
        state = State.objects.get(name=blue_state_name)
        [g.permissions.add(p.pk) for p in state.permissions.all()]
@@ -92,10 +92,15 @@ def create_blue_group(apps, schema_editor):
        # move users back
        for profile in state.userprofile_set.all().select_related('user'):
            profile.user.groups.add(g.pk)
-    except (Group.DoesNotExist, State.DoesNotExist):
+    except State.DoesNotExist:
        pass
 def purge_tokens(apps, schema_editor):
    Token = apps.get_model('esi', 'Token')
    Token.objects.filter(refresh_token__isnull=True).delete()
 def populate_ownerships(apps, schema_editor):
    Token = apps.get_model('esi', 'Token')
    CharacterOwnership = apps.get_model('authentication', 'CharacterOwnership')
@@ -103,16 +108,16 @@ def populate_ownerships(apps, schema_editor):
    unique_character_owners = [t['character_id'] for t in
                               Token.objects.all().values('character_id').annotate(n=models.Count('user')) if
-                               t['n'] == 1 and EveCharacter.objects.filter(character_id=t['character_id'].exists())]
+                               t['n'] == 1 and EveCharacter.objects.filter(character_id=t['character_id']).exists()]
    tokens = Token.objects.filter(character_id__in=unique_character_owners)
    for c_id in unique_character_owners:
-        ts = tokens.filter(character_id=c_id).order_by('created')
+        # find newest refreshable token and use it as basis for CharacterOwnership
-        for t in ts:
+        ts = tokens.filter(character_id=c_id).exclude(refresh_token__isnull=True).order_by('created')
-            if t.can_refresh:
+        if ts.exists():
-                # find newest refreshable token and use it as basis for CharacterOwnership
+            token = ts[0]
-                CharacterOwnership.objecs.create_by_token(t)
+            char = EveCharacter.objects.get(character_id=token.character_id)
-                break
+            CharacterOwnership.objects.create(user_id=token.user_id, character_id=char.id, owner_hash=token.character_owner_hash)
 def create_profiles(apps, schema_editor):
@@ -128,15 +133,24 @@ def create_profiles(apps, schema_editor):
                    auth['n'] == 1 and EveCharacter.objects.filter(character_id=auth['main_char_id']).exists()]
    auths = AuthServicesInfo.objects.filter(main_char_id__in=unique_mains).select_related('user')
    blue_state_name = getattr(settings, 'DEFAULT_BLUE_GROUP', 'Blue')
    member_state_name = getattr(settings, 'DEFAULT_AUTH_GROUP', 'Member')
    states = {
        'Member': State.objects.get(name=member_state_name),
        'Blue': State.objects.get(name=blue_state_name),
    }
    guest_state = State.objects.get(name='Guest')
    for auth in auths:
        # carry states and mains forward
-        state = State.objects.get(name=auth.state if auth.state else 'Guest')
+        state = states.get(auth.state, guest_state)
        char = EveCharacter.objects.get(character_id=auth.main_char_id)
        UserProfile.objects.create(user=auth.user, state=state, main_character=char)
    for auth in AuthServicesInfo.objects.exclude(main_char_id__in=unique_mains).select_related('user'):
        # prepare empty profiles
-        state = State.objects.get(name='Guest')
+        UserProfile.objects.create(user=auth.user, state=guest_state)
        UserProfile.objects.create(user=auth.user, state=state)
 def recreate_authservicesinfo(apps, schema_editor):
@@ -144,8 +158,16 @@ def recreate_authservicesinfo(apps, schema_editor):
    UserProfile = apps.get_model('authentication', 'UserProfile')
    User = apps.get_model('auth', 'User')
    blue_state_name = getattr(settings, 'DEFAULT_BLUE_GROUP', 'Blue')
    member_state_name = getattr(settings, 'DEFAULT_AUTH_GROUP', 'Member')
    states = {
        member_state_name: 'Member',
        blue_state_name: 'Blue',
    }
    # recreate all missing AuthServicesInfo models
-    AuthServicesInfo.objects.bulk_create([AuthServicesInfo(user=u.pk) for u in User.objects.all()])
+    AuthServicesInfo.objects.bulk_create([AuthServicesInfo(user_id=u.pk) for u in User.objects.all()])
    # repopulate main characters
    for profile in UserProfile.objects.exclude(main_character__isnull=True).select_related('user', 'main_character'):
@@ -154,8 +176,8 @@ def recreate_authservicesinfo(apps, schema_editor):
    # repopulate states we understand
    for profile in UserProfile.objects.exclude(state__name='Guest').filter(
-            state__name__in=['Member', 'Blue']).select_related('user', 'state'):
+            state__name__in=[member_state_name, blue_state_name]).select_related('user', 'state'):
-        AuthServicesInfo.objects.update_or_create(user=profile.user, defaults={'state': profile.state.name})
+        AuthServicesInfo.objects.update_or_create(user=profile.user, defaults={'state': states[profile.state.name]})
 def disable_passwords(apps, schema_editor):
@@ -203,7 +225,6 @@ class Migration(migrations.Migration):
                ('permissions', models.ManyToManyField(blank=True, to='auth.Permission')),
            ],
            options={
                'default_permissions': ('change',),
                'ordering': ['-priority'],
            },
        ),
@@ -222,6 +243,7 @@ class Migration(migrations.Migration):
        migrations.RunPython(create_guest_state, migrations.RunPython.noop),
        migrations.RunPython(create_member_state, create_member_group),
        migrations.RunPython(create_blue_state, create_blue_group),
        migrations.RunPython(purge_tokens, migrations.RunPython.noop),
        migrations.RunPython(populate_ownerships, migrations.RunPython.noop),
        migrations.RunPython(create_profiles, recreate_authservicesinfo),
        migrations.RemoveField(
@@ -233,7 +255,7 @@ class Migration(migrations.Migration):
        ),
        migrations.RunPython(disable_passwords, migrations.RunPython.noop),
        migrations.CreateModel(
-            name='ProxyPermission',
+            name='Permission',
            fields=[
            ],
            options={
@@ -247,7 +269,7 @@ class Migration(migrations.Migration):
            ],
        ),
        migrations.CreateModel(
-            name='ProxyUser',
+            name='User',
            fields=[
            ],
            options={
--- a/allianceauth/authentication/migrations/0016_ownershiprecord.py
+++ b/allianceauth/authentication/migrations/0016_ownershiprecord.py
@@ -0,0 +1,40 @@
 # Generated by Django 2.0.4 on 2018-04-14 18:28
 from django.conf import settings
 from django.db import migrations, models
 import django.db.models.deletion
 def create_initial_records(apps, schema_editor):
    OwnershipRecord = apps.get_model('authentication', 'OwnershipRecord')
    CharacterOwnership = apps.get_model('authentication', 'CharacterOwnership')
    OwnershipRecord.objects.bulk_create([
        OwnershipRecord(user=o.user, character=o.character, owner_hash=o.owner_hash) for o in CharacterOwnership.objects.all()
    ])
 class Migration(migrations.Migration):
    dependencies = [
        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
        ('eveonline', '0009_on_delete'),
        ('authentication', '0015_user_profiles'),
    ]
    operations = [
        migrations.CreateModel(
            name='OwnershipRecord',
            fields=[
                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                ('owner_hash', models.CharField(db_index=True, max_length=28)),
                ('created', models.DateTimeField(auto_now=True)),
                ('character', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='ownership_records', to='eveonline.EveCharacter')),
                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='ownership_records', to=settings.AUTH_USER_MODEL)),
            ],
            options={
                'ordering': ['-created'],
            },
        ),
        migrations.RunPython(create_initial_records, migrations.RunPython.noop)
    ]
--- a/allianceauth/authentication/models.py
+++ b/allianceauth/authentication/models.py
@@ -96,3 +96,16 @@ class CharacterOwnership(models.Model):
    def __str__(self):
        return "%s: %s" % (self.user, self.character)
 class OwnershipRecord(models.Model):
    character = models.ForeignKey(EveCharacter, on_delete=models.CASCADE, related_name='ownership_records')
    owner_hash = models.CharField(max_length=28, db_index=True)
    user = models.ForeignKey(User, on_delete=models.CASCADE, related_name='ownership_records')
    created = models.DateTimeField(auto_now=True)
    class Meta:
        ordering = ['-created']
    def __str__(self):
        return "%s: %s on %s" % (self.user, self.character, self.created)
--- a/allianceauth/authentication/signals.py
+++ b/allianceauth/authentication/signals.py
@@ -1,9 +1,9 @@
 import logging
-from .models import CharacterOwnership, UserProfile, get_guest_state, State
+from .models import CharacterOwnership, UserProfile, get_guest_state, State, OwnershipRecord
 from django.contrib.auth.models import User
 from django.db.models import Q
-from django.db.models.signals import post_save, pre_delete, m2m_changed, pre_save
+from django.db.models.signals import pre_save, post_save, pre_delete, post_delete, m2m_changed
 from django.dispatch import receiver, Signal
 from esi.models import Token
@@ -11,7 +11,6 @@ from allianceauth.eveonline.models import EveCharacter
 logger = logging.getLogger(__name__)
 state_changed = Signal(providing_args=['user', 'state'])
@@ -32,23 +31,27 @@ def trigger_state_check(state):
@receiver(m2m_changed, sender=State.member_characters.through)
 def state_member_characters_changed(sender, instance, action, *args, **kwargs):
    if action.startswith('post_'):
        logger.debug('State {} member characters changed. Re-evaluating membership.'.format(instance))
        trigger_state_check(instance)
@receiver(m2m_changed, sender=State.member_corporations.through)
 def state_member_corporations_changed(sender, instance, action, *args, **kwargs):
    if action.startswith('post_'):
        logger.debug('State {} member corporations changed. Re-evaluating membership.'.format(instance))
        trigger_state_check(instance)
@receiver(m2m_changed, sender=State.member_alliances.through)
 def state_member_alliances_changed(sender, instance, action, *args, **kwargs):
    if action.startswith('post_'):
        logger.debug('State {} member alliances changed. Re-evaluating membership.'.format(instance))
        trigger_state_check(instance)
@receiver(post_save, sender=State)
 def state_saved(sender, instance, *args, **kwargs):
    logger.debug('State {} saved. Re-evaluating membership.'.format(instance))
    trigger_state_check(instance)
@@ -59,6 +62,7 @@ def reassess_on_profile_save(sender, instance, created, *args, **kwargs):
    if not created:
        update_fields = kwargs.pop('update_fields', []) or []
        if 'state' not in update_fields:
            logger.debug('Profile for {} saved without state change. Re-evaluating state.'.format(instance.user))
            instance.assign_state()
@@ -66,12 +70,15 @@ def reassess_on_profile_save(sender, instance, created, *args, **kwargs):
 def create_required_models(sender, instance, created, *args, **kwargs):
    # ensure all users have a model
    if created:
        logger.debug('User {} created. Creating default UserProfile.'.format(instance))
        UserProfile.objects.get_or_create(user=instance)
@receiver(post_save, sender=Token)
 def record_character_ownership(sender, instance, created, *args, **kwargs):
    if created:
        logger.debug('New token for {0} character {1} saved. Evaluating ownership.'.format(instance.user,
                                                                                           instance.character_name))
        if instance.user:
            query = Q(owner_hash=instance.character_owner_hash) & Q(user=instance.user)
        else:
@@ -80,10 +87,15 @@ def record_character_ownership(sender, instance, created, *args, **kwargs):
        CharacterOwnership.objects.filter(character__character_id=instance.character_id).exclude(query).delete()
        # create character if needed
        if EveCharacter.objects.filter(character_id=instance.character_id).exists() is False:
            logger.debug('Token is for a new character. Creating model for {0} ({1})'.format(instance.character_name,
                                                                                             instance.character_id))
            EveCharacter.objects.create_character(instance.character_id)
        char = EveCharacter.objects.get(character_id=instance.character_id)
        # check if we need to create ownership
-        if instance.user and not CharacterOwnership.objects.filter(character__character_id=instance.character_id).exists():
+        if instance.user and not CharacterOwnership.objects.filter(
                character__character_id=instance.character_id).exists():
            logger.debug("Character {0} is not yet owned. Assigning ownership to {1}".format(instance.character_name,
                                                                                             instance.user))
            CharacterOwnership.objects.update_or_create(character=char,
                                                        defaults={'owner_hash': instance.character_owner_hash,
                                                                  'user': instance.user})
@@ -91,20 +103,23 @@ def record_character_ownership(sender, instance, created, *args, **kwargs):
@receiver(pre_delete, sender=CharacterOwnership)
 def validate_main_character(sender, instance, *args, **kwargs):
-    if instance.user.profile.main_character == instance.character:
+    try:
-        # clear main character as user no longer owns them
+        if instance.user.profile.main_character == instance.character:
-        instance.user.profile.main_character = None
+            logger.info("Ownership of a main character {0} has been revoked. Resetting {1} main character.".format(
-        instance.user.profile.save()
+                instance.character, instance.user))
            # clear main character as user no longer owns them
            instance.user.profile.main_character = None
            instance.user.profile.save()
    except UserProfile.DoesNotExist:
        # a user is being deleted
        pass
-@receiver(pre_delete, sender=Token)
+@receiver(post_delete, sender=Token)
-def validate_main_character_token(sender, instance, *args, **kwargs):
+def validate_ownership(sender, instance, *args, **kwargs):
-    if UserProfile.objects.filter(main_character__character_id=instance.character_id).exists():
+    if not Token.objects.filter(character_owner_hash=instance.character_owner_hash).filter(refresh_token__isnull=False).exists():
-        profile = UserProfile.objects.get(main_character__character_id=instance.character_id)
+        logger.info("No remaining tokens to validate ownership of character {0}. Revoking ownership.".format(instance.character_name))
-        if not Token.objects.filter(character_id=instance.character_id).filter(user=profile.user).exclude(pk=instance.pk).exists():
+        CharacterOwnership.objects.filter(owner_hash=instance.character_owner_hash).delete()
            # clear main character as we can no longer verify ownership
            profile.main_character = None
            profile.save()
@receiver(pre_save, sender=User)
@@ -114,8 +129,11 @@ def assign_state_on_active_change(sender, instance, *args, **kwargs):
        old_instance = User.objects.get(pk=instance.pk)
        if old_instance.is_active != instance.is_active:
            if instance.is_active:
                logger.debug("User {0} has been activated. Assigning state.".format(instance))
                instance.profile.assign_state()
            else:
                logger.debug(
                    "User {0} has been deactivated. Revoking state and assigning to guest state.".format(instance))
                instance.profile.state = get_guest_state()
                instance.profile.save(update_fields=['state'])
@@ -124,6 +142,20 @@ def assign_state_on_active_change(sender, instance, *args, **kwargs):
 def check_state_on_character_update(sender, instance, *args, **kwargs):
    # if this is a main character updating, check that user's state
    try:
        logger.debug("Character {0} has been saved. Assessing owner's state for changes.".format(instance))
        instance.userprofile.assign_state()
    except UserProfile.DoesNotExist:
        logger.debug("Character {0} is not a main character. No state assessment required.".format(instance))
        pass
@receiver(post_save, sender=CharacterOwnership)
 def ownership_record_creation(sender, instance, created, *args, **kwargs):
    if created:
        records = OwnershipRecord.objects.filter(owner_hash=instance.owner_hash).filter(character=instance.character)
        if records.exists():
            if records[0].user == instance.user:  # most recent record is sorted first
                logger.debug("Already have ownership record of {0} by user {1}".format(instance.character, instance.user))
                return
        logger.info("Character {0} has a new owner {1}. Creating ownership record.".format(instance.character, instance.user))
        OwnershipRecord.objects.create(user=instance.user, character=instance.character, owner_hash=instance.owner_hash)
--- a/allianceauth/authentication/tasks.py
+++ b/allianceauth/authentication/tasks.py
@@ -1,6 +1,6 @@
 import logging
-from esi.errors import TokenExpiredError, TokenInvalidError
+from esi.errors import TokenExpiredError, TokenInvalidError, IncompleteResponseError
 from esi.models import Token
 from celery import shared_task
@@ -20,13 +20,19 @@ def check_character_ownership(owner_hash):
            except (TokenExpiredError, TokenInvalidError):
                t.delete()
                continue
-
+            except (KeyError, IncompleteResponseError):
-            if t.character_owner_hash == old_hash:
+                # We can't validate the hash hasn't changed but also can't assume it has. Abort for now.
                logger.warning("Failed to validate owner hash of {0} due to problems contacting SSO servers.".format(
                    tokens[0].character_name))
                break
-            else:
+
-                logger.info('Character %s has changed ownership. Revoking %s tokens.' % (t.character_name, tokens.count()))
+            if not t.character_owner_hash == old_hash:
                logger.info(
                    'Character %s has changed ownership. Revoking %s tokens.' % (t.character_name, tokens.count()))
                tokens.delete()
-    else:
+            break
    if not Token.objects.filter(character_owner_hash=owner_hash).exists():
        logger.info('No tokens found with owner hash %s. Revoking ownership.' % owner_hash)
        CharacterOwnership.objects.filter(owner_hash=owner_hash).delete()
--- a/allianceauth/authentication/templates/authentication/dashboard.html
+++ b/allianceauth/authentication/templates/authentication/dashboard.html
@@ -21,7 +21,7 @@
                            <table class="table">
                                <tr>
                                    <td class="text-center"><img class="ra-avatar"
-                                                                 src="https://image.eveonline.com/Character/{{ main.character_id }}_128.jpg">
+                                                                 src="{{ main.portrait_url_128 }}">
                                    </td>
                                </tr>
                                <tr>
@@ -57,7 +57,7 @@
                        </div>
                        {% endwith %}
                        {% else %}
-                        <div class="alert alert-danger" role="alert">{% trans "Missing main character model." %}</div>
+                        <div class="alert alert-danger" role="alert">{% trans "No main character set." %}</div>
                        {% endif %}
                        <div class="clearfix"></div>
                        <div class="col-xs-6">
@@ -102,8 +102,7 @@
                    {% for ownership in request.user.character_ownerships.all %}
                    {% with ownership.character as char %}
                    <tr>
-                        <td class="text-center"><img class="ra-avatar img-circle"
+                        <td class="text-center"><img class="ra-avatar img-circle" src="{{ char.portrait_url_32 }}">
                                                     src="https://image.eveonline.com/Character/{{ char.character_id }}_32.jpg">
                        </td>
                        <td class="text-center">{{ char.character_name }}</td>
                        <td class="text-center">{{ char.corporation_name }}</td>
--- a/allianceauth/authentication/templates/public/base.html
+++ b/allianceauth/authentication/templates/public/base.html
@@ -17,7 +17,7 @@
        <style>
            body {
-                background: url('{% static 'authentication/img/background.jpg' %}') no-repeat scroll;
+                background: url('{% static 'authentication/img/background.jpg' %}') no-repeat center center fixed;
                -webkit-background-size: cover;
                -moz-background-size: cover;
                -o-background-size: cover;
@@ -48,4 +48,4 @@
            {% endblock %}
        </div>
    </body>
-</html>
+</html>
--- a/allianceauth/authentication/templates/public/lang_select.html
+++ b/allianceauth/authentication/templates/public/lang_select.html
@@ -2,7 +2,6 @@
 <div class="dropdown">
    <form action="{% url 'set_language' %}" method="post">
        {% csrf_token %}
        <input name="next" type="hidden" value="{{ request.get_full_path|slice:'3:' }}" />
        <select onchange="this.form.submit()" class="form-control" id="lang-select" name="language">
            {% get_language_info_list for LANGUAGES as languages %}
            {% for language in languages %}
@@ -12,4 +11,4 @@
            {% endfor %}
        </select>
    </form>
-</div>
+</div>
--- a/allianceauth/authentication/templates/registration/activation_email.txt
+++ b/allianceauth/authentication/templates/registration/activation_email.txt
@@ -2,7 +2,7 @@ You're receiving this email because someone has entered this email address while
 If this was you, please go to the following URL to confirm your email address:
-{{ url }}
+{{ scheme }}://{{ url }}
 This link will expire in {{ expiration_days }} day(s).
--- a/allianceauth/authentication/tests.py
+++ b/allianceauth/authentication/tests.py
@@ -1,13 +1,70 @@
 from unittest import mock
-
+from io import StringIO
 from django.test import TestCase
 from django.contrib.auth.models import User
 from allianceauth.tests.auth_utils import AuthUtils
-from .models import CharacterOwnership, UserProfile, State, get_guest_state
+from .models import CharacterOwnership, UserProfile, State, get_guest_state, OwnershipRecord
 from .backends import StateBackend
 from .tasks import check_character_ownership
 from allianceauth.eveonline.models import EveCharacter, EveCorporationInfo, EveAllianceInfo
 from esi.models import Token
 from esi.errors import IncompleteResponseError
 from allianceauth.authentication.decorators import main_character_required
 from django.test.client import RequestFactory
 from django.http.response import HttpResponse
 from django.contrib.auth.models import AnonymousUser
 from django.conf import settings
 from django.shortcuts import reverse
 from django.core.management import call_command
 from urllib import parse
 MODULE_PATH = 'allianceauth.authentication'
 class DecoratorTestCase(TestCase):
    @staticmethod
    @main_character_required
    def dummy_view(*args, **kwargs):
        return HttpResponse(status=200)
    @classmethod
    def setUpTestData(cls):
        cls.main_user = AuthUtils.create_user('main_user', disconnect_signals=True)
        cls.no_main_user = AuthUtils.create_user('no_main_user', disconnect_signals=True)
        main_character = EveCharacter.objects.create(
            character_id=1,
            character_name='Main Character',
            corporation_id=1,
            corporation_name='Corp',
            corporation_ticker='CORP',
        )
        CharacterOwnership.objects.create(user=cls.main_user, character=main_character, owner_hash='1')
        cls.main_user.profile.main_character = main_character
    def setUp(self):
        self.request = RequestFactory().get('/test/')
    @mock.patch(MODULE_PATH + '.decorators.messages')
    def test_login_redirect(self, m):
        setattr(self.request, 'user', AnonymousUser())
        response = self.dummy_view(self.request)
        self.assertEqual(response.status_code, 302)
        url = getattr(response, 'url', None)
        self.assertEqual(parse.urlparse(url).path,  reverse(settings.LOGIN_URL))
    @mock.patch(MODULE_PATH + '.decorators.messages')
    def test_main_character_redirect(self, m):
        setattr(self.request, 'user', self.no_main_user)
        response = self.dummy_view(self.request)
        self.assertEqual(response.status_code, 302)
        url = getattr(response, 'url', None)
        self.assertEqual(url, reverse('authentication:dashboard'))
    @mock.patch(MODULE_PATH + '.decorators.messages')
    def test_successful_request(self, m):
        setattr(self.request, 'user', self.main_user)
        response = self.dummy_view(self.request)
        self.assertEqual(response.status_code, 200)
 class BackendTestCase(TestCase):
@@ -35,6 +92,7 @@ class BackendTestCase(TestCase):
            corporation_ticker='CORP',
        )
        cls.user = AuthUtils.create_user('test_user', disconnect_signals=True)
        cls.old_user = AuthUtils.create_user('old_user', disconnect_signals=True)
        AuthUtils.disconnect_signals()
        CharacterOwnership.objects.create(user=cls.user, character=cls.main_character, owner_hash='1')
        CharacterOwnership.objects.create(user=cls.user, character=cls.alt_character, owner_hash='2')
@@ -58,6 +116,14 @@ class BackendTestCase(TestCase):
        self.assertEqual(user.username, 'Unclaimed_Character')
        self.assertEqual(user.profile.main_character, self.unclaimed_character)
    def test_authenticate_character_record(self):
        t = Token(character_id=self.unclaimed_character.character_id, character_name=self.unclaimed_character.character_name, character_owner_hash='4')
        record = OwnershipRecord.objects.create(user=self.old_user, character=self.unclaimed_character, owner_hash='4')
        user = StateBackend().authenticate(token=t)
        self.assertEqual(user, self.old_user)
        self.assertTrue(CharacterOwnership.objects.filter(owner_hash='4', user=self.old_user).exists())
        self.assertTrue(user.profile.main_character)
    def test_iterate_username(self):
        t = Token(character_id=self.unclaimed_character.character_id,
                  character_name=self.unclaimed_character.character_name, character_owner_hash='3')
@@ -130,28 +196,6 @@ class CharacterOwnershipTestCase(TestCase):
        self.user = User.objects.get(pk=self.user.pk)
        self.assertIsNone(self.user.profile.main_character)
    @mock.patch('esi.models.Token.update_token_data')
    def test_character_ownership_check(self, update_token_data):
        t = Token.objects.create(
            user=self.user,
            character_id=self.character.character_id,
            character_name=self.character.character_name,
            character_owner_hash='1',
        )
        co = CharacterOwnership.objects.get(owner_hash='1')
        check_character_ownership(co.owner_hash)
        self.assertTrue(CharacterOwnership.objects.filter(owner_hash='1').exists())
        t.character_owner_hash = '2'
        t.save()
        check_character_ownership(co.owner_hash)
        self.assertFalse(CharacterOwnership.objects.filter(owner_hash='1').exists())
        t.delete()
        co = CharacterOwnership.objects.create(user=self.user, character=self.character, owner_hash='3')
        check_character_ownership(co.owner_hash)
        self.assertFalse(CharacterOwnership.objects.filter(owner_hash='3').exists())
 class StateTestCase(TestCase):
    @classmethod
@@ -286,3 +330,73 @@ class StateTestCase(TestCase):
        self.user.save()
        self._refresh_user()
        self.assertEquals(self.user.profile.state, self.member_state)
 class CharacterOwnershipCheckTestCase(TestCase):
    @classmethod
    def setUpTestData(cls):
        cls.user = AuthUtils.create_user('test_user', disconnect_signals=True)
        AuthUtils.add_main_character(cls.user, 'Test Character', '1', corp_id='1', alliance_id='1',
                                     corp_name='Test Corp', alliance_name='Test Alliance')
        cls.character = EveCharacter.objects.get(character_id='1')
        cls.token = Token.objects.create(
            user=cls.user,
            character_id='1',
            character_name='Test',
            character_owner_hash='1',
        )
        cls.ownership = CharacterOwnership.objects.get(character=cls.character)
    @mock.patch(MODULE_PATH + '.tasks.Token.update_token_data')
    def test_no_change_owner_hash(self, update_token_data):
        # makes sure the ownership isn't delete if owner hash hasn't changed
        check_character_ownership(self.ownership)
        self.assertTrue(CharacterOwnership.objects.filter(user=self.user).filter(character=self.character).exists())
    @mock.patch(MODULE_PATH + '.tasks.Token.update_token_data')
    def test_unable_to_update_token_data(self, update_token_data):
        # makes sure ownerships and tokens aren't hellpurged when there's problems with the SSO servers
        update_token_data.side_effect = IncompleteResponseError()
        check_character_ownership(self.ownership)
        self.assertTrue(CharacterOwnership.objects.filter(user=self.user).filter(character=self.character).exists())
        update_token_data.side_effect = KeyError()
        check_character_ownership(self.ownership)
        self.assertTrue(CharacterOwnership.objects.filter(user=self.user).filter(character=self.character).exists())
    @mock.patch(MODULE_PATH + '.tasks.Token.update_token_data')
    @mock.patch(MODULE_PATH + '.tasks.Token.delete')
    @mock.patch(MODULE_PATH + '.tasks.Token.objects.exists')
    @mock.patch(MODULE_PATH + '.tasks.CharacterOwnership.objects.filter')
    def test_owner_hash_changed(self, filter, exists, delete, update_token_data):
        # makes sure the ownership is revoked when owner hash changes
        filter.return_value.exists.return_value = False
        check_character_ownership(self.ownership)
        self.assertTrue(filter.return_value.delete.called)
 class ManagementCommandTestCase(TestCase):
    @classmethod
    def setUpTestData(cls):
        cls.user = AuthUtils.create_user('test user', disconnect_signals=True)
        AuthUtils.add_main_character(cls.user, 'test character', '1', '2', 'test corp', 'test')
        character = UserProfile.objects.get(user=cls.user).main_character
        CharacterOwnership.objects.create(user=cls.user, character=character, owner_hash='test')
    def setUp(self):
        self.stdout = StringIO()
    def test_ownership(self):
        call_command('checkmains', stdout=self.stdout)
        self.assertFalse(UserProfile.objects.filter(main_character__isnull=True).count())
        self.assertNotIn(self.user.username, self.stdout.getvalue())
        self.assertIn('All main characters', self.stdout.getvalue())
    def test_no_ownership(self):
        user = AuthUtils.create_user('v1 user', disconnect_signals=True)
        AuthUtils.add_main_character(user, 'v1 character', '10', '20', 'test corp', 'test')
        self.assertFalse(UserProfile.objects.filter(main_character__isnull=True).count())
        call_command('checkmains', stdout=self.stdout)
        self.assertEqual(UserProfile.objects.filter(main_character__isnull=True).count(), 1)
        self.assertIn(user.username, self.stdout.getvalue())
--- a/allianceauth/authentication/views.py
+++ b/allianceauth/authentication/views.py
@@ -10,6 +10,7 @@ from django.urls import reverse
 from django.shortcuts import redirect
 from django.utils.translation import ugettext_lazy as _
 from esi.decorators import token_required
 from esi.models import Token
 from registration.backends.hmac.views import RegistrationView as BaseRegistrationView, \
    ActivationView as BaseActivationView, REGISTRATION_SALT
 from registration.signals import user_registered
@@ -71,17 +72,22 @@ have the email address embedded much like the username. Key creation and decodin
@token_required(new=True, scopes=settings.LOGIN_TOKEN_SCOPES)
 def sso_login(request, token):
    user = authenticate(token=token)
-    if user and user.is_active:
+    if user:
-        login(request, user)
+        token.user = user
-        return redirect(request.POST.get('next', request.GET.get('next', 'authentication:dashboard')))
+        if Token.objects.exclude(pk=token.pk).equivalent_to(token).require_valid().exists():
-    elif user and not user.email:
+            token.delete()
-        # Store the new user PK in the session to enable us to identify the registering user in Step 2
+        else:
-        request.session['registration_uid'] = user.pk
+            token.save()
-        # Go to Step 2
+        if user.is_active:
-        return redirect('registration_register')
+            login(request, user)
-    else:
+            return redirect(request.POST.get('next', request.GET.get('next', 'authentication:dashboard')))
-        messages.error(request, _('Unable to authenticate as the selected character.'))
+        elif not user.email:
-        return redirect(settings.LOGIN_URL)
+            # Store the new user PK in the session to enable us to identify the registering user in Step 2
            request.session['registration_uid'] = user.pk
            # Go to Step 2
            return redirect('registration_register')
    messages.error(request, _('Unable to authenticate as the selected character.'))
    return redirect(settings.LOGIN_URL)
 # Step 2
@@ -89,20 +95,33 @@ class RegistrationView(BaseRegistrationView):
    form_class = RegistrationForm
    success_url = 'authentication:dashboard'
-    def dispatch(self, *args, **kwargs):
+    def get_success_url(self, user):
        if not getattr(settings, 'REGISTRATION_VERIFY_EMAIL', True):
            return 'authentication:dashboard', (), {}
        return super().get_success_url(user)
    def dispatch(self, request, *args, **kwargs):
        # We're storing a key in the session to pass user information from OAuth response. Make sure it's there.
        if not self.request.session.get('registration_uid', None) or not User.objects.filter(
                pk=self.request.session.get('registration_uid')).exists():
            messages.error(self.request, _('Registration token has expired.'))
            return redirect(settings.LOGIN_URL)
-        return super(RegistrationView, self).dispatch(*args, **kwargs)
+        if not getattr(settings, 'REGISTRATION_VERIFY_EMAIL', True):
            # Keep the request so the user can be automagically logged in.
            setattr(self, 'request', request)
        return super(RegistrationView, self).dispatch(request, *args, **kwargs)
    def register(self, form):
        user = User.objects.get(pk=self.request.session.get('registration_uid'))
        user.email = form.cleaned_data['email']
        user_registered.send(self.__class__, user=user, request=self.request)
-        # Go to Step 3
+        if getattr(settings, 'REGISTRATION_VERIFY_EMAIL', True):
-        self.send_activation_email(user)
+            # Go to Step 3
            self.send_activation_email(user)
        else:
            user.is_active = True
            user.save()
            login(self.request, user, 'allianceauth.authentication.backends.StateBackend')
        return user
    def get_activation_key(self, user):
--- a/allianceauth/corputils/auth_hooks.py
+++ b/allianceauth/corputils/auth_hooks.py
@@ -1,5 +1,5 @@
 from allianceauth.services.hooks import MenuItemHook, UrlHook
-
+from django.utils.translation import ugettext_lazy as _
 from allianceauth import hooks
 from allianceauth.corputils import urls
@@ -7,7 +7,7 @@ from allianceauth.corputils import urls
 class CorpStats(MenuItemHook):
    def __init__(self):
        MenuItemHook.__init__(self,
-                              'Corporation Stats',
+                              _('Corporation Stats'),
                              'fa fa-share-alt fa-fw',
                              'corputils:view',
                              navactive=['corputils:'])
--- a/allianceauth/corputils/managers.py
+++ b/allianceauth/corputils/managers.py
@@ -16,10 +16,16 @@ class CorpStatsQuerySet(models.QuerySet):
            assert char
            # build all accepted queries
            queries = [models.Q(token__user=user)]
            if user.has_perm('corputils.view_corp_corpstats'):
                queries.append(models.Q(corp__corporation_id=char.corporation_id))
            if user.has_perm('corputils.view_alliance_corpstats'):
-                queries.append(models.Q(corp__alliance__alliance_id=char.alliance_id))
+                if char.alliance_id is not None:
                    queries.append(models.Q(corp__alliance__alliance_id=char.alliance_id))
                else:
                    queries.append(models.Q(corp__corporation_id=char.corporation_id))
            if user.has_perm('corputils.view_corp_corpstats'):
                if user.has_perm('corputils.view_alliance_corpstats'):
                    pass
                else:
                    queries.append(models.Q(corp__corporation_id=char.corporation_id))
            if user.has_perm('corputils.view_state_corpstats'):
                queries.append(models.Q(corp__in=user.profile.state.member_corporations.all()))
                queries.append(models.Q(corp__alliance__in=user.profile.state.member_alliances.all()))
--- a/allianceauth/corputils/models.py
+++ b/allianceauth/corputils/models.py
@@ -12,6 +12,16 @@ from allianceauth.notifications import notify
 from allianceauth.corputils.managers import CorpStatsManager
 SWAGGER_SPEC_PATH = os.path.join(os.path.dirname(os.path.abspath(__file__)), 'swagger.json')
 """
 Swagger spec operations:
 Character
 get_characters_character_id
 get_corporations_corporation_id_members
 Universe
 post_universe_names
 """
 logger = logging.getLogger(__name__)
@@ -40,19 +50,18 @@ class CorpStats(models.Model):
            c = self.token.get_esi_client(spec_file=SWAGGER_SPEC_PATH)
            assert c.Character.get_characters_character_id(character_id=self.token.character_id).result()[
                       'corporation_id'] == int(self.corp.corporation_id)
-            members = c.Corporation.get_corporations_corporation_id_members(
+            member_ids = c.Corporation.get_corporations_corporation_id_members(
                corporation_id=self.corp.corporation_id).result()
            member_ids = [m['character_id'] for m in members]
            # requesting too many ids per call results in a HTTP400
            # the swagger spec doesn't have a maxItems count
            # manual testing says we can do over 350, but let's not risk it
            member_id_chunks = [member_ids[i:i + 255] for i in range(0, len(member_ids), 255)]
-            member_name_chunks = [c.Character.get_characters_names(character_ids=id_chunk).result() for id_chunk in
+            member_name_chunks = [c.Universe.post_universe_names(ids=id_chunk).result() for id_chunk in
                                  member_id_chunks]
            member_list = {}
            for name_chunk in member_name_chunks:
-                member_list.update({m['character_id']: m['character_name'] for m in name_chunk})
+                member_list.update({m['id']: m['name'] for m in name_chunk})
            # bulk create new member models
            missing_members = [m_id for m_id in member_ids if
@@ -121,8 +130,11 @@ class CorpStats(models.Model):
                                           m.main_character and int(m.main_character.character_id) == int(
                                               m.character_id)])
    def visible_to(self, user):
        return CorpStats.objects.filter(pk=self.pk).visible_to(user).exists()
    def can_update(self, user):
-        return user.is_superuser or user == self.token.user
+        return self.token.user == user or self.visible_to(user)
    def corp_logo(self, size=128):
        return "https://image.eveonline.com/Corporation/%s_%s.png" % (self.corp.corporation_id, size)
@@ -179,4 +191,4 @@ class CorpMember(models.Model):
        if item.startswith('portrait_url_'):
            size = item.strip('portrait_url_')
            return self.portrait_url(size)
-        return super(CorpMember, self).__getattr__(item)
+        return self.__getattribute__(item)
--- a/allianceauth/corputils/swagger.json
+++ b/allianceauth/corputils/swagger.json
--- a/allianceauth/corputils/tasks.py
+++ b/allianceauth/corputils/tasks.py
@@ -1,5 +1,5 @@
 from celery import shared_task
-from allianceauth.corputils import CorpStats
+from allianceauth.corputils.models import CorpStats
@shared_task
--- a/allianceauth/corputils/templates/corputils/corpstats.html
+++ b/allianceauth/corputils/templates/corputils/corpstats.html
@@ -9,9 +9,9 @@
                    <tr>
                        <td class="text-center col-lg-6
                                {% if corpstats.corp.alliance %}{% else %}col-lg-offset-3{% endif %}"><img
-                                class="ra-avatar" src="{{ corpstats.corp_logo }}"></td>
+                                class="ra-avatar" src="{{ corpstats.corp.logo_url_128 }}"></td>
                        {% if corpstats.corp.alliance %}
-                            <td class="text-center col-lg-6"><img class="ra-avatar" src="{{ corpstats.alliance_logo }}">
+                            <td class="text-center col-lg-6"><img class="ra-avatar" src="{{ corpstats.corp.alliance.logo_url_128 }}">
                            </td>
                        {% endif %}
                    </tr>
@@ -70,6 +70,7 @@
                                                                {% for alt in main.alts %}
                                                                    {% if forloop.first %}
                                                                        <tr>
                                                                            <th></th>
                                                                            <th class="text-center">{% trans "Character" %}</th>
                                                                            <th class="text-center">{% trans "Corporation" %}</th>
                                                                            <th class="text-center">{% trans "Alliance" %}</th>
@@ -77,10 +78,15 @@
                                                                        </tr>
                                                                    {% endif %}
                                                                    <tr>
-                                                                        <td class="text-center">{{ alt.character_name }}</td>
+                                                                        <td class="text-center" style="width:5%">
-                                                                        <td class="text-center">{{ alt.corporation_name }}</td>
+                                                                            <div class="thumbnail" style="border: 0 none; box-shadow: none; background: transparent;">
-                                                                        <td class="text-center">{{ alt.alliance_name }}</td>
+                                                                                <img src="https://image.eveonline.com/Character/{{ alt.character_id }}_32.jpg" class="img-circle">
-                                                                        <td class="text-center">
+                                                                            </div>
                                                                        </td>
                                                                        <td class="text-center" style="width:30%">{{ alt.character_name }}</td>
                                                                        <td class="text-center" style="width:30%">{{ alt.corporation_name }}</td>
                                                                        <td class="text-center" style="width:30%">{{ alt.alliance_name }}</td>
                                                                        <td class="text-center" style="width:5%">
                                                                            <a href="https://zkillboard.com/character/{{ alt.character_id }}/"
                                                                               class="label label-danger" target="_blank">
                                                                                {% trans "Killboard" %}
@@ -175,9 +181,25 @@
 {% endblock %}
 {% block extra_script %}
    $(document).ready(function(){
-        $('#table-mains').DataTable();
+        $('#table-mains').DataTable({
-        $('#table-members').DataTable();
+            "columnDefs": [
-        $('#table-unregistered').DataTable();
+                { "sortable": false, "targets": [1] },
            ],
        });
        $('#table-members').DataTable({
            "columnDefs": [
                { "searchable": false, "targets": [0, 2] },
                { "sortable": false, "targets": [0, 2] },
            ],
            "order": [[ 1, "asc" ]],
        });
        $('#table-unregistered').DataTable({
            "columnDefs": [
                { "searchable": false, "targets": [0, 2] },
                { "sortable": false, "targets": [0, 2] },
            ],
            "order": [[ 1, "asc" ]],
        });
    });
-{% endblock %}
+{% endblock %}
--- a/allianceauth/corputils/tests.py
+++ b/allianceauth/corputils/tests.py
@@ -85,8 +85,8 @@ class CorpStatsUpdateTestCase(TestCase):
    @mock.patch('esi.clients.SwaggerClient')
    def test_update_add_member(self, SwaggerClient):
        SwaggerClient.from_spec.return_value.Character.get_characters_character_id.return_value.result.return_value = {'corporation_id': 2}
-        SwaggerClient.from_spec.return_value.Corporation.get_corporations_corporation_id_members.return_value.result.return_value = [{'character_id': 1}]
+        SwaggerClient.from_spec.return_value.Corporation.get_corporations_corporation_id_members.return_value.result.return_value = [1]
-        SwaggerClient.from_spec.return_value.Character.get_characters_names.return_value.result.return_value = [{'character_id': 1, 'character_name': 'test character'}]
+        SwaggerClient.from_spec.return_value.Universe.post_universe_names.return_value.result.return_value = [{'id': 1, 'name': 'test character'}]
        self.corpstats.update()
        self.assertTrue(CorpMember.objects.filter(character_id='1', character_name='test character', corpstats=self.corpstats).exists())
@@ -94,8 +94,8 @@ class CorpStatsUpdateTestCase(TestCase):
    def test_update_remove_member(self, SwaggerClient):
        CorpMember.objects.create(character_id='2', character_name='old test character', corpstats=self.corpstats)
        SwaggerClient.from_spec.return_value.Character.get_characters_character_id.return_value.result.return_value = {'corporation_id': 2}
-        SwaggerClient.from_spec.return_value.Corporation.get_corporations_corporation_id_members.return_value.result.return_value = [{'character_id': 1}]
+        SwaggerClient.from_spec.return_value.Corporation.get_corporations_corporation_id_members.return_value.result.return_value = [1]
-        SwaggerClient.from_spec.return_value.Character.get_characters_names.return_value.result.return_value = [{'character_id': 1, 'character_name': 'test character'}]
+        SwaggerClient.from_spec.return_value.Universe.post_universe_names.return_value.result.return_value = [{'id': 1, 'name': 'test character'}]
        self.corpstats.update()
        self.assertFalse(CorpMember.objects.filter(character_id='2', corpstats=self.corpstats).exists())
--- a/allianceauth/corputils/views.py
+++ b/allianceauth/corputils/views.py
@@ -13,11 +13,17 @@ from allianceauth.eveonline.models import EveCharacter, EveCorporationInfo
 from .models import CorpStats
 SWAGGER_SPEC_PATH = os.path.join(os.path.dirname(os.path.abspath(__file__)), 'swagger.json')
 """
 Swagger spec operations:
 get_characters_character_id
 """
 def access_corpstats_test(user):
    return user.has_perm('corputils.view_corp_corpstats') or user.has_perm(
-        'corputils.view_alliance_corpstats') or user.has_perm('corputils.view_state_corpstats')
+        'corputils.view_alliance_corpstats') or user.has_perm('corputils.view_state_corpstats') or user.has_perm(
        'corputils.add_corpstats')
@login_required
@@ -62,7 +68,7 @@ def corpstats_view(request, corp_id=None):
        corpstats = get_object_or_404(CorpStats, corp=corp)
    # get available models
-    available = CorpStats.objects.visible_to(request.user)
+    available = CorpStats.objects.visible_to(request.user).order_by('corp__corporation_name')
    # ensure we can see the requested model
    if corpstats and corpstats not in available:
--- a/allianceauth/eveonline/autogroups/apps.py
+++ b/allianceauth/eveonline/autogroups/apps.py
@@ -4,3 +4,6 @@ from django.apps import AppConfig
 class EveAutogroupsConfig(AppConfig):
    name = 'allianceauth.eveonline.autogroups'
    label = 'eve_autogroups'
    def ready(self):
        import allianceauth.eveonline.autogroups.signals
--- a/allianceauth/eveonline/autogroups/migrations/0001_initial.py
+++ b/allianceauth/eveonline/autogroups/migrations/0001_initial.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-# Generated by Django 1.11.5 on 2017-09-29 14:44
+# Generated by Django 1.11.6 on 2017-12-23 04:30
 from __future__ import unicode_literals
 from django.db import migrations, models
@@ -29,40 +29,31 @@ class Migration(migrations.Migration):
                ('alliance_name_source', models.CharField(choices=[('ticker', 'Ticker'), ('name', 'Full name')], default='name', max_length=20)),
                ('replace_spaces', models.BooleanField(default=False)),
                ('replace_spaces_with', models.CharField(blank=True, default='', help_text='Any spaces in the group name will be replaced with this.', max_length=10)),
                ('states', models.ManyToManyField(related_name='autogroups', to='authentication.State')),
            ],
        ),
        migrations.CreateModel(
            name='ManagedGroup',
            fields=[
                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
            ],
        ),
        migrations.CreateModel(
            name='ManagedAllianceGroup',
            fields=[
-                ('managedgroup_ptr', models.OneToOneField(auto_created=True, on_delete=django.db.models.deletion.CASCADE, parent_link=True, primary_key=True, serialize=False, to='eve_autogroups.ManagedGroup')),
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                ('alliance', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='eveonline.EveAllianceInfo')),
                ('config', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='eve_autogroups.AutogroupsConfig')),
                ('group', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='auth.Group')),
            ],
-            bases=('eve_autogroups.managedgroup',),
+            options={
                'abstract': False,
            },
        ),
        migrations.CreateModel(
            name='ManagedCorpGroup',
            fields=[
-                ('managedgroup_ptr', models.OneToOneField(auto_created=True, on_delete=django.db.models.deletion.CASCADE, parent_link=True, primary_key=True, serialize=False, to='eve_autogroups.ManagedGroup')),
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                ('config', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='eve_autogroups.AutogroupsConfig')),
                ('corp', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='eveonline.EveCorporationInfo')),
                ('group', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='auth.Group')),
            ],
-            bases=('eve_autogroups.managedgroup',),
+            options={
-        ),
+                'abstract': False,
-        migrations.AddField(
+            },
            model_name='managedgroup',
            name='config',
            field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='eve_autogroups.AutogroupsConfig'),
        ),
        migrations.AddField(
            model_name='managedgroup',
            name='group',
            field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='auth.Group'),
        ),
        migrations.AddField(
            model_name='autogroupsconfig',
@@ -74,4 +65,9 @@ class Migration(migrations.Migration):
            name='corp_managed_groups',
            field=models.ManyToManyField(help_text="A list of corporation groups created and maintained by this AutogroupConfig. You should not edit this list unless you know what you're doing.", related_name='corp_managed_config', through='eve_autogroups.ManagedCorpGroup', to='auth.Group'),
        ),
        migrations.AddField(
            model_name='autogroupsconfig',
            name='states',
            field=models.ManyToManyField(related_name='autogroups', to='authentication.State'),
        ),
    ]
--- a/allianceauth/eveonline/autogroups/models.py
+++ b/allianceauth/eveonline/autogroups/models.py
@@ -11,7 +11,7 @@ logger = logging.getLogger(__name__)
 def get_users_for_state(state: State):
    return User.objects.select_related('profile').prefetch_related('profile__main_character')\
-            .filter(profile__state__pk=state.pk)
+            .filter(profile__state_id=state.pk)
 class AutogroupsConfigManager(models.Manager):
@@ -39,7 +39,12 @@ class AutogroupsConfigManager(models.Manager):
        if state is None:
            state = user.profile.state
        for config in self.filter(states=state):
-                config.update_group_membership_for_user(user)
+            # grant user new groups for their state
            config.update_group_membership_for_user(user)
        for config in self.exclude(states=state):
            # ensure user does not have groups from previous state
            config.remove_user_from_alliance_groups(user)
            config.remove_user_from_corp_groups(user)
 class AutogroupsConfig(models.Model):
@@ -110,21 +115,24 @@ class AutogroupsConfig(models.Model):
        group = None
        try:
            if not self.alliance_groups or not self.user_entitled_to_groups(user):
-                logger.debug('User {} does not have required state'.format(user))
+                logger.debug('User {} does not have required state for alliance group membership'.format(user))
                return
            else:
                alliance = user.profile.main_character.alliance
                if alliance is None:
                    logger.debug('User {} alliance is None, cannot update group membership'.format(user))
                    return
                group = self.get_alliance_group(alliance)
        except EveAllianceInfo.DoesNotExist:
-            logger.warning('User {} main characters alliance does not exist in the database.'
+            logger.debug('User {} main characters alliance does not exist in the database. Creating.'.format(user))
-                           ' Group membership not updated'.format(user))
+            alliance = EveAllianceInfo.objects.create_alliance(user.profile.main_character.alliance_id)
            group = self.get_alliance_group(alliance)
        except AttributeError:
            logger.warning('User {} does not have a main character. Group membership not updated'.format(user))
        finally:
-            self.remove_user_from_corp_groups(user, except_group=group)
+            self.remove_user_from_alliance_groups(user, except_group=group)
            if group is not None:
                logger.debug('Adding user {} to alliance group {}'.format(user, group))
                user.groups.add(group)
    @transaction.atomic
@@ -132,18 +140,20 @@ class AutogroupsConfig(models.Model):
        group = None
        try:
            if not self.corp_groups or not self.user_entitled_to_groups(user):
-                logger.debug('User {} does not have required state'.format(user))
+                logger.debug('User {} does not have required state for corp group membership'.format(user))
            else:
                corp = user.profile.main_character.corporation
                group = self.get_corp_group(corp)
        except EveCorporationInfo.DoesNotExist:
-            logger.warning('User {} main characters corporation does not exist in the database.'
+            logger.debug('User {} main characters corporation does not exist in the database. Creating.'.format(user))
-                           ' Group membership not updated'.format(user))
+            corp = EveCorporationInfo.objects.create_corporation(user.profile.main_character.corporation_id)
            group = self.get_corp_group(corp)
        except AttributeError:
            logger.warning('User {} does not have a main character. Group membership not updated'.format(user))
        finally:
            self.remove_user_from_corp_groups(user, except_group=group)
            if group is not None:
                logger.debug('Adding user {} to corp group {}'.format(user, group))
                user.groups.add(group)
    @transaction.atomic
@@ -184,13 +194,15 @@ class AutogroupsConfig(models.Model):
        """
        Deletes ALL managed alliance groups
        """
-        self.alliance_managed_groups.all().delete()
+        for g in self.alliance_managed_groups.all():
            g.delete()
    def delete_corp_managed_groups(self):
        """
        Deletes ALL managed corp groups
        """
-        self.corp_managed_groups.all().delete()
+        for g in self.corp_managed_groups.all():
            g.delete()
    def get_alliance_group_name(self, alliance: EveAllianceInfo) -> str:
        if self.alliance_name_source == self.OPT_TICKER:
@@ -225,6 +237,9 @@ class ManagedGroup(models.Model):
    group = models.ForeignKey(Group, on_delete=models.CASCADE)
    config = models.ForeignKey(AutogroupsConfig, on_delete=models.CASCADE)
    class Meta:
        abstract = True
 class ManagedCorpGroup(ManagedGroup):
    corp = models.ForeignKey(EveCorporationInfo, on_delete=models.CASCADE)
--- a/allianceauth/eveonline/autogroups/signals.py
+++ b/allianceauth/eveonline/autogroups/signals.py
@@ -2,6 +2,7 @@ import logging
 from django.dispatch import receiver
 from django.db.models.signals import pre_save, post_save, pre_delete, m2m_changed
 from allianceauth.authentication.models import UserProfile, State
 from allianceauth.eveonline.models import EveCharacter
 from .models import AutogroupsConfig
@@ -45,9 +46,7 @@ def check_groups_on_profile_update(sender, instance, created, *args, **kwargs):
    """
    Trigger check when main character or state changes.
    """
-    update_fields = kwargs.pop('update_fields', []) or []
+    AutogroupsConfig.objects.update_groups_for_user(instance.user)
    if 'main_character' in update_fields or 'state' in update_fields:
        AutogroupsConfig.objects.update_groups_for_user(instance.user)
@receiver(m2m_changed, sender=AutogroupsConfig.states.through)
@@ -64,3 +63,13 @@ def autogroups_states_changed(sender, instance, action, reverse, model, pk_set,
            except State.DoesNotExist:
                # Deleted States handled by the profile state change
                pass
@receiver(post_save, sender=EveCharacter)
 def check_groups_on_character_update(sender, instance, created, *args, **kwargs):
    if not created:
        try:
            profile = UserProfile.objects.prefetch_related('user').get(main_character_id=instance.pk)
            AutogroupsConfig.objects.update_groups_for_user(profile.user)
        except UserProfile.DoesNotExist:
            pass
--- a/allianceauth/eveonline/autogroups/tests/init.py
+++ b/allianceauth/eveonline/autogroups/tests/init.py
@@ -1,8 +1,7 @@
 from unittest import mock
 from django.db.models.signals import pre_save, post_save, pre_delete, m2m_changed
 from allianceauth.authentication.models import UserProfile
-from allianceauth.authentication.signals import state_changed
+from allianceauth.authentication.signals import reassess_on_profile_save
 from allianceauth.eveonline.models import EveCharacter
 from .. import signals
 from ..models import AutogroupsConfig
@@ -14,6 +13,7 @@ def patch(target, *args, **kwargs):
 def connect_signals():
    post_save.connect(receiver=reassess_on_profile_save, sender=UserProfile)
    pre_save.connect(receiver=signals.pre_save_config, sender=AutogroupsConfig)
    pre_delete.connect(receiver=signals.pre_delete_config, sender=AutogroupsConfig)
    post_save.connect(receiver=signals.check_groups_on_profile_update, sender=UserProfile)
@@ -21,6 +21,7 @@ def connect_signals():
 def disconnect_signals():
    post_save.disconnect(receiver=reassess_on_profile_save, sender=UserProfile)
    pre_save.disconnect(receiver=signals.pre_save_config, sender=AutogroupsConfig)
    pre_delete.disconnect(receiver=signals.pre_delete_config, sender=AutogroupsConfig)
    post_save.disconnect(receiver=signals.check_groups_on_profile_update, sender=UserProfile)
--- a/allianceauth/eveonline/autogroups/tests/test_managers.py
+++ b/allianceauth/eveonline/autogroups/tests/test_managers.py
@@ -7,7 +7,7 @@ from . import patch
 class AutogroupsConfigManagerTestCase(TestCase):
-    def test_update_groups_for_state(self, ):
+    def test_update_groups_for_state(self):
        member = AuthUtils.create_member('test member')
        obj = AutogroupsConfig.objects.create()
        obj.states.add(member.profile.state)
@@ -32,3 +32,23 @@ class AutogroupsConfigManagerTestCase(TestCase):
            self.assertEqual(update_group_membership_for_user.call_count, 1)
            args, kwargs = update_group_membership_for_user.call_args
            self.assertEqual(args[0], member)
    @patch('.models.AutogroupsConfig.update_group_membership_for_user')
    @patch('.models.AutogroupsConfig.remove_user_from_alliance_groups')
    @patch('.models.AutogroupsConfig.remove_user_from_corp_groups')
    def test_update_groups_no_config(self, remove_corp, remove_alliance, update_groups):
        member = AuthUtils.create_member('test member')
        obj = AutogroupsConfig.objects.create()
        # Corp and alliance groups should be removed from users if their state has no config
        AutogroupsConfig.objects.update_groups_for_user(member)
        self.assertFalse(update_groups.called)
        self.assertTrue(remove_alliance.called)
        self.assertTrue(remove_corp.called)
        # The normal group assignment should occur if there state has a config
        obj.states.add(member.profile.state)
        AutogroupsConfig.objects.update_groups_for_user(member)
        self.assertTrue(update_groups.called)
--- a/allianceauth/eveonline/autogroups/tests/test_models.py
+++ b/allianceauth/eveonline/autogroups/tests/test_models.py
@@ -16,8 +16,6 @@ class AutogroupsConfigTestCase(TestCase):
        # Disconnect signals
        disconnect_signals()
        self.member = AuthUtils.create_member('test user')
        state = AuthUtils.get_member_state()
        self.alliance = EveAllianceInfo.objects.create(
@@ -38,6 +36,8 @@ class AutogroupsConfigTestCase(TestCase):
        state.member_alliances.add(self.alliance)
        state.member_corporations.add(self.corp)
        self.member = AuthUtils.create_member('test user')
    def tearDown(self):
        # Reconnect signals
        connect_signals()
@@ -82,6 +82,7 @@ class AutogroupsConfigTestCase(TestCase):
        # Act
        obj.update_alliance_group_membership(self.member)
        obj.update_corp_group_membership(self.member)  # check for no side effects
        group = obj.create_alliance_group(self.alliance)
        group_qs = Group.objects.filter(pk=group.pk)
--- a/allianceauth/eveonline/autogroups/tests/test_signals.py
+++ b/allianceauth/eveonline/autogroups/tests/test_signals.py
@@ -1,11 +1,11 @@
 from django.test import TestCase
-from django.contrib.auth.models import Group, User
+from django.contrib.auth.models import User
 from allianceauth.tests.auth_utils import AuthUtils
 from allianceauth.eveonline.models import EveCharacter, EveCorporationInfo, EveAllianceInfo
-from ..models import AutogroupsConfig, ManagedAllianceGroup
+from ..models import AutogroupsConfig
 from . import patch, disconnect_signals, connect_signals
@@ -13,8 +13,6 @@ from . import patch, disconnect_signals, connect_signals
 class SignalsTestCase(TestCase):
    def setUp(self):
        disconnect_signals()
        self.member = AuthUtils.create_member('test user')
        state = AuthUtils.get_member_state()
        self.char = EveCharacter.objects.create(
@@ -27,9 +25,6 @@ class SignalsTestCase(TestCase):
            alliance_name='alliance name',
        )
        self.member.profile.main_character = self.char
        self.member.profile.save()
        self.alliance = EveAllianceInfo.objects.create(
            alliance_id='3456',
            alliance_name='alliance name',
@@ -47,13 +42,17 @@ class SignalsTestCase(TestCase):
        state.member_alliances.add(self.alliance)
        state.member_corporations.add(self.corp)
        self.member = AuthUtils.create_member('test user')
        self.member.profile.main_character = self.char
        self.member.profile.save()
        connect_signals()
    @patch('.models.AutogroupsConfigManager.update_groups_for_user')
    def test_check_groups_on_profile_update_state(self, update_groups_for_user):
        # Trigger signal
-        self.member.profile.state = AuthUtils.get_guest_state()
+        self.member.profile.assign_state(state=AuthUtils.get_guest_state())
        self.member.profile.save()
        self.assertTrue(update_groups_for_user.called)
        self.assertEqual(update_groups_for_user.call_count, 1)
@@ -71,10 +70,10 @@ class SignalsTestCase(TestCase):
            alliance_id='3456',
            alliance_name='alliance name',
        )
        # Trigger signal
        self.member.profile.main_character = char
        self.member.profile.save()
        self.assertTrue(update_groups_for_user.called)
        self.assertEqual(update_groups_for_user.call_count, 1)
        args, kwargs = update_groups_for_user.call_args
--- a/allianceauth/eveonline/managers.py
+++ b/allianceauth/eveonline/managers.py
@@ -26,6 +26,7 @@ class EveCharacterManager(models.Manager):
            corporation_ticker=character.corp.ticker,
            alliance_id=character.alliance.id,
            alliance_name=character.alliance.name,
            alliance_ticker=getattr(character.alliance, 'ticker', None),
        )
    def update_character(self, character_id):
--- a/allianceauth/eveonline/migrations/0010_alliance_ticker.py
+++ b/allianceauth/eveonline/migrations/0010_alliance_ticker.py
@@ -0,0 +1,23 @@
 # Generated by Django 2.0.4 on 2018-04-17 20:07
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('eveonline', '0009_on_delete'),
    ]
    operations = [
        migrations.AddField(
            model_name='evecharacter',
            name='alliance_ticker',
            field=models.CharField(blank=True, default='', max_length=5, null=True),
        ),
        migrations.AlterField(
            model_name='evecharacter',
            name='corporation_ticker',
            field=models.CharField(max_length=5),
        ),
    ]
--- a/allianceauth/eveonline/models.py
+++ b/allianceauth/eveonline/models.py
@@ -35,6 +35,15 @@ class EveAllianceInfo(models.Model):
    def __str__(self):
        return self.alliance_name
    def logo_url(self, size=32):
        return "https://image.eveonline.com/Alliance/%s_%s.png" % (self.alliance_id, size)
    def __getattr__(self, item):
        if item.startswith('logo_url_'):
            size = item.strip('logo_url_')
            return self.logo_url(size)
        return self.__getattribute__(item)
 class EveCorporationInfo(models.Model):
    corporation_id = models.CharField(max_length=254, unique=True)
@@ -60,15 +69,25 @@ class EveCorporationInfo(models.Model):
    def __str__(self):
        return self.corporation_name
    def logo_url(self, size=32):
        return "https://image.eveonline.com/Corporation/%s_%s.png" % (self.corporation_id, size)
    def __getattr__(self, item):
        if item.startswith('logo_url_'):
            size = item.strip('logo_url_')
            return self.logo_url(size)
        return self.__getattribute__(item)
 class EveCharacter(models.Model):
    character_id = models.CharField(max_length=254, unique=True)
    character_name = models.CharField(max_length=254, unique=True)
    corporation_id = models.CharField(max_length=254)
    corporation_name = models.CharField(max_length=254)
-    corporation_ticker = models.CharField(max_length=254)
+    corporation_ticker = models.CharField(max_length=5)
    alliance_id = models.CharField(max_length=254, blank=True, null=True, default='')
    alliance_name = models.CharField(max_length=254, blank=True, null=True, default='')
    alliance_ticker = models.CharField(max_length=5, blank=True, null=True, default='')
    objects = EveCharacterManager()
    provider = EveCharacterProviderManager()
@@ -102,8 +121,18 @@ class EveCharacter(models.Model):
        self.corporation_ticker = character.corp.ticker
        self.alliance_id = character.alliance.id
        self.alliance_name = character.alliance.name
        self.alliance_ticker = getattr(character.alliance, 'ticker', None)
        self.save()
        return self
    def __str__(self):
        return self.character_name
    def portrait_url(self, size=32):
        return "https://image.eveonline.com/Character/%s_%s.jpg" % (self.character_id, size)
    def __getattr__(self, item):
        if item.startswith('portrait_url_'):
            size = item.strip('portrait_url_')
            return self.portrait_url(size)
        return self.__getattribute__(item)
--- a/allianceauth/eveonline/providers.py
+++ b/allianceauth/eveonline/providers.py
@@ -4,6 +4,16 @@ import logging
 import os
 SWAGGER_SPEC_PATH = os.path.join(os.path.dirname(os.path.abspath(__file__)), 'swagger.json')
 """
 Swagger spec operations:
 get_alliances_alliance_id
 get_alliances_alliance_id_corporations
 get_corporations_corporation_id
 get_characters_character_id
 get_universe_types_type_id
 """
 logger = logging.getLogger(__name__)
@@ -81,7 +91,9 @@ class Alliance(Entity):
    @property
    def executor_corp(self):
-        return self.corp(self.executor_corp_id)
+        if self.executor_corp_id:
            return self.corp(self.executor_corp_id)
        return Entity(None, None)
 class Character(Entity):
@@ -150,10 +162,10 @@ class EveSwaggerProvider(EveProvider):
            corps = self.client.Alliance.get_alliances_alliance_id_corporations(alliance_id=alliance_id).result()
            model = Alliance(
                id=alliance_id,
-                name=data['alliance_name'],
+                name=data['name'],
                ticker=data['ticker'],
                corp_ids=corps,
-                executor_corp_id=data['executor_corp'],
+                executor_corp_id=data['executor_corporation_id'] if 'executor_corporation_id' in data else None,
            )
            return model
        except HTTPNotFound:
@@ -164,7 +176,7 @@ class EveSwaggerProvider(EveProvider):
            data = self.client.Corporation.get_corporations_corporation_id(corporation_id=corp_id).result()
            model = Corporation(
                id=corp_id,
-                name=data['corporation_name'],
+                name=data['name'],
                ticker=data['ticker'],
                ceo_id=data['ceo_id'],
                members=data['member_count'],
@@ -177,12 +189,11 @@ class EveSwaggerProvider(EveProvider):
    def get_character(self, character_id):
        try:
            data = self.client.Character.get_characters_character_id(character_id=character_id).result()
            alliance_id = self.adapter.get_corp(data['corporation_id']).alliance_id
            model = Character(
                id=character_id,
                name=data['name'],
                corp_id=data['corporation_id'],
-                alliance_id=alliance_id,
+                alliance_id=data['alliance_id'] if 'alliance_id' in data else None,
            )
            return model
        except (HTTPNotFound, HTTPUnprocessableEntity):
--- a/allianceauth/eveonline/swagger.json
+++ b/allianceauth/eveonline/swagger.json
--- a/allianceauth/fleetactivitytracking/auth_hooks.py
+++ b/allianceauth/fleetactivitytracking/auth_hooks.py
@@ -1,12 +1,12 @@
 from . import urls
-
+from django.utils.translation import ugettext_lazy as _
 from allianceauth import hooks
 from allianceauth.services.hooks import MenuItemHook, UrlHook
@hooks.register('menu_item_hook')
 def register_menu():
-    return MenuItemHook('Fleet Activity Tracking', 'fa fa-users fa-lightbulb-o fa-fw', 'fatlink:view',
+    return MenuItemHook(_('Fleet Activity Tracking'), 'fa fa-users fa-lightbulb-o fa-fw', 'fatlink:view',
                        navactive=['fatlink:'])
--- a/allianceauth/fleetactivitytracking/forms.py
+++ b/allianceauth/fleetactivitytracking/forms.py
@@ -2,11 +2,9 @@
 from django import forms
 from django.utils.translation import ugettext_lazy as _
 from allianceauth.optimer.models import OpTimer
 class FatlinkForm(forms.Form):
-    fatname = forms.CharField(label=_('Name of fat-link'), required=True)
+    fleet = forms.CharField(label=_("Fleet Name"), max_length=50)
    duration = forms.IntegerField(label=_("Duration of fat-link"), required=True, initial=30, min_value=1,
-                                  max_value=2147483647)
+                                  max_value=2147483647, help_text=_('minutes'))
-    fleet = forms.ModelChoiceField(label=_("Fleet"), queryset=OpTimer.objects.all().order_by('operation_name'))
+
--- a/allianceauth/fleetactivitytracking/migrations/0001_initial.py
+++ b/allianceauth/fleetactivitytracking/migrations/0001_initial.py
@@ -2,12 +2,10 @@
 # Generated by Django 1.10.1 on 2016-09-05 21:39
 from __future__ import unicode_literals
 import datetime
 import django.db.models.deletion
 from django.conf import settings
 from django.db import migrations, models
-from django.utils.timezone import utc
+from django.utils import timezone
 import allianceauth.fleetactivitytracking.models
@@ -36,9 +34,9 @@ class Migration(migrations.Migration):
            name='Fatlink',
            fields=[
                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
-                ('fatdatetime', models.DateTimeField(default=datetime.datetime(2016, 9, 5, 21, 39, 17, 307954, tzinfo=utc))),
+                ('fatdatetime', models.DateTimeField(default=timezone.now)),
                ('duration', models.PositiveIntegerField()),
-                ('fleet', models.CharField(default=b'', max_length=254)),
+                ('fleet', models.CharField(default='', max_length=254)),
                ('name', models.CharField(max_length=254)),
                ('hash', models.CharField(max_length=254, unique=True)),
                ('creator', models.ForeignKey(on_delete=models.SET(
--- a/allianceauth/fleetactivitytracking/migrations/0005_remove_fat_name.py
+++ b/allianceauth/fleetactivitytracking/migrations/0005_remove_fat_name.py
@@ -0,0 +1,22 @@
 # Generated by Django 2.0.2 on 2018-02-28 18:00
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('fleetactivitytracking', '0004_make_strings_more_stringy'),
    ]
    operations = [
        migrations.RemoveField(
            model_name='fatlink',
            name='name',
        ),
        migrations.AlterField(
            model_name='fatlink',
            name='fleet',
            field=models.CharField(max_length=254),
        ),
    ]
--- a/allianceauth/fleetactivitytracking/migrations/0006_auto_20180803_0430.py
+++ b/allianceauth/fleetactivitytracking/migrations/0006_auto_20180803_0430.py
@@ -0,0 +1,18 @@
 # Generated by Django 2.0.6 on 2018-08-03 04:30
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('fleetactivitytracking', '0005_remove_fat_name'),
    ]
    operations = [
        migrations.AlterField(
            model_name='fat',
            name='shiptype',
            field=models.CharField(max_length=100),
        ),
    ]
--- a/allianceauth/fleetactivitytracking/models.py
+++ b/allianceauth/fleetactivitytracking/models.py
@@ -12,20 +12,19 @@ def get_sentinel_user():
 class Fatlink(models.Model):
    fatdatetime = models.DateTimeField(default=timezone.now)
    duration = models.PositiveIntegerField()
-    fleet = models.CharField(max_length=254, default="")
+    fleet = models.CharField(max_length=254)
    name = models.CharField(max_length=254)
    hash = models.CharField(max_length=254, unique=True)
    creator = models.ForeignKey(User, on_delete=models.SET(get_sentinel_user))
    def __str__(self):
-        return self.name
+        return self.fleet
 class Fat(models.Model):
    character = models.ForeignKey(EveCharacter, on_delete=models.CASCADE)
    fatlink = models.ForeignKey(Fatlink, on_delete=models.CASCADE)
    system = models.CharField(max_length=30)
-    shiptype = models.CharField(max_length=30)
+    shiptype = models.CharField(max_length=100)
    station = models.CharField(max_length=125)
    user = models.ForeignKey(User, on_delete=models.CASCADE)
--- a/allianceauth/fleetactivitytracking/swagger.json
+++ b/allianceauth/fleetactivitytracking/swagger.json
--- a/allianceauth/fleetactivitytracking/templates/fleetactivitytracking/characternotexisting.html
+++ b/allianceauth/fleetactivitytracking/templates/fleetactivitytracking/characternotexisting.html
@@ -16,7 +16,7 @@
                        </div>
                        <div class="col-lg-10 col-sm-2">
                            <div class="alert alert-danger" role="alert">{% trans "Character not registered!" %}</div>
-                            {% trans "This character is not part of any registered API-key. You must go to" %} <a href=" {% url 'auth_api_key_management' %}">{% trans "API key management</a> and add an API with the character on before being able to click fleet attendance links." %}
+                            {% trans "This character is not associated with an auth account." %} <a href=" {% url 'authentication:add_character' %}">{% trans "Add it here" %}</a> {% trans "before attempting to click fleet attendance links." %}
                        </div>
                    </div>
                </div>
--- a/allianceauth/fleetactivitytracking/templates/fleetactivitytracking/fatlinkpersonalmonthlystatisticsview.html
+++ b/allianceauth/fleetactivitytracking/templates/fleetactivitytracking/fatlinkpersonalmonthlystatisticsview.html
@@ -10,12 +10,12 @@
        <h1 class="page-header text-center">{% blocktrans %}Participation data statistics for {{ month }}, {{ year }}{% endblocktrans %}
            {% if char_id %}
            <div class="text-right">
-                <a href="{% url 'fatlink:user_statistics_month' char_id previous_month|date:"Y" previous_month|date:"m" %}" class="btn btn-info">{% trans "Previous month" %}</a>
+                <a href="{% url 'fatlink:user_statistics_month' char_id previous_month|date:'Y' previous_month|date:'m' %}" class="btn btn-info">{% trans "Previous month" %}</a>
-                <a href="{% url 'fatlink:user_statistics_month' char_id next_month|date:"Y" next_month|date:"m"  %}" class="btn btn-info">{% trans "Next month" %}</a>
+                <a href="{% url 'fatlink:user_statistics_month' char_id next_month|date:'Y' next_month|date:'m'  %}" class="btn btn-info">{% trans "Next month" %}</a>
            </div>
            {% endif %}
        </h1>
-        <h2>{% blocktrans %}{{ user }} has collected {{ n_fats }} links this month.{% endblocktrans %}</h2>
+        <h2>{% blocktrans %}{{ user }} has collected {{ n_fats }} link{{ n_fats|pluralize }} this month.{% endblocktrans %}</h2>
        <table class="table table-responsive">
            <tr>
                <th class="col-md-2 text-center">{% trans "Ship" %}</th>
@@ -29,26 +29,24 @@
            {% endfor %}
        </table>
        {%  if created_fats %}
-         <h2>{% blocktrans %}{{ user }} has created {{ n_created_fats }} links this month.{% endblocktrans %}</h2>
+         <h2>{% blocktrans %}{{ user }} has created {{ n_created_fats }} link{{ n_created_fats|pluralize }} this month.{% endblocktrans %}</h2>
        {% if created_fats %}
        <table class="table">
            <tr>
                <th class="text-center">{% trans "Name" %}</th>
                <th class="text-center">{% trans "Creator" %}</th>
                <th class="text-center">{% trans "Fleet" %}</th>
                <th class="text-center">{% trans "Creator" %}</th>
                <th class="text-center">{% trans "Eve Time" %}</th>
                <th class="text-center">{% trans "Duration" %}</th>
                <th class="text-center">{% trans "Edit" %}</th>
            </tr>
            {% for link in created_fats %}
            <tr>
-                <td class="text-center"><a href="{%  url 'auth_click_fatlink_view' %}{{ link.hash }}/{{ link.name }}">{{ link.name }}</a></td>
+                <td class="text-center"><a href="{%  url 'fatlink:click' link.hash %}" class="label label-primary">{{ link.fleet }}</a></td>
                <td class="text-center">{{ link.creator.username }}</td>
                <td class="text-center">{{ link.fleet }}</td>
                <td class="text-center">{{ link.fatdatetime }}</td>
                <td class="text-center">{{ link.duration }}</td>
                <td class="text-center">
-                    <a href="{%  url 'auth_modify_fatlink_view' %}{{ link.hash }}/{{ link.name }}">
+                    <a href="{%  url 'fatlink:modify' link.hash %}">
                        <button type="button" class="btn btn-info"><span
                                class="glyphicon glyphicon-edit"></span></button>
                    </a>
--- a/allianceauth/fleetactivitytracking/templates/fleetactivitytracking/fatlinkview.html
+++ b/allianceauth/fleetactivitytracking/templates/fleetactivitytracking/fatlinkview.html
@@ -24,7 +24,7 @@
        {% if fats %}
        <table class="table table-responsive">
            <tr>
-                <th class="text-center">{% trans "fatname" %}</th>
+                <th class="text-center">{% trans "Fleet" %}</th>
                <th class="text-center">{% trans "Character" %}</th>
                <th class="text-center">{% trans "System" %}</th>
                <th class="text-center">{% trans "Ship" %}</th>
@@ -32,7 +32,7 @@
            </tr>
            {% for fat in fats %}
            <tr>
-                <td class="text-center">{{ fat.fatlink.name }}</td>
+                <td class="text-center">{{ fat.fatlink.fleet }}</td>
                <td class="text-center">{{ fat.character.character_name }}</td>
                {%  if fat.station != "No Station" %}
                <td class="text-center">{% blocktrans %}Docked in {% endblocktrans %}{{ fat.system }}</td>
@@ -79,13 +79,13 @@
            </tr>
            {% for link in fatlinks %}
            <tr>
-                <td class="text-center"><a href="{%  url 'fatlink:click_fatlink' %}{{ link.hash }}/{{ link.name }}">{{ link.name }}</a></td>
+                <td class="text-center"><a href="{%  url 'fatlink:click' link.hash %}" class="label label-primary">{{ link.fleet }}</a></td>
                <td class="text-center">{{ link.creator.username }}</td>
                <td class="text-center">{{ link.fleet }}</td>
                <td class="text-center">{{ link.fatdatetime }}</td>
                <td class="text-center">{{ link.duration }}</td>
                <td class="text-center">
-                    <a href="{%  url 'fatlink:modify' %}{{ link.hash }}/{{ link.name }}" class="btn btn-info">
+                    <a href="{%  url 'fatlink:modify' link.hash %}" class="btn btn-info">
                        <span class="glyphicon glyphicon-edit"></span>
                    </a>
                </td>
--- a/allianceauth/fleetactivitytracking/urls.py
+++ b/allianceauth/fleetactivitytracking/urls.py
@@ -25,10 +25,6 @@ urlpatterns = [
        views.fatlink_monthly_personal_statistics_view,
        name='user_statistics_month'),
    url(r'^create/$', views.create_fatlink_view, name='create'),
-    url(r'^modify/$', views.modify_fatlink_view, name='modify'),
+    url(r'^modify/(?P<fat_hash>[a-zA-Z0-9_-]+)/$', views.modify_fatlink_view, name='modify'),
-    url(r'^modify/(?P<hash>[a-zA-Z0-9_-]+)/([a-z0-9_-]+)$',
+    url(r'^link/(?P<fat_hash>[a-zA-Z0-9]+)/$', views.click_fatlink_view, name='click'),
        views.modify_fatlink_view),
    url(r'^link/$', views.fatlink_view, name='click_fatlink'),
    url(r'^link/(?P<hash>[a-zA-Z0-9]+)/(?P<fatname>[a-z0-9_-]+)/$',
        views.click_fatlink_view),
 ]
--- a/allianceauth/fleetactivitytracking/views.py
+++ b/allianceauth/fleetactivitytracking/views.py
@@ -1,8 +1,6 @@
 import datetime
 import logging
 import os
 import random
 import string
 from allianceauth.authentication.models import CharacterOwnership
 from django.contrib import messages
@@ -17,13 +15,23 @@ from esi.decorators import token_required
 from allianceauth.eveonline.providers import provider
 from .forms import FatlinkForm
 from .models import Fatlink, Fat
-from slugify import slugify
+from django.utils.crypto import get_random_string
 from allianceauth.eveonline.models import EveAllianceInfo
 from allianceauth.eveonline.models import EveCharacter
 from allianceauth.eveonline.models import EveCorporationInfo
 SWAGGER_SPEC_PATH = os.path.join(os.path.dirname(os.path.abspath(__file__)), 'swagger.json')
 """
 Swagger spec operations:
 get_characters_character_id_location
 get_characters_character_id_ship
 get_universe_systems_system_id
 get_universe_stations_station_id
 get_universe_structures_structure_id
 """
 logger = logging.getLogger(__name__)
@@ -114,7 +122,7 @@ def fatlink_statistics_corp_view(request, corpid, year=None, month=None):
    start_of_next_month = first_day_of_next_month(year, month)
    start_of_previous_month = first_day_of_previous_month(year, month)
    fat_stats = {}
-    corp_members = CharacterOwnership.objects.filter(character__corporation_id=corpid).values('user_id').distinct()
+    corp_members = CharacterOwnership.objects.filter(character__corporation_id=corpid).order_by('user_id').values('user_id').distinct()
    for member in corp_members:
        try:
@@ -181,7 +189,7 @@ def fatlink_personal_statistics_view(request, year=datetime.date.today().year):
    personal_fats = Fat.objects.select_related('fatlink').filter(user=user).order_by('id')
-    monthlystats = [0 for month in range(1, 13)]
+    monthlystats = [0 for i in range(1, 13)]
    for fat in personal_fats:
        fatdate = fat.fatlink.fatdatetime
@@ -236,8 +244,8 @@ def fatlink_monthly_personal_statistics_view(request, year, month, char_id=None)
@login_required
@token_required(
    scopes=['esi-location.read_location.v1', 'esi-location.read_ship_type.v1', 'esi-universe.read_structures.v1'])
-def click_fatlink_view(request, token, hash, fatname):
+def click_fatlink_view(request, token, fat_hash=None):
-    fatlink = get_object_or_404(Fatlink, hash=hash, name=fatname)
+    fatlink = get_object_or_404(Fatlink, hash=fat_hash)
    if (timezone.now() - fatlink.fatdatetime) < datetime.timedelta(seconds=(fatlink.duration * 60)):
@@ -298,12 +306,11 @@ def create_fatlink_view(request):
            logger.debug("Submitting fleetactivitytracking by user %s" % request.user)
            if form.is_valid():
                fatlink = Fatlink()
                fatlink.name = slugify(form.cleaned_data["fatname"])
                fatlink.fleet = form.cleaned_data["fleet"]
                fatlink.duration = form.cleaned_data["duration"]
                fatlink.fatdatetime = timezone.now()
                fatlink.creator = request.user
-                fatlink.hash = ''.join(random.choice(string.ascii_letters + string.digits) for i in range(10))
+                fatlink.hash = get_random_string(length=15)
                try:
                    fatlink.full_clean()
                    fatlink.save()
@@ -331,25 +338,19 @@ def create_fatlink_view(request):
@login_required
@permission_required('auth.fleetactivitytracking')
-def modify_fatlink_view(request, hash=""):
+def modify_fatlink_view(request, fat_hash=None):
    logger.debug("modify_fatlink_view called by user %s" % request.user)
-    if not hash:
+    fatlink = get_object_or_404(Fatlink, hash=fat_hash)
        return redirect('fatlink:view')
    try:
        fatlink = Fatlink.objects.get(hash=hash)
    except Fatlink.DoesNotExist:
        raise Http404
    if request.GET.get('removechar', None):
        character_id = request.GET.get('removechar')
        character = EveCharacter.objects.get(character_id=character_id)
-        logger.debug("Removing character %s from fleetactivitytracking  %s" % (character.character_name, fatlink.name))
+        logger.debug("Removing character %s from fleetactivitytracking  %s" % (character.character_name, fatlink))
        Fat.objects.filter(fatlink=fatlink).filter(character=character).delete()
    if request.GET.get('deletefat', None):
-        logger.debug("Removing fleetactivitytracking  %s" % fatlink.name)
+        logger.debug("Removing fleetactivitytracking  %s" % fatlink)
        fatlink.delete()
        return redirect('fatlink:view')
--- a/allianceauth/fleetup/templates/fleetup/characters.html
+++ b/allianceauth/fleetup/templates/fleetup/characters.html
@@ -15,7 +15,7 @@
        </div>
            <div class="panel-body">
                <div class="col-lg-6">
-                    <div class="table-responsive">   
+                    <div class="table-responsive">
                    <table class="table table-condensed table-hover table-striped">
                        <tr>
                            <th class="col-md-1"></th>
@@ -26,7 +26,7 @@
                        {% for char_name, user_id in member_list %}
                        <tr>
                            <td>
-                                <img src="http://image.eveonline.com/Character/{{ user_id.char_id }}_32.jpg" class="img-circle">
+                                <img src="https://imageserver.eveonline.com/Character/{{ user_id.char_id }}_32.jpg" class="img-circle">
                            </td>
                            <td>
                                <p>{{ user_id.char_name }}</p>
--- a/allianceauth/fleetup/templates/fleetup/doctrine.html
+++ b/allianceauth/fleetup/templates/fleetup/doctrine.html
@@ -8,12 +8,12 @@
 {% block content %}
 <div class="col-lg-12">
    {% include "fleetup/menu.html" %}
-    <div class="panel">
+    <div>
        {% for a, j in doctrine.items %}
        {% regroup j.Data|dictsort:"Role" by Role as role_list %}
            {% for Role in role_list %}
-            
+
            <div class="panel panel-default">
                        <div class="panel-heading">
                            <h3 class="panel-title"><b>{{ Role.grouper }}</b></h3>
@@ -50,7 +50,7 @@
                                        {% load humanize %}{{ item.EstPrice|intword }}
                                    </td>
                                    <td>
-                                        {% for categories in item.Categories %} 
+                                        {% for categories in item.Categories %}
                                        {{ categories }},
                                        {% endfor %}
                                    </td>
--- a/allianceauth/fleetup/templates/fleetup/doctrinesview.html
+++ b/allianceauth/fleetup/templates/fleetup/doctrinesview.html
@@ -8,12 +8,12 @@
 {% block content %}
 <div class="col-lg-12">
    {% include "fleetup/menu.html" %}
-    <div class="panel">
+    <div>
        {% if doctrines_list %}
        {% for a, j in doctrines_list.items %}
        {% regroup j|dictsort:"FolderName" by FolderName as folder_list %}
            {% for FolderName in folder_list %}
-            <div class="col-lg-8">
+            <div>
            <div class="panel panel-default">
                        <div class="panel-heading">
                            <h3 class="panel-title"><b>{{ FolderName.grouper }}</b></h3>
@@ -29,11 +29,11 @@
                                    <th class="col-lg-2">Note</th>-->
                                </tr>
                                {% for item in FolderName.list %}
-                
+
                                <tr>
                                    <td>
                                    <a href="{% url 'fleetup:doctrine' item.DoctrineId %}"><img src="https://image.eveonline.com/InventoryType/{{ item.IconId }}_32.png"></a>
-                                    </td> 
+                                    </td>
                                    <td>
                                    {{ item.Name }}
                                    </td>
--- a/allianceauth/fleetup/templates/fleetup/fitting.html
+++ b/allianceauth/fleetup/templates/fleetup/fitting.html
@@ -8,9 +8,9 @@
 {% block content %}
 <div class="col-lg-12">
    {% include "fleetup/menu.html" %}
-    <div class="tab-content">
+    <div class="tab-content row">
        <div id="fit" class="tab-pane fade in active">
-            <div class="col-lg-3">
+            <div class="col-lg-4">
                {% for x, y in fitting_data.items %}
                <div class="panel panel-default">
                    <div class="panel-heading">
@@ -18,22 +18,24 @@
                    </div>
                    <div class="panel-body">
                        {% for doctrin in y.Doctrines %}
-                        <h4>{{ doctrin.Name }}</h4>
+                        <div class="clearfix">
-                        <div class="col-lg-12">
+                            <h4>{{ doctrin.Name }}</h4>
-                            <p>{% trans "Role in doctrine:" %} {{ doctrin.Role }}</p>
+                            <div class="col-lg-12">
-                        </div>
+                                <p>{% trans "Role in doctrine:" %} {{ doctrin.Role }}</p>
-                        <div class="col-lg-4">
+                            </div>
-                            <p>{% trans "Priority:" %}</p>
+                            <div class="col-lg-4">
-                        </div>
+                                <p>{% trans "Priority:" %}</p>
-                        <div class="col-lg-8">
+                            </div>
-                            <div class="progress">
+                            <div class="col-lg-8">
-                                <div class="progress-bar progress-bar-striped" role="progressbar" aria-valuenow="{{ doctrin.Priority }}" aria-valuemin="0" aria-valuemax="5" style="width: {% widthratio doctrin.Priority 5 100 %}%;">
+                                <div class="progress">
-                                    {{ doctrin.Priority }}/5
+                                    <div class="progress-bar progress-bar-striped" role="progressbar" aria-valuenow="{{ doctrin.Priority }}" aria-valuemin="0" aria-valuemax="5" style="width: {% widthratio doctrin.Priority 5 100 %}%;">
                                        {{ doctrin.Priority }}/5
                                    </div>
                                </div>
                            </div>
-                        </div>
+                            <div class="pull-right">
-                        <div class="pull-right">
+                                <a class="btn btn-primary" href="{% url 'fleetup:doctrine' doctrin.DoctrineId %}">{% trans "See doctrine" %}</a>
-                            <a class="btn btn-primary" href="{% url 'fleetup:doctrine' doctrin.DoctrineId %}">{% trans "See doctrine" %}</a>
+                            </div>
                        </div>
                        {% endfor %}
                    </div>
@@ -56,10 +58,10 @@
                        <div class="panel-body">
                            <div class="list-group">
                            {% for arbit, orbit in doctrines_list.items %}
-                              
+
                                {% for fitting in orbit.Data %}
                                <a href="{% url 'fleetup:fitting' fitting.FittingId %}" class="list-group-item">
-                                
+
                                <h4 class="list-group-item-heading">{{ fitting.Name }}<span class="pull-right"><img src="https://image.eveonline.com/InventoryType/{{ fitting.EveTypeId }}_32.png" class="img-circle"></span></h4>
                                <p class="list-group-item-heading">{{ fitting.Role }} - {{ fitting.ShipType }}</p>
                                </a>
@@ -107,8 +109,8 @@
                        {% endfor %}
                </div>
            </div>
-            
+
-            <div class="col-lg-3">
+            <div class="col-lg-4">
                <div class="panel panel-default">
                    <div class="panel-heading">
                        <h3 class="panel-title">{% trans "EFT/Export" %}</h3>
--- a/allianceauth/fleetup/templates/fleetup/fittingsview.html
+++ b/allianceauth/fleetup/templates/fleetup/fittingsview.html
@@ -20,11 +20,11 @@
                <th class="col-md-2">{% trans "Categories" %}</th>
            </tr>
        {% for id, fittings in fitting_list %}
-            
+
            <tr>
                <td>
                    <a href="{% url 'fleetup:fitting' fittings.fitting_id %}"><img src="https://image.eveonline.com/InventoryType/{{ fittings.icon_id }}_32.png"></a>
-                </td> 
+                </td>
                <td>
                    {{ fittings.name }}
                </td>
@@ -38,12 +38,12 @@
                     {% load humanize %}{{ fittings.estimated|intword }}
                </td>
                <td>
-                {% for categories in fittings.categories %} 
+                {% for categories in fittings.categories %}
                    {{ categories }},
                {% endfor %}
                </td>
            </tr>
-         
+
        {% endfor %}
        </table>
        {% else %}
--- a/allianceauth/fleetup/templates/fleetup/index.html
+++ b/allianceauth/fleetup/templates/fleetup/index.html
@@ -8,15 +8,15 @@
 {% block content %}
 <div class="col-lg-12">
 {% include "fleetup/menu.html" %}
-<div class="panel">
+<div>
    <ul class="nav nav-tabs">
        <li class="active"><a data-toggle="tab" href="#operations">{% trans "Operations" %}</a></li>
        <li><a data-toggle="tab" href="#timers">{% trans "Timers" %}</a></li>
    </ul>
-    <div class="tab-content">
+    <div class="tab-content row">
        <div id="operations" class="tab-pane fade in active">
-            <div class="col-lg-7">
+            <div class="col-lg-8">
                {% if operations_list %}
                {% for subject, start in operations_list %}
                    <div class="panel panel-default">
@@ -31,7 +31,7 @@
                                </tr>
                                <tr>
                                    <td class="col-md-6">{{ start.start|date:"l d M H:i" }} <span class="label label-success">{% trans "Eve Time" %}</span></td>
-                                    
+
                                    <td class="col-md-6">{{ start.end|date:"l d M H:i" }} <span class="label label-success">{% trans "Eve Time" %}</span></td>
                                </tr>
                                <tr>
@@ -39,13 +39,12 @@
                                        <span id="localtime{{ start.operation_id }}"></span>&nbsp;<span class='label label-success'>Local time</span><br>
                                        <div id="countdown{{ start.operation_id }}"></div>
                                    </td>
-                                    
+
                                    <td class="col-md-6"></td>
                                </tr>
-                            </table> 
+                            </table>
-                            <p>{{ start.details }}</p>
+                            {{ start.details|linebreaks }}
-                            
+
                            <div class="col-lg-12">
                            <table class="table table-condensed table-striped">
                                <tr>
                                    <th class="col-md-4">{% trans "Location" %}</th>
@@ -60,11 +59,11 @@
                                    <td>
                                        {% if start.doctrine %}
                                        {% for doctrine in start.doctrine %}
-                                            
+
                                            <a href="{% url 'fleetup:doctrine' doctrine.Id %}" class="label label-success">{{ doctrine.Name }}</a>
-                                            
+
                                        {% endfor %}
-                                            
+
                                        {% else %}
                                        <span class="label label-danger">{% trans "TBA" %}</span>
                                        {% endif %}
@@ -81,7 +80,6 @@
                                    </td>
                                </tr>
                            </table>
                            </div>
                        </div>
                    </div>
                {% endfor %}
@@ -89,7 +87,7 @@
            <h3>{% trans "There seems to be no Operations in the near future." %}</h3>
            {% endif %}
            </div>
-            <div class="col-lg-3">
+            <div class="col-lg-4">
                <div class="panel panel-default">
                    <div class="panel-heading">
                        <h2 class="panel-title">{% trans "Current Eve Time:" %}</h2>
@@ -158,7 +156,7 @@
                        <td>
                            {{ type.owner }}
                        </td>
-                        <td>            
+                        <td>
                            {{ type.notes }}
                        </td>
                        </tr>
--- a/allianceauth/groupmanagement/admin.py
+++ b/allianceauth/groupmanagement/admin.py
@@ -1,28 +1,68 @@
 from django.contrib import admin
-from django.contrib.auth.models import Group
+from django.contrib.auth.models import Group as BaseGroup
-
+from django.db.models.signals import pre_save, post_save, pre_delete, post_delete, m2m_changed
 from django.dispatch import receiver
 from .models import AuthGroup
 from .models import GroupRequest
-class AuthGroupAdmin(admin.ModelAdmin):
+class AuthGroupInlineAdmin(admin.StackedInline):
-    """
+    model = AuthGroup
-    Admin model for AuthGroup
+    filter_horizontal = ('group_leaders', 'states',)
-    """
+    fields = ('description', 'group_leaders', 'states', 'internal', 'hidden', 'open', 'public')
-    filter_horizontal = ('group_leaders',)
+    verbose_name_plural = 'Auth Settings'
    verbose_name = ''
    def has_add_permission(self, request):
        return False
    def has_delete_permission(self, request, obj=None):
        return False
    def has_change_permission(self, request, obj=None):
        return request.user.has_perm('auth.change_group')
-class ProxyGroup(Group):
+class GroupAdmin(admin.ModelAdmin):
    filter_horizontal = ('permissions',)
    inlines = (AuthGroupInlineAdmin,)
 class Group(BaseGroup):
    class Meta:
        proxy = True
-        verbose_name = Group._meta.verbose_name
+        verbose_name = BaseGroup._meta.verbose_name
-        verbose_name_plural = Group._meta.verbose_name_plural
+        verbose_name_plural = BaseGroup._meta.verbose_name_plural
 try:
-    admin.site.unregister(Group)
+    admin.site.unregister(BaseGroup)
 finally:
-    admin.site.register(ProxyGroup)
+    admin.site.register(Group, GroupAdmin)
 admin.site.register(GroupRequest)
-admin.site.register(AuthGroup, AuthGroupAdmin)
+
@receiver(pre_save, sender=Group)
 def redirect_pre_save(sender, signal=None, *args, **kwargs):
    pre_save.send(BaseGroup, *args, **kwargs)
@receiver(post_save, sender=Group)
 def redirect_post_save(sender, signal=None, *args, **kwargs):
    post_save.send(BaseGroup, *args, **kwargs)
@receiver(pre_delete, sender=Group)
 def redirect_pre_delete(sender, signal=None, *args, **kwargs):
    pre_delete.send(BaseGroup, *args, **kwargs)
@receiver(post_delete, sender=Group)
 def redirect_post_delete(sender, signal=None, *args, **kwargs):
    post_delete.send(BaseGroup, *args, **kwargs)
@receiver(m2m_changed, sender=Group.permissions.through)
 def redirect_m2m_changed_permissions(sender, signal=None, *args, **kwargs):
    m2m_changed.send(BaseGroup, *args, **kwargs)
--- a/allianceauth/groupmanagement/apps.py
+++ b/allianceauth/groupmanagement/apps.py
@@ -4,3 +4,4 @@ from django.apps import AppConfig
 class GroupManagementConfig(AppConfig):
    name = 'allianceauth.groupmanagement'
    label = 'groupmanagement'
    verbose_name = 'Group Management'
--- a/allianceauth/groupmanagement/managers.py
+++ b/allianceauth/groupmanagement/managers.py
@@ -1,4 +1,5 @@
 from django.contrib.auth.models import Group
 from django.db.models import Q
 class GroupManager:
@@ -6,7 +7,12 @@ class GroupManager:
        pass
    @staticmethod
-    def get_joinable_groups():
+    def get_joinable_groups(state):
        return Group.objects.select_related('authgroup').exclude(authgroup__internal=True)\
            .filter(Q(authgroup__states=state) | Q(authgroup__states=None))
    @staticmethod
    def get_all_non_internal_groups():
        return Group.objects.select_related('authgroup').exclude(authgroup__internal=True)
    @staticmethod
@@ -14,13 +20,35 @@ class GroupManager:
        return Group.objects.select_related('authgroup').filter(authgroup__group_leaders__in=[user])
    @staticmethod
-    def joinable_group(group):
+    def joinable_group(group, state):
        """
-        Check if a group is a user joinable group, i.e.
+        Check if a group is a user/state joinable group, i.e.
-        not an internal group for Corp, Alliance, Members etc
+        not an internal group for Corp, Alliance, Members etc,
        or restricted from the user's current state.
        :param group: django.contrib.auth.models.Group object
        :param state: allianceauth.authentication.State object
        :return: bool True if its joinable, False otherwise
        """
        if len(group.authgroup.states.all()) != 0 and state not in group.authgroup.states.all():
            return False
        return not group.authgroup.internal
    @staticmethod
    def check_internal_group(group):
        """
        Check if a group is auditable, i.e not an internal group
        :param group: django.contrib.auth.models.Group object
        :return: bool True if it is auditable, false otherwise
        """
        return not group.authgroup.internal
    @staticmethod
    def check_internal_group(group):
        """
        Check if a group is auditable, i.e not an internal group
        :param group: django.contrib.auth.models.Group object
        :return: bool True if it is auditable, false otherwise
        """
        return not group.authgroup.internal
    @staticmethod
--- a/allianceauth/groupmanagement/migrations/0007_on_delete.py
+++ b/allianceauth/groupmanagement/migrations/0007_on_delete.py
@@ -15,7 +15,7 @@ class Migration(migrations.Migration):
    operations = [
        migrations.CreateModel(
-            name='ProxyGroup',
+            name='Group',
            fields=[
            ],
            options={
--- a/allianceauth/groupmanagement/migrations/0008_remove_authgroup_permissions.py
+++ b/allianceauth/groupmanagement/migrations/0008_remove_authgroup_permissions.py
@@ -0,0 +1,38 @@
 # -*- coding: utf-8 -*-
 # Generated by Django 1.11.10 on 2018-02-23 23:09
 from __future__ import unicode_literals
 from django.db import migrations
 def delete_permissions(apps, schema_editor):
    AuthGroup = apps.get_model('groupmanagement', 'AuthGroup')
    ContentType = apps.get_model('contenttypes', 'ContentType')
    Permission = apps.get_model('auth', 'Permission')
    ct = ContentType.objects.get_for_model(AuthGroup)
    Permission.objects.filter(content_type=ct).delete()
 def recreate_permissions(apps, schema_editor):
    AuthGroup = apps.get_model('groupmanagement', 'AuthGroup')
    ContentType = apps.get_model('contenttypes', 'ContentType')
    Permission = apps.get_model('auth', 'Permission')
    ct = ContentType.objects.get_for_model(AuthGroup)
    Permission.objects.create(content_type=ct, name='Can add auth group', codename='add_authgroup')
    Permission.objects.create(content_type=ct, name='Can delete auth group', codename='delete_authgroup')
    Permission.objects.create(content_type=ct, name='Can change auth group', codename='change_authgroup')
 class Migration(migrations.Migration):
    dependencies = [
        ('groupmanagement', '0007_on_delete'),
    ]
    operations = [
        migrations.AlterModelOptions(
            name='authgroup',
            options={'default_permissions': (), 'permissions': (('request_groups', 'Can request non-public groups'),)},
        ),
        migrations.RunPython(delete_permissions, recreate_permissions)
    ]
--- a/allianceauth/groupmanagement/migrations/0009_requestlog.py
+++ b/allianceauth/groupmanagement/migrations/0009_requestlog.py
@@ -0,0 +1,28 @@
 # Generated by Django 2.0.6 on 2018-06-04 02:45
 from django.conf import settings
 from django.db import migrations, models
 import django.db.models.deletion
 class Migration(migrations.Migration):
    dependencies = [
        ('auth', '0008_alter_user_username_max_length'),
        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
        ('groupmanagement', '0008_remove_authgroup_permissions'),
    ]
    operations = [
        migrations.CreateModel(
            name='RequestLog',
            fields=[
                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                ('request_type', models.NullBooleanField(default=0)),
                ('request_info', models.CharField(max_length=254)),
                ('action', models.BooleanField(default=0)),
                ('group', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='auth.Group')),
                ('request_actor', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
            ],
        ),
    ]
--- a/allianceauth/groupmanagement/migrations/0010_authgroup_states.py
+++ b/allianceauth/groupmanagement/migrations/0010_authgroup_states.py
@@ -0,0 +1,19 @@
 # Generated by Django 2.0.6 on 2018-07-11 00:17
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('authentication', '0016_ownershiprecord'),
        ('groupmanagement', '0009_requestlog'),
    ]
    operations = [
        migrations.AddField(
            model_name='authgroup',
            name='states',
            field=models.ManyToManyField(blank=True, help_text='States listed here will have the ability to join this group provided they have the proper permissions.', related_name='valid_states', to='authentication.State'),
        ),
    ]
--- a/allianceauth/groupmanagement/migrations/0011_requestlog_date.py
+++ b/allianceauth/groupmanagement/migrations/0011_requestlog_date.py
@@ -0,0 +1,19 @@
 # Generated by Django 2.0.8 on 2018-12-07 08:56
 import datetime
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('groupmanagement', '0010_authgroup_states'),
    ]
    operations = [
        migrations.AddField(
            model_name='requestlog',
            name='date',
            field=models.DateTimeField(default=datetime.datetime(2018, 12, 7, 8, 56, 33, 846342)),
        ),
    ]
--- a/allianceauth/groupmanagement/models.py
+++ b/allianceauth/groupmanagement/models.py
@@ -3,8 +3,8 @@ from django.contrib.auth.models import User
 from django.db import models
 from django.db.models.signals import post_save
 from django.dispatch import receiver
-
+from allianceauth.authentication.models import State
-from allianceauth.eveonline.models import EveCharacter
+from datetime import datetime
 class GroupRequest(models.Model):
@@ -25,6 +25,38 @@ class GroupRequest(models.Model):
        return self.user.username + ":" + self.group.name
 class RequestLog(models.Model):
    request_type = models.NullBooleanField(default=0)
    group = models.ForeignKey(Group, on_delete=models.CASCADE)
    request_info = models.CharField(max_length=254)
    action = models.BooleanField(default=0)
    request_actor = models.ForeignKey(User, on_delete=models.CASCADE)
    date = models.DateTimeField(auto_now_add=datetime.utcnow())
    def requestor(self):
        return self.request_info.split(":")[0]
    def type_to_str(self):
        if self.request_type is None:
            return "Removed"
        elif self.request_type is True:
            return "Leave"
        elif self.request_type is False:
            return "Join"
    def action_to_str(self):
        if self.action is True:
            return "Accept"
        elif self.action is False:
            return "Reject"
    def req_char(self):
        usr = self.requestor()
        user = User.objects.get(username=usr)
        return user.profile.main_character
 class AuthGroup(models.Model):
    """
    Extends Django Group model with a one-to-one field
@@ -67,6 +99,10 @@ class AuthGroup(models.Model):
                                                     "specifically. Use the auth.group_management permission to allow "
                                                     "a user to manage all groups.")
    states = models.ManyToManyField(State, related_name='valid_states', blank=True,
                                    help_text="States listed here will have the ability to join this group provided "
                                              "they have the proper permissions.")
    description = models.CharField(max_length=512, blank=True, help_text="Description of the group shown to users.")
    def __str__(self):
@@ -76,6 +112,7 @@ class AuthGroup(models.Model):
        permissions = (
            ("request_groups", u"Can request non-public groups"),
        )
        default_permissions = tuple()
@receiver(post_save, sender=Group)
--- a/allianceauth/groupmanagement/templates/groupmanagement/audit.html
+++ b/allianceauth/groupmanagement/templates/groupmanagement/audit.html
@@ -0,0 +1,62 @@
 {% extends "allianceauth/base.html" %}
 {% load staticfiles %}
 {% load i18n %}
 {% block page_title %}{{ group }} {% trans "Audit Log" %}{% endblock page_title %}
 {% block content %}
    <div class="col-lg-12">
        <br>
        {% include 'groupmanagement/menu.html' %}
        <div>
            <h3>{{ group }} Audit Log</h3>
            <p> All times displayed are EVE/UTC.</p>
            {% if entries %}
                <div class="table-responsive">
                    <table class="table table-striped" id="log-entries">
                        <thead>
                            <th class="text-center" scope="col">{% trans "Date/Time" %}</th>
                            <th class="text-center" scope="col">{% trans "Requestor" %}</th>
                            <th class="text-center" scope="col">{% trans "Main Character" %}</th>
                            <th class="text-center" scope="col">{% trans "Group" %}</th>
                            <th class="text-center" scope="col">{% trans "Type" %}</th>
                            <th class="text-center" scope="col">{% trans "Action" %}</th>
                            <th class="text-center" scope="col">{% trans "Actor" %}</th>
                        </thead>
                        <tbody>
                        {% for entry in entries %}
                            <tr>
                                <td class="text-center">{{ entry.date }}</td>
                                <td class="text-center">{{ entry.requestor }}</td>
                                <td class="text-center">{{ entry.req_char }}</td>
                                <td class="text-center">{{ entry.group }}</td>
                                <td class="text-center">{{ entry.type_to_str }}</td>
                                {% if entry.request_type is None %}
                                    <td class="text-center"> Removed</td>
                                {% else %}
                                    <td class="text-center">{{ entry.action_to_str }}</td>
                                {% endif %}
                                <td class="text-center">{{ entry.request_actor }}</td>
                            </tr>
                        {% endfor %}
                        </tbody>
                    </table>
                </div>
            {% else %}
                <div class="alert alert-warning text-center">{% trans "No entries found for this group." %}</div>
            {% endif %}
        </div>
    </div>
 {% endblock %}
 {% block extra_javascript %}
    {% include 'bundles/datatables-js.html' %}
 {% endblock %}
 {% block extra_css %}
    {% include 'bundles/datatables-css.html' %}
 {% endblock %}
 {% block extra_script %}
    $(document).ready(function(){
        $('#log-entries').DataTable();
    });
 {% endblock %}
--- a/allianceauth/groupmanagement/templates/groupmanagement/groupmembership.html
+++ b/allianceauth/groupmanagement/templates/groupmanagement/groupmembership.html
@@ -41,6 +41,9 @@
                                title="{% trans "View Members" %}">
                                    <i class="glyphicon glyphicon-eye-open"></i>
                            </a>
                            <a href="{% url "groupmanagement:audit_log" group.id %}" class="btn btn-info" title="{% trans "Audit Members" %}">
                                <i class="glyphicon glyphicon-list-alt"></i>
                            </a>
                        </td>
                    </tr>
                {% endfor %}
--- a/allianceauth/groupmanagement/urls.py
+++ b/allianceauth/groupmanagement/urls.py
@@ -12,6 +12,7 @@ urlpatterns = [
            name='membership'),
        url(r'^membership/(\w+)/$', views.group_membership_list,
            name='membership_list'),
        url(r'^membership/(\w+)/audit/$', views.group_membership_audit, name="audit_log"),
        url(r'^membership/(\w+)/remove/(\w+)/$', views.group_membership_remove,
            name='membership_remove'),
        url(r'^request_add/(\w+)', views.group_request_add,
--- a/allianceauth/groupmanagement/views.py
+++ b/allianceauth/groupmanagement/views.py
@@ -5,15 +5,18 @@ from django.contrib.auth.decorators import login_required
 from django.contrib.auth.decorators import user_passes_test
 from django.contrib.auth.models import Group
 from django.core.exceptions import ObjectDoesNotExist, PermissionDenied
 from django.core.paginator import Paginator, EmptyPage
 from django.db.models import Count
 from django.http import Http404
 from django.shortcuts import render, redirect, get_object_or_404
 from django.utils.translation import ugettext_lazy as _
 from .managers import GroupManager
-from .models import GroupRequest
+from .models import GroupRequest, RequestLog
 from allianceauth.notifications import notify
 from django.conf import settings
 logger = logging.getLogger(__name__)
@@ -53,7 +56,7 @@ def group_membership(request):
    # Get all open and closed groups
    if GroupManager.has_management_permission(request.user):
        # Full access
-        groups = GroupManager.get_joinable_groups()
+        groups = GroupManager.get_all_non_internal_groups()
    else:
        # Group leader specific
        groups = GroupManager.get_group_leaders_groups(request.user)
@@ -65,6 +68,31 @@ def group_membership(request):
    return render(request, 'groupmanagement/groupmembership.html', context=render_items)
@login_required
@user_passes_test(GroupManager.can_manage_groups)
 def group_membership_audit(request, group_id):
    logger.debug("group_management_audit called by user %s" % request.user)
    group = get_object_or_404(Group, id=group_id)
    try:
        # Check its a joinable group i.e. not corp or internal
        # And the user has permission to manage it
        if not GroupManager.check_internal_group(group) or not GroupManager.can_manage_group(request.user, group):
            logger.warning("User %s attempted to view the membership of group %s but permission was denied" %
                           (request.user, group_id))
            raise PermissionDenied
    except ObjectDoesNotExist:
        raise Http404("Group does not exist")
    render_items = {'group': group.name}
    entries = RequestLog.objects.filter(group=group).order_by('-date')
    render_items['entries'] = entries
    return render(request, 'groupmanagement/audit.html', context=render_items)
@login_required
@user_passes_test(GroupManager.can_manage_groups)
 def group_membership_list(request, group_id):
@@ -74,7 +102,7 @@ def group_membership_list(request, group_id):
        # Check its a joinable group i.e. not corp or internal
        # And the user has permission to manage it
-        if not GroupManager.joinable_group(group) or not GroupManager.can_manage_group(request.user, group):
+        if not GroupManager.check_internal_group(group) or not GroupManager.can_manage_group(request.user, group):
            logger.warning("User %s attempted to view the membership of group %s but permission was denied" %
                           (request.user, group_id))
            raise PermissionDenied
@@ -105,13 +133,16 @@ def group_membership_remove(request, group_id, user_id):
    try:
        # Check its a joinable group i.e. not corp or internal
        # And the user has permission to manage it
-        if not GroupManager.joinable_group(group) or not GroupManager.can_manage_group(request.user, group):
+        if not GroupManager.check_internal_group(group) or not GroupManager.can_manage_group(request.user, group):
            logger.warning("User %s attempted to remove a user from group %s but permission was denied" % (request.user,
                                                                                                           group_id))
            raise PermissionDenied
        try:
            user = group.user_set.get(id=user_id)
            request_info = user.username + ":" + group.name
            log = RequestLog(request_type=None,group=group,request_info=request_info,action=1,request_actor=request.user)
            log.save()
            # Remove group from user
            user.groups.remove(group)
            logger.info("User %s removed user %s from group %s" % (request.user, user, group))
@@ -133,12 +164,14 @@ def group_accept_request(request, group_request_id):
    try:
        group, created = Group.objects.get_or_create(name=group_request.group.name)
-        if not GroupManager.joinable_group(group_request.group) or \
+        if not GroupManager.joinable_group(group_request.group, group_request.user.profile.state) or \
                not GroupManager.can_manage_group(request.user, group_request.group):
            raise PermissionDenied
        group_request.user.groups.add(group)
        group_request.user.save()
        log = RequestLog(request_type=group_request.leave_request,group=group,request_info=group_request.__str__(),action=1,request_actor=request.user)
        log.save()
        group_request.delete()
        logger.info("User %s accepted group request from user %s to group %s" % (
            request.user, group_request.user, group_request.group.name))
@@ -172,6 +205,8 @@ def group_reject_request(request, group_request_id):
        if group_request:
            logger.info("User %s rejected group request from user %s to group %s" % (
                request.user, group_request.user, group_request.group.name))
            log = RequestLog(request_type=group_request.leave_request,group=group_request.group,request_info=group_request.__str__(),action=0,request_actor=request.user)
            log.save()
            group_request.delete()
            notify(group_request.user, "Group Application Rejected", level="danger",
                   message="Your application to %s has been rejected." % group_request.group)
@@ -204,6 +239,8 @@ def group_leave_accept_request(request, group_request_id):
        group, created = Group.objects.get_or_create(name=group_request.group.name)
        group_request.user.groups.remove(group)
        group_request.user.save()
        log = RequestLog(request_type=group_request.leave_request,group=group_request.group,request_info=group_request.__str__(),action=1,request_actor=request.user)
        log.save()
        group_request.delete()
        logger.info("User %s accepted group leave request from user %s to group %s" % (
            request.user, group_request.user, group_request.group.name))
@@ -236,6 +273,8 @@ def group_leave_reject_request(request, group_request_id):
            raise PermissionDenied
        if group_request:
            log = RequestLog(request_type=group_request.leave_request,group=group_request.group,request_info=group_request.__str__(),action=0,request_actor=request.user)
            log.save()
            group_request.delete()
            logger.info("User %s rejected group leave request from user %s for group %s" % (
                request.user, group_request.user, group_request.group.name))
@@ -262,7 +301,7 @@ def groups_view(request):
    logger.debug("groups_view called by user %s" % request.user)
    groups = []
-    group_query = GroupManager.get_joinable_groups()
+    group_query = GroupManager.get_joinable_groups(request.user.profile.state)
    if not request.user.has_perm('groupmanagement.request_groups'):
        # Filter down to public groups only for non-members
@@ -284,11 +323,18 @@ def groups_view(request):
 def group_request_add(request, group_id):
    logger.debug("group_request_add called by user %s for group id %s" % (request.user, group_id))
    group = Group.objects.get(id=group_id)
-    if not GroupManager.joinable_group(group):
+    state = request.user.profile.state
    if not GroupManager.joinable_group(group, state):
        logger.warning("User %s attempted to join group id %s but it is not a joinable group" %
                       (request.user, group_id))
        messages.warning(request, _("You cannot join that group"))
        return redirect('groupmanagement:groups')
    if group in request.user.groups.all():
        # User is already a member of this group.
        logger.warning("User %s attempted to join group id %s but they are already a member." %
                       (request.user, group_id))
        messages.warning(request, "You are already a member of that group.")
        return redirect('groupmanagement:groups')
    if not request.user.has_perm('groupmanagement.request_groups') and not group.authgroup.public:
        # Does not have the required permission, trying to join a non-public group
        logger.warning("User %s attempted to join group id %s but it is not a public group" %
@@ -299,11 +345,15 @@ def group_request_add(request, group_id):
        logger.info("%s joining %s as is an open group" % (request.user, group))
        request.user.groups.add(group)
        return redirect("groupmanagement:groups")
    req = GroupRequest.objects.filter(user=request.user, group=group)
    if len(req) > 0:
        logger.info("%s attempted to join %s but already has an open application" % (request.user, group))
        messages.warning(request, "You already have a pending application for that group.")
        return redirect("groupmanagement:groups")
    grouprequest = GroupRequest()
    grouprequest.status = _('Pending')
    grouprequest.group = group
    grouprequest.user = request.user
    grouprequest.main_char = request.user.profile.main_character
    grouprequest.leave_request = False
    grouprequest.save()
    logger.info("Created group request for user %s to group %s" % (request.user, Group.objects.get(id=group_id)))
@@ -315,7 +365,7 @@ def group_request_add(request, group_id):
 def group_request_leave(request, group_id):
    logger.debug("group_request_leave called by user %s for group id %s" % (request.user, group_id))
    group = Group.objects.get(id=group_id)
-    if not GroupManager.joinable_group(group):
+    if not GroupManager.check_internal_group(group):
        logger.warning("User %s attempted to leave group id %s but it is not a joinable group" %
                       (request.user, group_id))
        messages.warning(request, _("You cannot leave that group"))
@@ -329,11 +379,19 @@ def group_request_leave(request, group_id):
        logger.info("%s leaving %s as is an open group" % (request.user, group))
        request.user.groups.remove(group)
        return redirect("groupmanagement:groups")
    req = GroupRequest.objects.filter(user=request.user, group=group)
    if len(req) > 0:
        logger.info("%s attempted to leave %s but already has an pending leave request." % (request.user, group))
        messages.warning(request, "You already have a pending leave request for that group.")
        return redirect("groupmanagement:groups")
    if getattr(settings, 'AUTO_LEAVE', False):
        logger.info("%s leaving joinable group %s due to auto_leave" % (request.user, group))
        request.user.groups.remove(group)
        return redirect('groupmanagement:groups')
    grouprequest = GroupRequest()
    grouprequest.status = _('Pending')
    grouprequest.group = group
    grouprequest.user = request.user
    grouprequest.main_char = request.user.profile.main_character
    grouprequest.leave_request = True
    grouprequest.save()
    logger.info("Created group leave request for user %s to group %s" % (request.user, Group.objects.get(id=group_id)))
--- a/allianceauth/hrapplications/auth_hooks.py
+++ b/allianceauth/hrapplications/auth_hooks.py
@@ -1,5 +1,5 @@
 from allianceauth.services.hooks import MenuItemHook, UrlHook
-
+from django.utils.translation import ugettext_lazy as _
 from allianceauth import hooks
 from allianceauth.hrapplications import urls
@@ -7,7 +7,7 @@ from allianceauth.hrapplications import urls
 class ApplicationsMenu(MenuItemHook):
    def __init__(self):
        MenuItemHook.__init__(self,
-                              'Applications',
+                              _('Applications'),
                              'fa fa-file-o fa-fw',
                              'hrapplications:index',
                              navactive=['hrapplications:'])
--- a/allianceauth/hrapplications/templates/hrapplications/management.html
+++ b/allianceauth/hrapplications/templates/hrapplications/management.html
@@ -154,6 +154,12 @@
                                               class="btn btn-primary">
                                                <span class="glyphicon glyphicon-eye-open"></span>
                                            </a>
                                            {% if perms.hrapplications.delete_application %}
                                                <a href="{% url 'hrapplications:remove' app.id %}"
                                                    class="btn btn-danger">
                                                    <span class="glyphicon glyphicon-remove"></span>
                                                </a>
                                            {% endif %}
                                        </td>
                                    </tr>
                                {% endfor %}
--- a/allianceauth/hrapplications/urls.py
+++ b/allianceauth/hrapplications/urls.py
@@ -13,19 +13,19 @@ urlpatterns = [
        name="create_view"),
    url(r'^remove/(\w+)', views.hr_application_remove,
        name="remove"),
-    url(r'view/(\w+)', views.hr_application_view,
+    url(r'^view/(\w+)', views.hr_application_view,
        name="view"),
-    url(r'personal/view/(\w+)', views.hr_application_personal_view,
+    url(r'^personal/view/(\w+)', views.hr_application_personal_view,
        name="personal_view"),
-    url(r'personal/removal/(\w+)',
+    url(r'^personal/removal/(\w+)',
        views.hr_application_personal_removal,
        name="personal_removal"),
-    url(r'approve/(\w+)', views.hr_application_approve,
+    url(r'^approve/(\w+)', views.hr_application_approve,
        name="approve"),
-    url(r'reject/(\w+)', views.hr_application_reject,
+    url(r'^reject/(\w+)', views.hr_application_reject,
        name="reject"),
-    url(r'search/', views.hr_application_search,
+    url(r'^search/', views.hr_application_search,
        name="search"),
-    url(r'mark_in_progress/(\w+)', views.hr_application_mark_in_progress,
+    url(r'^mark_in_progress/(\w+)', views.hr_application_mark_in_progress,
        name="mark_in_progress"),
    ]
--- a/allianceauth/hrapplications/views.py
+++ b/allianceauth/hrapplications/views.py
@@ -67,7 +67,7 @@ def hr_application_create_view(request, form_id=None):
                                                       ""))
                    response.save()
                logger.info("%s created %s" % (request.user, application))
-            return redirect('hrapplications:view')
+            return redirect('hrapplications:personal_view', application.id)
        else:
            questions = app_form.questions.all()
            return render(request, 'hrapplications/create.html',
@@ -95,7 +95,7 @@ def hr_application_personal_view(request, app_id):
        return render(request, 'hrapplications/view.html', context=context)
    else:
        logger.warn("User %s not authorized to view %s" % (request.user, app))
-        return redirect('hrapplications:view')
+        return redirect('hrapplications:personal_view')
@login_required
@@ -110,7 +110,7 @@ def hr_application_personal_removal(request, app_id):
            logger.warn("User %s attempting to delete reviewed app %s" % (request.user, app))
    else:
        logger.warn("User %s not authorized to delete %s" % (request.user, app))
-    return redirect('hrapplications:view')
+    return redirect('hrapplications:index')
@login_required
@@ -158,7 +158,7 @@ def hr_application_remove(request, app_id):
    logger.info("User %s deleting %s" % (request.user, app))
    app.delete()
    notify(app.user, "Application Deleted", message="Your application to %s was deleted." % app.form.corp)
-    return redirect('hrapplications:view')
+    return redirect('hrapplications:index')
@login_required
@@ -175,7 +175,7 @@ def hr_application_approve(request, app_id):
               level="success")
    else:
        logger.warn("User %s not authorized to approve %s" % (request.user, app))
-    return redirect('hrapplications:view')
+    return redirect('hrapplications:index')
@login_required
@@ -192,7 +192,7 @@ def hr_application_reject(request, app_id):
               level="danger")
    else:
        logger.warn("User %s not authorized to reject %s" % (request.user, app))
-    return redirect('hrapplications:view')
+    return redirect('hrapplications:index')
@login_required
--- a/allianceauth/locale/de/LC_MESSAGES/django.mo
+++ b/allianceauth/locale/de/LC_MESSAGES/django.mo
--- a/allianceauth/locale/de/LC_MESSAGES/django.po
+++ b/allianceauth/locale/de/LC_MESSAGES/django.po
--- a/allianceauth/locale/es/LC_MESSAGES/django.mo
+++ b/allianceauth/locale/es/LC_MESSAGES/django.mo
--- a/allianceauth/locale/es/LC_MESSAGES/django.po
+++ b/allianceauth/locale/es/LC_MESSAGES/django.po
--- a/allianceauth/optimer/auth_hooks.py
+++ b/allianceauth/optimer/auth_hooks.py
@@ -1,12 +1,12 @@
 from allianceauth.services.hooks import MenuItemHook, UrlHook
-
+from django.utils.translation import ugettext_lazy as _
 from allianceauth import hooks
 from . import urls
 class OpTimerboardMenu(MenuItemHook):
    def __init__(self):
-        MenuItemHook.__init__(self, 'Fleet Operations',
+        MenuItemHook.__init__(self, _('Fleet Operations'),
                              'fa fa-exclamation  fa-fw',
                              'optimer:view',
                              navactive=['optimer:'])
--- a/allianceauth/optimer/templates/optimer/management.html
+++ b/allianceauth/optimer/templates/optimer/management.html
@@ -19,7 +19,8 @@
        <div class="col-lg-12 text-center row">
            <div class="label label-info text-left">
                <b>{% trans "Current Eve Time:" %} </b>
-            </div><div class="label label-info text-left" id="current-time"></div>
+            </div>
            <strong class="label label-info text-left" id="current-time"></strong>
            <br  />
        </div>
@@ -111,7 +112,7 @@
        }
        function updateClock() {
-            document.getElementById("current-time").innerHTML = "<b>" + moment.utc().format('LLLL') + "</b>";
+            document.getElementById("current-time").innerHTML = getCurrentEveTimeString();
        }
    </script>
 {% endblock content %}
--- a/allianceauth/permissions_tool/tests.py
+++ b/allianceauth/permissions_tool/tests.py
@@ -8,6 +8,7 @@ from allianceauth.tests.auth_utils import AuthUtils
 class PermissionsToolViewsTestCase(WebTest):
    def setUp(self):
        self.member = AuthUtils.create_member('auth_member')
        AuthUtils.add_main_character(self.member, 'test character', '1234', '2345', 'test corp', 'testc')
        self.member.email = 'auth_member@example.com'
        self.member.save()
        self.none_user = AuthUtils.create_user('none_user', disconnect_signals=True)
--- a/allianceauth/project_template/categories.json
+++ b/allianceauth/project_template/categories.json
--- a/allianceauth/project_template/confusables.json
+++ b/allianceauth/project_template/confusables.json
--- a/allianceauth/project_template/project_name/init.py
+++ b/allianceauth/project_template/project_name/init.py
@@ -0,0 +1 @@
 from .celery import app as celery_app
--- a/allianceauth/project_template/project_name/celery.py
+++ b/allianceauth/project_template/project_name/celery.py
@@ -11,6 +11,10 @@ app = Celery('{{ project_name }}')
 # Using a string here means the worker don't have to serialize
 # the configuration object to child processes.
 app.config_from_object('django.conf:settings')
 app.conf.ONCE = {
    'backend': 'allianceauth.services.tasks.DjangoBackend',
    'settings': {}
 }
 # Load task modules from all registered Django app configs.
 app.autodiscover_tasks(lambda: settings.INSTALLED_APPS)
--- a/allianceauth/project_template/project_name/settings/base.py
+++ b/allianceauth/project_template/project_name/settings/base.py
@@ -1,14 +1,10 @@
 # -*- coding: UTF-8 -*-
 """
-Django settings for alliance_auth project.
+DO NOT EDIT THIS FILE
-Generated by 'django-admin startproject' using Django 1.10.1.
+This settings file contains everything needed for Alliance Auth projects to function.
-
+It gets overwritten by the 'allianceauth update' command.
-For more information on this file, see
+If you wish to make changes, overload the setting in your project's settings file (local.py).
 https://docs.djangoproject.com/en/1.10/topics/settings/
 For the full list of settings and their values, see
 https://docs.djangoproject.com/en/1.10/ref/settings/
 """
 import os
@@ -17,7 +13,6 @@ from django.contrib import messages
 from celery.schedules import crontab
 INSTALLED_APPS = [
    # Core apps - required to function
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
@@ -38,17 +33,19 @@ INSTALLED_APPS = [
    'allianceauth.thirdparty.navhelper',
 ]
 SECRET_KEY = "wow I'm a really bad default secret key"
 # Celery configuration
 BROKER_URL = 'redis://localhost:6379/0'
 CELERYBEAT_SCHEDULER = "django_celery_beat.schedulers.DatabaseScheduler"
 CELERYBEAT_SCHEDULE = {
    'esi_cleanup_callbackredirect': {
        'task': 'esi.tasks.cleanup_callbackredirect',
-        'schedule': crontab(hour='*/4'),
+        'schedule': crontab(minute=0, hour='*/4'),
    },
    'esi_cleanup_token': {
        'task': 'esi.tasks.cleanup_token',
-        'schedule': crontab(day_of_month='*/1'),
+        'schedule': crontab(minute=0, hour=0),
    },
    'run_model_update': {
        'task': 'allianceauth.eveonline.tasks.run_model_update',
@@ -56,7 +53,7 @@ CELERYBEAT_SCHEDULE = {
    },
    'check_all_character_ownership': {
        'task': 'allianceauth.authentication.tasks.check_all_character_ownership',
-        'schedule': crontab(hour='*/4'),
+        'schedule': crontab(minute=0, hour='*/4'),
    }
 }
@@ -85,12 +82,13 @@ ugettext = lambda s: s
 LANGUAGES = (
    ('en', ugettext('English')),
    ('de', ugettext('German')),
    ('es', ugettext('Spanish')),
 )
 TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
-        'DIRS': [],
+        'DIRS': [os.path.join(PROJECT_DIR, 'templates')],
        'APP_DIRS': True,
        'OPTIONS': {
            'context_processors': [
@@ -148,8 +146,11 @@ USE_TZ = True
 # Static files (CSS, JavaScript, Images)
 # https://docs.djangoproject.com/en/1.10/howto/static-files/
 STATIC_URL = '/static/'
 STATICFILES_DIRS = [
    os.path.join(PROJECT_DIR, 'static'),
 ]
 STATIC_ROOT = os.path.join(BASE_DIR, 'static')
 # Bootstrap messaging css workaround
 MESSAGE_TAGS = {
@@ -166,7 +167,6 @@ CACHES = {
    }
 }
 SECRET_KEY = 'this is a very bad secret key you should change'
 DEBUG = True
 ALLOWED_HOSTS = ['*']
 DATABASES = {
@@ -178,40 +178,24 @@ DATABASES = {
 SITE_NAME = 'Alliance Auth'
-#################
+LOGIN_URL = 'auth_login_user'  # view that handles login logic
-# Login Settings
+
-#################
+LOGIN_REDIRECT_URL = 'authentication:dashboard'  # default destination when logging in if no redirect specified
-# LOGIN_REDIRECT_URL - default destination when logging in if no redirect specified
+LOGOUT_REDIRECT_URL = 'authentication:dashboard'  # destination after logging out
 # LOGOUT_REDIRECT_URL - destination after logging out
 # Both of these redirects accept values as per the django redirect shortcut
 # https://docs.djangoproject.com/en/1.11/topics/http/shortcuts/#redirect
 # - url names eg 'authentication:dashboard'
 # - relative urls eg '/dashboard'
 # - absolute urls eg 'http://example.com/dashboard'
-# LOGIN_TOKEN_SCOPES - scopes required on new tokens when logging in. Cannot be blank.
+
-# ACCOUNT_ACTIVATION_DAYS - number of days email verification tokens are valid for
+# scopes required on new tokens when logging in. Cannot be blank.
-##################
+LOGIN_TOKEN_SCOPES = ['publicData']
-LOGIN_URL = 'auth_login_user'
+
-LOGIN_REDIRECT_URL = 'authentication:dashboard'
+# number of days email verification links are valid for
 LOGOUT_REDIRECT_URL = 'authentication:dashboard'
 LOGIN_TOKEN_SCOPES = ['esi-characters.read_opportunities.v1']
 ACCOUNT_ACTIVATION_DAYS = 1
-#####################################################
+ESI_API_URL = 'https://esi.evetech.net/'
-##
+
 ## Logging Configuration
 ##
 #####################################################
 # Set log_file and console level to desired state:
 # DEBUG - basically stack trace, explains every step
 # INFO - model creation, deletion, updates, etc
 # WARN - unexpected function outcomes that do not impact user
 # ERROR - unexcpeted function outcomes which prevent user from achieving desired outcome
 # EXCEPTION - something critical went wrong, unhandled
 #####################################
 # Recommended level for log_file is INFO, console is DEBUG
 # Change log level of individual apps below to narrow your debugging
 #####################################
 LOGGING = {
    'version': 1,
    'disable_existing_loggers': False,
@@ -253,5 +237,9 @@ LOGGING = {
            'handlers': ['log_file', 'console'],
            'level': 'ERROR',
        },
        'esi': {
            'handlers': ['log_file', 'console'],
            'level': 'DEBUG',
        },
    }
 }
--- a/allianceauth/project_template/project_name/settings/local.py
+++ b/allianceauth/project_template/project_name/settings/local.py
@@ -1,68 +1,60 @@
 # Every setting in base.py can be overloaded by redefining it here.
 from .base import *
-# These are required for Django to function properly
+# These are required for Django to function properly. Don't touch.
 ROOT_URLCONF = '{{ project_name }}.urls'
 WSGI_APPLICATION = '{{ project_name }}.wsgi.application'
 STATICFILES_DIRS = [
    os.path.join(PROJECT_DIR, 'static'),
 ]
 STATIC_ROOT = "/var/www/{{ project_name }}/static/"
 TEMPLATES[0]['DIRS'] += [os.path.join(PROJECT_DIR, 'templates')]
 SECRET_KEY = '{{ secret_key }}'
-# Change this to change the name of the auth site
+# This is where css/images will be placed for your webserver to read
 STATIC_ROOT = "/var/www/{{ project_name }}/static/"
 # Change this to change the name of the auth site displayed
 # in page titles and the site header.
 SITE_NAME = '{{ project_name }}'
-# Change this to enable/disable debug mode
+# Change this to enable/disable debug mode, which displays
 # useful error messages but can leak sensitive data.
 DEBUG = False
-#######################################
+# Add any additional apps to this list.
-#         Database Settings           #
+INSTALLED_APPS += [
-#######################################
+    
-# Uncomment and change the database name
+]
-# and credentials to use MySQL/MariaDB.
+
-# Leave commented to use sqlite3
+# Enter credentials to use MySQL/MariaDB. Comment out to use sqlite3
 #######################################
 """
 DATABASES['default'] = {
    'ENGINE': 'django.db.backends.mysql',
    'NAME': 'alliance_auth',
-    'USER': os.environ.get('AA_DB_DEFAULT_USER', ''),
+    'USER': '',
-    'PASSWORD': os.environ.get('AA_DB_DEFAULT_PASSWORD', ''),
+    'PASSWORD': '',
-    'HOST': os.environ.get('AA_DB_DEFAULT_HOST', '127.0.0.1'),
+    'HOST': '127.0.0.1',
-    'PORT': os.environ.get('AA_DB_DEFAULT_PORT', '3306'),
+    'PORT': '3306',
 }
 """
-######################################
+# Register an application at https://developers.eveonline.com for Authentication
-#            SSO Settings            #
+# & API Access and fill out these settings. Be sure to set the callback URL
-######################################
+# to https://example.com/sso/callback substituting your domain for example.com
-# Register an application at
+# Logging in to auth requires the publicData scope (can be overridden through the
-# https://developers.eveonline.com
+# LOGIN_TOKEN_SCOPES setting). Other apps may require more (see their docs).
 # and fill out these settings.
 # Be sure to set the callback URL to
 # https://example.com/sso/callback
 # substituting your domain for example.com
 ######################################
 ESI_SSO_CLIENT_ID = ''
 ESI_SSO_CLIENT_SECRET = ''
 ESI_SSO_CALLBACK_URL = ''
-######################################
+# By default emails are validated before new users can log in.
-#           Email Settings           #
+# It's recommended to use a free service like SparkPost or Elastic Email to send email.
 ######################################
 # Alliance Auth validates emails before
 # new users can log in.
 # It's recommended to use a free service
 # like SparkPost or Mailgun to send email.
 # https://www.sparkpost.com/docs/integrations/django/
-#################
+# https://elasticemail.com/resources/settings/smtp-api/
 # Set the default from email to something like 'noreply@example.com'
 # Email validation can be turned off by uncommenting the line below. This can break some services.
 # REGISTRATION_VERIFY_EMAIL = False
 EMAIL_HOST = ''
 EMAIL_PORT = 587
 EMAIL_HOST_USER = ''
 EMAIL_HOST_PASSWORD = ''
 EMAIL_USE_TLS = True
 DEFAULT_FROM_EMAIL = ''
-######################################
+#######################################
-# Add any custom settings below here #
+# Add any custom settings below here. #
-######################################
+#######################################
--- a/allianceauth/services/admin.py
+++ b/allianceauth/services/admin.py
@@ -9,12 +9,19 @@ class NameFormatConfigForm(forms.ModelForm):
        super(NameFormatConfigForm, self).__init__(*args, **kwargs)
        SERVICE_CHOICES = [(s.name, s.name) for h in hooks.get_hooks('services_hook') for s in [h()]]
        if self.instance.id:
-            SERVICE_CHOICES.append((self.instance.field, self.instance.field))
+            current_choice = (self.instance.service_name, self.instance.service_name)
            if current_choice not in SERVICE_CHOICES:
                SERVICE_CHOICES.append(current_choice)
        self.fields['service_name'] = forms.ChoiceField(choices=SERVICE_CHOICES)
 class NameFormatConfigAdmin(admin.ModelAdmin):
    form = NameFormatConfigForm
    list_display = ('service_name', 'get_state_display_string')
    def get_state_display_string(self, obj):
        return ', '.join([state.name for state in obj.states.all()])
    get_state_display_string.short_description = 'States'
 admin.site.register(NameFormatConfig, NameFormatConfigAdmin)
--- a/allianceauth/services/apps.py
+++ b/allianceauth/services/apps.py
@@ -6,4 +6,4 @@ class ServicesConfig(AppConfig):
    label = 'services'
    def ready(self):
-        pass
+        from . import signals
--- a/allianceauth/services/hooks.py
+++ b/allianceauth/services/hooks.py
@@ -1,7 +1,6 @@
 from django.conf.urls import include, url
 from django.template.loader import render_to_string
 from django.utils.functional import cached_property
 from django.core.exceptions import ObjectDoesNotExist
 from django.conf import settings
 from string import Formatter
@@ -160,15 +159,12 @@ class NameFormatter:
            'corp_id': getattr(main_char, 'corporation_id', None),
            'alliance_name': getattr(main_char, 'alliance_name', None),
            'alliance_id': getattr(main_char, 'alliance_id', None),
            'alliance_ticker': getattr(main_char, 'alliance_ticker', None),
            'username': self.user.username,
        }
-        if main_char is not None and 'alliance_ticker' in self.string_formatter:
+        format_data['alliance_or_corp_name'] = format_data['alliance_name'] or format_data['corp_name']
-            # Reduces db lookups
+        format_data['alliance_or_corp_ticker'] = format_data['alliance_ticker'] or format_data['corp_ticker']
            try:
                format_data['alliance_ticker'] = getattr(getattr(main_char, 'alliance', None), 'alliance_ticker', None)
            except ObjectDoesNotExist:
                format_data['alliance_ticker'] = None
        return format_data
    @cached_property
--- a/allianceauth/services/management/commands/verify_service_accounts.py
+++ b/allianceauth/services/management/commands/verify_service_accounts.py
@@ -9,5 +9,5 @@ class Command(BaseCommand):
    def handle(self, *args, **options):
        for u in User.objects.all():
-            validate_services(u)
+            validate_services(u.pk)
        self.stdout.write(self.style.SUCCESS('Verified all user service accounts.'))
--- a/allianceauth/services/migrations/0002_nameformatter.py
+++ b/allianceauth/services/migrations/0002_nameformatter.py
@@ -11,6 +11,7 @@ class Migration(migrations.Migration):
    dependencies = [
        ('services', '0001_squashed_0003_delete_groupcache'),
        ('authentication', '0015_user_profiles'),
    ]
    operations = [
--- a/allianceauth/services/modules/discord/manager.py
+++ b/allianceauth/services/modules/discord/manager.py
@@ -1,6 +1,4 @@
 import requests
 import json
 import re
 import math
 from django.conf import settings
 from requests_oauthlib import OAuth2Session
@@ -24,8 +22,8 @@ Previously all we asked for was permission to kick members, manage roles, and ma
 Users have reported weird unauthorized errors we don't understand. So now we ask for full server admin.
 It's almost fixed the problem.
 """
-# kick members, manage roles, manage nicknames
+# kick members, manage roles, manage nicknames, create instant invite
-# BOT_PERMISSIONS = 0x00000002 + 0x10000000 + 0x08000000
+# BOT_PERMISSIONS = 0x00000002 + 0x10000000 + 0x08000000 + 0x00000001
 BOT_PERMISSIONS = 0x00000008
 # get user ID, accept invite
@@ -34,7 +32,7 @@ SCOPES = [
    'guilds.join',
 ]
-GROUP_CACHE_MAX_AGE = int(getattr(settings, 'DISCORD_GROUP_CACHE_MAX_AGE', 2 * 60 * 60))  # 2 hours default
+GROUP_CACHE_MAX_AGE = getattr(settings, 'DISCORD_GROUP_CACHE_MAX_AGE', 2 * 60 * 60)  # 2 hours default
 class DiscordApiException(Exception):
@@ -109,7 +107,7 @@ def api_backoff(func):
                        backoff_timer = datetime.datetime.strptime(existing_backoff, cache_time_format)
                        if backoff_timer > datetime.datetime.utcnow():
                            backoff_seconds = (backoff_timer - datetime.datetime.utcnow()).total_seconds()
-                            logger.debug("Still under backoff for {} seconds, backing off" % backoff_seconds)
+                            logger.debug("Still under backoff for %s seconds, backing off" % backoff_seconds)
                            # Still under backoff
                            raise PerformBackoff(
                                retry_after=backoff_seconds,
@@ -117,8 +115,7 @@ def api_backoff(func):
                                global_ratelimit=bool(existing_global_backoff)
                            )
                    logger.debug("Calling API calling function")
-                    func(*args, **kwargs)
+                    return func(*args, **kwargs)
                    break
                except requests.HTTPError as e:
                    if e.response.status_code == 429:
                        try:
@@ -163,12 +160,11 @@ class DiscordOAuthManager:
    @staticmethod
    def _sanitize_name(name):
-        return re.sub('[^\w.-]', '', name)[:32]
+        return name[:32]
    @staticmethod
-    def _sanitize_groupname(name):
+    def _sanitize_group_name(name):
-        name = name.strip(' _')
+        return name[:100]
        return DiscordOAuthManager._sanitize_name(name)
    @staticmethod
    def generate_bot_add_url():
@@ -187,23 +183,33 @@ class DiscordOAuthManager:
        return token
    @staticmethod
-    def add_user(code):
+    def add_user(code, groups, nickname=None):
        try:
            token = DiscordOAuthManager._process_callback_code(code)['access_token']
            logger.debug("Received token from OAuth")
            custom_headers = {'accept': 'application/json', 'authorization': 'Bearer ' + token}
            path = DISCORD_URL + "/invites/" + str(settings.DISCORD_INVITE_CODE)
            r = requests.post(path, headers=custom_headers)
            logger.debug("Got status code %s after accepting Discord invite" % r.status_code)
            r.raise_for_status()
            path = DISCORD_URL + "/users/@me"
            r = requests.get(path, headers=custom_headers)
            logger.debug("Got status code %s after retrieving Discord profile" % r.status_code)
            r.raise_for_status()
            user_id = r.json()['id']
            path = DISCORD_URL + "/guilds/" + str(settings.DISCORD_GUILD_ID) + "/members/" + str(user_id)
            group_ids = [DiscordOAuthManager._group_name_to_id(DiscordOAuthManager._sanitize_group_name(g)) for g in
                         groups]
            data = {
                'roles': group_ids,
                'access_token': token,
            }
            if nickname:
                data['nick'] = DiscordOAuthManager._sanitize_name(nickname)
            custom_headers['authorization'] = 'Bot ' + settings.DISCORD_BOT_TOKEN
            r = requests.put(path, headers=custom_headers, json=data)
            logger.debug("Got status code %s after joining Discord server" % r.status_code)
            r.raise_for_status()
            logger.info("Added Discord user ID %s to server." % user_id)
            return user_id
        except:
@@ -211,23 +217,20 @@ class DiscordOAuthManager:
            return None
    @staticmethod
    @api_backoff
    def update_nickname(user_id, nickname):
-        try:
+        nickname = DiscordOAuthManager._sanitize_name(nickname)
-            nickname = DiscordOAuthManager._sanitize_name(nickname)
+        custom_headers = {'content-type': 'application/json', 'authorization': 'Bot ' + settings.DISCORD_BOT_TOKEN}
-            custom_headers = {'content-type': 'application/json', 'authorization': 'Bot ' + settings.DISCORD_BOT_TOKEN}
+        data = {'nick': nickname}
-            data = {'nick': nickname}
+        path = DISCORD_URL + "/guilds/" + str(settings.DISCORD_GUILD_ID) + "/members/" + str(user_id)
-            path = DISCORD_URL + "/guilds/" + str(settings.DISCORD_GUILD_ID) + "/members/" + str(user_id)
+        r = requests.patch(path, headers=custom_headers, json=data)
-            r = requests.patch(path, headers=custom_headers, json=data)
+        logger.debug("Got status code %s after setting nickname for Discord user ID %s (%s)" % (
-            logger.debug("Got status code %s after setting nickname for Discord user ID %s (%s)" % (
+            r.status_code, user_id, nickname))
-                r.status_code, user_id, nickname))
+        if r.status_code == 404:
-            if r.status_code == 404:
+            logger.warn("Discord user ID %s could not be found in server." % user_id)
                logger.warn("Discord user ID %s could not be found in server." % user_id)
                return True
            r.raise_for_status()
            return True
-        except:
+        r.raise_for_status()
-            logger.exception("Failed to set nickname for Discord user ID %s (%s)" % (user_id, nickname))
+        return True
            return False
    @staticmethod
    def delete_user(user_id):
@@ -260,7 +263,7 @@ class DiscordOAuthManager:
    @staticmethod
    def _group_name_to_id(name):
-        name = DiscordOAuthManager._sanitize_groupname(name)
+        name = DiscordOAuthManager._sanitize_group_name(name)
        def get_or_make_role():
            groups = DiscordOAuthManager._get_groups()
@@ -271,42 +274,61 @@ class DiscordOAuthManager:
        return cache.get_or_set(DiscordOAuthManager._generate_cache_role_key(name), get_or_make_role, GROUP_CACHE_MAX_AGE)
    @staticmethod
-    def __generate_role():
+    def __generate_role(name, **kwargs):
        custom_headers = {'accept': 'application/json', 'authorization': 'Bot ' + settings.DISCORD_BOT_TOKEN}
        path = DISCORD_URL + "/guilds/" + str(settings.DISCORD_GUILD_ID) + "/roles"
-        r = requests.post(path, headers=custom_headers)
+        data = {'name': name}
        data.update(kwargs)
        r = requests.post(path, headers=custom_headers, json=data)
        logger.debug("Received status code %s after generating new role." % r.status_code)
        r.raise_for_status()
        return r.json()
    @staticmethod
-    def __edit_role(role_id, name, color=0, hoist=True, permissions=36785152):
+    def __edit_role(role_id, **kwargs):
        custom_headers = {'content-type': 'application/json', 'authorization': 'Bot ' + settings.DISCORD_BOT_TOKEN}
        data = {
            'color': color,
            'hoist': hoist,
            'name': name,
            'permissions': permissions,
        }
        path = DISCORD_URL + "/guilds/" + str(settings.DISCORD_GUILD_ID) + "/roles/" + str(role_id)
-        r = requests.patch(path, headers=custom_headers, data=json.dumps(data))
+        r = requests.patch(path, headers=custom_headers, json=kwargs)
        logger.debug("Received status code %s after editing role id %s" % (r.status_code, role_id))
        r.raise_for_status()
        return r.json()
    @staticmethod
    def _create_group(name):
-        role = DiscordOAuthManager.__generate_role()
+        return DiscordOAuthManager.__generate_role(name)
-        return DiscordOAuthManager.__edit_role(role['id'], name)
+
    @staticmethod
    def _get_user(user_id):
        custom_headers = {'content-type': 'application/json', 'authorization': 'Bot ' + settings.DISCORD_BOT_TOKEN}
        path = DISCORD_URL + "/guilds/" + str(settings.DISCORD_GUILD_ID) + "/members/" + str(user_id)
        r = requests.get(path, headers=custom_headers)
        r.raise_for_status()
        return r.json()
    @staticmethod
    def _get_user_roles(user_id):
        user = DiscordOAuthManager._get_user(user_id)
        return user['roles']
    @staticmethod
    def _modify_user_role(user_id, role_id, method):
        custom_headers = {'content-type': 'application/json', 'authorization': 'Bot ' + settings.DISCORD_BOT_TOKEN}
        path = DISCORD_URL + "/guilds/" + str(settings.DISCORD_GUILD_ID) + "/members/" + str(user_id) + "/roles/" + str(
            role_id)
        r = getattr(requests, method)(path, headers=custom_headers)
        r.raise_for_status()
        logger.debug("%s role %s for user %s" % (method, role_id, user_id))
    @staticmethod
    @api_backoff
    def update_groups(user_id, groups):
-        custom_headers = {'content-type': 'application/json', 'authorization': 'Bot ' + settings.DISCORD_BOT_TOKEN}
+        group_ids = [DiscordOAuthManager._group_name_to_id(DiscordOAuthManager._sanitize_group_name(g)) for g in groups]
-        group_ids = [DiscordOAuthManager._group_name_to_id(DiscordOAuthManager._sanitize_groupname(g)) for g in groups]
+        user_group_ids = DiscordOAuthManager._get_user_roles(user_id)
-        path = DISCORD_URL + "/guilds/" + str(settings.DISCORD_GUILD_ID) + "/members/" + str(user_id)
+        for g in group_ids:
-        data = {'roles': group_ids}
+            if g not in user_group_ids:
-        r = requests.patch(path, headers=custom_headers, json=data)
+                DiscordOAuthManager._modify_user_role(user_id, g, 'put')
-        logger.debug("Received status code %s after setting user roles" % r.status_code)
+                time.sleep(1)  # we're gonna be hammering the API here
-        r.raise_for_status()
+        for g in user_group_ids:
-
+            if g not in group_ids:
                DiscordOAuthManager._modify_user_role(user_id, g, 'delete')
                time.sleep(1)
--- a/allianceauth/services/modules/discord/migrations/0002_service_permissions.py
+++ b/allianceauth/services/modules/discord/migrations/0002_service_permissions.py
@@ -57,5 +57,5 @@ class Migration(migrations.Migration):
            name='discorduser',
            options={'permissions': (('access_discord', 'Can access the Discord service'),)},
        ),
-        migrations.RunPython(migrate_service_enabled),
+        migrations.RunPython(migrate_service_enabled, migrations.RunPython.noop),
    ]
--- a/allianceauth/services/modules/discord/tasks.py
+++ b/allianceauth/services/modules/discord/tasks.py
@@ -5,10 +5,11 @@ from django.contrib.auth.models import User
 from django.core.exceptions import ObjectDoesNotExist
 from allianceauth.notifications import notify
 from celery import shared_task
-
+from requests.exceptions import HTTPError
 from allianceauth.services.hooks import NameFormatter
 from .manager import DiscordOAuthManager, DiscordApiBackoff
 from .models import DiscordUser
 from allianceauth.services.tasks import QueueOnce
 logger = logging.getLogger(__name__)
@@ -19,15 +20,16 @@ class DiscordTasks:
    @classmethod
    def add_user(cls, user, code):
-        user_id = DiscordOAuthManager.add_user(code)
+        groups = DiscordTasks.get_groups(user)
        nickname = None
        if settings.DISCORD_SYNC_NAMES:
            nickname = DiscordTasks.get_nickname(user)
        user_id = DiscordOAuthManager.add_user(code, groups, nickname=nickname)
        if user_id:
            discord_user = DiscordUser()
            discord_user.user = user
            discord_user.uid = user_id
            discord_user.save()
            if settings.DISCORD_SYNC_NAMES:
                cls.update_nickname.delay(user.pk)
            cls.update_groups.delay(user.pk)
            return True
        return False
@@ -57,28 +59,32 @@ class DiscordTasks:
            return True
    @staticmethod
-    @shared_task(bind=True, name='discord.update_groups')
+    @shared_task(bind=True, name='discord.update_groups', base=QueueOnce)
-    def update_groups(task_self, pk):
+    def update_groups(self, pk):
        user = User.objects.get(pk=pk)
        logger.debug("Updating discord groups for user %s" % user)
        if DiscordTasks.has_account(user):
-            groups = []
+            groups = DiscordTasks.get_groups(user)
            for group in user.groups.all():
                groups.append(str(group.name))
            if len(groups) == 0:
                logger.debug("No syncgroups found for user. Adding empty group.")
                groups.append('empty')
            logger.debug("Updating user %s discord groups to %s" % (user, groups))
            try:
                DiscordOAuthManager.update_groups(user.discord.uid, groups)
            except DiscordApiBackoff as bo:
                logger.info("Discord group sync API back off for %s, "
                            "retrying in %s seconds" % (user, bo.retry_after_seconds))
-                raise task_self.retry(countdown=bo.retry_after_seconds)
+                raise self.retry(countdown=bo.retry_after_seconds)
            except HTTPError as e:
                if e.response.status_code == 404:
                    try:
                        if e.response.json()['code'] == 10007:
                            # user has left the server
                            DiscordTasks.delete_user(user)
                            return
                    finally:
                        raise e
            except Exception as e:
-                if task_self:
+                if self:
                    logger.exception("Discord group sync failed for %s, retrying in 10 mins" % user)
-                    raise task_self.retry(countdown=60 * 10)
+                    raise self.retry(countdown=60 * 10)
                else:
                    # Rethrow
                    raise e
@@ -94,7 +100,7 @@ class DiscordTasks:
            DiscordTasks.update_groups.delay(discord_user.user.pk)
    @staticmethod
-    @shared_task(bind=True, name='discord.update_nickname')
+    @shared_task(bind=True, name='discord.update_nickname', base=QueueOnce)
    def update_nickname(self, pk):
        user = User.objects.get(pk=pk)
        logger.debug("Updating discord nickname for user %s" % user)
@@ -104,6 +110,10 @@ class DiscordTasks:
                logger.debug("Updating user %s discord nickname to %s" % (user, character.character_name))
                try:
                    DiscordOAuthManager.update_nickname(user.discord.uid, DiscordTasks.get_nickname(user))
                except DiscordApiBackoff as bo:
                    logger.info("Discord nickname update API back off for %s, "
                                "retrying in %s seconds" % (user, bo.retry_after_seconds))
                    raise self.retry(countdown=bo.retry_after_seconds)
                except Exception as e:
                    if self:
                        logger.exception("Discord nickname sync failed for %s, retrying in 10 mins" % user)
@@ -132,3 +142,7 @@ class DiscordTasks:
    def get_nickname(user):
        from .auth_hooks import DiscordService
        return NameFormatter(DiscordService(), user).format_name()
    @staticmethod
    def get_groups(user):
        return [g.name for g in user.groups.all()] + [user.profile.state.name]
--- a/Show More
+++ b/Show More