Version Bump 3.1.0

Add `CSRF_TRUSTED_ORIGINS` to `local.py`

See merge request allianceauth/allianceauth!1446

.editorconfig

@@ -22,3 +22,7 @@ indent_style = tab
 
 [*.bat]
 indent_style = tab
+
+[{Dockerfile,*.dockerfile}]
+indent_style = space
+indent_size = 4

.gitignore

@@ -38,7 +38,6 @@ htmlcov/
 .tox/
 .coverage
 .cache
-nosetests.xml
 coverage.xml
 
 # Translations
@@ -77,3 +76,4 @@ celerybeat-schedule
 .flake8
 .pylintrc
 Makefile
+.isort.cfg

.gitlab-ci.yml

@@ -1,12 +1,20 @@
+.only-default: &only-default
+  only:
+    - master
+    - branches
+    - merge_requests
+
 stages:
-- pre-commit
-- gitlab
-- test
-- deploy
+  - pre-commit
+  - gitlab
+  - test
+  - deploy
+  - docker
 
 include:
-- template: Dependency-Scanning.gitlab-ci.yml
-- template: Security/SAST.gitlab-ci.yml
+  - template: Dependency-Scanning.gitlab-ci.yml
+  - template: Security/SAST.gitlab-ci.yml
+  - template: Security/Secret-Detection.gitlab-ci.yml
 
 before_script:
   - apt-get update && apt-get install redis-server -y
@@ -15,8 +23,9 @@ before_script:
   - pip install wheel tox
 
 pre-commit-check:
+  <<: *only-default
   stage: pre-commit
-  image: python:3.6-buster
+  image: python:3.8-bullseye
   variables:
     PRE_COMMIT_HOME: ${CI_PROJECT_DIR}/.cache/pre-commit
   cache:
@@ -33,75 +42,214 @@ sast:
 dependency_scanning:
   stage: gitlab
   before_script:
-  - apt-get update && apt-get install redis-server libmariadb-dev -y
-  - redis-server --daemonize yes
-  - python -V
-  - pip install wheel tox
+    - apt-get update && apt-get install redis-server libmariadb-dev -y
+    - redis-server --daemonize yes
+    - python -V
+    - pip install wheel tox
 
-test-3.7-core:
-  image: python:3.7-bullseye
-  script:
-  - tox -e py37-core
-  artifacts:
-    when: always
-    reports:
-      cobertura: coverage.xml
+secret_detection:
+  stage: gitlab
+  before_script: []
 
 test-3.8-core:
+  <<: *only-default
   image: python:3.8-bullseye
   script:
-  - tox -e py38-core
+    - tox -e py38-core
   artifacts:
     when: always
     reports:
-      cobertura: coverage.xml
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
 
 test-3.9-core:
+  <<: *only-default
   image: python:3.9-bullseye
   script:
-  - tox -e py39-core
+    - tox -e py39-core
   artifacts:
     when: always
     reports:
-      cobertura: coverage.xml
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
 
-test-3.7-all:
-  image: python:3.7-bullseye
+test-3.10-core:
+  <<: *only-default
+  image: python:3.10-bullseye
   script:
-  - tox -e py37-all
+    - tox -e py310-core
   artifacts:
     when: always
     reports:
-      cobertura: coverage.xml
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
+
+test-3.11-core:
+  <<: *only-default
+  image: python:3.11-rc-bullseye
+  script:
+    - tox -e py311-core
+  artifacts:
+    when: always
+    reports:
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
+  allow_failure: true
 
 test-3.8-all:
+  <<: *only-default
   image: python:3.8-bullseye
   script:
-  - tox -e py38-all
+    - tox -e py38-all
   artifacts:
     when: always
     reports:
-      cobertura: coverage.xml
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
 
 test-3.9-all:
+  <<: *only-default
   image: python:3.9-bullseye
   script:
-  - tox -e py39-all
+    - tox -e py39-all
   artifacts:
     when: always
     reports:
-      cobertura: coverage.xml
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
+
+test-3.10-all:
+  <<: *only-default
+  image: python:3.10-bullseye
+  script:
+    - tox -e py310-all
+  artifacts:
+    when: always
+    reports:
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
+
+test-3.11-all:
+  <<: *only-default
+  image: python:3.11-rc-bullseye
+  script:
+    - tox -e py311-all
+  artifacts:
+    when: always
+    reports:
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
+  allow_failure: true
+
+build-test:
+  stage: test
+  image: python:3.10-bullseye
+
+  before_script:
+    - python -m pip install --upgrade pip
+    - python -m pip install --upgrade build
+    - python -m pip install --upgrade setuptools wheel
+
+  script:
+    - python -m build
+
+  artifacts:
+    when: always
+    name: "$CI_JOB_NAME-$CI_COMMIT_REF_SLUG"
+    paths:
+      - dist/*
+    expire_in: 1 year
+
+test-docs:
+  <<: *only-default
+  image: python:3.10-bullseye
+  script:
+  - tox -e docs
 
 deploy_production:
   stage: deploy
-  image: python:3.9-bullseye
+  image: python:3.10-bullseye
 
   before_script:
-    - pip install twine wheel
+    - python -m pip install --upgrade pip
+    - python -m pip install --upgrade build
+    - python -m pip install --upgrade setuptools wheel twine
 
   script:
-    - python setup.py sdist bdist_wheel
-    - twine upload dist/*
+    - python -m build
+    - python -m twine upload dist/*
 
   rules:
     - if: $CI_COMMIT_TAG
+
+build-image:
+  before_script: []
+  image: docker:20.10.10
+  stage: docker
+  services:
+    - docker:20.10.10-dind
+  script: |
+    CURRENT_DATE=$(echo $CI_COMMIT_TIMESTAMP | head -c 10 | tr -d -)
+    IMAGE_TAG=$CI_REGISTRY_IMAGE/auth:$CURRENT_DATE-$CI_COMMIT_SHORT_SHA
+    CURRENT_TAG=$CI_REGISTRY_IMAGE/auth:$CI_COMMIT_TAG
+    MINOR_TAG=$CI_REGISTRY_IMAGE/auth:$(echo $CI_COMMIT_TAG | cut -d '.' -f 1-2)
+    MAJOR_TAG=$CI_REGISTRY_IMAGE/auth:$(echo $CI_COMMIT_TAG | cut -d '.' -f 1)
+    LATEST_TAG=$CI_REGISTRY_IMAGE/auth:latest
+
+    docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+    docker build . -t $IMAGE_TAG -f docker/Dockerfile --build-arg AUTH_VERSION=$(echo $CI_COMMIT_TAG | cut -c 2-)
+    docker tag $IMAGE_TAG $CURRENT_TAG
+    docker tag $IMAGE_TAG $MINOR_TAG
+    docker tag $IMAGE_TAG $MAJOR_TAG
+    docker tag $IMAGE_TAG $LATEST_TAG
+    docker image push --all-tags $CI_REGISTRY_IMAGE/auth
+  rules:
+    - if: $CI_COMMIT_TAG
+      when: delayed
+      start_in: 10 minutes
+
+build-image-dev:
+  before_script: []
+  image: docker:20.10.10
+  stage: docker
+  services:
+    - docker:20.10.10-dind
+  script: |
+    CURRENT_DATE=$(echo $CI_COMMIT_TIMESTAMP | head -c 10 | tr -d -)
+    IMAGE_TAG=$CI_REGISTRY_IMAGE/auth:$CURRENT_DATE-$CI_COMMIT_BRANCH-$CI_COMMIT_SHORT_SHA
+
+    docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+    docker build . -t $IMAGE_TAG -f docker/Dockerfile --build-arg AUTH_PACKAGE=git+https://gitlab.com/allianceauth/allianceauth@$CI_COMMIT_BRANCH
+    docker push $IMAGE_TAG
+  rules:
+    - if: '$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME == ""'
+      when: manual
+    - if: '$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME != ""'
+      when: never
+
+build-image-mr:
+  before_script: []
+  image: docker:20.10.10
+  stage: docker
+  services:
+    - docker:20.10.10-dind
+  script: |
+    CURRENT_DATE=$(echo $CI_COMMIT_TIMESTAMP | head -c 10 | tr -d -)
+    IMAGE_TAG=$CI_REGISTRY_IMAGE/auth:$CURRENT_DATE-$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME-$CI_COMMIT_SHORT_SHA
+
+    docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+    docker build . -t $IMAGE_TAG -f docker/Dockerfile --build-arg AUTH_PACKAGE=git+$CI_MERGE_REQUEST_SOURCE_PROJECT_URL@$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME
+    docker push $IMAGE_TAG
+  rules:
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
+      when: manual
+    - if: '$CI_PIPELINE_SOURCE != "merge_request_event"'
+      when: never

.pre-commit-config.yaml

@@ -5,7 +5,7 @@
 
 repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.0.1
+    rev: v4.3.0
     hooks:
       - id: check-case-conflict
       - id: check-json
@@ -22,13 +22,18 @@ repos:
         args: [ '--remove' ]
 
   - repo: https://github.com/editorconfig-checker/editorconfig-checker.python
-    rev: 2.3.54
+    rev: 2.4.0
     hooks:
       - id: editorconfig-checker
-        exclude: ^(LICENSE|allianceauth\/static\/css\/themes\/bootstrap-locals.less|allianceauth\/eveonline\/swagger.json|(.*.po)|(.*.mo))
+        exclude: ^(LICENSE|allianceauth\/static\/allianceauth\/css\/themes\/bootstrap-locals.less|allianceauth\/eveonline\/swagger.json|(.*.po)|(.*.mo))
 
   - repo: https://github.com/asottile/pyupgrade
-    rev: v2.29.0
+    rev: v2.34.0
     hooks:
       - id: pyupgrade
-        args: [ --py37-plus ]
+        args: [ --py38-plus ]
+
+  - repo: https://github.com/asottile/setup-cfg-fmt
+    rev: v1.20.1
+    hooks:
+      - id: setup-cfg-fmt

.readthedocs.yml

@@ -5,19 +5,22 @@
 # Required
 version: 2
 
+# Set the version of Python and other tools you might need
+build:
+  os: ubuntu-20.04
+  apt_packages:
+    - redis
+  tools:
+    python: "3.8"
+
 # Build documentation in the docs/ directory with Sphinx
 sphinx:
   configuration: docs/conf.py
 
-# Build documentation with MkDocs
-#mkdocs:
-#  configuration: mkdocs.yml
-
 # Optionally build your docs in additional formats such as PDF and ePub
 formats: all
 
 # Optionally set the version of Python and requirements required to build your docs
 python:
-  version: 3.7
   install:
     - requirements: docs/requirements.txt

allianceauth/__init__.py

@@ -1,8 +1,7 @@
 # This will make sure the app is always imported when
 # Django starts so that shared_task will use this app.
 
-__version__ = '2.9.1'
+__version__ = '3.1.0'
 __title__ = 'Alliance Auth'
 __url__ = 'https://gitlab.com/allianceauth/allianceauth'
 NAME = f'{__title__} v{__version__}'
-default_app_config = 'allianceauth.apps.AllianceAuthConfig'

allianceauth/analytics/__init__.py

@@ -1 +0,0 @@
-default_app_config = 'allianceauth.analytics.apps.AnalyticsConfig'

allianceauth/analytics/middleware.py

@@ -1,5 +1,6 @@
 from bs4 import BeautifulSoup
 
+from django.conf import settings
 from django.utils.deprecation import MiddlewareMixin
 from .models import AnalyticsTokens, AnalyticsIdentifier
 from .tasks import send_ga_tracking_web_view
@@ -10,6 +11,8 @@ import re
 class AnalyticsMiddleware(MiddlewareMixin):
     def process_response(self, request, response):
         """Django Middleware: Process Page Views and creates Analytics Celery Tasks"""
+        if getattr(settings, "ANALYTICS_DISABLED", False):
+            return response
         analyticstokens = AnalyticsTokens.objects.all()
         client_id = AnalyticsIdentifier.objects.get(id=1).identifier.hex
         try:

allianceauth/analytics/migrations/0004_auto_20211015_0502.py

@@ -1,11 +1,11 @@
 # Generated by Django 3.1.13 on 2021-10-15 05:02
 
+from django.core.exceptions import ObjectDoesNotExist
 from django.db import migrations
 
 
 def modify_aa_team_token_add_page_ignore_paths(apps, schema_editor):
-    # We can't import the Person model directly as it may be a newer
-    # version than this migration expects. We use the historical version.
+    # Add /admin/ and /user_notifications_count/ path to ignore
 
     AnalyticsPath = apps.get_model('analytics', 'AnalyticsPath')
     admin = AnalyticsPath.objects.create(ignore_path=r"^\/admin\/.*")
@@ -17,8 +17,19 @@ def modify_aa_team_token_add_page_ignore_paths(apps, schema_editor):
 
 
 def undo_modify_aa_team_token_add_page_ignore_paths(apps, schema_editor):
-    # nothing should need to migrate away here?
-    return True
+    #
+    AnalyticsPath = apps.get_model('analytics', 'AnalyticsPath')
+    Tokens = apps.get_model('analytics', 'AnalyticsTokens')
+
+    token = Tokens.objects.get(token="UA-186249766-2")
+    try:
+        admin = AnalyticsPath.objects.get(ignore_path=r"^\/admin\/.*", analyticstokens=token)
+        user_notifications_count = AnalyticsPath.objects.get(ignore_path=r"^\/user_notifications_count\/.*", analyticstokens=token)
+        admin.delete()
+        user_notifications_count.delete()
+    except ObjectDoesNotExist:
+        # Its fine if it doesnt exist, we just dont want them building up when re-migrating
+        pass
 
 
 class Migration(migrations.Migration):

allianceauth/analytics/migrations/0006_more_ignore_paths.py

@@ -0,0 +1,40 @@
+# Generated by Django 3.2.8 on 2021-10-19 01:47
+
+from django.core.exceptions import ObjectDoesNotExist
+from django.db import migrations
+
+
+def modify_aa_team_token_add_page_ignore_paths(apps, schema_editor):
+    # Add the /account/activate path to ignore
+
+    AnalyticsPath = apps.get_model('analytics', 'AnalyticsPath')
+    account_activate = AnalyticsPath.objects.create(ignore_path=r"^\/account\/activate\/.*")
+
+    Tokens = apps.get_model('analytics', 'AnalyticsTokens')
+    token = Tokens.objects.get(token="UA-186249766-2")
+    token.ignore_paths.add(account_activate)
+
+
+def undo_modify_aa_team_token_add_page_ignore_paths(apps, schema_editor):
+    #
+    AnalyticsPath = apps.get_model('analytics', 'AnalyticsPath')
+    Tokens = apps.get_model('analytics', 'AnalyticsTokens')
+
+    token = Tokens.objects.get(token="UA-186249766-2")
+
+    try:
+        account_activate = AnalyticsPath.objects.get(ignore_path=r"^\/account\/activate\/.*", analyticstokens=token)
+        account_activate.delete()
+    except ObjectDoesNotExist:
+        # Its fine if it doesnt exist, we just dont want them building up when re-migrating
+        pass
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('analytics', '0005_alter_analyticspath_ignore_path'),
+    ]
+
+    operations = [
+        migrations.RunPython(modify_aa_team_token_add_page_ignore_paths, undo_modify_aa_team_token_add_page_ignore_paths)
+    ]

allianceauth/analytics/signals.py

@@ -1,7 +1,8 @@
-from allianceauth.analytics.tasks import analytics_event
-from celery.signals import task_failure, task_success
-
 import logging
+from celery.signals import task_failure, task_success
+from django.conf import settings
+from allianceauth.analytics.tasks import analytics_event
+
 logger = logging.getLogger(__name__)
 
 
@@ -11,6 +12,8 @@ def process_failure_signal(
                         sender, task_id, signal,
                         args, kwargs, einfo, **kw):
     logger.debug("Celery task_failure signal %s" % sender.__class__.__name__)
+    if getattr(settings, "ANALYTICS_DISABLED", False):
+        return
 
     category = sender.__module__
 
@@ -30,6 +33,8 @@ def process_failure_signal(
 @task_success.connect
 def celery_success_signal(sender, result=None, **kw):
     logger.debug("Celery task_success signal %s" % sender.__class__.__name__)
+    if getattr(settings, "ANALYTICS_DISABLED", False):
+        return
 
     category = sender.__module__
 

allianceauth/analytics/tasks.py

@@ -21,8 +21,8 @@ if getattr(settings, "ANALYTICS_ENABLE_DEBUG", False) and settings.DEBUG:
     # Force sending of analytics data during in a debug/test environemt
     # Usefull for developers working on this feature.
     logger.warning(
-                "You have 'ANALYTICS_ENABLE_DEBUG' Enabled! "
-                "This debug instance will send analytics data!")
+        "You have 'ANALYTICS_ENABLE_DEBUG' Enabled! "
+        "This debug instance will send analytics data!")
     DEBUG_URL = COLLECTION_URL
 
 ANALYTICS_URL = COLLECTION_URL
@@ -40,13 +40,12 @@ def analytics_event(category: str,
     Send a Google Analytics Event for each token stored
     Includes check for if its enabled/disabled
 
-    Parameters
-    -------
-    `category` (str): Celery Namespace
-    `action` (str): Task Name
-    `label` (str): Optional, Task Success/Exception
-    `value` (int): Optional, If bulk, Query size, can be a binary True/False
-    `event_type` (str): Optional, Celery or Stats only, Default to Celery
+    Args:
+        `category` (str): Celery Namespace
+        `action` (str): Task Name
+        `label` (str): Optional, Task Success/Exception
+        `value` (int): Optional, If bulk, Query size, can be a binary True/False
+        `event_type` (str): Optional, Celery or Stats only, Default to Celery
     """
     analyticstokens = AnalyticsTokens.objects.all()
     client_id = AnalyticsIdentifier.objects.get(id=1).identifier.hex
@@ -60,20 +59,21 @@ def analytics_event(category: str,
 
         if allowed is True:
             tracking_id = token.token
-            send_ga_tracking_celery_event.s(tracking_id=tracking_id,
-                                            client_id=client_id,
-                                            category=category,
-                                            action=action,
-                                            label=label,
-                                            value=value).\
-                apply_async(priority=9)
+            send_ga_tracking_celery_event.s(
+                tracking_id=tracking_id,
+                client_id=client_id,
+                category=category,
+                action=action,
+                label=label,
+                value=value).apply_async(priority=9)
 
 
 @shared_task()
 def analytics_daily_stats():
     """Celery Task: Do not call directly
 
-    Gathers a series of daily statistics and sends analytics events containing them"""
+    Gathers a series of daily statistics and sends analytics events containing them
+    """
     users = install_stat_users()
     tokens = install_stat_tokens()
     addons = install_stat_addons()

allianceauth/analytics/tests/test_integration.py

@@ -0,0 +1,109 @@
+from unittest.mock import patch
+from urllib.parse import parse_qs
+
+import requests_mock
+
+from django.test import override_settings
+
+from allianceauth.analytics.tasks import ANALYTICS_URL
+from allianceauth.eveonline.tasks import update_character
+from allianceauth.tests.auth_utils import AuthUtils
+from allianceauth.utils.testing import NoSocketsTestCase
+
+
+@override_settings(CELERY_ALWAYS_EAGER=True)
+@requests_mock.mock()
+class TestAnalyticsForViews(NoSocketsTestCase):
+    @override_settings(ANALYTICS_DISABLED=False)
+    def test_should_run_analytics(self, requests_mocker):
+        # given
+        requests_mocker.post(ANALYTICS_URL)
+        user = AuthUtils.create_user("Bruce Wayne")
+        self.client.force_login(user)
+        # when
+        response = self.client.get("/dashboard/")
+        # then
+        self.assertEqual(response.status_code, 200)
+        self.assertTrue(requests_mocker.called)
+
+    @override_settings(ANALYTICS_DISABLED=True)
+    def test_should_not_run_analytics(self, requests_mocker):
+        # given
+        requests_mocker.post(ANALYTICS_URL)
+        user = AuthUtils.create_user("Bruce Wayne")
+        self.client.force_login(user)
+        # when
+        response = self.client.get("/dashboard/")
+        # then
+        self.assertEqual(response.status_code, 200)
+        self.assertFalse(requests_mocker.called)
+
+
+@override_settings(CELERY_ALWAYS_EAGER=True)
+@requests_mock.mock()
+class TestAnalyticsForTasks(NoSocketsTestCase):
+    @override_settings(ANALYTICS_DISABLED=False)
+    @patch("allianceauth.eveonline.models.EveCharacter.objects.update_character")
+    def test_should_run_analytics_for_successful_task(
+        self, requests_mocker, mock_update_character
+    ):
+        # given
+        requests_mocker.post(ANALYTICS_URL)
+        user = AuthUtils.create_user("Bruce Wayne")
+        character = AuthUtils.add_main_character_2(user, "Bruce Wayne", 1001)
+        # when
+        update_character.delay(character.character_id)
+        # then
+        self.assertTrue(mock_update_character.called)
+        self.assertTrue(requests_mocker.called)
+        payload = parse_qs(requests_mocker.last_request.text)
+        self.assertListEqual(payload["el"], ["Success"])
+
+    @override_settings(ANALYTICS_DISABLED=True)
+    @patch("allianceauth.eveonline.models.EveCharacter.objects.update_character")
+    def test_should_not_run_analytics_for_successful_task(
+        self, requests_mocker, mock_update_character
+    ):
+        # given
+        requests_mocker.post(ANALYTICS_URL)
+        user = AuthUtils.create_user("Bruce Wayne")
+        character = AuthUtils.add_main_character_2(user, "Bruce Wayne", 1001)
+        # when
+        update_character.delay(character.character_id)
+        # then
+        self.assertTrue(mock_update_character.called)
+        self.assertFalse(requests_mocker.called)
+
+    @override_settings(ANALYTICS_DISABLED=False)
+    @patch("allianceauth.eveonline.models.EveCharacter.objects.update_character")
+    def test_should_run_analytics_for_failed_task(
+        self, requests_mocker, mock_update_character
+    ):
+        # given
+        requests_mocker.post(ANALYTICS_URL)
+        mock_update_character.side_effect = RuntimeError
+        user = AuthUtils.create_user("Bruce Wayne")
+        character = AuthUtils.add_main_character_2(user, "Bruce Wayne", 1001)
+        # when
+        update_character.delay(character.character_id)
+        # then
+        self.assertTrue(mock_update_character.called)
+        self.assertTrue(requests_mocker.called)
+        payload = parse_qs(requests_mocker.last_request.text)
+        self.assertNotEqual(payload["el"], ["Success"])
+
+    @override_settings(ANALYTICS_DISABLED=True)
+    @patch("allianceauth.eveonline.models.EveCharacter.objects.update_character")
+    def test_should_not_run_analytics_for_failed_task(
+        self, requests_mocker, mock_update_character
+    ):
+        # given
+        requests_mocker.post(ANALYTICS_URL)
+        mock_update_character.side_effect = RuntimeError
+        user = AuthUtils.create_user("Bruce Wayne")
+        character = AuthUtils.add_main_character_2(user, "Bruce Wayne", 1001)
+        # when
+        update_character.delay(character.character_id)
+        # then
+        self.assertTrue(mock_update_character.called)
+        self.assertFalse(requests_mocker.called)

allianceauth/analytics/tests/test_middleware.py

@@ -1,5 +1,6 @@
 from allianceauth.analytics.middleware import AnalyticsMiddleware
 from unittest.mock import Mock
+from django.http import HttpResponse
 
 from django.test.testcases import TestCase
 
@@ -7,7 +8,7 @@ from django.test.testcases import TestCase
 class TestAnalyticsMiddleware(TestCase):
 
     def setUp(self):
-        self.middleware = AnalyticsMiddleware()
+        self.middleware = AnalyticsMiddleware(HttpResponse)
         self.request = Mock()
         self.request.headers = {
                 "User-Agent": "AUTOMATED TEST"

allianceauth/analytics/tests/test_tasks.py

@@ -1,12 +1,22 @@
+import requests_mock
+
+from django.test.utils import override_settings
+
 from allianceauth.analytics.tasks import (
     analytics_event,
     send_ga_tracking_celery_event,
     send_ga_tracking_web_view)
-from django.test.testcases import TestCase
+from allianceauth.utils.testing import NoSocketsTestCase
 
 
-class TestAnalyticsTasks(TestCase):
-    def test_analytics_event(self):
+GOOGLE_ANALYTICS_DEBUG_URL = 'https://www.google-analytics.com/debug/collect'
+
+
+@override_settings(CELERY_ALWAYS_EAGER=True, CELERY_EAGER_PROPAGATES_EXCEPTIONS=True)
+@requests_mock.Mocker()
+class TestAnalyticsTasks(NoSocketsTestCase):
+    def test_analytics_event(self, requests_mocker):
+        requests_mocker.register_uri('POST', GOOGLE_ANALYTICS_DEBUG_URL)
         analytics_event(
                         category='allianceauth.analytics',
                         action='send_tests',
@@ -14,15 +24,19 @@ class TestAnalyticsTasks(TestCase):
                         value=1,
                         event_type='Stats')
 
-    def test_send_ga_tracking_web_view_sent(self):
-        # This test sends if the event SENDS to google
-        # Not if it was successful
+    def test_send_ga_tracking_web_view_sent(self, requests_mocker):
+        """This test sends if the event SENDS to google.
+        Not if it was successful.
+        """
+        # given
+        requests_mocker.register_uri('POST', GOOGLE_ANALYTICS_DEBUG_URL)
         tracking_id = 'UA-186249766-2'
         client_id = 'ab33e241fbf042b6aa77c7655a768af7'
         page = '/index/'
         title = 'Hello World'
         locale = 'en'
         useragent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36"
+        # when
         response = send_ga_tracking_web_view(
                                             tracking_id,
                                             client_id,
@@ -30,15 +44,23 @@ class TestAnalyticsTasks(TestCase):
                                             title,
                                             locale,
                                             useragent)
+        # then
         self.assertEqual(response.status_code, 200)
 
-    def test_send_ga_tracking_web_view_success(self):
+    def test_send_ga_tracking_web_view_success(self, requests_mocker):
+        # given
+        requests_mocker.register_uri(
+            'POST',
+            GOOGLE_ANALYTICS_DEBUG_URL,
+            json={"hitParsingResult":[{'valid': True}]}
+        )
         tracking_id = 'UA-186249766-2'
         client_id = 'ab33e241fbf042b6aa77c7655a768af7'
         page = '/index/'
         title = 'Hello World'
         locale = 'en'
         useragent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36"
+        # when
         json_response = send_ga_tracking_web_view(
                                                 tracking_id,
                                                 client_id,
@@ -46,15 +68,42 @@ class TestAnalyticsTasks(TestCase):
                                                 title,
                                                 locale,
                                                 useragent).json()
+        # then
         self.assertTrue(json_response["hitParsingResult"][0]["valid"])
 
-    def test_send_ga_tracking_web_view_invalid_token(self):
+    def test_send_ga_tracking_web_view_invalid_token(self, requests_mocker):
+        # given
+        requests_mocker.register_uri(
+            'POST',
+            GOOGLE_ANALYTICS_DEBUG_URL,
+            json={
+                "hitParsingResult":[
+                    {
+                        'valid': False,
+                        'parserMessage': [
+                            {
+                                'messageType': 'INFO',
+                                'description': 'IP Address from this hit was anonymized to 1.132.110.0.',
+                                'messageCode': 'VALUE_MODIFIED'
+                            },
+                            {
+                                'messageType': 'ERROR',
+                                'description': "The value provided for parameter 'tid' is invalid. Please see http://goo.gl/a8d4RP#tid for details.",
+                                'messageCode': 'VALUE_INVALID', 'parameter': 'tid'
+                            }
+                        ],
+                        'hit': '/debug/collect?v=1&tid=UA-IntentionallyBadTrackingID-2&cid=ab33e241fbf042b6aa77c7655a768af7&t=pageview&dp=/index/&dt=Hello World&ul=en&ua=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36&aip=1&an=allianceauth&av=2.9.0a2'
+                    }
+                ]
+            }
+        )
         tracking_id = 'UA-IntentionallyBadTrackingID-2'
         client_id = 'ab33e241fbf042b6aa77c7655a768af7'
         page = '/index/'
         title = 'Hello World'
         locale = 'en'
         useragent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36"
+        # when
         json_response = send_ga_tracking_web_view(
                                             tracking_id,
                                             client_id,
@@ -62,18 +111,25 @@ class TestAnalyticsTasks(TestCase):
                                             title,
                                             locale,
                                             useragent).json()
+        # then
         self.assertFalse(json_response["hitParsingResult"][0]["valid"])
-        self.assertEqual(json_response["hitParsingResult"][0]["parserMessage"][1]["description"], "The value provided for parameter 'tid' is invalid. Please see http://goo.gl/a8d4RP#tid for details.")
+        self.assertEqual(
+            json_response["hitParsingResult"][0]["parserMessage"][1]["description"],
+            "The value provided for parameter 'tid' is invalid. Please see http://goo.gl/a8d4RP#tid for details."
+        )
 
         # [{'valid': False, 'parserMessage': [{'messageType': 'INFO', 'description': 'IP Address from this hit was anonymized to 1.132.110.0.', 'messageCode': 'VALUE_MODIFIED'}, {'messageType': 'ERROR', 'description': "The value provided for parameter 'tid' is invalid. Please see http://goo.gl/a8d4RP#tid for details.", 'messageCode': 'VALUE_INVALID', 'parameter': 'tid'}], 'hit': '/debug/collect?v=1&tid=UA-IntentionallyBadTrackingID-2&cid=ab33e241fbf042b6aa77c7655a768af7&t=pageview&dp=/index/&dt=Hello World&ul=en&ua=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36&aip=1&an=allianceauth&av=2.9.0a2'}]
 
-    def test_send_ga_tracking_celery_event_sent(self):
+    def test_send_ga_tracking_celery_event_sent(self, requests_mocker):
+        # given
+        requests_mocker.register_uri('POST', GOOGLE_ANALYTICS_DEBUG_URL)
         tracking_id = 'UA-186249766-2'
         client_id = 'ab33e241fbf042b6aa77c7655a768af7'
         category = 'test'
         action = 'test'
         label = 'test'
         value = '1'
+        # when
         response = send_ga_tracking_celery_event(
                                                 tracking_id,
                                                 client_id,
@@ -81,15 +137,23 @@ class TestAnalyticsTasks(TestCase):
                                                 action,
                                                 label,
                                                 value)
+        # then
         self.assertEqual(response.status_code, 200)
 
-    def test_send_ga_tracking_celery_event_success(self):
+    def test_send_ga_tracking_celery_event_success(self, requests_mocker):
+        # given
+        requests_mocker.register_uri(
+            'POST',
+            GOOGLE_ANALYTICS_DEBUG_URL,
+            json={"hitParsingResult":[{'valid': True}]}
+        )
         tracking_id = 'UA-186249766-2'
         client_id = 'ab33e241fbf042b6aa77c7655a768af7'
         category = 'test'
         action = 'test'
         label = 'test'
         value = '1'
+        # when
         json_response = send_ga_tracking_celery_event(
                                                     tracking_id,
                                                     client_id,
@@ -97,15 +161,42 @@ class TestAnalyticsTasks(TestCase):
                                                     action,
                                                     label,
                                                     value).json()
+        # then
         self.assertTrue(json_response["hitParsingResult"][0]["valid"])
 
-    def test_send_ga_tracking_celery_event_invalid_token(self):
+    def test_send_ga_tracking_celery_event_invalid_token(self, requests_mocker):
+        # given
+        requests_mocker.register_uri(
+            'POST',
+            GOOGLE_ANALYTICS_DEBUG_URL,
+            json={
+                "hitParsingResult":[
+                    {
+                        'valid': False,
+                        'parserMessage': [
+                            {
+                                'messageType': 'INFO',
+                                'description': 'IP Address from this hit was anonymized to 1.132.110.0.',
+                                'messageCode': 'VALUE_MODIFIED'
+                            },
+                            {
+                                'messageType': 'ERROR',
+                                'description': "The value provided for parameter 'tid' is invalid. Please see http://goo.gl/a8d4RP#tid for details.",
+                                'messageCode': 'VALUE_INVALID', 'parameter': 'tid'
+                            }
+                        ],
+                        'hit': '/debug/collect?v=1&tid=UA-IntentionallyBadTrackingID-2&cid=ab33e241fbf042b6aa77c7655a768af7&t=pageview&dp=/index/&dt=Hello World&ul=en&ua=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36&aip=1&an=allianceauth&av=2.9.0a2'
+                    }
+                ]
+            }
+        )
         tracking_id = 'UA-IntentionallyBadTrackingID-2'
         client_id = 'ab33e241fbf042b6aa77c7655a768af7'
         category = 'test'
         action = 'test'
         label = 'test'
         value = '1'
+        # when
         json_response = send_ga_tracking_celery_event(
                                                     tracking_id,
                                                     client_id,
@@ -113,7 +204,9 @@ class TestAnalyticsTasks(TestCase):
                                                     action,
                                                     label,
                                                     value).json()
+        # then
         self.assertFalse(json_response["hitParsingResult"][0]["valid"])
-        self.assertEqual(json_response["hitParsingResult"][0]["parserMessage"][1]["description"], "The value provided for parameter 'tid' is invalid. Please see http://goo.gl/a8d4RP#tid for details.")
-
-        # [{'valid': False, 'parserMessage': [{'messageType': 'INFO', 'description': 'IP Address from this hit was anonymized to 1.132.110.0.', 'messageCode': 'VALUE_MODIFIED'}, {'messageType': 'ERROR', 'description': "The value provided for parameter 'tid' is invalid. Please see http://goo.gl/a8d4RP#tid for details.", 'messageCode': 'VALUE_INVALID', 'parameter': 'tid'}], 'hit': '/debug/collect?v=1&tid=UA-IntentionallyBadTrackingID-2&cid=ab33e241fbf042b6aa77c7655a768af7&t=pageview&dp=/index/&dt=Hello World&ul=en&ua=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36&aip=1&an=allianceauth&av=2.9.0a2'}]
+        self.assertEqual(
+            json_response["hitParsingResult"][0]["parserMessage"][1]["description"],
+            "The value provided for parameter 'tid' is invalid. Please see http://goo.gl/a8d4RP#tid for details."
+        )

allianceauth/authentication/__init__.py

@@ -1 +0,0 @@
-default_app_config = 'allianceauth.authentication.apps.AuthenticationConfig'

allianceauth/authentication/admin.py

@@ -1,26 +1,44 @@
 from django.contrib import admin
 from django.contrib.auth.admin import UserAdmin as BaseUserAdmin
-from django.contrib.auth.models import User as BaseUser, \
-    Permission as BasePermission, Group
+from django.contrib.auth.models import Group
+from django.contrib.auth.models import Permission as BasePermission
+from django.contrib.auth.models import User as BaseUser
 from django.db.models import Count, Q
-from allianceauth.services.hooks import ServicesHook
-from django.db.models.signals import pre_save, post_save, pre_delete, \
-    post_delete, m2m_changed
 from django.db.models.functions import Lower
+from django.db.models.signals import (
+    m2m_changed,
+    post_delete,
+    post_save,
+    pre_delete,
+    pre_save
+)
 from django.dispatch import receiver
-from django.forms import ModelForm
-from django.utils.html import format_html
 from django.urls import reverse
+from django.utils.html import format_html
 from django.utils.text import slugify
 
-from allianceauth.authentication.models import State, get_guest_state,\
-    CharacterOwnership, UserProfile, OwnershipRecord
-from allianceauth.hooks import get_hooks
-from allianceauth.eveonline.models import EveCharacter, EveCorporationInfo,\
-    EveAllianceInfo, EveFactionInfo
+from allianceauth.authentication.models import (
+    CharacterOwnership,
+    OwnershipRecord,
+    State,
+    UserProfile,
+    get_guest_state
+)
+from allianceauth.eveonline.models import (
+    EveAllianceInfo,
+    EveCharacter,
+    EveCorporationInfo,
+    EveFactionInfo
+)
 from allianceauth.eveonline.tasks import update_character
-from .app_settings import AUTHENTICATION_ADMIN_USERS_MAX_GROUPS, \
-    AUTHENTICATION_ADMIN_USERS_MAX_CHARS
+from allianceauth.hooks import get_hooks
+from allianceauth.services.hooks import ServicesHook
+
+from .app_settings import (
+    AUTHENTICATION_ADMIN_USERS_MAX_CHARS,
+    AUTHENTICATION_ADMIN_USERS_MAX_GROUPS
+)
+from .forms import UserChangeForm, UserProfileForm
 
 
 def make_service_hooks_update_groups_action(service):
@@ -59,19 +77,10 @@ def make_service_hooks_sync_nickname_action(service):
     return sync_nickname
 
 
-class QuerysetModelForm(ModelForm):
-    # allows specifying FK querysets through kwarg
-    def __init__(self, querysets=None, *args, **kwargs):
-        querysets = querysets or {}
-        super().__init__(*args, **kwargs)
-        for field, qs in querysets.items():
-            self.fields[field].queryset = qs
-
-
 class UserProfileInline(admin.StackedInline):
     model = UserProfile
     readonly_fields = ('state',)
-    form = QuerysetModelForm
+    form = UserProfileForm
     verbose_name = ''
     verbose_name_plural = 'Profile'
 
@@ -99,6 +108,7 @@ class UserProfileInline(admin.StackedInline):
         return False
 
 
+@admin.display(description="")
 def user_profile_pic(obj):
     """profile pic column data for user objects
 
@@ -111,13 +121,10 @@ def user_profile_pic(obj):
             '<img src="{}" class="img-circle">',
             user_obj.profile.main_character.portrait_url(size=32)
         )
-    else:
-        return None
-
-
-user_profile_pic.short_description = ''
+    return None
 
 
+@admin.display(description="user / main", ordering="username")
 def user_username(obj):
     """user column data for user objects
 
@@ -139,18 +146,17 @@ def user_username(obj):
             user_obj.username,
             user_obj.profile.main_character.character_name
         )
-    else:
-        return format_html(
-            '<strong><a href="{}">{}</a></strong>',
-            link,
-            user_obj.username,
-        )
-
-
-user_username.short_description = 'user / main'
-user_username.admin_order_field = 'username'
+    return format_html(
+        '<strong><a href="{}">{}</a></strong>',
+        link,
+        user_obj.username,
+    )
 
 
+@admin.display(
+    description="Corporation / Alliance (Main)",
+    ordering="profile__main_character__corporation_name"
+)
 def user_main_organization(obj):
     """main organization column data for user objects
 
@@ -159,21 +165,15 @@ def user_main_organization(obj):
     """
     user_obj = obj.user if hasattr(obj, 'user') else obj
     if not user_obj.profile.main_character:
-        result = ''
-    else:
-        result = user_obj.profile.main_character.corporation_name
-        if user_obj.profile.main_character.alliance_id:
-            result += f'<br>{user_obj.profile.main_character.alliance_name}'
-        elif user_obj.profile.main_character.faction_name:
-            result += f'<br>{user_obj.profile.main_character.faction_name}'
+        return ''
+    result = user_obj.profile.main_character.corporation_name
+    if user_obj.profile.main_character.alliance_id:
+        result += f'<br>{user_obj.profile.main_character.alliance_name}'
+    elif user_obj.profile.main_character.faction_name:
+        result += f'<br>{user_obj.profile.main_character.faction_name}'
     return format_html(result)
 
 
-user_main_organization.short_description = 'Corporation / Alliance (Main)'
-user_main_organization.admin_order_field = \
-    'profile__main_character__corporation_name'
-
-
 class MainCorporationsFilter(admin.SimpleListFilter):
     """Custom filter to filter on corporations from mains only
 
@@ -196,15 +196,13 @@ class MainCorporationsFilter(admin.SimpleListFilter):
     def queryset(self, request, qs):
         if self.value() is None:
             return qs.all()
-        else:
-            if qs.model == User:
-                return qs.filter(
-                    profile__main_character__corporation_id=self.value()
-                )
-            else:
-                return qs.filter(
-                    user__profile__main_character__corporation_id=self.value()
-                )
+        if qs.model == User:
+            return qs.filter(
+                profile__main_character__corporation_id=self.value()
+            )
+        return qs.filter(
+            user__profile__main_character__corporation_id=self.value()
+        )
 
 
 class MainAllianceFilter(admin.SimpleListFilter):
@@ -217,12 +215,14 @@ class MainAllianceFilter(admin.SimpleListFilter):
     parameter_name = 'main_alliance_id__exact'
 
     def lookups(self, request, model_admin):
-        qs = EveCharacter.objects\
-            .exclude(alliance_id=None)\
-            .exclude(userprofile=None)\
-            .values('alliance_id', 'alliance_name')\
-            .distinct()\
+        qs = (
+            EveCharacter.objects
+            .exclude(alliance_id=None)
+            .exclude(userprofile=None)
+            .values('alliance_id', 'alliance_name')
+            .distinct()
             .order_by(Lower('alliance_name'))
+        )
         return tuple(
             (x['alliance_id'], x['alliance_name']) for x in qs
         )
@@ -230,13 +230,11 @@ class MainAllianceFilter(admin.SimpleListFilter):
     def queryset(self, request, qs):
         if self.value() is None:
             return qs.all()
-        else:
-            if qs.model == User:
-                return qs.filter(profile__main_character__alliance_id=self.value())
-            else:
-                return qs.filter(
-                    user__profile__main_character__alliance_id=self.value()
-                )
+        if qs.model == User:
+            return qs.filter(profile__main_character__alliance_id=self.value())
+        return qs.filter(
+            user__profile__main_character__alliance_id=self.value()
+        )
 
 
 class MainFactionFilter(admin.SimpleListFilter):
@@ -249,12 +247,14 @@ class MainFactionFilter(admin.SimpleListFilter):
     parameter_name = 'main_faction_id__exact'
 
     def lookups(self, request, model_admin):
-        qs = EveCharacter.objects\
-            .exclude(faction_id=None)\
-            .exclude(userprofile=None)\
-            .values('faction_id', 'faction_name')\
-            .distinct()\
+        qs = (
+            EveCharacter.objects
+            .exclude(faction_id=None)
+            .exclude(userprofile=None)
+            .values('faction_id', 'faction_name')
+            .distinct()
             .order_by(Lower('faction_name'))
+        )
         return tuple(
             (x['faction_id'], x['faction_name']) for x in qs
         )
@@ -262,15 +262,14 @@ class MainFactionFilter(admin.SimpleListFilter):
     def queryset(self, request, qs):
         if self.value() is None:
             return qs.all()
-        else:
-            if qs.model == User:
-                return qs.filter(profile__main_character__faction_id=self.value())
-            else:
-                return qs.filter(
-                    user__profile__main_character__faction_id=self.value()
-                )
+        if qs.model == User:
+            return qs.filter(profile__main_character__faction_id=self.value())
+        return qs.filter(
+            user__profile__main_character__faction_id=self.value()
+        )
 
 
+@admin.display(description="Update main character model from ESI")
 def update_main_character_model(modeladmin, request, queryset):
     tasks_count = 0
     for obj in queryset:
@@ -279,33 +278,72 @@ def update_main_character_model(modeladmin, request, queryset):
             tasks_count += 1
 
     modeladmin.message_user(
-        request,
-        f'Update from ESI started for {tasks_count} characters'
+        request, f'Update from ESI started for {tasks_count} characters'
     )
 
 
-update_main_character_model.short_description = \
-    'Update main character model from ESI'
-
-
 class UserAdmin(BaseUserAdmin):
     """Extending Django's UserAdmin model
 
     Behavior of groups and characters columns can be configured via settings
     """
 
+    inlines = BaseUserAdmin.inlines + [UserProfileInline]
+    ordering = ('username', )
+    list_select_related = ('profile__state', 'profile__main_character')
+    show_full_result_count = True
+    list_display = (
+        user_profile_pic,
+        user_username,
+        '_state',
+        '_groups',
+        user_main_organization,
+        '_characters',
+        'is_active',
+        'date_joined',
+        '_role'
+    )
+    list_display_links = None
+    list_filter = (
+        'profile__state',
+        'groups',
+        MainCorporationsFilter,
+        MainAllianceFilter,
+        MainFactionFilter,
+        'is_active',
+        'date_joined',
+        'is_staff',
+        'is_superuser'
+    )
+    search_fields = ('username', 'character_ownerships__character__character_name')
+    readonly_fields = ('date_joined', 'last_login')
+    filter_horizontal = ('groups', 'user_permissions',)
+    form = UserChangeForm
+
     class Media:
         css = {
-            "all": ("authentication/css/admin.css",)
+            "all": ("allianceauth/authentication/css/admin.css",)
         }
 
     def get_queryset(self, request):
         qs = super().get_queryset(request)
         return qs.prefetch_related("character_ownerships__character", "groups")
 
-    def get_actions(self, request):
-        actions = super(BaseUserAdmin, self).get_actions(request)
+    def get_form(self, request, obj=None, **kwargs):
+        """Inject current request into change form object."""
 
+        MyForm = super().get_form(request, obj, **kwargs)
+        if obj:
+            class MyFormInjected(MyForm):
+                def __new__(cls, *args, **kwargs):
+                    kwargs['request'] = request
+                    return MyForm(*args, **kwargs)
+
+            return MyFormInjected
+        return MyForm
+
+    def get_actions(self, request):
+        actions = super().get_actions(request)
         actions[update_main_character_model.__name__] = (
             update_main_character_model,
             update_main_character_model.__name__,
@@ -349,38 +387,6 @@ class UserAdmin(BaseUserAdmin):
             )
         return result
 
-    inlines = BaseUserAdmin.inlines + [UserProfileInline]
-    ordering = ('username', )
-    list_select_related = ('profile__state', 'profile__main_character')
-    show_full_result_count = True
-    list_display = (
-        user_profile_pic,
-        user_username,
-        '_state',
-        '_groups',
-        user_main_organization,
-        '_characters',
-        'is_active',
-        'date_joined',
-        '_role'
-    )
-    list_display_links = None
-    list_filter = (
-        'profile__state',
-        'groups',
-        MainCorporationsFilter,
-        MainAllianceFilter,
-        MainFactionFilter,
-        'is_active',
-        'date_joined',
-        'is_staff',
-        'is_superuser'
-    )
-    search_fields = (
-        'username',
-        'character_ownerships__character__character_name'
-    )
-
     def _characters(self, obj):
         character_ownerships = list(obj.character_ownerships.all())
         characters = [obj.character.character_name for obj in character_ownerships]
@@ -389,22 +395,16 @@ class UserAdmin(BaseUserAdmin):
             AUTHENTICATION_ADMIN_USERS_MAX_CHARS
         )
 
-    _characters.short_description = 'characters'
-
+    @admin.display(ordering="profile__state")
     def _state(self, obj):
         return obj.profile.state.name
 
-    _state.short_description = 'state'
-    _state.admin_order_field = 'profile__state'
-
     def _groups(self, obj):
         my_groups = sorted(group.name for group in list(obj.groups.all()))
         return self._list_2_html_w_tooltips(
             my_groups, AUTHENTICATION_ADMIN_USERS_MAX_GROUPS
         )
 
-    _groups.short_description = 'groups'
-
     def _role(self, obj):
         if obj.is_superuser:
             role = 'Superuser'
@@ -414,8 +414,6 @@ class UserAdmin(BaseUserAdmin):
             role = 'User'
         return role
 
-    _role.short_description = 'role'
-
     def has_change_permission(self, request, obj=None):
         return request.user.has_perm('auth.change_user')
 
@@ -425,12 +423,28 @@ class UserAdmin(BaseUserAdmin):
     def has_delete_permission(self, request, obj=None):
         return request.user.has_perm('auth.delete_user')
 
+    def get_object(self, *args , **kwargs):
+        obj = super().get_object(*args , **kwargs)
+        self.obj = obj  # storing current object for use in formfield_for_manytomany
+        return obj
+
     def formfield_for_manytomany(self, db_field, request, **kwargs):
-        """overriding this formfield to have sorted lists in the form"""
         if db_field.name == "groups":
-            kwargs["queryset"] = Group.objects.all().order_by(Lower('name'))
+            groups_qs = Group.objects.filter(authgroup__states__isnull=True)
+            obj_state = self.obj.profile.state
+            if obj_state:
+                matching_groups_qs = Group.objects.filter(authgroup__states=obj_state)
+                groups_qs = groups_qs | matching_groups_qs
+            kwargs["queryset"] = groups_qs.order_by(Lower("name"))
         return super().formfield_for_manytomany(db_field, request, **kwargs)
 
+    def get_readonly_fields(self, request, obj=None):
+        if obj and not request.user.is_superuser:
+            return self.readonly_fields + (
+                "is_staff", "is_superuser", "user_permissions"
+            )
+        return self.readonly_fields
+
 
 @admin.register(State)
 class StateAdmin(admin.ModelAdmin):
@@ -441,10 +455,9 @@ class StateAdmin(admin.ModelAdmin):
         qs = super().get_queryset(request)
         return qs.annotate(user_count=Count("userprofile__id"))
 
+    @admin.display(description="Users", ordering="user_count")
     def _user_count(self, obj):
         return obj.user_count
-    _user_count.short_description = 'Users'
-    _user_count.admin_order_field = 'user_count'
 
     fieldsets = (
         (None, {
@@ -500,13 +513,13 @@ class StateAdmin(admin.ModelAdmin):
             )
         return super().get_fieldsets(request, obj=obj)
 
+    def get_readonly_fields(self, request, obj=None):
+        if not request.user.is_superuser:
+            return self.readonly_fields + ("permissions",)
+        return self.readonly_fields
+
 
 class BaseOwnershipAdmin(admin.ModelAdmin):
-    class Media:
-        css = {
-            "all": ("authentication/css/admin.css",)
-        }
-
     list_select_related = (
         'user__profile__state', 'user__profile__main_character', 'character')
     list_display = (
@@ -527,6 +540,11 @@ class BaseOwnershipAdmin(admin.ModelAdmin):
         MainAllianceFilter,
     )
 
+    class Media:
+        css = {
+            "all": ("allianceauth/authentication/css/admin.css",)
+        }
+
     def get_readonly_fields(self, request, obj=None):
         if obj and obj.pk:
             return 'owner_hash', 'character'

allianceauth/authentication/apps.py

@@ -3,10 +3,14 @@ from django.core.checks import register, Tags
 
 
 class AuthenticationConfig(AppConfig):
-    name = 'allianceauth.authentication'
-    label = 'authentication'
+    name = "allianceauth.authentication"
+    label = "authentication"
 
     def ready(self):
-        super().ready()
-        from allianceauth.authentication import checks, signals
+        from allianceauth.authentication import checks, signals  # noqa: F401
+        from allianceauth.authentication.task_statistics import (
+            signals as celery_signals,
+        )
+
         register(Tags.security)(checks.check_login_scopes_setting)
+        celery_signals.reset_counters()

allianceauth/authentication/forms.py

@@ -1,8 +1,66 @@
 from django import forms
-from django.utils.translation import ugettext_lazy as _
+from django.contrib.auth.forms import UserChangeForm as BaseUserChangeForm
+from django.contrib.auth.models import Group
+from django.core.exceptions import ValidationError
+from django.forms import ModelForm
+from django.utils.translation import gettext_lazy as _
+
 from allianceauth.authentication.models import User
+
+
 class RegistrationForm(forms.Form):
     email = forms.EmailField(label=_('Email'), max_length=254, required=True)
 
     class _meta:
         model = User
+
+
+class UserProfileForm(ModelForm):
+    """Allows specifying FK querysets through kwarg"""
+
+    def __init__(self, querysets=None, *args, **kwargs):
+        querysets = querysets or {}
+        super().__init__(*args, **kwargs)
+        for field, qs in querysets.items():
+            self.fields[field].queryset = qs
+
+
+class UserChangeForm(BaseUserChangeForm):
+    """Add custom cleaning to UserChangeForm"""
+
+    def __init__(self, *args, **kwargs):
+        self.request = kwargs.pop("request")  # Inject current request into form object
+        super().__init__(*args, **kwargs)
+
+    def clean(self):
+        cleaned_data = super().clean()
+        if not self.request.user.is_superuser:
+            if self.instance:
+                current_restricted = set(
+                    self.instance.groups.filter(
+                        authgroup__restricted=True
+                    ).values_list("pk", flat=True)
+                )
+            else:
+                current_restricted = set()
+            new_restricted = set(
+                cleaned_data["groups"].filter(
+                    authgroup__restricted=True
+                ).values_list("pk", flat=True)
+            )
+            if current_restricted != new_restricted:
+                restricted_removed = current_restricted - new_restricted
+                restricted_added = new_restricted - current_restricted
+                restricted_changed = restricted_removed | restricted_added
+                restricted_names_qs = Group.objects.filter(
+                    pk__in=restricted_changed
+                ).values_list("name", flat=True)
+                restricted_names = ",".join(list(restricted_names_qs))
+                raise ValidationError(
+                    {
+                        "groups": _(
+                            "You are not allowed to add or remove these "
+                            "restricted groups: %s" % restricted_names
+                        )
+                    }
+                )

allianceauth/authentication/hmac_urls.py

@@ -1,14 +1,16 @@
-from django.conf.urls import url, include
+from django.conf.urls import include
 
 from allianceauth.authentication import views
+from django.urls import re_path
+from django.urls import path
 
 urlpatterns = [
-    url(r'^activate/complete/$', views.activation_complete, name='registration_activation_complete'),
+    path('activate/complete/', views.activation_complete, name='registration_activation_complete'),
     # The activation key can make use of any character from the
     # URL-safe base64 alphabet, plus the colon as a separator.
-    url(r'^activate/(?P<activation_key>[-:\w]+)/$', views.ActivationView.as_view(), name='registration_activate'),
-    url(r'^register/$', views.RegistrationView.as_view(), name='registration_register'),
-    url(r'^register/complete/$', views.registration_complete, name='registration_complete'),
-    url(r'^register/closed/$', views.registration_closed, name='registration_disallowed'),
-    url(r'', include('django.contrib.auth.urls')),
+    re_path(r'^activate/(?P<activation_key>[-:\w]+)/$', views.ActivationView.as_view(), name='registration_activate'),
+    path('register/', views.RegistrationView.as_view(), name='registration_register'),
+    path('register/complete/', views.registration_complete, name='registration_complete'),
+    path('register/closed/', views.registration_closed, name='registration_disallowed'),
+    path('', include('django.contrib.auth.urls')),
 ]

allianceauth/authentication/middleware.py

@@ -0,0 +1,45 @@
+from django.conf import settings
+from django.utils.deprecation import MiddlewareMixin
+
+import logging
+
+logger = logging.getLogger(__name__)
+
+
+class UserSettingsMiddleware(MiddlewareMixin):
+    def process_response(self, request, response):
+        """Django Middleware: User Settings."""
+
+        # Intercept the built in django /setlang/ view and also save it to Database.
+        # Note the annoymous user check, only logged in users will ever hit the DB here
+        if request.path == '/i18n/setlang/' and not request.user.is_anonymous:
+            try:
+                request.user.profile.language = request.POST['language']
+                request.user.profile.save()
+            except Exception as e:
+                logger.exception(e)
+
+        # Only act during the login flow, _after_ user is activated (step 2: post-sso)
+        elif request.path == '/sso/login' and not request.user.is_anonymous:
+            # Set the Language Cookie, if it doesnt match the DB
+            # Null = hasnt been set by the user ever, dont act.
+            try:
+                if request.user.profile.language != request.LANGUAGE_CODE and request.user.profile.language is not None:
+                    response.set_cookie(key=settings.LANGUAGE_COOKIE_NAME,
+                                        value=request.user.profile.language,
+                                        max_age=settings.LANGUAGE_COOKIE_AGE)
+            except Exception as e:
+                logger.exception(e)
+
+            # Set our Night mode flag from the DB
+            # Null = hasnt been set by the user ever, dont act.
+            #
+            # Night mode intercept is not needed in this middleware.
+            # is saved direct to DB in NightModeRedirectView
+            try:
+                if request.user.profile.night_mode is not None:
+                    request.session["NIGHT_MODE"] = request.user.profile.night_mode
+            except Exception as e:
+                logger.exception(e)
+
+        return response

allianceauth/authentication/migrations/0020_userprofile_language_userprofile_night_mode.py

@@ -0,0 +1,23 @@
+# Generated by Django 4.0.2 on 2022-02-26 03:45
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('authentication', '0019_merge_20211026_0919'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='userprofile',
+            name='language',
+            field=models.CharField(blank=True, choices=[('en', 'English'), ('de', 'German'), ('es', 'Spanish'), ('zh-hans', 'Chinese Simplified'), ('ru', 'Russian'), ('ko', 'Korean'), ('fr', 'French'), ('ja', 'Japanese'), ('it', 'Italian')], default='', max_length=10, verbose_name='Language'),
+        ),
+        migrations.AddField(
+            model_name='userprofile',
+            name='night_mode',
+            field=models.BooleanField(blank=True, null=True, verbose_name='Night Mode'),
+        ),
+    ]

allianceauth/authentication/models.py

@@ -2,9 +2,10 @@ import logging
 
 from django.contrib.auth.models import User, Permission
 from django.db import models, transaction
-from django.utils.translation import ugettext_lazy as _
+from django.utils.translation import gettext_lazy as _
 from allianceauth.eveonline.models import EveCharacter, EveCorporationInfo, EveAllianceInfo, EveFactionInfo
 from allianceauth.notifications import notify
+from django.conf import settings
 
 from .managers import CharacterOwnershipManager, StateManager
 
@@ -62,9 +63,39 @@ class UserProfile(models.Model):
     class Meta:
         default_permissions = ('change',)
 
-    user = models.OneToOneField(User, related_name='profile', on_delete=models.CASCADE)
-    main_character = models.OneToOneField(EveCharacter, blank=True, null=True, on_delete=models.SET_NULL)
-    state = models.ForeignKey(State, on_delete=models.SET_DEFAULT, default=get_guest_state_pk)
+    user = models.OneToOneField(
+        User,
+        related_name='profile',
+        on_delete=models.CASCADE)
+    main_character = models.OneToOneField(
+        EveCharacter,
+        blank=True,
+        null=True,
+        on_delete=models.SET_NULL)
+    state = models.ForeignKey(
+        State,
+        on_delete=models.SET_DEFAULT,
+        default=get_guest_state_pk)
+    LANGUAGE_CHOICES = [
+        ('en', _('English')),
+        ('de', _('German')),
+        ('es', _('Spanish')),
+        ('zh-hans', _('Chinese Simplified')),
+        ('ru', _('Russian')),
+        ('ko', _('Korean')),
+        ('fr', _('French')),
+        ('ja', _('Japanese')),
+        ('it', _('Italian')),
+    ]
+    language = models.CharField(
+        _("Language"), max_length=10,
+        choices=LANGUAGE_CHOICES,
+        blank=True,
+        default='')
+    night_mode = models.BooleanField(
+        _("Night Mode"),
+        blank=True,
+        null=True)
 
     def assign_state(self, state=None, commit=True):
         if not state:
@@ -93,8 +124,6 @@ class UserProfile(models.Model):
 
     def __str__(self):
         return str(self.user)
-
-
 class CharacterOwnership(models.Model):
     class Meta:
         default_permissions = ('change', 'delete')

allianceauth/authentication/signals.py

@@ -1,6 +1,11 @@
 import logging
 
-from .models import CharacterOwnership, UserProfile, get_guest_state, State, OwnershipRecord
+from .models import (
+    CharacterOwnership,
+    UserProfile,
+    get_guest_state,
+    State,
+    OwnershipRecord)
 from django.contrib.auth.models import User
 from django.db.models import Q
 from django.db.models.signals import pre_save, post_save, pre_delete, post_delete, m2m_changed
@@ -11,7 +16,7 @@ from allianceauth.eveonline.models import EveCharacter
 
 logger = logging.getLogger(__name__)
 
-state_changed = Signal(providing_args=['user', 'state'])
+state_changed = Signal()
 
 
 def trigger_state_check(state):
@@ -71,7 +76,7 @@ def reassess_on_profile_save(sender, instance, created, *args, **kwargs):
 
 @receiver(post_save, sender=User)
 def create_required_models(sender, instance, created, *args, **kwargs):
-    # ensure all users have a model
+    # ensure all users have our Sub-Models
     if created:
         logger.debug(f'User {instance} created. Creating default UserProfile.')
         UserProfile.objects.get_or_create(user=instance)

allianceauth/authentication/task_statistics/counters.py

@@ -0,0 +1,40 @@
+from collections import namedtuple
+import datetime as dt
+
+from .event_series import EventSeries
+
+
+"""Global series for counting task events."""
+succeeded_tasks = EventSeries("SUCCEEDED_TASKS")
+retried_tasks = EventSeries("RETRIED_TASKS")
+failed_tasks = EventSeries("FAILED_TASKS")
+
+
+_TaskCounts = namedtuple(
+    "_TaskCounts", ["succeeded", "retried", "failed", "total", "earliest_task", "hours"]
+)
+
+
+def dashboard_results(hours: int) -> _TaskCounts:
+    """Counts of all task events within the given timeframe."""
+
+    def earliest_if_exists(events: EventSeries, earliest: dt.datetime) -> list:
+        my_earliest = events.first_event(earliest=earliest)
+        return [my_earliest] if my_earliest else []
+
+    earliest = dt.datetime.utcnow() - dt.timedelta(hours=hours)
+    earliest_events = list()
+    succeeded_count = succeeded_tasks.count(earliest=earliest)
+    earliest_events += earliest_if_exists(succeeded_tasks, earliest)
+    retried_count = retried_tasks.count(earliest=earliest)
+    earliest_events += earliest_if_exists(retried_tasks, earliest)
+    failed_count = failed_tasks.count(earliest=earliest)
+    earliest_events += earliest_if_exists(failed_tasks, earliest)
+    return _TaskCounts(
+        succeeded=succeeded_count,
+        retried=retried_count,
+        failed=failed_count,
+        total=succeeded_count + retried_count + failed_count,
+        earliest_task=min(earliest_events) if earliest_events else None,
+        hours=hours,
+    )

allianceauth/authentication/task_statistics/event_series.py

@@ -0,0 +1,130 @@
+import datetime as dt
+import logging
+from typing import List, Optional
+
+from pytz import utc
+from redis import Redis, RedisError
+
+from allianceauth.utils.cache import get_redis_client
+
+logger = logging.getLogger(__name__)
+
+
+class _RedisStub:
+    """Stub of a Redis client.
+
+    It's purpose is to prevent EventSeries objects from trying to access Redis
+    when it is not available. e.g. when the Sphinx docs are rendered by readthedocs.org.
+    """
+
+    def delete(self, *args, **kwargs):
+        pass
+
+    def incr(self, *args, **kwargs):
+        return 0
+
+    def zadd(self, *args, **kwargs):
+        pass
+
+    def zcount(self, *args, **kwargs):
+        pass
+
+    def zrangebyscore(self, *args, **kwargs):
+        pass
+
+
+class EventSeries:
+    """API for recording and analyzing a series of events."""
+
+    _ROOT_KEY = "ALLIANCEAUTH_EVENT_SERIES"
+
+    def __init__(self, key_id: str, redis: Redis = None) -> None:
+        self._redis = get_redis_client() if not redis else redis
+        try:
+            if not self._redis.ping():
+                raise RuntimeError()
+        except (AttributeError, RedisError, RuntimeError):
+            logger.exception(
+                "Failed to establish a connection with Redis. "
+                "This EventSeries object is disabled.",
+            )
+            self._redis = _RedisStub()
+        self._key_id = str(key_id)
+        self.clear()
+
+    @property
+    def is_disabled(self):
+        """True when this object is disabled, e.g. Redis was not available at startup."""
+        return isinstance(self._redis, _RedisStub)
+
+    @property
+    def _key_counter(self):
+        return f"{self._ROOT_KEY}_{self._key_id}_COUNTER"
+
+    @property
+    def _key_sorted_set(self):
+        return f"{self._ROOT_KEY}_{self._key_id}_SORTED_SET"
+
+    def add(self, event_time: dt.datetime = None) -> None:
+        """Add event.
+
+        Args:
+        - event_time: timestamp of event. Will use current time if not specified.
+        """
+        if not event_time:
+            event_time = dt.datetime.utcnow()
+        id = self._redis.incr(self._key_counter)
+        self._redis.zadd(self._key_sorted_set, {id: event_time.timestamp()})
+
+    def all(self) -> List[dt.datetime]:
+        """List of all known events."""
+        return [
+            event[1]
+            for event in self._redis.zrangebyscore(
+                self._key_sorted_set,
+                "-inf",
+                "+inf",
+                withscores=True,
+                score_cast_func=self._cast_scores_to_dt,
+            )
+        ]
+
+    def clear(self) -> None:
+        """Clear all events."""
+        self._redis.delete(self._key_sorted_set)
+        self._redis.delete(self._key_counter)
+
+    def count(self, earliest: dt.datetime = None, latest: dt.datetime = None) -> int:
+        """Count of events, can be restricted to given timeframe.
+
+        Args:
+        - earliest: Date of first events to count(inclusive), or -infinite if not specified
+        - latest: Date of last events to count(inclusive), or +infinite if not specified
+        """
+        min = "-inf" if not earliest else earliest.timestamp()
+        max = "+inf" if not latest else latest.timestamp()
+        return self._redis.zcount(self._key_sorted_set, min=min, max=max)
+
+    def first_event(self, earliest: dt.datetime = None) -> Optional[dt.datetime]:
+        """Date/Time of first event. Returns `None` if series has no events.
+
+        Args:
+        - earliest: Date of first events to count(inclusive), or any if not specified
+        """
+        min = "-inf" if not earliest else earliest.timestamp()
+        event = self._redis.zrangebyscore(
+            self._key_sorted_set,
+            min,
+            "+inf",
+            withscores=True,
+            start=0,
+            num=1,
+            score_cast_func=self._cast_scores_to_dt,
+        )
+        if not event:
+            return None
+        return event[0][1]
+
+    @staticmethod
+    def _cast_scores_to_dt(score) -> dt.datetime:
+        return dt.datetime.fromtimestamp(float(score), tz=utc)

allianceauth/authentication/task_statistics/signals.py

@@ -0,0 +1,54 @@
+from celery.signals import (
+    task_failure,
+    task_internal_error,
+    task_retry,
+    task_success,
+    worker_ready
+)
+
+from django.conf import settings
+
+from .counters import failed_tasks, retried_tasks, succeeded_tasks
+
+
+def reset_counters():
+    """Reset all counters for the celery status."""
+    succeeded_tasks.clear()
+    failed_tasks.clear()
+    retried_tasks.clear()
+
+
+def is_enabled() -> bool:
+    return not bool(
+        getattr(settings, "ALLIANCEAUTH_DASHBOARD_TASK_STATISTICS_DISABLED", False)
+    )
+
+
+@worker_ready.connect
+def reset_counters_when_celery_restarted(*args, **kwargs):
+    if is_enabled():
+        reset_counters()
+
+
+@task_success.connect
+def record_task_succeeded(*args, **kwargs):
+    if is_enabled():
+        succeeded_tasks.add()
+
+
+@task_retry.connect
+def record_task_retried(*args, **kwargs):
+    if is_enabled():
+        retried_tasks.add()
+
+
+@task_failure.connect
+def record_task_failed(*args, **kwargs):
+    if is_enabled():
+        failed_tasks.add()
+
+
+@task_internal_error.connect
+def record_task_internal_error(*args, **kwargs):
+    if is_enabled():
+        failed_tasks.add()

allianceauth/authentication/task_statistics/tests/test_counters.py

@@ -0,0 +1,51 @@
+import datetime as dt
+
+from django.test import TestCase
+from django.utils.timezone import now
+
+from allianceauth.authentication.task_statistics.counters import (
+    dashboard_results,
+    succeeded_tasks,
+    retried_tasks,
+    failed_tasks,
+)
+
+
+class TestDashboardResults(TestCase):
+    def test_should_return_counts_for_given_timeframe_only(self):
+        # given
+        earliest_task = now() - dt.timedelta(minutes=15)
+        succeeded_tasks.clear()
+        succeeded_tasks.add(now() - dt.timedelta(hours=1, seconds=1))
+        succeeded_tasks.add(earliest_task)
+        succeeded_tasks.add()
+        succeeded_tasks.add()
+        retried_tasks.clear()
+        retried_tasks.add(now() - dt.timedelta(hours=1, seconds=1))
+        retried_tasks.add(now() - dt.timedelta(seconds=30))
+        retried_tasks.add()
+        failed_tasks.clear()
+        failed_tasks.add(now() - dt.timedelta(hours=1, seconds=1))
+        failed_tasks.add()
+        # when
+        results = dashboard_results(hours=1)
+        # then
+        self.assertEqual(results.succeeded, 3)
+        self.assertEqual(results.retried, 2)
+        self.assertEqual(results.failed, 1)
+        self.assertEqual(results.total, 6)
+        self.assertEqual(results.earliest_task, earliest_task)
+
+    def test_should_work_with_no_data(self):
+        # given
+        succeeded_tasks.clear()
+        retried_tasks.clear()
+        failed_tasks.clear()
+        # when
+        results = dashboard_results(hours=1)
+        # then
+        self.assertEqual(results.succeeded, 0)
+        self.assertEqual(results.retried, 0)
+        self.assertEqual(results.failed, 0)
+        self.assertEqual(results.total, 0)
+        self.assertIsNone(results.earliest_task)

allianceauth/authentication/task_statistics/tests/test_event_series.py

@@ -0,0 +1,168 @@
+import datetime as dt
+from unittest.mock import patch
+
+from pytz import utc
+from redis import RedisError
+
+from django.test import TestCase
+from django.utils.timezone import now
+
+from allianceauth.authentication.task_statistics.event_series import (
+    EventSeries,
+    _RedisStub,
+)
+
+MODULE_PATH = "allianceauth.authentication.task_statistics.event_series"
+
+
+class TestEventSeries(TestCase):
+    def test_should_abort_without_redis_client(self):
+        # when
+        with patch(MODULE_PATH + ".get_redis_client") as mock:
+            mock.return_value = None
+            events = EventSeries("dummy")
+        # then
+        self.assertTrue(events._redis, _RedisStub)
+        self.assertTrue(events.is_disabled)
+
+    def test_should_disable_itself_if_redis_not_available_1(self):
+        # when
+        with patch(MODULE_PATH + ".get_redis_client") as mock_get_master_client:
+            mock_get_master_client.return_value.ping.side_effect = RedisError
+            events = EventSeries("dummy")
+        # then
+        self.assertIsInstance(events._redis, _RedisStub)
+        self.assertTrue(events.is_disabled)
+
+    def test_should_disable_itself_if_redis_not_available_2(self):
+        # when
+        with patch(MODULE_PATH + ".get_redis_client") as mock_get_master_client:
+            mock_get_master_client.return_value.ping.return_value = False
+            events = EventSeries("dummy")
+        # then
+        self.assertIsInstance(events._redis, _RedisStub)
+        self.assertTrue(events.is_disabled)
+
+    def test_should_add_event(self):
+        # given
+        events = EventSeries("dummy")
+        # when
+        events.add()
+        # then
+        result = events.all()
+        self.assertEqual(len(result), 1)
+        self.assertAlmostEqual(result[0], now(), delta=dt.timedelta(seconds=30))
+
+    def test_should_add_event_with_specified_time(self):
+        # given
+        events = EventSeries("dummy")
+        my_time = dt.datetime(2021, 11, 1, 12, 15, tzinfo=utc)
+        # when
+        events.add(my_time)
+        # then
+        result = events.all()
+        self.assertEqual(len(result), 1)
+        self.assertAlmostEqual(result[0], my_time, delta=dt.timedelta(seconds=30))
+
+    def test_should_count_events(self):
+        # given
+        events = EventSeries("dummy")
+        events.add()
+        events.add()
+        # when
+        result = events.count()
+        # then
+        self.assertEqual(result, 2)
+
+    def test_should_count_zero(self):
+        # given
+        events = EventSeries("dummy")
+        # when
+        result = events.count()
+        # then
+        self.assertEqual(result, 0)
+
+    def test_should_count_events_within_timeframe_1(self):
+        # given
+        events = EventSeries("dummy")
+        events.add(dt.datetime(2021, 12, 1, 12, 0, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 10, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 15, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 30, tzinfo=utc))
+        # when
+        result = events.count(
+            earliest=dt.datetime(2021, 12, 1, 12, 8, tzinfo=utc),
+            latest=dt.datetime(2021, 12, 1, 12, 17, tzinfo=utc),
+        )
+        # then
+        self.assertEqual(result, 2)
+
+    def test_should_count_events_within_timeframe_2(self):
+        # given
+        events = EventSeries("dummy")
+        events.add(dt.datetime(2021, 12, 1, 12, 0, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 10, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 15, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 30, tzinfo=utc))
+        # when
+        result = events.count(earliest=dt.datetime(2021, 12, 1, 12, 8))
+        # then
+        self.assertEqual(result, 3)
+
+    def test_should_count_events_within_timeframe_3(self):
+        # given
+        events = EventSeries("dummy")
+        events.add(dt.datetime(2021, 12, 1, 12, 0, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 10, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 15, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 30, tzinfo=utc))
+        # when
+        result = events.count(latest=dt.datetime(2021, 12, 1, 12, 12))
+        # then
+        self.assertEqual(result, 2)
+
+    def test_should_clear_events(self):
+        # given
+        events = EventSeries("dummy")
+        events.add()
+        events.add()
+        # when
+        events.clear()
+        # then
+        self.assertEqual(events.count(), 0)
+
+    def test_should_return_date_of_first_event(self):
+        # given
+        events = EventSeries("dummy")
+        events.add(dt.datetime(2021, 12, 1, 12, 0, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 10, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 15, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 30, tzinfo=utc))
+        # when
+        result = events.first_event()
+        # then
+        self.assertEqual(result, dt.datetime(2021, 12, 1, 12, 0, tzinfo=utc))
+
+    def test_should_return_date_of_first_event_with_range(self):
+        # given
+        events = EventSeries("dummy")
+        events.add(dt.datetime(2021, 12, 1, 12, 0, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 10, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 15, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 30, tzinfo=utc))
+        # when
+        result = events.first_event(
+            earliest=dt.datetime(2021, 12, 1, 12, 8, tzinfo=utc)
+        )
+        # then
+        self.assertEqual(result, dt.datetime(2021, 12, 1, 12, 10, tzinfo=utc))
+
+    def test_should_return_all_events(self):
+        # given
+        events = EventSeries("dummy")
+        events.add()
+        events.add()
+        # when
+        results = events.all()
+        # then
+        self.assertEqual(len(results), 2)

allianceauth/authentication/task_statistics/tests/test_signals.py

@@ -0,0 +1,93 @@
+from unittest.mock import patch
+
+from celery.exceptions import Retry
+
+from django.test import TestCase, override_settings
+
+from allianceauth.authentication.task_statistics.counters import (
+    failed_tasks,
+    retried_tasks,
+    succeeded_tasks,
+)
+from allianceauth.authentication.task_statistics.signals import (
+    reset_counters,
+    is_enabled,
+)
+from allianceauth.eveonline.tasks import update_character
+
+
+@override_settings(
+    CELERY_ALWAYS_EAGER=True,ALLIANCEAUTH_DASHBOARD_TASK_STATISTICS_DISABLED=False
+)
+class TestTaskSignals(TestCase):
+    fixtures = ["disable_analytics"]
+
+    def test_should_record_successful_task(self):
+        # given
+        succeeded_tasks.clear()
+        retried_tasks.clear()
+        failed_tasks.clear()
+        # when
+        with patch(
+            "allianceauth.eveonline.tasks.EveCharacter.objects.update_character"
+        ) as mock_update:
+            mock_update.return_value = None
+            update_character.delay(1)
+        # then
+        self.assertEqual(succeeded_tasks.count(), 1)
+        self.assertEqual(retried_tasks.count(), 0)
+        self.assertEqual(failed_tasks.count(), 0)
+
+    def test_should_record_retried_task(self):
+        # given
+        succeeded_tasks.clear()
+        retried_tasks.clear()
+        failed_tasks.clear()
+        # when
+        with patch(
+            "allianceauth.eveonline.tasks.EveCharacter.objects.update_character"
+        ) as mock_update:
+            mock_update.side_effect = Retry
+            update_character.delay(1)
+        # then
+        self.assertEqual(succeeded_tasks.count(), 0)
+        self.assertEqual(failed_tasks.count(), 0)
+        self.assertEqual(retried_tasks.count(), 1)
+
+    def test_should_record_failed_task(self):
+        # given
+        succeeded_tasks.clear()
+        retried_tasks.clear()
+        failed_tasks.clear()
+        # when
+        with patch(
+            "allianceauth.eveonline.tasks.EveCharacter.objects.update_character"
+        ) as mock_update:
+            mock_update.side_effect = RuntimeError
+            update_character.delay(1)
+        # then
+        self.assertEqual(succeeded_tasks.count(), 0)
+        self.assertEqual(retried_tasks.count(), 0)
+        self.assertEqual(failed_tasks.count(), 1)
+
+    def test_should_reset_counters(self):
+        # given
+        succeeded_tasks.add()
+        retried_tasks.add()
+        failed_tasks.add()
+        # when
+        reset_counters()
+        # then
+        self.assertEqual(succeeded_tasks.count(), 0)
+        self.assertEqual(retried_tasks.count(), 0)
+        self.assertEqual(failed_tasks.count(), 0)
+
+
+class TestIsEnabled(TestCase):
+    @override_settings(ALLIANCEAUTH_DASHBOARD_TASK_STATISTICS_DISABLED=False)
+    def test_enabled(self):
+        self.assertTrue(is_enabled())
+
+    @override_settings(ALLIANCEAUTH_DASHBOARD_TASK_STATISTICS_DISABLED=True)
+    def test_disabled(self):
+        self.assertFalse(is_enabled())

allianceauth/authentication/templates/authentication/dashboard.html

@@ -1,5 +1,4 @@
 {% extends "allianceauth/base.html" %}
-{% load static %}
 {% load i18n %}
 
 {% block page_title %}{% translate "Dashboard" %}{% endblock %}
@@ -28,7 +27,7 @@
                                         <table class="table">
                                             <tr>
                                                 <td class="text-center">
-                                                    <img class="ra-avatar"src="{{ main.portrait_url_128 }}">
+                                                    <img class="ra-avatar" src="{{ main.portrait_url_128 }}" alt="{{ main.character_name }}">
                                                 </td>
                                             </tr>
                                             <tr>
@@ -40,7 +39,7 @@
                                         <table class="table">
                                             <tr>
                                                 <td class="text-center">
-                                                    <img class="ra-avatar"src="{{ main.corporation_logo_url_128 }}">
+                                                    <img class="ra-avatar" src="{{ main.corporation_logo_url_128 }}" alt="{{ main.corporation_name }}">
                                                 </td>
                                             </tr>
                                             <tr>
@@ -53,7 +52,7 @@
                                             <table class="table">
                                                 <tr>
                                                     <td class="text-center">
-                                                        <img class="ra-avatar"src="{{ main.alliance_logo_url_128 }}">
+                                                        <img class="ra-avatar" src="{{ main.alliance_logo_url_128 }}" alt="{{ main.alliance_name }}">
                                                     </td>
                                                 </tr>
                                                 <tr>
@@ -64,7 +63,7 @@
                                             <table class="table">
                                                 <tr>
                                                     <td class="text-center">
-                                                        <img class="ra-avatar"src="{{ main.faction_logo_url_128 }}">
+                                                        <img class="ra-avatar" src="{{ main.faction_logo_url_128 }}" alt="{{ main.faction_name }}">
                                                     </td>
                                                 </tr>
                                                 <tr>
@@ -76,13 +75,13 @@
                                 </div>
                                 <div class="table visible-xs-block">
                                     <p>
-                                        <img class="ra-avatar" src="{{ main.portrait_url_64 }}">
-                                        <img class="ra-avatar" src="{{ main.corporation_logo_url_64 }}">
+                                        <img class="ra-avatar" src="{{ main.portrait_url_64 }}" alt="{{ main.corporation_name }}">
+                                        <img class="ra-avatar" src="{{ main.corporation_logo_url_64 }}" alt="{{ main.corporation_name }}">
                                         {% if main.alliance_id %}
-                                            <img class="ra-avatar" src="{{ main.alliance_logo_url_64 }}">
+                                            <img class="ra-avatar" src="{{ main.alliance_logo_url_64 }}" alt="{{ main.alliance_name }}">
                                         {% endif %}
                                         {% if main.faction_id %}
-                                            <img class="ra-avatar" src="{{ main.faction_logo_url_64 }}">
+                                            <img class="ra-avatar" src="{{ main.faction_logo_url_64 }}" alt="{{ main.faction_name }}">
                                         {% endif %}
                                     </p>
                                     <p>
@@ -122,7 +121,7 @@
                         <h3 class="panel-title">{% translate "Group Memberships" %}</h3>
                     </div>
                     <div class="panel-body">
-                        <div style="height: 240px;overflow:-moz-scrollbars-vertical;overflow-y:auto;">
+                        <div style="height: 240px;overflow-y:auto;">
                             <table class="table table-aa">
                                 {% for group in groups %}
                                     <tr>
@@ -155,7 +154,8 @@
                     <tbody>
                         {% for char in characters %}
                             <tr>
-                                <td class="text-center"><img class="ra-avatar img-circle" src="{{ char.portrait_url_32 }}">
+                                <td class="text-center">
+                                    <img class="ra-avatar img-circle" src="{{ char.portrait_url_32 }}" alt="{{ char.character_name }}">
                                 </td>
                                 <td class="text-center">{{ char.character_name }}</td>
                                 <td class="text-center">{{ char.corporation_name }}</td>
@@ -169,7 +169,7 @@
                         {% for char in characters %}
                             <tr>
                                 <td class="text-center" style="vertical-align: middle">
-                                    <img class="ra-avatar img-circle" src="{{ char.portrait_url_32 }}">
+                                    <img class="ra-avatar img-circle" src="{{ char.portrait_url_32 }}" alt="{{ char.character_name }}">
                                 </td>
                                 <td class="text-center" style="vertical-align: middle; width: 100%">
                                     <strong>{{ char.character_name }}</strong><br>

allianceauth/authentication/templates/public/base.html

@@ -7,7 +7,7 @@
         <meta name="description" content="">
         <meta name="author" content="">
         <meta property="og:title" content="{{ SITE_NAME }}">
-        <meta property="og:image" content="{{ request.scheme }}://{{ request.get_host }}{% static 'icons/apple-touch-icon.png' %}">
+        <meta property="og:image" content="{{ request.scheme }}://{{ request.get_host }}{% static 'allianceauth/icons/apple-touch-icon.png' %}">
         <meta property="og:description" content="Alliance Auth - An auth system for EVE Online to help in-game organizations manage online service access.">
 
         {% include 'allianceauth/icons.html' %}
@@ -21,7 +21,7 @@
 
         <style>
             body {
-                background: url('{% static 'authentication/img/background.jpg' %}') no-repeat center center fixed;
+                background: url('{% static 'allianceauth/authentication/img/background.jpg' %}') no-repeat center center fixed;
                 -webkit-background-size: cover;
                 -moz-background-size: cover;
                 -o-background-size: cover;
@@ -47,7 +47,7 @@
         </style>
     </head>
     <body>
-        <div class="container" style="margin-top:150px">
+        <div class="container" style="margin-top:150px;">
             {% block content %}
             {% endblock %}
         </div>

allianceauth/authentication/templates/public/login.html

@@ -7,6 +7,6 @@
 
 {% block middle_box_content %}
     <a href="{% url 'auth_sso_login' %}{% if request.GET.next %}?next={{request.GET.next}}{%endif%}">
-        <img class="img-responsive center-block" src="{% static 'img/sso/EVE_SSO_Login_Buttons_Large_Black.png' %}" border=0>
+        <img class="img-responsive center-block" src="{% static 'allianceauth/authentication/img/sso/EVE_SSO_Login_Buttons_Large_Black.png' %}" alt="{% translate 'Login with Eve SSO' %}">
     </a>
 {% endblock %}

allianceauth/authentication/templates/public/middle_box.html

@@ -1,5 +1,4 @@
 {% extends 'public/base.html' %}
-{% load static %}
 {% block content %}
     <div class="col-md-4 col-md-offset-4">
         {% if messages %}

allianceauth/authentication/templates/public/register.html

@@ -1,6 +1,5 @@
 {% extends 'public/base.html' %}
 
-{% load static %}
 {% load bootstrap %}
 {% load i18n %}
 

allianceauth/authentication/templates/registration/password_reset_email.html

@@ -1,15 +0,0 @@
-{% load i18n %}{% autoescape off %}
-    {% blocktrans trimmed %}You're receiving this email because you requested a password reset for your
-        user account.{% endblocktrans %}
-
-    {% translate "Please go to the following page and choose a new password:" %}
-    {% block reset_link %}
-        {{domain}}{% url 'password_reset_confirm' uidb64=uid token=token %}
-    {% endblock %}
-    {% translate "Your username, in case you've forgotten:" %} {{ user.get_username }}
-
-    {% translate "Thanks for using our site!" %}
-
-    {% blocktrans %}Your IT Team{% endblocktrans %}
-
-{% endautoescape %}

allianceauth/authentication/templates/registration/registration_form.html

@@ -1,14 +0,0 @@
-{% extends 'public/middle_box.html' %}
-{% load bootstrap %}
-{% load i18n %}
-{% load static %}
-{% block page_title %}{% translate "Register" %}{% endblock %}
-{% block middle_box_content %}
-    <form class="form-signin" role="form" action="" method="POST">
-        {% csrf_token %}
-        {{ form|bootstrap }}
-        <br/>
-        <button class="btn btn-lg btn-primary btn-block" type="submit">{% translate "Submit" %}</button>
-        <br/>
-    </form>
-{% endblock %}

allianceauth/authentication/tests/__init__.py

@@ -1,4 +1,17 @@
+from django.db.models.signals import (
+    m2m_changed,
+    post_save,
+    pre_delete,
+    pre_save
+)
 from django.urls import reverse
+from unittest import mock
+
+MODULE_PATH = 'allianceauth.authentication'
+
+
+def patch(target, *args, **kwargs):
+    return mock.patch(f'{MODULE_PATH}{target}', *args, **kwargs)
 
 
 def get_admin_change_view_url(obj: object) -> str:

allianceauth/authentication/tests/test_admin.py

@@ -1,6 +1,9 @@
+from bs4 import BeautifulSoup
 from urllib.parse import quote
 from unittest.mock import patch, MagicMock
 
+from django_webtest import WebTest
+
 from django.contrib.admin.sites import AdminSite
 from django.contrib.auth.models import Group
 from django.test import TestCase, RequestFactory, Client
@@ -188,7 +191,7 @@ class TestCaseWithTestData(TestCase):
             corporation_id=5432,
             corporation_name="Xavier's School for Gifted Youngsters",
             corporation_ticker='MUTNT',
-            alliance_id = None,
+            alliance_id=None,
             faction_id=999,
             faction_name='The X-Men',
         )
@@ -206,6 +209,7 @@ class TestCaseWithTestData(TestCase):
         cls.user_4.profile.save()
         EveFactionInfo.objects.create(faction_id=999, faction_name='The X-Men')
 
+
 def make_generic_search_request(ModelClass: type, search_term: str):
     User.objects.create_superuser(
         username='superuser', password='secret', email='admin@example.com'
@@ -218,6 +222,7 @@ def make_generic_search_request(ModelClass: type, search_term: str):
 
 
 class TestCharacterOwnershipAdmin(TestCaseWithTestData):
+    fixtures = ["disable_analytics"]
 
     def setUp(self):
         self.modeladmin = CharacterOwnershipAdmin(
@@ -244,6 +249,7 @@ class TestCharacterOwnershipAdmin(TestCaseWithTestData):
 
 
 class TestOwnershipRecordAdmin(TestCaseWithTestData):
+    fixtures = ["disable_analytics"]
 
     def setUp(self):
         self.modeladmin = OwnershipRecordAdmin(
@@ -270,11 +276,12 @@ class TestOwnershipRecordAdmin(TestCaseWithTestData):
 
 
 class TestStateAdmin(TestCaseWithTestData):
+    fixtures = ["disable_analytics"]
 
-    def setUp(self):
-        self.modeladmin = StateAdmin(
-            model=User, admin_site=AdminSite()
-        )
+    @classmethod
+    def setUpClass(cls) -> None:
+        super().setUpClass()
+        cls.modeladmin = StateAdmin(model=User, admin_site=AdminSite())
 
     def test_change_view_loads_normally(self):
         User.objects.create_superuser(
@@ -299,6 +306,7 @@ class TestStateAdmin(TestCaseWithTestData):
 
 
 class TestUserAdmin(TestCaseWithTestData):
+    fixtures = ["disable_analytics"]
 
     def setUp(self):
         self.factory = RequestFactory()
@@ -344,7 +352,7 @@ class TestUserAdmin(TestCaseWithTestData):
         self.assertEqual(user_main_organization(self.user_3), expected)
 
     def test_user_main_organization_u4(self):
-        expected="Xavier's School for Gifted Youngsters<br>The X-Men"
+        expected = "Xavier's School for Gifted Youngsters<br>The X-Men"
         self.assertEqual(user_main_organization(self.user_4), expected)
 
     def test_characters_u1(self):
@@ -419,7 +427,7 @@ class TestUserAdmin(TestCaseWithTestData):
 
     # actions
 
-    @patch(MODULE_PATH + '.UserAdmin.message_user', auto_spec=True)
+    @patch(MODULE_PATH + '.UserAdmin.message_user', auto_spec=True, unsafe=True)
     @patch(MODULE_PATH + '.update_character')
     def test_action_update_main_character_model(
         self, mock_task, mock_message_user
@@ -537,6 +545,229 @@ class TestUserAdmin(TestCaseWithTestData):
         self.assertEqual(response.status_code, expected)
 
 
+class TestStateAdminChangeFormSuperuserExclusiveEdits(WebTest):
+    @classmethod
+    def setUpClass(cls) -> None:
+        super().setUpClass()
+        cls.super_admin = User.objects.create_superuser("super_admin")
+        cls.staff_admin = User.objects.create_user("staff_admin")
+        cls.staff_admin.is_staff = True
+        cls.staff_admin.save()
+        cls.staff_admin = AuthUtils.add_permissions_to_user_by_name(
+            [
+                "authentication.add_state",
+                "authentication.change_state",
+                "authentication.view_state",
+            ],
+            cls.staff_admin
+        )
+        cls.superuser_exclusive_fields = ["permissions",]
+
+    def test_should_show_all_fields_to_superuser_for_add(self):
+        # given
+        self.app.set_user(self.super_admin)
+        page = self.app.get("/admin/authentication/state/add/")
+        # when
+        form = page.forms["state_form"]
+        # then
+        for field in self.superuser_exclusive_fields:
+            with self.subTest(field=field):
+                self.assertIn(field, form.fields)
+
+    def test_should_not_show_all_fields_to_staff_admins_for_add(self):
+        # given
+        self.app.set_user(self.staff_admin)
+        page = self.app.get("/admin/authentication/state/add/")
+        # when
+        form = page.forms["state_form"]
+        # then
+        for field in self.superuser_exclusive_fields:
+            with self.subTest(field=field):
+                self.assertNotIn(field, form.fields)
+
+    def test_should_show_all_fields_to_superuser_for_change(self):
+        # given
+        self.app.set_user(self.super_admin)
+        state = AuthUtils.get_member_state()
+        page = self.app.get(f"/admin/authentication/state/{state.pk}/change/")
+        # when
+        form = page.forms["state_form"]
+        # then
+        for field in self.superuser_exclusive_fields:
+            with self.subTest(field=field):
+                self.assertIn(field, form.fields)
+
+    def test_should_not_show_all_fields_to_staff_admin_for_change(self):
+        # given
+        self.app.set_user(self.staff_admin)
+        state = AuthUtils.get_member_state()
+        page = self.app.get(f"/admin/authentication/state/{state.pk}/change/")
+        # when
+        form = page.forms["state_form"]
+        # then
+        for field in self.superuser_exclusive_fields:
+            with self.subTest(field=field):
+                self.assertNotIn(field, form.fields)
+
+
+class TestUserAdminChangeForm(TestCase):
+    fixtures = ["disable_analytics"]
+
+    @classmethod
+    def setUpClass(cls) -> None:
+        super().setUpClass()
+        cls.modeladmin = UserAdmin(model=User, admin_site=AdminSite())
+
+    def test_should_show_groups_available_to_user_with_blue_state_only(self):
+        # given
+        superuser = User.objects.create_superuser("Super")
+        user = AuthUtils.create_user("bruce_wayne")
+        character = AuthUtils.add_main_character_2(
+            user,
+            name="Bruce Wayne",
+            character_id=1001,
+            corp_id=2001,
+            corp_name="Wayne Technologies"
+        )
+        blue_state = State.objects.get(name="Blue")
+        blue_state.member_characters.add(character)
+        member_state = AuthUtils.get_member_state()
+        group_1 = Group.objects.create(name="Group 1")
+        group_2 = Group.objects.create(name="Group 2")
+        group_2.authgroup.states.add(blue_state)
+        group_3 = Group.objects.create(name="Group 3")
+        group_3.authgroup.states.add(member_state)
+        self.client.force_login(superuser)
+        # when
+        response = self.client.get(f"/admin/authentication/user/{user.pk}/change/")
+        # then
+        self.assertEqual(response.status_code, 200)
+        soup = BeautifulSoup(response.rendered_content, features="html.parser")
+        groups_select = soup.find("select", {"id": "id_groups"}).find_all('option')
+        group_ids = {int(option["value"]) for option in groups_select}
+        self.assertSetEqual(group_ids, {group_1.pk, group_2.pk})
+
+
+class TestUserAdminChangeFormSuperuserExclusiveEdits(WebTest):
+    fixtures = ["disable_analytics"]
+
+    @classmethod
+    def setUpClass(cls) -> None:
+        super().setUpClass()
+        cls.super_admin = User.objects.create_superuser("super_admin")
+        cls.staff_admin = User.objects.create_user("staff_admin")
+        cls.staff_admin.is_staff = True
+        cls.staff_admin.save()
+        cls.staff_admin = AuthUtils.add_permissions_to_user_by_name(
+            [
+                "auth.change_user",
+                "auth.view_user",
+                "authentication.change_user",
+                "authentication.change_userprofile",
+                "authentication.view_user"
+            ],
+            cls.staff_admin
+        )
+        cls.superuser_exclusive_fields = [
+            "is_staff", "is_superuser", "user_permissions"
+        ]
+
+    def setUp(self) -> None:
+        self.user = AuthUtils.create_user("bruce_wayne")
+
+    def test_should_show_all_fields_to_superuser_for_change(self):
+        # given
+        self.app.set_user(self.super_admin)
+
+        page = self.app.get(f"/admin/authentication/user/{self.user.pk}/change/")
+        # when
+        form = page.forms["user_form"]
+        # then
+        for field in self.superuser_exclusive_fields:
+            with self.subTest(field=field):
+                self.assertIn(field, form.fields)
+
+    def test_should_not_show_all_fields_to_staff_admin_for_change(self):
+        # given
+        self.app.set_user(self.staff_admin)
+        page = self.app.get(f"/admin/authentication/user/{self.user.pk}/change/")
+        # when
+        form = page.forms["user_form"]
+        # then
+        for field in self.superuser_exclusive_fields:
+            with self.subTest(field=field):
+                self.assertNotIn(field, form.fields)
+
+    def test_should_allow_super_admin_to_add_restricted_group_to_user(self):
+        # given
+        self.app.set_user(self.super_admin)
+        group_restricted = Group.objects.create(name="restricted group")
+        group_restricted.authgroup.restricted = True
+        group_restricted.authgroup.save()
+        page = self.app.get(f"/admin/authentication/user/{self.user.pk}/change/")
+        form = page.forms["user_form"]
+        # when
+        form["groups"].select_multiple(texts=["restricted group"])
+        response = form.submit("save")
+        # then
+        self.assertEqual(response.status_code, 302)
+        self.user.refresh_from_db()
+        self.assertIn(
+            "restricted group", self.user.groups.values_list("name", flat=True)
+        )
+
+    def test_should_not_allow_staff_admin_to_add_restricted_group_to_user(self):
+        # given
+        self.app.set_user(self.staff_admin)
+        group_restricted = Group.objects.create(name="restricted group")
+        group_restricted.authgroup.restricted = True
+        group_restricted.authgroup.save()
+        page = self.app.get(f"/admin/authentication/user/{self.user.pk}/change/")
+        form = page.forms["user_form"]
+        # when
+        form["groups"].select_multiple(texts=["restricted group"])
+        response = form.submit("save")
+        # then
+        self.assertEqual(response.status_code, 200)
+        self.assertIn(
+            "You are not allowed to add or remove these restricted groups",
+            response.text
+        )
+
+    def test_should_not_allow_staff_admin_to_remove_restricted_group_from_user(self):
+        # given
+        self.app.set_user(self.staff_admin)
+        group_restricted = Group.objects.create(name="restricted group")
+        group_restricted.authgroup.restricted = True
+        group_restricted.authgroup.save()
+        self.user.groups.add(group_restricted)
+        page = self.app.get(f"/admin/authentication/user/{self.user.pk}/change/")
+        form = page.forms["user_form"]
+        # when
+        form["groups"].select_multiple(texts=[])
+        response = form.submit("save")
+        # then
+        self.assertEqual(response.status_code, 200)
+        self.assertIn(
+            "You are not allowed to add or remove these restricted groups",
+            response.text
+        )
+
+    def test_should_allow_staff_admin_to_add_normal_group_to_user(self):
+        # given
+        self.app.set_user(self.super_admin)
+        Group.objects.create(name="normal group")
+        page = self.app.get(f"/admin/authentication/user/{self.user.pk}/change/")
+        form = page.forms["user_form"]
+        # when
+        form["groups"].select_multiple(texts=["normal group"])
+        response = form.submit("save")
+        # then
+        self.assertEqual(response.status_code, 302)
+        self.user.refresh_from_db()
+        self.assertIn("normal group", self.user.groups.values_list("name", flat=True))
+
+
 class TestMakeServicesHooksActions(TestCaseWithTestData):
 
     class MyServicesHookTypeA(ServicesHook):

allianceauth/authentication/tests/test_middleware.py

@@ -0,0 +1,175 @@
+from unittest import mock
+from allianceauth.authentication.middleware import UserSettingsMiddleware
+from unittest.mock import Mock
+from django.http import HttpResponse
+
+from django.test.testcases import TestCase
+
+
+class TestUserSettingsMiddlewareSaveLang(TestCase):
+
+    def setUp(self):
+        self.middleware = UserSettingsMiddleware(HttpResponse)
+        self.request = Mock()
+        self.request.headers = {
+                "User-Agent": "AUTOMATED TEST"
+            }
+        self.request.path = '/i18n/setlang/'
+        self.request.POST = {
+            'language': 'fr'
+        }
+        self.request.user.profile.language = 'de'
+        self.request.user.is_anonymous = False
+        self.response = Mock()
+        self.response.content = 'hello world'
+
+    def test_middleware_passthrough(self):
+        """
+        Simply tests the middleware runs cleanly
+        """
+        response = self.middleware.process_response(
+            self.request,
+            self.response
+            )
+        self.assertEqual(self.response, response)
+
+    def test_middleware_save_language_false_anonymous(self):
+        """
+        Ensures the middleware wont change the usersettings
+        of a non-existent (anonymous) user
+        """
+        self.request.user.is_anonymous = True
+        response = self.middleware.process_response(
+            self.request,
+            self.response
+            )
+        self.assertEqual(self.request.user.profile.language, 'de')
+        self.assertFalse(self.request.user.profile.save.called)
+        self.assertEqual(self.request.user.profile.save.call_count, 0)
+
+    def test_middleware_save_language_new(self):
+        """
+        does the middleware change a language not set in the DB
+        """
+        self.request.user.profile.language = None
+        response = self.middleware.process_response(
+            self.request,
+            self.response
+            )
+        self.assertEqual(self.request.user.profile.language, 'fr')
+        self.assertTrue(self.request.user.profile.save.called)
+        self.assertEqual(self.request.user.profile.save.call_count, 1)
+
+    def test_middleware_save_language_changed(self):
+        """
+        Tests the middleware will change a language setting
+        """
+        response = self.middleware.process_response(
+            self.request,
+            self.response
+            )
+        self.assertEqual(self.request.user.profile.language, 'fr')
+        self.assertTrue(self.request.user.profile.save.called)
+        self.assertEqual(self.request.user.profile.save.call_count, 1)
+
+
+class TestUserSettingsMiddlewareLoginFlow(TestCase):
+
+    def setUp(self):
+        self.middleware = UserSettingsMiddleware(HttpResponse)
+        self.request = Mock()
+        self.request.headers = {
+                "User-Agent": "AUTOMATED TEST"
+            }
+        self.request.path = '/sso/login'
+        self.request.session = {
+            'NIGHT_MODE': False
+        }
+        self.request.LANGUAGE_CODE = 'en'
+        self.request.user.profile.language = 'de'
+        self.request.user.profile.night_mode = True
+        self.request.user.is_anonymous = False
+        self.response = Mock()
+        self.response.content = 'hello world'
+
+    def test_middleware_passthrough(self):
+        """
+        Simply tests the middleware runs cleanly
+        """
+        middleware_response = self.middleware.process_response(
+            self.request,
+            self.response
+            )
+        self.assertEqual(self.response, middleware_response)
+
+    def test_middleware_sets_language_cookie_true_no_cookie(self):
+        """
+        tests the middleware will set a cookie, while none is set
+        """
+        self.request.LANGUAGE_CODE = None
+        middleware_response = self.middleware.process_response(
+            self.request,
+            self.response
+            )
+        self.assertTrue(middleware_response.set_cookie.called)
+        self.assertEqual(middleware_response.set_cookie.call_count, 1)
+        args, kwargs = middleware_response.set_cookie.call_args
+        self.assertEqual(kwargs['value'], 'de')
+
+    def test_middleware_sets_language_cookie_true_wrong_cookie(self):
+        """
+        tests the middleware will set a cookie, while a different value is set
+        """
+        middleware_response = self.middleware.process_response(
+            self.request,
+            self.response
+            )
+        self.assertTrue(middleware_response.set_cookie.called)
+        self.assertEqual(middleware_response.set_cookie.call_count, 1)
+        args, kwargs = middleware_response.set_cookie.call_args
+        self.assertEqual(kwargs['value'], 'de')
+
+    def test_middleware_sets_language_cookie_false_anonymous(self):
+        """
+        ensures the middleware wont set a value for a non existent user (anonymous)
+        """
+        self.request.user.is_anonymous = True
+        middleware_response = self.middleware.process_response(
+            self.request,
+            self.response
+            )
+        self.assertFalse = middleware_response.set_cookie.called
+        self.assertEqual(middleware_response.set_cookie.call_count, 0)
+
+    def test_middleware_sets_language_cookie_false_already_set(self):
+        """
+        tests the middleware skips setting the cookie, if its already set correctly
+        """
+        self.request.user.profile.language = 'en'
+        middleware_response = self.middleware.process_response(
+            self.request,
+            self.response
+            )
+        self.assertFalse = middleware_response.set_cookie.called
+        self.assertEqual(middleware_response.set_cookie.call_count, 0)
+
+    def test_middleware_sets_night_mode_not_set(self):
+        """
+        tests the middleware will set night_mode if not set
+        """
+        self.request.session = {}
+        response = self.middleware.process_response(
+            self.request,
+            self.response
+            )
+        self.assertEqual(self.request.session["NIGHT_MODE"], True)
+
+    def test_middleware_sets_night_mode_set(self):
+        """
+        tests the middleware will set night_mode if set.
+        """
+        response = self.middleware.process_response(
+            self.request,
+            self.response
+            )
+        self.assertEqual(self.request.session["NIGHT_MODE"], True)

allianceauth/authentication/tests/test_signals.py

@@ -0,0 +1,94 @@
+from allianceauth.authentication.models import User, UserProfile
+from allianceauth.eveonline.models import (
+    EveCharacter,
+    EveCorporationInfo,
+    EveAllianceInfo
+)
+from django.db.models.signals import (
+    pre_save,
+    post_save,
+    pre_delete,
+    m2m_changed
+)
+from allianceauth.tests.auth_utils import AuthUtils
+
+from django.test.testcases import TestCase
+from unittest.mock import Mock
+from . import patch
+
+
+class TestUserProfileSignals(TestCase):
+
+    def setUp(self):
+        state = AuthUtils.get_member_state()
+
+        self.char = EveCharacter.objects.create(
+            character_id='1234',
+            character_name='test character',
+            corporation_id='2345',
+            corporation_name='test corp',
+            corporation_ticker='tickr',
+            alliance_id='3456',
+            alliance_name='alliance name',
+        )
+
+        self.alliance = EveAllianceInfo.objects.create(
+            alliance_id='3456',
+            alliance_name='alliance name',
+            alliance_ticker='TIKR',
+            executor_corp_id='2345',
+        )
+
+        self.corp = EveCorporationInfo.objects.create(
+            corporation_id='2345',
+            corporation_name='corp name',
+            corporation_ticker='TIKK',
+            member_count=10,
+            alliance=self.alliance,
+        )
+
+        state.member_alliances.add(self.alliance)
+        state.member_corporations.add(self.corp)
+
+        self.member = AuthUtils.create_user('test user')
+        self.member.profile.main_character = self.char
+        self.member.profile.save()
+
+    @patch('.signals.create_required_models')
+    def test_create_required_models_triggered_true(
+            self, create_required_models):
+        """
+        Create a User object here,
+        to generate UserProfile models
+        """
+        post_save.connect(create_required_models, sender=User)
+        AuthUtils.create_user('test_create_required_models_triggered')
+        self.assertTrue = create_required_models.called
+        self.assertEqual(create_required_models.call_count, 1)
+
+        user = User.objects.get(username='test_create_required_models_triggered')
+        self.assertIsNot(UserProfile.objects.get(user=user), False)
+
+    @patch('.signals.create_required_models')
+    def test_create_required_models_triggered_false(
+            self, create_required_models):
+        """
+        Only call a User object Update here,
+        which does not need to generate UserProfile models
+        """
+        post_save.connect(create_required_models, sender=User)
+        char = EveCharacter.objects.create(
+            character_id='1266',
+            character_name='test character2',
+            corporation_id='2345',
+            corporation_name='test corp',
+            corporation_ticker='tickr',
+            alliance_id='3456',
+            alliance_name='alliance name',
+        )
+        self.member.profile.main_character = char
+        self.member.profile.save()
+
+        self.assertTrue = create_required_models.called
+        self.assertEqual(create_required_models.call_count, 0)
+        self.assertIsNot(UserProfile.objects.get(user=self.member), False)

allianceauth/authentication/tests/test_templatetags.py

@@ -1,6 +1,7 @@
 from math import ceil
 from unittest.mock import patch
 
+import requests
 import requests_mock
 from packaging.version import Version as Pep440Version
 
@@ -54,7 +55,6 @@ TEST_VERSION = '2.6.5'
 
 
 class TestStatusOverviewTag(TestCase):
-
     @patch(MODULE_PATH + '.admin_status.__version__', TEST_VERSION)
     @patch(MODULE_PATH + '.admin_status._fetch_celery_queue_length')
     @patch(MODULE_PATH + '.admin_status._current_version_summary')
@@ -65,6 +65,7 @@ class TestStatusOverviewTag(TestCase):
         mock_current_version_info,
         mock_fetch_celery_queue_length
     ):
+        # given
         notifications = {
             'notifications': GITHUB_NOTIFICATION_ISSUES[:5]
         }
@@ -82,22 +83,20 @@ class TestStatusOverviewTag(TestCase):
         }
         mock_current_version_info.return_value = version_info
         mock_fetch_celery_queue_length.return_value = 3
-
+        # when
         result = status_overview()
-        expected = {
-            'notifications': GITHUB_NOTIFICATION_ISSUES[:5],
-            'latest_major': True,
-            'latest_minor': True,
-            'latest_patch': True,
-            'latest_beta': False,
-            'current_version': TEST_VERSION,
-            'latest_major_version': '2.4.5',
-            'latest_minor_version': '2.4.0',
-            'latest_patch_version': '2.4.5',
-            'latest_beta_version': '2.4.4a1',
-            'task_queue_length': 3,
-        }
-        self.assertEqual(result, expected)
+        # then
+        self.assertEqual(result["notifications"], GITHUB_NOTIFICATION_ISSUES[:5])
+        self.assertTrue(result["latest_major"])
+        self.assertTrue(result["latest_minor"])
+        self.assertTrue(result["latest_patch"])
+        self.assertFalse(result["latest_beta"])
+        self.assertEqual(result["current_version"], TEST_VERSION)
+        self.assertEqual(result["latest_major_version"], '2.4.5')
+        self.assertEqual(result["latest_minor_version"], '2.4.0')
+        self.assertEqual(result["latest_patch_version"], '2.4.5')
+        self.assertEqual(result["latest_beta_version"], '2.4.4a1')
+        self.assertEqual(result["task_queue_length"], 3)
 
 
 class TestNotifications(TestCase):
@@ -307,3 +306,25 @@ class TestFetchListFromGitlab(TestCase):
         result = _fetch_list_from_gitlab(self.url, max_pages=max_pages)
         self.assertEqual(result, GITHUB_TAGS[:4])
         self.assertEqual(requests_mocker.call_count, max_pages)
+
+    @requests_mock.mock()
+    @patch(MODULE_PATH + '.admin_status.logger')
+    def test_should_not_raise_any_exception_from_github_request_but_log_as_warning(
+        self, requests_mocker, mock_logger
+    ):
+        for my_exception in [
+            requests.exceptions.ConnectionError,
+            requests.exceptions.HTTPError,
+            requests.exceptions.URLRequired,
+            requests.exceptions.TooManyRedirects,
+            requests.exceptions.ConnectTimeout,
+            requests.exceptions.Timeout,
+
+        ]:
+            requests_mocker.get(self.url, exc=my_exception)
+            try:
+                result = _fetch_list_from_gitlab(self.url)
+            except Exception as ex:
+                self.fail(f"Unexpected exception raised: {ex}")
+            self.assertTrue(mock_logger.warning.called)
+            self.assertListEqual(result, [])

allianceauth/authentication/urls.py

@@ -1,5 +1,4 @@
-from django.conf.urls import url
-from django.contrib.auth.decorators import login_required
+from django.urls import path
 from django.views.generic.base import TemplateView
 
 from . import views
@@ -7,21 +6,21 @@ from . import views
 app_name = 'authentication'
 
 urlpatterns = [
-    url(r'^$', views.index, name='index'),
-    url(
-        r'^account/login/$',
+    path('', views.index, name='index'),
+    path(
+        'account/login/',
         TemplateView.as_view(template_name='public/login.html'),
         name='login'
     ),
-    url(
-        r'^account/characters/main/$',
+    path(
+        'account/characters/main/',
         views.main_character_change,
         name='change_main_character'
     ),
-    url(
-        r'^account/characters/add/$',
+    path(
+        'account/characters/add/',
         views.add_character,
         name='add_character'
     ),
-    url(r'^dashboard/$', views.dashboard, name='dashboard'),
+    path('dashboard/', views.dashboard, name='dashboard'),
 ]

allianceauth/corputils/__init__.py

@@ -1 +0,0 @@
-default_app_config = 'allianceauth.corputils.apps.CorpUtilsConfig'

allianceauth/corputils/auth_hooks.py

@@ -1,5 +1,5 @@
 from allianceauth.services.hooks import MenuItemHook, UrlHook
-from django.utils.translation import ugettext_lazy as _
+from django.utils.translation import gettext_lazy as _
 from allianceauth import hooks
 from allianceauth.corputils import urls
 

allianceauth/corputils/templates/corputils/corpstats.html

@@ -8,11 +8,11 @@
                 <table class="table">
                     <tr>
                         <td class="text-center col-lg-6{% if corpstats.corp.alliance %}{% else %}col-lg-offset-3{% endif %}">
-                                <img class="ra-avatar" src="{{ corpstats.corp.logo_url_64 }}">
+                                <img class="ra-avatar" src="{{ corpstats.corp.logo_url_64 }}" alt="{{ corpstats.corp.corporation_name }}">
                             </td>
                         {% if corpstats.corp.alliance %}
                             <td class="text-center col-lg-6">
-                                <img class="ra-avatar" src="{{ corpstats.corp.alliance.logo_url_64 }}">
+                                <img class="ra-avatar" src="{{ corpstats.corp.alliance.logo_url_64 }}" alt="{{ corpstats.corp.alliance.alliance_name }}">
                             </td>
                         {% endif %}
                     </tr>
@@ -59,7 +59,7 @@
                                                     <tr>
                                                         <td class="text-center" style="vertical-align:middle">
                                                             <div class="thumbnail" style="border: 0 none; box-shadow: none; background: transparent;">
-                                                                <img src="{{ main.main.portrait_url_64 }}" class="img-circle">
+                                                                <img src="{{ main.main.portrait_url_64 }}" class="img-circle" alt="{{ main.main }}">
                                                                 <div class="caption text-center">
                                                                     {{ main.main }}
                                                                 </div>
@@ -80,7 +80,7 @@
                                                                     <tr>
                                                                         <td class="text-center" style="width:5%">
                                                                             <div class="thumbnail" style="border: 0 none; box-shadow: none; background: transparent;">
-                                                                                <img src="{{ alt.portrait_url_32 }}" class="img-circle">
+                                                                                <img src="{{ alt.portrait_url_32 }}" class="img-circle" alt="{{ alt.character_name }}">
                                                                             </div>
                                                                         </td>
                                                                         <td class="text-center" style="width:30%">{{ alt.character_name }}</td>
@@ -119,7 +119,7 @@
                                             <tbody>
                                                 {% for member in members %}
                                                     <tr>
-                                                        <td><img src="{{ member.portrait_url }}" class="img-circle"></td>
+                                                        <td><img src="{{ member.portrait_url }}" class="img-circle" alt="{{ member }}"></td>
                                                         <td class="text-center">{{ member }}</td>
                                                         <td class="text-center">
                                                             <a href="https://zkillboard.com/character/{{ member.character_id }}/" class="label label-danger" target="_blank">{% translate "Killboard" %}</a>
@@ -131,7 +131,7 @@
                                                 {% endfor %}
                                                 {% for member in unregistered %}
                                                     <tr class="danger">
-                                                        <td><img src="{{ member.portrait_url }}" class="img-circle"></td>
+                                                        <td><img src="{{ member.portrait_url }}" class="img-circle" alt="{{ member.character_name }}"></td>
                                                         <td class="text-center">{{ member.character_name }}</td>
                                                         <td class="text-center">
                                                             <a href="https://zkillboard.com/character/{{ member.character_id }}/" class="label label-danger" target="_blank">{% translate "Killboard" %}</a>
@@ -160,7 +160,7 @@
                                             <tbody>
                                                 {% for member in unregistered %}
                                                     <tr class="danger">
-                                                        <td><img src="{{ member.portrait_url }}" class="img-circle"></td>
+                                                        <td><img src="{{ member.portrait_url }}" class="img-circle" alt="{{ member.character_name }}"></td>
                                                         <td class="text-center">{{ member.character_name }}</td>
                                                         <td class="text-center">
                                                             <a href="https://zkillboard.com/character/{{ member.character_id }}/" class="label label-danger" target="_blank">
@@ -193,6 +193,8 @@
             "columnDefs": [
                 { "sortable": false, "targets": [1] },
             ],
+            "stateSave": true,
+            "stateDuration": 0
         });
         $('#table-members').DataTable({
             "columnDefs": [
@@ -200,6 +202,8 @@
                 { "sortable": false, "targets": [0, 2] },
             ],
             "order": [[ 1, "asc" ]],
+            "stateSave": true,
+            "stateDuration": 0
         });
         $('#table-unregistered').DataTable({
             "columnDefs": [
@@ -207,6 +211,8 @@
                 { "sortable": false, "targets": [0, 2] },
             ],
             "order": [[ 1, "asc" ]],
+            "stateSave": true,
+            "stateDuration": 0
         });
 
     });

allianceauth/corputils/templates/corputils/search.html

@@ -21,7 +21,7 @@
                 <tbody>
                     {% for result in results %}
                         <tr {% if not result.1.registered %}class="danger"{% endif %}>
-                            <td class="text-center"><img src="{{ result.1.portrait_url }}" class="img-circle"></td>
+                            <td class="text-center"><img src="{{ result.1.portrait_url }}" class="img-circle" alt="{{ result.1.character_name }}"></td>
                             <td class="text-center">{{ result.1.character_name }}</td>
                             <td class="text-center">{{ result.0.corp.corporation_name }}</td>
                             <td class="text-center"><a href="https://zkillboard.com/character/{{ result.1.character_id }}/" class="label label-danger" target="_blank">{% translate "Killboard" %}</a></td>
@@ -43,6 +43,9 @@
 {% endblock %}
 {% block extra_script %}
     $(document).ready(function(){
-        $('#table-search').DataTable();
+        $('#table-search').DataTable({
+            "stateSave": true,
+            "stateDuration": 0
+        });
     });
 {% endblock %}

allianceauth/corputils/urls.py

@@ -1,12 +1,11 @@
-from django.conf.urls import url
-
+from django.urls import path
 from . import views
 
 app_name = 'corputils'
 urlpatterns = [
-    url(r'^$', views.corpstats_view, name='view'),
-    url(r'^add/$', views.corpstats_add, name='add'),
-    url(r'^(?P<corp_id>(\d)*)/$', views.corpstats_view, name='view_corp'),
-    url(r'^(?P<corp_id>(\d)+)/update/$', views.corpstats_update, name='update'),
-    url(r'^search/$', views.corpstats_search, name='search'),
-    ]
+    path('', views.corpstats_view, name='view'),
+    path('add/', views.corpstats_add, name='add'),
+    path('<int:corp_id>/', views.corpstats_view, name='view_corp'),
+    path('<int:corp_id>/update/', views.corpstats_update, name='update'),
+    path('search/', views.corpstats_search, name='search'),
+]

allianceauth/corputils/views.py

@@ -6,7 +6,7 @@ from django.contrib.auth.decorators import login_required, permission_required,
 from django.core.exceptions import PermissionDenied, ObjectDoesNotExist
 from django.db import IntegrityError
 from django.shortcuts import render, redirect, get_object_or_404
-from django.utils.translation import ugettext_lazy as _
+from django.utils.translation import gettext_lazy as _
 from esi.decorators import token_required
 from allianceauth.eveonline.models import EveCharacter, EveCorporationInfo
 

allianceauth/eveonline/__init__.py

@@ -1 +0,0 @@
-default_app_config = 'allianceauth.eveonline.apps.EveonlineConfig'

allianceauth/eveonline/autogroups/__init__.py

@@ -1 +0,0 @@
-default_app_config = 'allianceauth.eveonline.autogroups.apps.EveAutogroupsConfig'

allianceauth/eveonline/migrations/0016_character_names_are_not_unique.py

@@ -0,0 +1,18 @@
+# Generated by Django 3.2.10 on 2022-01-05 18:44
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('eveonline', '0015_factions'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='evecharacter',
+            name='character_name',
+            field=models.CharField(db_index=True, max_length=254),
+        ),
+    ]

allianceauth/eveonline/models.py

@@ -1,16 +1,32 @@
-from django.db import models
+import logging
 from typing import Union
 
-from .managers import EveCharacterManager, EveCharacterProviderManager
-from .managers import EveCorporationManager, EveCorporationProviderManager
-from .managers import EveAllianceManager, EveAllianceProviderManager
+from django.core.exceptions import ObjectDoesNotExist
+from django.db import models
+from esi.models import Token
+
+from allianceauth.notifications import notify
+
 from . import providers
 from .evelinks import eveimageserver
+from .managers import (
+    EveAllianceManager,
+    EveAllianceProviderManager,
+    EveCharacterManager,
+    EveCharacterProviderManager,
+    EveCorporationManager,
+    EveCorporationProviderManager,
+)
+
+logger = logging.getLogger(__name__)
 
 _DEFAULT_IMAGE_SIZE = 32
+DOOMHEIM_CORPORATION_ID = 1000001
 
 
 class EveFactionInfo(models.Model):
+    """A faction in Eve Online."""
+
     faction_id = models.PositiveIntegerField(unique=True, db_index=True)
     faction_name = models.CharField(max_length=254, unique=True)
 
@@ -52,6 +68,8 @@ class EveFactionInfo(models.Model):
 
 
 class EveAllianceInfo(models.Model):
+    """An alliance in Eve Online."""
+
     alliance_id = models.PositiveIntegerField(unique=True)
     alliance_name = models.CharField(max_length=254, unique=True)
     alliance_ticker = models.CharField(max_length=254)
@@ -68,13 +86,12 @@ class EveAllianceInfo(models.Model):
         for corp_id in alliance.corp_ids:
             if not EveCorporationInfo.objects.filter(corporation_id=corp_id).exists():
                 EveCorporationInfo.objects.create_corporation(corp_id)
-        EveCorporationInfo.objects.filter(
-            corporation_id__in=alliance.corp_ids).update(alliance=self
+        EveCorporationInfo.objects.filter(corporation_id__in=alliance.corp_ids).update(
+            alliance=self
         )
-        EveCorporationInfo.objects\
-            .filter(alliance=self)\
-            .exclude(corporation_id__in=alliance.corp_ids)\
-            .update(alliance=None)
+        EveCorporationInfo.objects.filter(alliance=self).exclude(
+            corporation_id__in=alliance.corp_ids
+        ).update(alliance=None)
 
     def update_alliance(self, alliance: providers.Alliance = None):
         if alliance is None:
@@ -119,6 +136,8 @@ class EveAllianceInfo(models.Model):
 
 
 class EveCorporationInfo(models.Model):
+    """A corporation in Eve Online."""
+
     corporation_id = models.PositiveIntegerField(unique=True)
     corporation_name = models.CharField(max_length=254, unique=True)
     corporation_ticker = models.CharField(max_length=254)
@@ -182,8 +201,10 @@ class EveCorporationInfo(models.Model):
 
 
 class EveCharacter(models.Model):
+    """A character in Eve Online."""
+
     character_id = models.PositiveIntegerField(unique=True)
-    character_name = models.CharField(max_length=254, unique=True)
+    character_name = models.CharField(max_length=254, db_index=True)
     corporation_id = models.PositiveIntegerField()
     corporation_name = models.CharField(max_length=254)
     corporation_ticker = models.CharField(max_length=5)
@@ -198,12 +219,20 @@ class EveCharacter(models.Model):
 
     class Meta:
         indexes = [
-                    models.Index(fields=['corporation_id',]),
-                    models.Index(fields=['alliance_id',]),
-                    models.Index(fields=['corporation_name',]),
-                    models.Index(fields=['alliance_name',]),
-                    models.Index(fields=['faction_id',]),
-                  ]
+            models.Index(fields=['corporation_id',]),
+            models.Index(fields=['alliance_id',]),
+            models.Index(fields=['corporation_name',]),
+            models.Index(fields=['alliance_name',]),
+            models.Index(fields=['faction_id',]),
+        ]
+
+    def __str__(self):
+        return self.character_name
+
+    @property
+    def is_biomassed(self) -> bool:
+        """Whether this character is dead or not."""
+        return self.corporation_id == DOOMHEIM_CORPORATION_ID
 
     @property
     def alliance(self) -> Union[EveAllianceInfo, None]:
@@ -249,10 +278,36 @@ class EveCharacter(models.Model):
         self.faction_id = character.faction.id
         self.faction_name = character.faction.name
         self.save()
+        if self.is_biomassed:
+            self._remove_tokens_of_biomassed_character()
         return self
 
-    def __str__(self):
-        return self.character_name
+    def _remove_tokens_of_biomassed_character(self) -> None:
+        """Remove tokens of this biomassed character."""
+        try:
+            user = self.character_ownership.user
+        except ObjectDoesNotExist:
+            return
+        tokens_to_delete = Token.objects.filter(character_id=self.character_id)
+        tokens_count = tokens_to_delete.count()
+        if not tokens_count:
+            return
+        tokens_to_delete.delete()
+        logger.info(
+            "%d tokens from user %s for biomassed character %s [id:%s] deleted.",
+            tokens_count,
+            user,
+            self,
+            self.character_id,
+        )
+        notify(
+            user=user,
+            title=f"Character {self} biomassed",
+            message=(
+                f"Your former character {self} has been biomassed "
+                "and has been removed from the list of your alts."
+            )
+        )
 
     @staticmethod
     def generic_portrait_url(
@@ -336,7 +391,6 @@ class EveCharacter(models.Model):
         """image URL for alliance of this character or empty string"""
         return self.alliance_logo_url(256)
 
-
     def faction_logo_url(self, size=_DEFAULT_IMAGE_SIZE) -> str:
         """image URL for alliance of this character or empty string"""
         if self.faction_id:

allianceauth/eveonline/providers.py

@@ -13,17 +13,18 @@ from allianceauth import __version__
 SWAGGER_SPEC_PATH = os.path.join(os.path.dirname(
     os.path.abspath(__file__)), 'swagger.json'
 )
-"""
-Swagger spec operations:
 
-get_alliances_alliance_id
-get_alliances_alliance_id_corporations
-get_corporations_corporation_id
-get_characters_character_id
-get_universe_types_type_id
-post_character_affiliation
-get_universe_factions
-"""
+# for the love of Bob please add operations you use here. I'm tired of breaking undocumented things.
+ESI_OPERATIONS=[
+    'get_alliances_alliance_id',
+    'get_alliances_alliance_id_corporations',
+    'get_corporations_corporation_id',
+    'get_characters_character_id',
+    'post_characters_affiliation',
+    'get_universe_types_type_id',
+    'get_universe_factions',
+    'post_universe_names',
+]
 
 
 logger = logging.getLogger(__name__)
@@ -169,7 +170,7 @@ class EveProvider:
         """
         :return: an ItemType object for the given ID
         """
-        raise NotImplemented()
+        raise NotImplementedError()
 
 
 class EveSwaggerProvider(EveProvider):
@@ -206,7 +207,8 @@ class EveSwaggerProvider(EveProvider):
     def __str__(self):
         return 'esi'
 
-    def get_alliance(self, alliance_id):
+    def get_alliance(self, alliance_id: int) -> Alliance:
+        """Fetch alliance from ESI."""
         try:
             data = self.client.Alliance.get_alliances_alliance_id(alliance_id=alliance_id).result()
             corps = self.client.Alliance.get_alliances_alliance_id_corporations(alliance_id=alliance_id).result()
@@ -222,7 +224,8 @@ class EveSwaggerProvider(EveProvider):
         except HTTPNotFound:
             raise ObjectNotFound(alliance_id, 'alliance')
 
-    def get_corp(self, corp_id):
+    def get_corp(self, corp_id: int) -> Corporation:
+        """Fetch corporation from ESI."""
         try:
             data = self.client.Corporation.get_corporations_corporation_id(corporation_id=corp_id).result()
             model = Corporation(
@@ -238,29 +241,43 @@ class EveSwaggerProvider(EveProvider):
         except HTTPNotFound:
             raise ObjectNotFound(corp_id, 'corporation')
 
-    def get_character(self, character_id):
+    def get_character(self, character_id: int) -> Character:
+        """Fetch character from ESI."""
         try:
-            data = self.client.Character.get_characters_character_id(character_id=character_id).result()
+            character_name = self._fetch_character_name(character_id)
             affiliation = self.client.Character.post_characters_affiliation(characters=[character_id]).result()[0]
-
             model = Character(
                 id=character_id,
-                name=data['name'],
+                name=character_name,
                 corp_id=affiliation['corporation_id'],
                 alliance_id=affiliation['alliance_id'] if 'alliance_id' in affiliation else None,
                 faction_id=affiliation['faction_id'] if 'faction_id' in affiliation else None,
             )
             return model
-        except (HTTPNotFound, HTTPUnprocessableEntity):
+        except (HTTPNotFound, HTTPUnprocessableEntity, ObjectNotFound):
             raise ObjectNotFound(character_id, 'character')
 
+    def _fetch_character_name(self, character_id: int) -> str:
+        """Fetch character name from ESI."""
+        data = self.client.Universe.post_universe_names(ids=[character_id]).result()
+        character = data.pop() if data else None
+        if (
+            not character
+            or character["category"] != "character"
+            or character["id"] != character_id
+        ):
+            raise ObjectNotFound(character_id, 'character')
+        return character["name"]
+
     def get_all_factions(self):
+        """Fetch all factions from ESI."""
         if not self._faction_list:
             self._faction_list = self.client.Universe.get_universe_factions().result()
         return self._faction_list
 
-    def get_faction(self, faction_id):
-        faction_id=int(faction_id)
+    def get_faction(self, faction_id: int):
+        """Fetch faction from ESI."""
+        faction_id = int(faction_id)
         try:
             if not self._faction_list:
                 _ = self.get_all_factions()
@@ -272,7 +289,8 @@ class EveSwaggerProvider(EveProvider):
         except (HTTPNotFound, HTTPUnprocessableEntity, KeyError):
             raise ObjectNotFound(faction_id, 'faction')
 
-    def get_itemtype(self, type_id):
+    def get_itemtype(self, type_id: int) -> ItemType:
+        """Fetch inventory item from ESI."""
         try:
             data = self.client.Universe.get_universe_types_type_id(type_id=type_id).result()
             return ItemType(id=type_id, name=data['name'])

allianceauth/eveonline/tasks.py

@@ -1,12 +1,11 @@
 import logging
 
 from celery import shared_task
-from .models import EveAllianceInfo
-from .models import EveCharacter
-from .models import EveCorporationInfo
 
+from .models import EveAllianceInfo, EveCharacter, EveCorporationInfo
 from . import providers
 
+
 logger = logging.getLogger(__name__)
 
 TASK_PRIORITY = 7
@@ -32,8 +31,8 @@ def update_alliance(alliance_id):
 
 
 @shared_task
-def update_character(character_id):
-    """Update given character from ESI"""
+def update_character(character_id: int) -> None:
+    """Update given character from ESI."""
     EveCharacter.objects.update_character(character_id)
 
 
@@ -41,7 +40,7 @@ def update_character(character_id):
 def run_model_update():
     """Update all alliances, corporations and characters from ESI"""
 
-    # update existing corp models
+    #update existing corp models
     for corp in EveCorporationInfo.objects.all().values('corporation_id'):
         update_corp.apply_async(args=[corp['corporation_id']], priority=TASK_PRIORITY)
 
@@ -49,7 +48,6 @@ def run_model_update():
     for alliance in EveAllianceInfo.objects.all().values('alliance_id'):
         update_alliance.apply_async(args=[alliance['alliance_id']], priority=TASK_PRIORITY)
 
-    #update existing character models if required
     # update existing character models
     character_ids = EveCharacter.objects.all().values_list('character_id', flat=True)
     for character_ids_chunk in chunks(character_ids, CHUNK_SIZE):
@@ -66,17 +64,17 @@ def update_character_chunk(character_ids_chunk: list):
             .post_characters_affiliation(characters=character_ids_chunk).result()
         character_names = providers.provider.client.Universe\
             .post_universe_names(ids=character_ids_chunk).result()
-    except:
-        logger.error("Failed to bulk update characters. Attempting single updates")
+    except OSError:
+        logger.info("Failed to bulk update characters. Attempting single updates")
         for character_id in character_ids_chunk:
             update_character.apply_async(
-                        args=[character_id], priority=TASK_PRIORITY
-                    )
+                args=[character_id], priority=TASK_PRIORITY
+            )
         return
 
     affiliations = {
-            affiliation.get('character_id'): affiliation
-            for affiliation in affiliations_raw
+        affiliation.get('character_id'): affiliation
+        for affiliation in affiliations_raw
     }
     # add character names to affiliations
     for character in character_names:
@@ -109,5 +107,5 @@ def update_character_chunk(character_ids_chunk: list):
 
             if corp_changed or alliance_changed or name_changed:
                 update_character.apply_async(
-                        args=[character.get('character_id')], priority=TASK_PRIORITY
-                    )
+                    args=[character.get('character_id')], priority=TASK_PRIORITY
+                )

allianceauth/eveonline/tests/esi_client_stub.py

@@ -0,0 +1,168 @@
+from bravado.exception import HTTPNotFound
+
+
+class BravadoResponseStub:
+    """Stub for IncomingResponse in bravado, e.g. for HTTPError exceptions"""
+
+    def __init__(
+        self, status_code, reason="", text="", headers=None, raw_bytes=None
+    ) -> None:
+        self.reason = reason
+        self.status_code = status_code
+        self.text = text
+        self.headers = headers if headers else dict()
+        self.raw_bytes = raw_bytes
+
+    def __str__(self):
+        return f"{self.status_code} {self.reason}"
+
+
+class BravadoOperationStub:
+    """Stub to simulate the operation object return from bravado via django-esi"""
+
+    class RequestConfig:
+        def __init__(self, also_return_response):
+            self.also_return_response = also_return_response
+
+    class ResponseStub:
+        def __init__(self, headers):
+            self.headers = headers
+
+    def __init__(self, data, headers: dict = None, also_return_response: bool = False):
+        self._data = data
+        self._headers = headers if headers else {"x-pages": 1}
+        self.request_config = BravadoOperationStub.RequestConfig(also_return_response)
+
+    def result(self, **kwargs):
+        if self.request_config.also_return_response:
+            return [self._data, self.ResponseStub(self._headers)]
+        else:
+            return self._data
+
+    def results(self, **kwargs):
+        return self.result(**kwargs)
+
+
+class EsiClientStub:
+    """Stub for an ESI client."""
+    class Alliance:
+        @staticmethod
+        def get_alliances_alliance_id(alliance_id):
+            data = {
+                3001: {
+                    "name": "Wayne Enterprises",
+                    "ticker": "WYE",
+                    "executor_corporation_id": 2001
+                }
+            }
+            try:
+                return BravadoOperationStub(data[int(alliance_id)])
+            except KeyError:
+                response = BravadoResponseStub(
+                    404, f"Alliance with ID {alliance_id} not found"
+                )
+                raise HTTPNotFound(response)
+
+        @staticmethod
+        def get_alliances_alliance_id_corporations(alliance_id):
+            data = [2001, 2002, 2003]
+            return BravadoOperationStub(data)
+
+    class Character:
+        @staticmethod
+        def get_characters_character_id(character_id):
+            data = {
+                1001: {
+                    "corporation_id": 2001,
+                    "name": "Bruce Wayne",
+                },
+                1002: {
+                    "corporation_id": 2001,
+                    "name": "Peter Parker",
+                },
+                1011: {
+                    "corporation_id": 2011,
+                    "name": "Lex Luthor",
+                }
+            }
+            try:
+                return BravadoOperationStub(data[int(character_id)])
+            except KeyError:
+                response = BravadoResponseStub(
+                    404, f"Character with ID {character_id} not found"
+                )
+                raise HTTPNotFound(response)
+
+        @staticmethod
+        def post_characters_affiliation(characters: list):
+            data = [
+                {'character_id': 1001, 'corporation_id': 2001, 'alliance_id': 3001},
+                {'character_id': 1002, 'corporation_id': 2001, 'alliance_id': 3001},
+                {'character_id': 1011, 'corporation_id': 2011},
+                {'character_id': 1666, 'corporation_id': 1000001},
+            ]
+            return BravadoOperationStub(
+                [x for x in data if x['character_id'] in characters]
+            )
+
+    class Corporation:
+        @staticmethod
+        def get_corporations_corporation_id(corporation_id):
+            data = {
+                2001: {
+                    "ceo_id": 1091,
+                    "member_count": 10,
+                    "name": "Wayne Technologies",
+                    "ticker": "WTE",
+                    "alliance_id": 3001
+                },
+                2002: {
+                    "ceo_id": 1092,
+                    "member_count": 10,
+                    "name": "Wayne Food",
+                    "ticker": "WFO",
+                    "alliance_id": 3001
+                },
+                2003: {
+                    "ceo_id": 1093,
+                    "member_count": 10,
+                    "name": "Wayne Energy",
+                    "ticker": "WEG",
+                    "alliance_id": 3001
+                },
+                2011: {
+                    "ceo_id": 1,
+                    "member_count": 3,
+                    "name": "LexCorp",
+                    "ticker": "LC",
+                },
+                1000001: {
+                    "ceo_id": 3000001,
+                    "creator_id": 1,
+                    "description": "The internal corporation used for characters in graveyard.",
+                    "member_count": 6329026,
+                    "name": "Doomheim",
+                    "ticker": "666",
+                }
+            }
+            try:
+                return BravadoOperationStub(data[int(corporation_id)])
+            except KeyError:
+                response = BravadoResponseStub(
+                    404, f"Corporation with ID {corporation_id} not found"
+                )
+                raise HTTPNotFound(response)
+
+    class Universe:
+        @staticmethod
+        def post_universe_names(ids: list):
+            data = [
+                {"category": "character", "id": 1001, "name": "Bruce Wayne"},
+                {"category": "character", "id": 1002, "name": "Peter Parker"},
+                {"category": "character", "id": 1011, "name": "Lex Luthor"},
+                {"category": "character", "id": 1666, "name": "Hal Jordan"},
+                {"category": "corporation", "id": 2001, "name": "Wayne Technologies"},
+                {"category": "corporation","id": 2002, "name": "Wayne Food"},
+                {"category": "corporation","id": 1000001, "name": "Doomheim"},
+            ]
+            return BravadoOperationStub([x for x in data if x['id'] in ids])

allianceauth/eveonline/tests/test_models.py

@@ -1,12 +1,15 @@
 from unittest.mock import Mock, patch
 
+from django.core.exceptions import ObjectDoesNotExist
 from django.test import TestCase
+from esi.models import Token
+
+from allianceauth.tests.auth_utils import AuthUtils
 
-from ..models import (
-    EveCharacter, EveCorporationInfo, EveAllianceInfo, EveFactionInfo
-)
-from ..providers import Alliance, Corporation, Character
 from ..evelinks import eveimageserver
+from ..models import EveAllianceInfo, EveCharacter, EveCorporationInfo, EveFactionInfo
+from ..providers import Alliance, Character, Corporation
+from .esi_client_stub import EsiClientStub
 
 
 class EveCharacterTestCase(TestCase):
@@ -402,8 +405,8 @@ class EveAllianceTestCase(TestCase):
         my_alliance.save()
         my_alliance.populate_alliance()
 
-        for corporation in EveCorporationInfo.objects\
-            .filter(corporation_id__in=[2001, 2002]
+        for corporation in (
+            EveCorporationInfo.objects.filter(corporation_id__in=[2001, 2002])
         ):
             self.assertEqual(corporation.alliance, my_alliance)
 
@@ -587,3 +590,98 @@ class EveCorporationTestCase(TestCase):
             self.my_corp.logo_url_256,
             'https://images.evetech.net/corporations/2001/logo?size=256'
         )
+
+
+@patch('allianceauth.eveonline.providers.esi_client_factory')
+@patch("allianceauth.eveonline.models.notify")
+class TestCharacterUpdate(TestCase):
+    def test_should_update_normal_character(self, mock_notify, mock_esi_client_factory):
+        # given
+        mock_esi_client_factory.return_value = EsiClientStub()
+        my_character = EveCharacter.objects.create(
+            character_id=1001,
+            character_name="not my name",
+            corporation_id=2002,
+            corporation_name="Wayne Food",
+            corporation_ticker="WYF",
+            alliance_id=None
+        )
+        # when
+        my_character.update_character()
+        # then
+        my_character.refresh_from_db()
+        self.assertEqual(my_character.character_name, "Bruce Wayne")
+        self.assertEqual(my_character.corporation_id, 2001)
+        self.assertEqual(my_character.corporation_name, "Wayne Technologies")
+        self.assertEqual(my_character.corporation_ticker, "WTE")
+        self.assertEqual(my_character.alliance_id, 3001)
+        self.assertEqual(my_character.alliance_name, "Wayne Enterprises")
+        self.assertEqual(my_character.alliance_ticker, "WYE")
+        self.assertFalse(mock_notify.called)
+
+    def test_should_update_dead_character_with_owner(
+        self, mock_notify, mock_esi_client_factory
+    ):
+        # given
+        mock_esi_client_factory.return_value = EsiClientStub()
+        character_1666 = EveCharacter.objects.create(
+            character_id=1666,
+            character_name="Hal Jordan",
+            corporation_id=2002,
+            corporation_name="Wayne Food",
+            corporation_ticker="WYF",
+            alliance_id=None
+        )
+        user = AuthUtils.create_user("Bruce Wayne")
+        token_1666 = Token.objects.create(
+            user=user,
+            character_id=character_1666.character_id,
+            character_name=character_1666.character_name,
+            character_owner_hash="ABC123-1666",
+        )
+        character_1001 = EveCharacter.objects.create(
+            character_id=1001,
+            character_name="Bruce Wayne",
+            corporation_id=2001,
+            corporation_name="Wayne Technologies",
+            corporation_ticker="WYT",
+            alliance_id=None
+        )
+        token_1001 = Token.objects.create(
+            user=user,
+            character_id=character_1001.character_id,
+            character_name=character_1001.character_name,
+            character_owner_hash="ABC123-1001",
+        )
+        # when
+        character_1666.update_character()
+        # then
+        character_1666.refresh_from_db()
+        self.assertTrue(character_1666.is_biomassed)
+        self.assertNotIn(token_1666, user.token_set.all())
+        self.assertIn(token_1001, user.token_set.all())
+        with self.assertRaises(ObjectDoesNotExist):
+            self.assertTrue(character_1666.character_ownership)
+        user.profile.refresh_from_db()
+        self.assertIsNone(user.profile.main_character)
+        self.assertTrue(mock_notify.called)
+
+    def test_should_handle_dead_character_without_owner(
+        self, mock_notify, mock_esi_client_factory
+    ):
+        # given
+        mock_esi_client_factory.return_value = EsiClientStub()
+        character_1666 = EveCharacter.objects.create(
+            character_id=1666,
+            character_name="Hal Jordan",
+            corporation_id=1011,
+            corporation_name="LexCorp",
+            corporation_ticker='LC',
+            alliance_id=None
+        )
+        # when
+        character_1666.update_character()
+        # then
+        character_1666.refresh_from_db()
+        self.assertTrue(character_1666.is_biomassed)
+        self.assertFalse(mock_notify.called)

allianceauth/eveonline/tests/test_providers.py

@@ -7,6 +7,7 @@ from jsonschema.exceptions import RefResolutionError
 from django.test import TestCase
 
 from . import set_logger
+from .esi_client_stub import EsiClientStub
 from ..providers import (
     ObjectNotFound,
     Entity,
@@ -632,13 +633,7 @@ class TestEveSwaggerProvider(TestCase):
 
     @patch(MODULE_PATH + '.esi_client_factory')
     def test_get_character(self, mock_esi_client_factory):
-        mock_esi_client_factory.return_value \
-            .Character.get_characters_character_id \
-            = TestEveSwaggerProvider.esi_get_characters_character_id
-        mock_esi_client_factory.return_value \
-            .Character.post_characters_affiliation \
-            = TestEveSwaggerProvider.esi_post_characters_affiliation
-
+        mock_esi_client_factory.return_value = EsiClientStub()
         my_provider = EveSwaggerProvider()
 
         # character with alliance
@@ -649,8 +644,8 @@ class TestEveSwaggerProvider(TestCase):
         self.assertEqual(my_character.alliance_id, 3001)
 
         # character wo/ alliance
-        my_character = my_provider.get_character(1002)
-        self.assertEqual(my_character.id, 1002)
+        my_character = my_provider.get_character(1011)
+        self.assertEqual(my_character.id, 1011)
         self.assertEqual(my_character.alliance_id, None)
 
         # character not found

allianceauth/eveonline/tests/test_tasks.py

@@ -1,245 +1,271 @@
-from unittest.mock import patch, Mock
+from unittest.mock import patch
 
-from django.test import TestCase
+from django.test import TestCase, TransactionTestCase, override_settings
 
-from ..models import EveCharacter, EveCorporationInfo, EveAllianceInfo
+from ..models import EveAllianceInfo, EveCharacter, EveCorporationInfo
 from ..tasks import (
+    run_model_update,
     update_alliance,
-    update_corp,
     update_character,
-    run_model_update
+    update_character_chunk,
+    update_corp,
 )
+from .esi_client_stub import EsiClientStub
 
 
-class TestTasks(TestCase):
-
-    @patch('allianceauth.eveonline.tasks.EveCorporationInfo')
-    def test_update_corp(self, mock_EveCorporationInfo):
-        update_corp(42)
-        self.assertEqual(
-            mock_EveCorporationInfo.objects.update_corporation.call_count, 1
-        )
-        self.assertEqual(
-            mock_EveCorporationInfo.objects.update_corporation.call_args[0][0], 42
+@patch('allianceauth.eveonline.providers.esi_client_factory')
+class TestUpdateTasks(TestCase):
+    def test_should_update_alliance(self, mock_esi_client_factory):
+        # given
+        mock_esi_client_factory.return_value = EsiClientStub()
+        my_alliance = EveAllianceInfo.objects.create(
+            alliance_id=3001,
+            alliance_name="Wayne Enterprises",
+            alliance_ticker="WYE",
+            executor_corp_id=2003
         )
+        # when
+        update_alliance(my_alliance.alliance_id)
+        # then
+        my_alliance.refresh_from_db()
+        self.assertEqual(my_alliance.executor_corp_id, 2001)
 
-    @patch('allianceauth.eveonline.tasks.EveAllianceInfo')
-    def test_update_alliance(self, mock_EveAllianceInfo):
-        update_alliance(42)
-        self.assertEqual(
-            mock_EveAllianceInfo.objects.update_alliance.call_args[0][0], 42
-        )
-        self.assertEqual(
-            mock_EveAllianceInfo.objects
-            .update_alliance.return_value.populate_alliance.call_count, 1
+    def test_should_update_character(self, mock_esi_client_factory):
+        # given
+        mock_esi_client_factory.return_value = EsiClientStub()
+        my_character = EveCharacter.objects.create(
+            character_id=1001,
+            character_name="Bruce Wayne",
+            corporation_id=2002,
+            corporation_name="Wayne Food",
+            corporation_ticker="WYF",
+            alliance_id=None
         )
+        # when
+        update_character(my_character.character_id)
+        # then
+        my_character.refresh_from_db()
+        self.assertEqual(my_character.corporation_id, 2001)
 
-    @patch('allianceauth.eveonline.tasks.EveCharacter')
-    def test_update_character(self, mock_EveCharacter):
-        update_character(42)
-        self.assertEqual(
-            mock_EveCharacter.objects.update_character.call_count, 1
+    def test_should_update_corp(self, mock_esi_client_factory):
+        # given
+        mock_esi_client_factory.return_value = EsiClientStub()
+        EveAllianceInfo.objects.create(
+            alliance_id=3001,
+            alliance_name="Wayne Enterprises",
+            alliance_ticker="WYE",
+            executor_corp_id=2003
         )
-        self.assertEqual(
-            mock_EveCharacter.objects.update_character.call_args[0][0], 42
+        my_corporation = EveCorporationInfo.objects.create(
+            corporation_id=2003,
+            corporation_name="Wayne Food",
+            corporation_ticker="WFO",
+            member_count=1,
+            alliance=None,
+            ceo_id=1999
         )
+        # when
+        update_corp(my_corporation.corporation_id)
+        # then
+        my_corporation.refresh_from_db()
+        self.assertEqual(my_corporation.alliance.alliance_id, 3001)
+
+    # @patch('allianceauth.eveonline.tasks.EveCharacter')
+    # def test_update_character(self, mock_EveCharacter):
+    #     update_character(42)
+    #     self.assertEqual(
+    #         mock_EveCharacter.objects.update_character.call_count, 1
+    #     )
+    #     self.assertEqual(
+    #         mock_EveCharacter.objects.update_character.call_args[0][0], 42
+    #     )
 
 
-@patch('allianceauth.eveonline.tasks.update_character')
-@patch('allianceauth.eveonline.tasks.update_alliance')
-@patch('allianceauth.eveonline.tasks.update_corp')
-@patch('allianceauth.eveonline.providers.provider')
+@override_settings(CELERY_ALWAYS_EAGER=True)
+@patch('allianceauth.eveonline.providers.esi_client_factory')
+@patch('allianceauth.eveonline.tasks.providers')
 @patch('allianceauth.eveonline.tasks.CHUNK_SIZE', 2)
-class TestRunModelUpdate(TestCase):
-
-    @classmethod
-    def setUpClass(cls):
-        super().setUpClass()
-        EveCorporationInfo.objects.all().delete()
-        EveAllianceInfo.objects.all().delete()
-        EveCharacter.objects.all().delete()
-
+class TestRunModelUpdate(TransactionTestCase):
+    def test_should_run_updates(self, mock_providers, mock_esi_client_factory):
+        # given
+        mock_providers.provider.client = EsiClientStub()
+        mock_esi_client_factory.return_value = EsiClientStub()
         EveCorporationInfo.objects.create(
-            corporation_id=2345,
-            corporation_name='corp.name',
-            corporation_ticker='c.c.t',
+            corporation_id=2001,
+            corporation_name="Wayne Technologies",
+            corporation_ticker="WTE",
             member_count=10,
             alliance=None,
         )
-        EveAllianceInfo.objects.create(
-            alliance_id=3456,
-            alliance_name='alliance.name',
-            alliance_ticker='a.t',
-            executor_corp_id=5,
+        alliance_3001 = EveAllianceInfo.objects.create(
+            alliance_id=3001,
+            alliance_name="Wayne Enterprises",
+            alliance_ticker="WYE",
+            executor_corp_id=2003
         )
-        EveCharacter.objects.create(
-            character_id=1,
-            character_name='character.name1',
-            corporation_id=2345,
-            corporation_name='character.corp.name',
-            corporation_ticker='c.c.t',  # max 5 chars
+        corporation_2003 = EveCorporationInfo.objects.create(
+            corporation_id=2003,
+            corporation_name="Wayne Energy",
+            corporation_ticker="WEG",
+            member_count=99,
+            alliance=None,
+        )
+        character_1001 = EveCharacter.objects.create(
+            character_id=1001,
+            character_name="Bruce Wayne",
+            corporation_id=2002,
+            corporation_name="Wayne Food",
+            corporation_ticker="WYF",
             alliance_id=None
         )
-        EveCharacter.objects.create(
-            character_id=2,
-            character_name='character.name2',
-            corporation_id=9876,
-            corporation_name='character.corp.name',
-            corporation_ticker='c.c.t',  # max 5 chars
-            alliance_id=3456,
-            alliance_name='character.alliance.name',
-        )
-        EveCharacter.objects.create(
-            character_id=3,
-            character_name='character.name3',
-            corporation_id=9876,
-            corporation_name='character.corp.name',
-            corporation_ticker='c.c.t',  # max 5 chars
-            alliance_id=3456,
-            alliance_name='character.alliance.name',
-        )
-        EveCharacter.objects.create(
-            character_id=4,
-            character_name='character.name4',
-            corporation_id=9876,
-            corporation_name='character.corp.name',
-            corporation_ticker='c.c.t',  # max 5 chars
-            alliance_id=3456,
-            alliance_name='character.alliance.name',
-        )
-        """
-        EveCharacter.objects.create(
-            character_id=5,
-            character_name='character.name5',
-            corporation_id=9876,
-            corporation_name='character.corp.name',
-            corporation_ticker='c.c.t',  # max 5 chars
-            alliance_id=3456,
-            alliance_name='character.alliance.name',
-        )
-        """
-
-    def setUp(self):
-        self.affiliations = [
-            {'character_id': 1, 'corporation_id': 5},
-            {'character_id': 2, 'corporation_id': 9876, 'alliance_id': 3456},
-            {'character_id': 3, 'corporation_id': 9876, 'alliance_id': 7456},
-            {'character_id': 4, 'corporation_id': 9876, 'alliance_id': 3456}
-        ]
-        self.names = [
-            {'id': 1, 'name': 'character.name1'},
-            {'id': 2, 'name': 'character.name2'},
-            {'id': 3, 'name': 'character.name3'},
-            {'id': 4, 'name': 'character.name4_new'}
-        ]
-
-    def test_normal_run(
-        self,
-        mock_provider,
-        mock_update_corp,
-        mock_update_alliance,
-        mock_update_character,
-    ):
-        def get_affiliations(characters: list):
-            response = [x for x in self.affiliations if x['character_id'] in characters]
-            mock_operator = Mock(**{'result.return_value': response})
-            return mock_operator
-
-        def get_names(ids: list):
-            response = [x for x in self.names if x['id'] in ids]
-            mock_operator = Mock(**{'result.return_value': response})
-            return mock_operator
-
-        mock_provider.client.Character.post_characters_affiliation.side_effect \
-            = get_affiliations
-
-        mock_provider.client.Universe.post_universe_names.side_effect = get_names
-
+        # when
         run_model_update()
-
+        # then
+        character_1001.refresh_from_db()
         self.assertEqual(
-            mock_provider.client.Character.post_characters_affiliation.call_count, 2
+            character_1001.corporation_id, 2001  # char has new corp
         )
+        corporation_2003.refresh_from_db()
         self.assertEqual(
-            mock_provider.client.Universe.post_universe_names.call_count, 2
+            corporation_2003.alliance.alliance_id, 3001  # corp has new alliance
+        )
+        alliance_3001.refresh_from_db()
+        self.assertEqual(
+            alliance_3001.executor_corp_id, 2001  # alliance has been updated
         )
 
-        # character 1 has changed corp
-        # character 2 no change
-        # character 3 has changed alliance
-        # character 4 has changed name
-        self.assertEqual(mock_update_corp.apply_async.call_count, 1)
-        self.assertEqual(
-            int(mock_update_corp.apply_async.call_args[1]['args'][0]), 2345
-        )
-        self.assertEqual(mock_update_alliance.apply_async.call_count, 1)
-        self.assertEqual(
-            int(mock_update_alliance.apply_async.call_args[1]['args'][0]), 3456
-        )
-        characters_updated = {
-            x[1]['args'][0] for x in mock_update_character.apply_async.call_args_list
+
+@override_settings(CELERY_ALWAYS_EAGER=True)
+@patch('allianceauth.eveonline.tasks.update_character', wraps=update_character)
+@patch('allianceauth.eveonline.providers.esi_client_factory')
+@patch('allianceauth.eveonline.tasks.providers')
+@patch('allianceauth.eveonline.tasks.CHUNK_SIZE', 2)
+class TestUpdateCharacterChunk(TestCase):
+    @staticmethod
+    def _updated_character_ids(spy_update_character) -> set:
+        """Character IDs passed to update_character task for update."""
+        return {
+            x[1]["args"][0] for x in spy_update_character.apply_async.call_args_list
         }
-        excepted = {1, 3, 4}
-        self.assertSetEqual(characters_updated, excepted)
 
-    def test_ignore_character_not_in_affiliations(
-        self,
-        mock_provider,
-        mock_update_corp,
-        mock_update_alliance,
-        mock_update_character,
+    def test_should_update_corp_change(
+        self, mock_providers, mock_esi_client_factory, spy_update_character
     ):
-        def get_affiliations(characters: list):
-            response = [x for x in self.affiliations if x['character_id'] in characters]
-            mock_operator = Mock(**{'result.return_value': response})
-            return mock_operator
+        # given
+        mock_providers.provider.client = EsiClientStub()
+        mock_esi_client_factory.return_value = EsiClientStub()
+        character_1001 = EveCharacter.objects.create(
+            character_id=1001,
+            character_name="Bruce Wayne",
+            corporation_id=2003,
+            corporation_name="Wayne Energy",
+            corporation_ticker="WEG",
+            alliance_id=3001,
+            alliance_name="Wayne Enterprises",
+            alliance_ticker="WYE",
+        )
+        character_1002 = EveCharacter.objects.create(
+            character_id=1002,
+            character_name="Peter Parker",
+            corporation_id=2001,
+            corporation_name="Wayne Technologies",
+            corporation_ticker="WTE",
+            alliance_id=3001,
+            alliance_name="Wayne Enterprises",
+            alliance_ticker="WYE",
+        )
+        # when
+        update_character_chunk([
+            character_1001.character_id, character_1002.character_id
+        ])
+        # then
+        character_1001.refresh_from_db()
+        self.assertEqual(character_1001.corporation_id, 2001)
+        self.assertSetEqual(self._updated_character_ids(spy_update_character), {1001})
 
-        def get_names(ids: list):
-            response = [x for x in self.names if x['id'] in ids]
-            mock_operator = Mock(**{'result.return_value': response})
-            return mock_operator
-
-        del self.affiliations[0]
-
-        mock_provider.client.Character.post_characters_affiliation.side_effect \
-            = get_affiliations
-
-        mock_provider.client.Universe.post_universe_names.side_effect = get_names
-
-        run_model_update()
-        characters_updated = {
-            x[1]['args'][0] for x in mock_update_character.apply_async.call_args_list
-        }
-        excepted = {3, 4}
-        self.assertSetEqual(characters_updated, excepted)
-
-    def test_ignore_character_not_in_names(
-        self,
-        mock_provider,
-        mock_update_corp,
-        mock_update_alliance,
-        mock_update_character,
+    def test_should_update_name_change(
+        self, mock_providers, mock_esi_client_factory, spy_update_character
     ):
-        def get_affiliations(characters: list):
-            response = [x for x in self.affiliations if x['character_id'] in characters]
-            mock_operator = Mock(**{'result.return_value': response})
-            return mock_operator
+        # given
+        mock_providers.provider.client = EsiClientStub()
+        mock_esi_client_factory.return_value = EsiClientStub()
+        character_1001 = EveCharacter.objects.create(
+            character_id=1001,
+            character_name="Batman",
+            corporation_id=2001,
+            corporation_name="Wayne Technologies",
+            corporation_ticker="WTE",
+            alliance_id=3001,
+            alliance_name="Wayne Technologies",
+            alliance_ticker="WYT",
+        )
+        # when
+        update_character_chunk([character_1001.character_id])
+        # then
+        character_1001.refresh_from_db()
+        self.assertEqual(character_1001.character_name, "Bruce Wayne")
+        self.assertSetEqual(self._updated_character_ids(spy_update_character), {1001})
 
-        def get_names(ids: list):
-            response = [x for x in self.names if x['id'] in ids]
-            mock_operator = Mock(**{'result.return_value': response})
-            return mock_operator
+    def test_should_update_alliance_change(
+        self, mock_providers, mock_esi_client_factory, spy_update_character
+    ):
+        # given
+        mock_providers.provider.client = EsiClientStub()
+        mock_esi_client_factory.return_value = EsiClientStub()
+        character_1001 = EveCharacter.objects.create(
+            character_id=1001,
+            character_name="Bruce Wayne",
+            corporation_id=2001,
+            corporation_name="Wayne Technologies",
+            corporation_ticker="WTE",
+            alliance_id=None,
+        )
+        # when
+        update_character_chunk([character_1001.character_id])
+        # then
+        character_1001.refresh_from_db()
+        self.assertEqual(character_1001.alliance_id, 3001)
+        self.assertSetEqual(self._updated_character_ids(spy_update_character), {1001})
 
-        del self.names[3]
+    def test_should_not_update_when_not_changed(
+        self, mock_providers, mock_esi_client_factory, spy_update_character
+    ):
+        # given
+        mock_providers.provider.client = EsiClientStub()
+        mock_esi_client_factory.return_value = EsiClientStub()
+        character_1001 = EveCharacter.objects.create(
+            character_id=1001,
+            character_name="Bruce Wayne",
+            corporation_id=2001,
+            corporation_name="Wayne Technologies",
+            corporation_ticker="WTE",
+            alliance_id=3001,
+            alliance_name="Wayne Technologies",
+            alliance_ticker="WYT",
+        )
+        # when
+        update_character_chunk([character_1001.character_id])
+        # then
+        self.assertSetEqual(self._updated_character_ids(spy_update_character), set())
 
-        mock_provider.client.Character.post_characters_affiliation.side_effect \
-            = get_affiliations
-
-        mock_provider.client.Universe.post_universe_names.side_effect = get_names
-
-        run_model_update()
-        characters_updated = {
-            x[1]['args'][0] for x in mock_update_character.apply_async.call_args_list
-        }
-        excepted = {1, 3}
-        self.assertSetEqual(characters_updated, excepted)
+    def test_should_fall_back_to_single_updates_when_bulk_update_failed(
+        self, mock_providers, mock_esi_client_factory, spy_update_character
+    ):
+        # given
+        mock_providers.provider.client.Character.post_characters_affiliation\
+            .side_effect = OSError
+        mock_esi_client_factory.return_value = EsiClientStub()
+        character_1001 = EveCharacter.objects.create(
+            character_id=1001,
+            character_name="Bruce Wayne",
+            corporation_id=2001,
+            corporation_name="Wayne Technologies",
+            corporation_ticker="WTE",
+            alliance_id=3001,
+            alliance_name="Wayne Technologies",
+            alliance_ticker="WYT",
+        )
+        # when
+        update_character_chunk([character_1001.character_id])
+        # then
+        self.assertSetEqual(self._updated_character_ids(spy_update_character), {1001})

allianceauth/fleetactivitytracking/__init__.py

@@ -1 +0,0 @@
-default_app_config = 'allianceauth.fleetactivitytracking.apps.FatConfig'

allianceauth/fleetactivitytracking/auth_hooks.py

@@ -1,5 +1,5 @@
 from . import urls
-from django.utils.translation import ugettext_lazy as _
+from django.utils.translation import gettext_lazy as _
 from allianceauth import hooks
 from allianceauth.services.hooks import MenuItemHook, UrlHook
 

allianceauth/fleetactivitytracking/forms.py

@@ -1,5 +1,5 @@
 from django import forms
-from django.utils.translation import ugettext_lazy as _
+from django.utils.translation import gettext_lazy as _
 
 
 class FatlinkForm(forms.Form):

allianceauth/fleetactivitytracking/templates/fleetactivitytracking/characternotexisting.html

@@ -12,7 +12,7 @@
                     <div class="panel-heading">{{ character_name }}</div>
                     <div class="panel-body">
                         <div class="col-lg-2 col-sm-2">
-                            <img class="ra-avatar img-responsive" src="{{ character_portrait_url }}">
+                            <img class="ra-avatar img-responsive" src="{{ character_portrait_url }}" alt="{{ character_name }}">
                         </div>
                         <div class="col-lg-10 col-sm-2">
                             <div class="alert alert-danger" role="alert">{% translate "Character not registered!" %}</div>

allianceauth/fleetactivitytracking/templates/fleetactivitytracking/fatlinkformatter.html

@@ -1,6 +1,5 @@
 {% extends "allianceauth/base.html" %}
 {% load bootstrap %}
-{% load static %}
 {% load i18n %}
 
 {% block page_title %}{% translate "Create Fatlink" %}{% endblock page_title %}
@@ -21,7 +20,7 @@
                         <form class="form-signin" role="form" action="" method="POST">
                             {% csrf_token %}
                             {{ form|bootstrap }}
-                            <br/>
+                            <br>
                             <button class="btn btn-lg btn-primary btn-block" type="submit" name="submit_fat">{% translate "Create fatlink" %}</button>
                         </form>
                 </div>

allianceauth/fleetactivitytracking/templates/fleetactivitytracking/fatlinkmodify.html

@@ -1,6 +1,4 @@
 {% extends "allianceauth/base.html" %}
-{% load bootstrap %}
-{% load static %}
 {% load i18n %}
 {% block page_title %}{% translate "Fatlink view" %}{% endblock page_title %}
 

allianceauth/fleetactivitytracking/templates/fleetactivitytracking/fatlinkpersonalmonthlystatisticsview.html

@@ -1,6 +1,4 @@
 {% extends "allianceauth/base.html" %}
-{% load bootstrap %}
-{% load static %}
 {% load i18n %}
 
 {% block page_title %}{% translate "Personal fatlink statistics" %}{% endblock page_title %}

allianceauth/fleetactivitytracking/templates/fleetactivitytracking/fatlinkpersonalstatisticsview.html

@@ -1,6 +1,4 @@
 {% extends "allianceauth/base.html" %}
-{% load bootstrap %}
-{% load static %}
 {% load i18n %}
 
 {% block page_title %}{% translate "Personal fatlink statistics" %}{% endblock page_title %}

allianceauth/fleetactivitytracking/templates/fleetactivitytracking/fatlinkstatisticscorpview.html

@@ -1,6 +1,4 @@
 {% extends "allianceauth/base.html" %}
-{% load bootstrap %}
-{% load static %}
 {% load i18n %}
 
 {% block page_title %}{% translate "Fatlink Corp Statistics" %}{% endblock page_title %}
@@ -29,7 +27,7 @@
             {% for memberStat in fatStats %}
             <tr>
                 <td>
-                    <img src="{{ memberStat.mainchar.portrait_url_32 }}" class="ra-avatar img-responsive">
+                    <img src="{{ memberStat.mainchar.portrait_url_32 }}" class="ra-avatar img-responsive" alt="{{ memberStat.mainchar.character_name }}">
                 </td>
                 <td class="text-center">{{ memberStat.mainchar.character_name }}</td>
                 <td class="text-center">{{ memberStat.n_chars }}</td>

allianceauth/fleetactivitytracking/templates/fleetactivitytracking/fatlinkstatisticsview.html

@@ -1,6 +1,4 @@
 {% extends "allianceauth/base.html" %}
-{% load bootstrap %}
-{% load static %}
 {% load i18n %}
 
 {% block page_title %}{% translate "Fatlink statistics" %}{% endblock page_title %}
@@ -30,9 +28,9 @@
             {% for corpStat in fatStats %}
             <tr>
                 <td>
-                    <img src="{{ corpStat.corp.logo_url_32 }}" class="ra-avatar img-responsive">
+                    <img src="{{ corpStat.corp.logo_url_32 }}" class="ra-avatar img-responsive" alt="{{ corpStat.corp.corporation_name }}">
                 </td>
-                <td class="text-center"><a href="{% url 'fatlink:statistics_corp' corpStat.corp.corporation_id %}">[{{ corpStat.corp.corporation_ticker }}]</td>
+                <td class="text-center"><a href="{% url 'fatlink:statistics_corp' corpStat.corp.corporation_id %}">[{{ corpStat.corp.corporation_ticker }}]</a></td>
                 <td class="text-center">{{ corpStat.corp.corporation_name }}</td>
                 <td class="text-center">{{ corpStat.corp.member_count }}</td>
                 <td class="text-center">{{ corpStat.n_fats }}</td>

allianceauth/fleetactivitytracking/templates/fleetactivitytracking/fatlinkview.html

@@ -1,6 +1,4 @@
 {% extends "allianceauth/base.html" %}
-{% load bootstrap %}
-{% load static %}
 {% load i18n %}
 
 {% block page_title %}{% translate "Fatlink view" %}{% endblock page_title %}

allianceauth/fleetactivitytracking/urls.py

@@ -1,30 +1,30 @@
-from django.conf.urls import url
+from django.urls import path
 
 from . import views
 app_name = 'fleetactivitytracking'
 
 urlpatterns = [
     # FleetActivityTracking (FAT)
-    url(r'^$', views.fatlink_view, name='view'),
-    url(r'^statistics/$', views.fatlink_statistics_view, name='statistics'),
-    url(r'^statistics/corp/(\w+)$', views.fatlink_statistics_corp_view,
+    path('', views.fatlink_view, name='view'),
+    path('statistics/', views.fatlink_statistics_view, name='statistics'),
+    path('statistics/corp/<int:corpid>/', views.fatlink_statistics_corp_view,
         name='statistics_corp'),
-    url(r'^statistics/corp/(?P<corpid>\w+)/(?P<year>[0-9]+)/(?P<month>[0-9]+)/',
+    path('statistics/corp/<int:corpid>/<int:year>/<int:month>/',
         views.fatlink_statistics_corp_view,
         name='statistics_corp_month'),
-    url(r'^statistics/(?P<year>[0-9]+)/(?P<month>[0-9]+)/$', views.fatlink_statistics_view,
+    path('statistics/<int:year>/<int:month>/', views.fatlink_statistics_view,
         name='statistics_month'),
-    url(r'^user/statistics/$', views.fatlink_personal_statistics_view,
+    path('user/statistics/', views.fatlink_personal_statistics_view,
         name='personal_statistics'),
-    url(r'^user/statistics/(?P<year>[0-9]+)/$', views.fatlink_personal_statistics_view,
+    path('user/statistics/<int:year>/', views.fatlink_personal_statistics_view,
         name='personal_statistics_year'),
-    url(r'^user/statistics/(?P<year>[0-9]+)/(?P<month>[0-9]+)/$',
+    path('user/statistics/<int:year>/<int:month>/',
         views.fatlink_monthly_personal_statistics_view,
         name='personal_statistics_month'),
-    url(r'^user/(?P<char_id>[0-9]+)/statistics/(?P<year>[0-9]+)/(?P<month>[0-9]+)/$',
+    path('user/<int:char_id>/statistics/<int:year>/<int:month>/',
         views.fatlink_monthly_personal_statistics_view,
         name='user_statistics_month'),
-    url(r'^create/$', views.create_fatlink_view, name='create'),
-    url(r'^modify/(?P<fat_hash>[a-zA-Z0-9_-]+)/$', views.modify_fatlink_view, name='modify'),
-    url(r'^link/(?P<fat_hash>[a-zA-Z0-9]+)/$', views.click_fatlink_view, name='click'),
+    path('create/', views.create_fatlink_view, name='create'),
+    path('modify/<str:fat_hash>/', views.modify_fatlink_view, name='modify'),
+    path('link/<str:fat_hash>/', views.click_fatlink_view, name='click'),
 ]

allianceauth/fleetactivitytracking/views.py

@@ -10,7 +10,7 @@ from django.contrib.auth.models import User
 from django.core.exceptions import ValidationError, ObjectDoesNotExist
 from django.shortcuts import render, redirect, get_object_or_404, Http404
 from django.utils import timezone
-from django.utils.translation import ugettext_lazy as _
+from django.utils.translation import gettext_lazy as _
 from esi.decorators import token_required
 from allianceauth.eveonline.providers import provider
 from .forms import FatlinkForm
@@ -212,7 +212,14 @@ def fatlink_monthly_personal_statistics_view(request, year, month, char_id=None)
     start_of_previous_month = first_day_of_previous_month(year, month)
 
     if request.user.has_perm('auth.fleetactivitytracking_statistics') and char_id:
-        user = EveCharacter.objects.get(character_id=char_id).user
+        try:
+            user = EveCharacter.objects.get(character_id=char_id).character_ownership.user
+        except EveCharacter.DoesNotExist:
+            messages.error(request, _('Character does not exist'))
+            return redirect('fatlink:view')
+        except AttributeError:
+            messages.error(request, _('User does not exist'))
+            return redirect('fatlink:view')
     else:
         user = request.user
     logger.debug(f"Personal monthly statistics view for user {user} called by {request.user}")

allianceauth/groupmanagement/__init__.py

@@ -1 +0,0 @@
-default_app_config = 'allianceauth.groupmanagement.apps.GroupManagementConfig'

allianceauth/groupmanagement/admin.py

@@ -1,15 +1,21 @@
 from django.apps import apps
-from django.contrib.auth.models import Permission
 from django.contrib import admin
-from django.contrib.auth.models import Group as BaseGroup, User
-from django.db.models import Count
+
+from django.contrib.auth.models import Group as BaseGroup, Permission, User
+from django.db.models import Count, Exists, OuterRef
 from django.db.models.functions import Lower
-from django.db.models.signals import pre_save, post_save, pre_delete, \
-    post_delete, m2m_changed
+from django.db.models.signals import (
+    m2m_changed,
+    post_delete,
+    post_save,
+    pre_delete,
+    pre_save
+)
 from django.dispatch import receiver
 
-from .models import AuthGroup
-from .models import GroupRequest
+from .forms import GroupAdminForm, ReservedGroupNameAdminForm
+from .models import AuthGroup, GroupRequest, ReservedGroupName
+from .tasks import remove_users_not_matching_states_from_group
 
 if 'eve_autogroups' in apps.app_configs:
     _has_auto_groups = True
@@ -24,10 +30,12 @@ class AuthGroupInlineAdmin(admin.StackedInline):
         'description',
         'group_leaders',
         'group_leader_groups',
-        'states', 'internal',
+        'states',
+        'internal',
         'hidden',
         'open',
-        'public'
+        'public',
+        'restricted',
     )
     verbose_name_plural = 'Auth Settings'
     verbose_name = ''
@@ -46,6 +54,11 @@ class AuthGroupInlineAdmin(admin.StackedInline):
     def has_change_permission(self, request, obj=None):
         return request.user.has_perm('auth.change_group')
 
+    def get_readonly_fields(self, request, obj=None):
+        if not request.user.is_superuser:
+            return self.readonly_fields + ("restricted",)
+        return self.readonly_fields
+
 
 if _has_auto_groups:
     class IsAutoGroupFilter(admin.SimpleListFilter):
@@ -70,8 +83,7 @@ if _has_auto_groups:
                     managedalliancegroup__isnull=True,
                     managedcorpgroup__isnull=True
                 )
-            else:
-                return queryset
+            return queryset
 
 
 class HasLeaderFilter(admin.SimpleListFilter):
@@ -90,19 +102,18 @@ class HasLeaderFilter(admin.SimpleListFilter):
             return queryset.filter(authgroup__group_leaders__isnull=False)
         elif value == 'no':
             return queryset.filter(authgroup__group_leaders__isnull=True)
-        else:
-            return queryset
+        return queryset
 
 
 class GroupAdmin(admin.ModelAdmin):
-    list_select_related = ('authgroup',)
+    form = GroupAdminForm
     ordering = ('name',)
     list_display = (
         'name',
         '_description',
         '_properties',
         '_member_count',
-        'has_leader'
+        'has_leader',
     )
     list_filter = [
         'authgroup__internal',
@@ -118,34 +129,51 @@ class GroupAdmin(admin.ModelAdmin):
 
     def get_queryset(self, request):
         qs = super().get_queryset(request)
-        if _has_auto_groups:
-            qs = qs.prefetch_related('managedalliancegroup_set', 'managedcorpgroup_set')
-        qs = qs.prefetch_related('authgroup__group_leaders').select_related('authgroup')
-        qs = qs.annotate(
-            member_count=Count('user', distinct=True),
+        has_leader_qs = (
+            AuthGroup.objects.filter(group=OuterRef('pk'), group_leaders__isnull=False)
         )
+        has_leader_groups_qs = (
+            AuthGroup.objects.filter(
+                group=OuterRef('pk'), group_leader_groups__isnull=False
+            )
+        )
+        qs = (
+            qs.select_related('authgroup')
+            .annotate(member_count=Count('user', distinct=True))
+            .annotate(has_leader=Exists(has_leader_qs))
+            .annotate(has_leader_groups=Exists(has_leader_groups_qs))
+        )
+        if _has_auto_groups:
+            is_autogroup_corp = (
+                Group.objects.filter(
+                    pk=OuterRef('pk'), managedcorpgroup__isnull=False
+                )
+            )
+            is_autogroup_alliance = (
+                Group.objects.filter(
+                    pk=OuterRef('pk'), managedalliancegroup__isnull=False
+                )
+            )
+            qs = (
+                qs.annotate(is_autogroup_corp=Exists(is_autogroup_corp))
+                .annotate(is_autogroup_alliance=Exists(is_autogroup_alliance))
+            )
         return qs
 
     def _description(self, obj):
         return obj.authgroup.description
 
+    @admin.display(description='Members', ordering='member_count')
     def _member_count(self, obj):
         return obj.member_count
 
-    _member_count.short_description = 'Members'
-    _member_count.admin_order_field = 'member_count'
-
+    @admin.display(boolean=True)
     def has_leader(self, obj):
-        return obj.authgroup.group_leaders.exists() or obj.authgroup.group_leader_groups.exists()
-
-    has_leader.boolean = True
+        return obj.has_leader or obj.has_leader_groups
 
     def _properties(self, obj):
         properties = list()
-        if _has_auto_groups and (
-            obj.managedalliancegroup_set.exists()
-            or obj.managedcorpgroup_set.exists()
-        ):
+        if _has_auto_groups and (obj.is_autogroup_corp or obj.is_autogroup_alliance):
             properties.append('Auto Group')
         elif obj.authgroup.internal:
             properties.append('Internal')
@@ -158,11 +186,10 @@ class GroupAdmin(admin.ModelAdmin):
                 properties.append('Public')
         if not properties:
             properties.append('Default')
-
+        if obj.authgroup.restricted:
+            properties.append('Restricted')
         return properties
 
-    _properties.short_description = "properties"
-
     filter_horizontal = ('permissions',)
     inlines = (AuthGroupInlineAdmin,)
 
@@ -176,8 +203,15 @@ class GroupAdmin(admin.ModelAdmin):
             ag_instance = inline_form.save(commit=False)
             ag_instance.group = form.instance
             ag_instance.save()
+            if ag_instance.states.exists():
+                remove_users_not_matching_states_from_group.delay(ag_instance.group.pk)
         formset.save()
 
+    def get_readonly_fields(self, request, obj=None):
+        if not request.user.is_superuser:
+            return self.readonly_fields + ("permissions",)
+        return self.readonly_fields
+
 
 class Group(BaseGroup):
     class Meta:
@@ -202,11 +236,23 @@ class GroupRequestAdmin(admin.ModelAdmin):
         'leave_request',
     )
 
+    @admin.display(boolean=True, description="is leave request")
     def _leave_request(self, obj) -> True:
         return obj.leave_request
 
-    _leave_request.short_description = 'is leave request'
-    _leave_request.boolean = True
+
+@admin.register(ReservedGroupName)
+class ReservedGroupNameAdmin(admin.ModelAdmin):
+    form = ReservedGroupNameAdminForm
+    list_display = ("name", "created_by", "created_at")
+
+    def get_form(self, request, *args, **kwargs):
+        form = super().get_form(request, *args, **kwargs)
+        form.current_user = request.user
+        return form
+
+    def has_change_permission(self, *args, **kwargs) -> bool:
+        return False
 
 
 @receiver(pre_save, sender=Group)

allianceauth/groupmanagement/auth_hooks.py

@@ -1,4 +1,4 @@
-from django.utils.translation import ugettext_lazy as _
+from django.utils.translation import gettext_lazy as _
 
 from allianceauth.services.hooks import MenuItemHook, UrlHook
 from allianceauth import hooks

allianceauth/groupmanagement/forms.py

@@ -0,0 +1,39 @@
+from django import forms
+from django.contrib.auth.models import Group
+from django.core.exceptions import ValidationError
+from django.utils.timezone import now
+from django.utils.translation import gettext_lazy as _
+
+from .models import ReservedGroupName
+
+
+class GroupAdminForm(forms.ModelForm):
+    def clean_name(self):
+        my_name = self.cleaned_data['name']
+        if ReservedGroupName.objects.filter(name__iexact=my_name).exists():
+            raise ValidationError(
+                _("This name has been reserved and can not be used for groups."),
+                code='reserved_name'
+            )
+        return my_name
+
+
+class ReservedGroupNameAdminForm(forms.ModelForm):
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        self.fields['created_by'].initial = self.current_user.username
+        self.fields['created_at'].initial = _("(auto)")
+
+    created_by = forms.CharField(disabled=True)
+    created_at = forms.CharField(disabled=True)
+
+    def clean_name(self):
+        my_name = self.cleaned_data['name'].lower()
+        if Group.objects.filter(name__iexact=my_name).exists():
+            raise ValidationError(
+                _("There already exists a group with that name."), code='already_exists'
+            )
+        return my_name
+
+    def clean_created_at(self):
+        return now()

allianceauth/groupmanagement/managers.py

@@ -14,8 +14,8 @@ class GroupManager:
 
     @classmethod
     def get_joinable_groups_for_user(
-        cls, user: User, include_hidden = True
-    ) -> QuerySet:
+        cls, user: User, include_hidden=True
+    ) -> QuerySet[Group]:
         """get groups a user could join incl. groups already joined"""
         groups_qs = cls.get_joinable_groups(user.profile.state)
 
@@ -28,24 +28,27 @@ class GroupManager:
         return groups_qs
 
     @staticmethod
-    def get_joinable_groups(state: State) -> QuerySet:
+    def get_joinable_groups(state: State) -> QuerySet[Group]:
         """get groups that can be joined by user with given state"""
-        return Group.objects\
-            .select_related('authgroup')\
-            .exclude(authgroup__internal=True)\
-            .filter(Q(authgroup__states=state) | Q(authgroup__states=None))
-
-    @staticmethod
-    def get_all_non_internal_groups() -> QuerySet:
-        """get groups that are not internal"""
-        return Group.objects\
-            .select_related('authgroup')\
+        return (
+            Group.objects
             .exclude(authgroup__internal=True)
+            .filter(Q(authgroup__states=state) | Q(authgroup__states=None))
+        )
 
     @staticmethod
-    def get_group_leaders_groups(user: User):
-        return Group.objects.select_related('authgroup').filter(authgroup__group_leaders__in=[user]) | \
-            Group.objects.select_related('authgroup').filter(authgroup__group_leader_groups__in=user.groups.all())
+    def get_all_non_internal_groups() -> QuerySet[Group]:
+        """get groups that are not internal"""
+        return Group.objects.exclude(authgroup__internal=True)
+
+    @staticmethod
+    def get_group_leaders_groups(user: User) -> QuerySet[Group]:
+        return (
+            Group.objects.filter(authgroup__group_leaders=user)
+            | Group.objects.filter(
+                authgroup__group_leader_groups__in=list(user.groups.all())
+            )
+        )
 
     @staticmethod
     def joinable_group(group: Group, state: State) -> bool:
@@ -57,12 +60,12 @@ class GroupManager:
         :param state: allianceauth.authentication.State object
         :return: bool True if its joinable, False otherwise
         """
-        if (len(group.authgroup.states.all()) != 0
+        if (
+            len(group.authgroup.states.all()) != 0
             and state not in group.authgroup.states.all()
         ):
             return False
-        else:
-            return not group.authgroup.internal
+        return not group.authgroup.internal
 
     @staticmethod
     def check_internal_group(group: Group) -> bool:
@@ -78,7 +81,7 @@ class GroupManager:
         return user.has_perm('auth.group_management')
 
     @classmethod
-    def can_manage_groups(cls, user:User ) -> bool:
+    def can_manage_groups(cls, user:User) -> bool:
         """
         For use with user_passes_test decorator.
         Check if the user can manage groups. Either has the
@@ -88,7 +91,10 @@ class GroupManager:
         :return: bool True if user can manage groups, False otherwise
         """
         if user.is_authenticated:
-            return cls.has_management_permission(user) or cls.get_group_leaders_groups(user)
+            return (
+                cls.has_management_permission(user)
+                or cls.get_group_leaders_groups(user)
+            )
         return False
 
     @classmethod
@@ -100,19 +106,19 @@ class GroupManager:
         :return: True if the user can manage the group
         """
         if user.is_authenticated:
-            return cls.has_management_permission(user) or cls.get_group_leaders_groups(user).filter(pk=group.pk).exists()
+            return (
+                cls.has_management_permission(user)
+                or cls.get_group_leaders_groups(user).filter(pk=group.pk).exists()
+            )
         return False
 
     @classmethod
     def pending_requests_count_for_user(cls, user: User) -> int:
         """Returns the number of pending group requests for the given user"""
-
         if cls.has_management_permission(user):
             return GroupRequest.objects.all().count()
-        else:
-            return (
-                GroupRequest.objects
-                .filter(group__authgroup__group_leaders__exact=user)
-                .select_related("group__authgroup__group_leaders")
-                .count()
-            )
+        return (
+            GroupRequest.objects
+            .filter(group__in=list(cls.get_group_leaders_groups(user)))
+            .count()
+        )

allianceauth/groupmanagement/migrations/0017_improve_groups_documentation.py

@@ -0,0 +1,42 @@
+# Generated by Django 3.2.9 on 2021-11-11 15:56
+
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+        ('auth', '0012_alter_user_first_name_max_length'),
+        ('authentication', '0019_merge_20211026_0919'),
+        ('groupmanagement', '0016_remove_grouprequest_status_field'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='authgroup',
+            name='group_leader_groups',
+            field=models.ManyToManyField(blank=True, help_text='Members of leader groups can process requests for this group. Use the <code>auth.group_management</code> permission to allow a user to manage all groups.<br>', related_name='leads_group_groups', to='auth.Group'),
+        ),
+        migrations.AlterField(
+            model_name='authgroup',
+            name='group_leaders',
+            field=models.ManyToManyField(blank=True, help_text='Group leaders can process requests for this group. Use the <code>auth.group_management</code> permission to allow a user to manage all groups.<br>', related_name='leads_groups', to=settings.AUTH_USER_MODEL),
+        ),
+        migrations.AlterField(
+            model_name='authgroup',
+            name='open',
+            field=models.BooleanField(default=False, help_text='Group is open and users will be automatically added upon request.<br>If the group is not open users will need their request manually approved.'),
+        ),
+        migrations.AlterField(
+            model_name='authgroup',
+            name='public',
+            field=models.BooleanField(default=False, help_text='Group is public. Any registered user is able to join this group, with visibility based on the other options set for this group.<br>Auth will not remove users from this group automatically when they are no longer authenticated.'),
+        ),
+        migrations.AlterField(
+            model_name='authgroup',
+            name='states',
+            field=models.ManyToManyField(blank=True, help_text='States listed here will have the ability to join this group provided they have the proper permissions.<br>', related_name='valid_states', to='authentication.State'),
+        ),
+    ]

allianceauth/groupmanagement/migrations/0018_reservedgroupname.py

@@ -0,0 +1,24 @@
+# Generated by Django 3.2.9 on 2021-11-25 18:38
+
+from django.db import migrations, models
+import django.utils.timezone
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('groupmanagement', '0017_improve_groups_documentation'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='ReservedGroupName',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('name', models.CharField(help_text='Name that can not be used for groups.', max_length=150, unique=True, verbose_name='name')),
+                ('reason', models.TextField(help_text='Reason why this name is reserved.', verbose_name='reason')),
+                ('created_by', models.CharField(help_text='Name of the user who created this entry.', max_length=255, verbose_name='created by')),
+                ('created_at', models.DateTimeField(default=django.utils.timezone.now, help_text='Date when this entry was created', verbose_name='created at')),
+            ],
+        ),
+    ]

allianceauth/groupmanagement/migrations/0019_adding_restricted_to_groups.py

@@ -0,0 +1,18 @@
+# Generated by Django 3.2.10 on 2022-04-08 19:30
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('groupmanagement', '0018_reservedgroupname'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='authgroup',
+            name='restricted',
+            field=models.BooleanField(default=False, help_text='Group is restricted. This means that adding or removing users for this group requires a superuser admin.'),
+        ),
+    ]

allianceauth/groupmanagement/models.py

@@ -1,16 +1,26 @@
+from typing import Set
+
+from django.conf import settings
 from django.contrib.auth.models import Group
 from django.contrib.auth.models import User
 from django.db import models
-from django.db.models.signals import post_save
-from django.dispatch import receiver
+from django.utils.timezone import now
+from django.utils.translation import gettext_lazy as _
+
 from allianceauth.authentication.models import State
+from allianceauth.notifications import notify
 
 
 class GroupRequest(models.Model):
+    """Request from a user for joining or leaving a group."""
+
     leave_request = models.BooleanField(default=0)
     user = models.ForeignKey(User, on_delete=models.CASCADE)
     group = models.ForeignKey(Group, on_delete=models.CASCADE)
 
+    def __str__(self):
+        return self.user.username + ":" + self.group.name
+
     @property
     def main_char(self):
         """
@@ -19,11 +29,23 @@ class GroupRequest(models.Model):
         """
         return self.user.profile.main_character
 
-    def __str__(self):
-        return self.user.username + ":" + self.group.name
+    def notify_leaders(self) -> None:
+        """Send notification to all group leaders about this request.
+
+        Note: No translations, because language for each leader is unknown
+        """
+        if not getattr(settings, 'GROUPMANAGEMENT_REQUESTS_NOTIFICATION', False):
+            return
+        keyword = "leave" if self.leave_request else "join"
+        title = f"Group Management: {keyword.title()} request for {self.group.name}"
+        message = f"{self.user} want's to {keyword} {self.group.name}."
+        for appover in self.group.authgroup.group_request_approvers():
+            notify(user=appover, title=title, message=message, level="info")
 
 
 class RequestLog(models.Model):
+    """Log entry about who joined and left a group and who approved it."""
+
     request_type = models.BooleanField(null=True)
     group = models.ForeignKey(Group, on_delete=models.CASCADE)
     request_info = models.CharField(max_length=254)
@@ -61,11 +83,12 @@ class AuthGroup(models.Model):
     e.g. group.authgroup.internal
 
     Logic:
-    Internal - not requestable by users, at all. Covers Corp_, Alliance_, Members etc groups.
-    Groups are internal by default
+    Internal - not requestable by users, at all. Covers Corp_, Alliance_,
+    Members etc groups. Groups are internal by default
 
-    Public - Other options are respected, but any user will be able to become and remain a member, even if they
-    have no API etc entered. Auth will not manage these groups automatically so user removal is up to
+    Public - Other options are respected, but any user will be able to become
+    and remain a member, even if they have no API etc entered.
+    Auth will not manage these groups automatically so user removal is up to
     group managers/leaders.
 
     Not Internal and:
@@ -74,61 +97,138 @@ class AuthGroup(models.Model):
         Open - Users are automatically accepted into the group
         Not Open - Users requests must be approved before they are added to the group
     """
+
     group = models.OneToOneField(Group, on_delete=models.CASCADE, primary_key=True)
+    internal = models.BooleanField(
+        default=True,
+        help_text=_(
+            "Internal group, users cannot see, join or request to join this group.<br>"
+            "Used for groups such as Members, Corp_*, Alliance_* etc.<br>"
+            "<b>Overrides Hidden and Open options when selected.</b>"
+        )
+    )
+    hidden = models.BooleanField(
+        default=True,
+        help_text=_(
+            "Group is hidden from users but can still join with the correct link."
+        )
+    )
+    open = models.BooleanField(
+        default=False,
+        help_text=_(
+            "Group is open and users will be automatically added upon request.<br>"
+            "If the group is not open users will need their request manually approved."
+        )
+    )
+    public = models.BooleanField(
+        default=False,
+        help_text=_(
+            "Group is public. Any registered user is able to join this group, with "
+            "visibility based on the other options set for this group.<br>"
+            "Auth will not remove users from this group automatically when they "
+            "are no longer authenticated."
+        )
+    )
+    restricted = models.BooleanField(
+        default=False,
+        help_text=_(
+            "Group is restricted. This means that adding or removing users "
+            "for this group requires a superuser admin."
+        )
+    )
+    group_leaders = models.ManyToManyField(
+        User,
+        related_name='leads_groups',
+        blank=True,
+        help_text=_(
+            "Group leaders can process requests for this group. "
+            "Use the <code>auth.group_management</code> permission to allow "
+            "a user to manage all groups.<br>"
+        )
+    )
+    group_leader_groups = models.ManyToManyField(
+        Group,
+        related_name='leads_group_groups',
+        blank=True,
+        help_text=_(
+            "Members of leader groups can process requests for this group. "
+            "Use the <code>auth.group_management</code> permission "
+            "to allow a user to manage all groups.<br>")
+    )
+    states = models.ManyToManyField(
+        State,
+        related_name='valid_states',
+        blank=True,
+        help_text=_(
+            "States listed here will have the ability to join this group provided "
+            "they have the proper permissions.<br>"
+        )
+    )
+    description = models.TextField(
+        max_length=512,
+        blank=True,
+        help_text=_(
+            "Short description <i>(max. 512 characters)</i> "
+            "of the group shown to users."
+        )
+    )
 
-    internal = models.BooleanField(default=True,
-                                    help_text="Internal group, users cannot see, join or request to join this group.<br>"
-                                                "Used for groups such as Members, Corp_*, Alliance_* etc.<br>"
-                                                "<b>Overrides Hidden and Open options when selected.</b>")
-    hidden = models.BooleanField(default=True, help_text="Group is hidden from users but can still join with the correct link.")
-    open = models.BooleanField(default=False,
-                                help_text="Group is open and users will be automatically added upon request. <br>"
-                                            "If the group is not open users will need their request manually approved.")
-    public = models.BooleanField(default=False,
-                                help_text="Group is public. Any registered user is able to join this group, with "
-                                        "visibility based on the other options set for this group.<br> Auth will "
-                                        "not remove users from this group automatically when they are no longer "
-                                        "authenticated.")
-    # Group leaders have management access to this group
-    group_leaders = models.ManyToManyField(User, related_name='leads_groups', blank=True,
-                                            help_text="Group leaders can process group requests for this group "
-                                                        "specifically. Use the auth.group_management permission to allow "
-                                                        "a user to manage all groups.")
-    # allow groups to be *group leads*
-    group_leader_groups = models.ManyToManyField(Group, related_name='leads_group_groups', blank=True,
-                                                help_text="Group leaders can process group requests for this group "
-                                                            "specifically. Use the auth.group_management permission to allow "
-                                                            "a user to manage all groups.")
-
-    states = models.ManyToManyField(State, related_name='valid_states', blank=True,
-                                    help_text="States listed here will have the ability to join this group provided "
-                                                "they have the proper permissions.")
-
-    description = models.TextField(max_length=512, blank=True, help_text="Short description <i>(max. 512 characters)"
-                                                                         "</i> of the group shown to users.")
+    class Meta:
+        permissions = (
+            ("request_groups", _("Can request non-public groups")),
+        )
+        default_permissions = tuple()
 
     def __str__(self):
         return self.group.name
 
-    class Meta:
-        permissions = (
-            ("request_groups", "Can request non-public groups"),
+    def group_request_approvers(self) -> Set[User]:
+        """Return all users who can approve a group request."""
+        return set(
+            self.group_leaders.all()
+            | User.objects.filter(groups__in=list(self.group_leader_groups.all()))
         )
-        default_permissions = tuple()
+
+    def remove_users_not_matching_states(self):
+        """Remove users not matching defined states from related group."""
+        states_qs = self.states.all()
+        if states_qs.exists():
+            states = list(states_qs)
+            non_compliant_users = self.group.user_set.exclude(profile__state__in=states)
+            for user in non_compliant_users:
+                self.group.user_set.remove(user)
 
 
-@receiver(post_save, sender=Group)
-def create_auth_group(sender, instance, created, **kwargs):
-    """
-    Creates the AuthGroup model when a group is created
-    """
-    if created:
-        AuthGroup.objects.create(group=instance)
+class ReservedGroupName(models.Model):
+    """Name that can not be used for groups.
 
+    This enables AA to ignore groups on other services (e.g. Discord) with that name.
+    """
 
-@receiver(post_save, sender=Group)
-def save_auth_group(sender, instance, **kwargs):
-    """
-    Ensures AuthGroup model is saved automatically
-    """
-    instance.authgroup.save()
+    name = models.CharField(
+        _('name'),
+        max_length=150,
+        unique=True,
+        help_text=_("Name that can not be used for groups.")
+    )
+    reason = models.TextField(
+        _('reason'), help_text=_("Reason why this name is reserved.")
+    )
+    created_by = models.CharField(
+        _('created by'),
+        max_length=255,
+        help_text="Name of the user who created this entry."
+    )
+    created_at = models.DateTimeField(
+        _('created at'), default=now, help_text=_("Date when this entry was created")
+    )
+
+    def __str__(self) -> str:
+        return self.name
+
+    def save(self, *args, **kwargs) -> None:
+        if Group.objects.filter(name__iexact=self.name).exists():
+            raise RuntimeError(
+                f"Save failed. There already exists a group with the name: {self.name}."
+            )
+        super().save(*args, **kwargs)

allianceauth/groupmanagement/signals.py

@@ -1,11 +1,33 @@
 import logging
+from django.contrib.auth.models import Group
+from django.db.models.signals import pre_save, post_save
 from django.dispatch import receiver
+
 from allianceauth.authentication.signals import state_changed
 
+from .models import AuthGroup, ReservedGroupName
 
 logger = logging.getLogger(__name__)
 
 
+@receiver(pre_save, sender=Group)
+def find_new_name_for_conflicting_groups(sender, instance, **kwargs):
+    """Find new name for a group which name is already reserved."""
+    new_name = instance.name
+    num = 0
+    while ReservedGroupName.objects.filter(name__iexact=new_name).exists():
+        num += 1
+        new_name = f"{instance.name}_{num}"
+    instance.name = new_name
+
+
+@receiver(post_save, sender=Group)
+def create_auth_group(sender, instance, created, **kwargs):
+    """Create the AuthGroup model when a group is created."""
+    if created:
+        AuthGroup.objects.create(group=instance)
+
+
 @receiver(state_changed)
 def check_groups_on_state_change(sender, user, state, **kwargs):
     logger.debug(

allianceauth/groupmanagement/tasks.py

@@ -0,0 +1,10 @@
+from celery import shared_task
+
+from django.contrib.auth.models import Group
+
+
+@shared_task
+def remove_users_not_matching_states_from_group(group_pk: int) -> None:
+    """Remove users not matching defined states from related group."""
+    group = Group.objects.get(pk=group_pk)
+    group.authgroup.remove_users_not_matching_states()

allianceauth/groupmanagement/templates/groupmanagement/audit.html

@@ -25,13 +25,15 @@
                     <div class="table-responsive">
                         <table class="table table-striped" id="log-entries">
                             <thead>
-                                <th scope="col">{% translate "Date/Time" %}</th>
-                                <th scope="col">{% translate "Requestor" %}</th>
-                                <th scope="col">{% translate "Character" %}</th>
-                                <th scope="col">{% translate "Corporation" %}</th>
-                                <th scope="col">{% translate "Type" %}</th>
-                                <th scope="col">{% translate "Action" %}</th>
-                                <th scope="col">{% translate "Actor" %}</th>
+                                <tr>
+                                    <th scope="col">{% translate "Date/Time" %}</th>
+                                    <th scope="col">{% translate "Requestor" %}</th>
+                                    <th scope="col">{% translate "Character" %}</th>
+                                    <th scope="col">{% translate "Corporation" %}</th>
+                                    <th scope="col">{% translate "Type" %}</th>
+                                    <th scope="col">{% translate "Action" %}</th>
+                                    <th scope="col">{% translate "Actor" %}</th>
+                                </tr>
                             </thead>
 
                             <tbody>
@@ -74,7 +76,7 @@
 {% block extra_javascript %}
     {% include 'bundles/datatables-js.html' %}
     {% include 'bundles/moment-js.html' with locale=True %}
-    <script type="application/javascript" src="{% static 'js/filterDropDown/filterDropDown.min.js' %}"></script>
+    {% include 'bundles/filterdropdown-js.html' %}
 {% endblock %}
 
 {% block extra_css %}
@@ -127,6 +129,8 @@
                 ],
                 bootstrap: true
             },
+            "stateSave": true,
+            "stateDuration": 0
         });
     });
 {% endblock %}

allianceauth/groupmanagement/templates/groupmanagement/groupmembers.html

@@ -1,5 +1,4 @@
 {% extends "allianceauth/base.html" %}
-{% load static %}
 {% load i18n %}
 {% load evelinks %}
 
@@ -37,7 +36,7 @@
                                 {% for member in members %}
                                     <tr>
                                         <td>
-                                            <img src="{{ member.main_char|character_portrait_url:32 }}" class="img-circle" style="margin-right: 1rem;">
+                                            <img src="{{ member.main_char|character_portrait_url:32 }}" class="img-circle" style="margin-right: 1rem;" alt="{{ member.main_char.character_name }}">
                                             {% if member.main_char %}
                                                 <a href="{{ member.main_char|evewho_character_url }}" target="_blank">
                                                     {{ member.main_char.character_name }}
@@ -104,7 +103,9 @@
                     "sortable": false,
                     "targets": [2]
                 },
-            ]
+            ],
+            "stateSave": true,
+            "stateDuration": 0
         });
     });
 {% endblock %}

allianceauth/groupmanagement/templates/groupmanagement/groupmembership.html

@@ -1,5 +1,4 @@
 {% extends "allianceauth/base.html" %}
-{% load static %}
 {% load i18n %}
 
 {% block page_title %}{% translate "Groups Membership" %}{% endblock page_title %}

allianceauth/groupmanagement/templates/groupmanagement/groups.html

@@ -1,5 +1,4 @@
 {% extends "allianceauth/base.html" %}
-{% load static %}
 {% load i18n %}
 
 {% block page_title %}{% translate "Available Groups" %}{% endblock page_title %}

allianceauth/groupmanagement/templates/groupmanagement/index.html

@@ -1,5 +1,4 @@
 {% extends "allianceauth/base.html" %}
-{% load static %}
 {% load i18n %}
 {% load evelinks %}
 
@@ -29,15 +28,18 @@
                     {% endif %}
                 </a>
             </li>
-            <li>
-                <a data-toggle="tab" href="#leave">
-                    {% translate "Leave Requests" %}
 
-                    {% if leaverequests %}
-                        <span class="badge">{{ leaverequests|length }}</span>
-                    {% endif %}
-                </a>
-            </li>
+            {%  if not auto_leave %}
+                <li>
+                    <a data-toggle="tab" href="#leave">
+                        {% translate "Leave Requests" %}
+
+                        {% if leaverequests %}
+                            <span class="badge">{{ leaverequests|length }}</span>
+                        {% endif %}
+                    </a>
+                </li>
+            {% endif %}
         </ul>
 
         <div class="panel panel-default panel-tabs-aa">
@@ -61,7 +63,7 @@
                                         {% for acceptrequest in acceptrequests %}
                                             <tr>
                                                 <td>
-                                                    <img src="{{ acceptrequest.main_char|character_portrait_url:32 }}" class="img-circle" style="margin-right: 1rem;">
+                                                    <img src="{{ acceptrequest.main_char|character_portrait_url:32 }}" class="img-circle" style="margin-right: 1rem;" alt="{{ acceptrequest.main_char.character_name }}">
                                                     {% if acceptrequest.main_char %}
                                                         <a href="{{ acceptrequest.main_char|evewho_character_url }}" target="_blank">
                                                             {{ acceptrequest.main_char.character_name }}
@@ -100,61 +102,63 @@
                         {% endif %}
                     </div>
 
-                    <div id="leave" class="tab-pane">
-                        {% if leaverequests %}
-                            <div class="table-responsive">
-                                <table class="table table-aa">
-                                    <thead>
-                                        <tr>
-                                            <th>{% translate "Character" %}</th>
-                                            <th>{% translate "Organization" %}</th>
-                                            <th>{% translate "Group" %}</th>
-                                            <th></th>
-                                        </tr>
-                                    </thead>
-
-                                    <tbody>
-                                        {% for leaverequest in leaverequests %}
+                    {%  if not auto_leave %}
+                        <div id="leave" class="tab-pane">
+                            {% if leaverequests %}
+                                <div class="table-responsive">
+                                    <table class="table table-aa">
+                                        <thead>
                                             <tr>
-                                                <td>
-                                                    <img src="{{ leaverequest.main_char|character_portrait_url:32 }}" class="img-circle" style="margin-right: 1rem;">
-                                                    {% if leaverequest.main_char %}
-                                                        <a href="{{ leaverequest.main_char|evewho_character_url }}" target="_blank">
-                                                            {{ leaverequest.main_char.character_name }}
-                                                        </a>
-                                                    {% else %}
-                                                        {{ leaverequest.user.username }}
-                                                    {% endif %}
-                                                </td>
-                                                <td>
-                                                    {% if leaverequest.main_char %}
-                                                        <a href="{{ leaverequest.main_char|dotlan_corporation_url }}" target="_blank">
-                                                            {{ leaverequest.main_char.corporation_name }}
-                                                        </a><br>
-                                                        {{ leaverequest.main_char.alliance_name|default_if_none:"" }}
-                                                    {% else %}
-                                                        {% translate "(unknown)" %}
-                                                    {% endif %}
-                                                </td>
-                                                <td>{{ leaverequest.group.name }}</td>
-                                                <td class="text-right">
-                                                    <a href="{% url 'groupmanagement:leave_accept_request' leaverequest.id %}" class="btn btn-success">
-                                                        {% translate "Accept" %}
-                                                    </a>
-
-                                                    <a href="{% url 'groupmanagement:leave_reject_request' leaverequest.id %}" class="btn btn-danger">
-                                                        {% translate "Reject" %}
-                                                    </a>
-                                                </td>
+                                                <th>{% translate "Character" %}</th>
+                                                <th>{% translate "Organization" %}</th>
+                                                <th>{% translate "Group" %}</th>
+                                                <th></th>
                                             </tr>
-                                        {% endfor %}
-                                    </tbody>
-                                </table>
-                            </div>
-                        {% else %}
-                            <div class="alert alert-warning text-center">{% translate "No group leave requests." %}</div>
-                        {% endif %}
-                    </div>
+                                        </thead>
+
+                                        <tbody>
+                                            {% for leaverequest in leaverequests %}
+                                                <tr>
+                                                    <td>
+                                                        <img src="{{ leaverequest.main_char|character_portrait_url:32 }}" class="img-circle" style="margin-right: 1rem;" alt="{{ leaverequest.main_char.character_name }}">
+                                                        {% if leaverequest.main_char %}
+                                                            <a href="{{ leaverequest.main_char|evewho_character_url }}" target="_blank">
+                                                                {{ leaverequest.main_char.character_name }}
+                                                            </a>
+                                                        {% else %}
+                                                            {{ leaverequest.user.username }}
+                                                        {% endif %}
+                                                    </td>
+                                                    <td>
+                                                        {% if leaverequest.main_char %}
+                                                            <a href="{{ leaverequest.main_char|dotlan_corporation_url }}" target="_blank">
+                                                                {{ leaverequest.main_char.corporation_name }}
+                                                            </a><br>
+                                                            {{ leaverequest.main_char.alliance_name|default_if_none:"" }}
+                                                        {% else %}
+                                                            {% translate "(unknown)" %}
+                                                        {% endif %}
+                                                    </td>
+                                                    <td>{{ leaverequest.group.name }}</td>
+                                                    <td class="text-right">
+                                                        <a href="{% url 'groupmanagement:leave_accept_request' leaverequest.id %}" class="btn btn-success">
+                                                            {% translate "Accept" %}
+                                                        </a>
+
+                                                        <a href="{% url 'groupmanagement:leave_reject_request' leaverequest.id %}" class="btn btn-danger">
+                                                            {% translate "Reject" %}
+                                                        </a>
+                                                    </td>
+                                                </tr>
+                                            {% endfor %}
+                                        </tbody>
+                                    </table>
+                                </div>
+                            {% else %}
+                                <div class="alert alert-warning text-center">{% translate "No group leave requests." %}</div>
+                            {% endif %}
+                        </div>
+                    {% endif %}
                 </div>
             </div>
         </div>

allianceauth/groupmanagement/templates/groupmanagement/menu.html

@@ -1,4 +1,3 @@
-{% load static %}
 {% load i18n %}
 {% load navactive %}
 

allianceauth/groupmanagement/tests/test_admin.py

@@ -1,18 +1,23 @@
 from unittest.mock import patch
 
+from django_webtest import WebTest
+
 from django.conf import settings
 from django.contrib import admin
 from django.contrib.admin.sites import AdminSite
 from django.contrib.auth.models import User
-from django.test import TestCase, RequestFactory, Client
+from django.test import TestCase, RequestFactory, Client, override_settings
 
 from allianceauth.authentication.models import CharacterOwnership, State
 from allianceauth.eveonline.models import (
     EveCharacter, EveCorporationInfo, EveAllianceInfo
 )
+from allianceauth.tests.auth_utils import AuthUtils
 
-from ..admin import HasLeaderFilter, GroupAdmin, Group
 from . import get_admin_change_view_url
+from ..admin import HasLeaderFilter, GroupAdmin, Group
+from ..models import ReservedGroupName
+
 
 if 'allianceauth.eveonline.autogroups' in settings.INSTALLED_APPS:
     _has_auto_groups = True
@@ -32,7 +37,6 @@ class MockRequest:
 
 
 class TestGroupAdmin(TestCase):
-
     @classmethod
     def setUpClass(cls):
         super().setUpClass()
@@ -232,60 +236,104 @@ class TestGroupAdmin(TestCase):
         self.assertEqual(result, expected)
 
     def test_member_count(self):
-        expected = 1
-        obj = self.modeladmin.get_queryset(MockRequest(user=self.user_1))\
-            .get(pk=self.group_1.pk)
+        # given
+        request = MockRequest(user=self.user_1)
+        obj = self.modeladmin.get_queryset(request).get(pk=self.group_1.pk)
+        # when
         result = self.modeladmin._member_count(obj)
-        self.assertEqual(result, expected)
+        # then
+        self.assertEqual(result, 1)
 
     def test_has_leader_user(self):
-        result = self.modeladmin.has_leader(self.group_1)
+        # given
+        request = MockRequest(user=self.user_1)
+        obj = self.modeladmin.get_queryset(request).get(pk=self.group_1.pk)
+        # when
+        result = self.modeladmin.has_leader(obj)
+        # then
         self.assertTrue(result)
 
     def test_has_leader_group(self):
-        result = self.modeladmin.has_leader(self.group_2)
+        # given
+        request = MockRequest(user=self.user_1)
+        obj = self.modeladmin.get_queryset(request).get(pk=self.group_2.pk)
+        # when
+        result = self.modeladmin.has_leader(obj)
+        # then
         self.assertTrue(result)
 
     def test_properties_1(self):
-        expected = ['Default']
-        result = self.modeladmin._properties(self.group_1)
-        self.assertListEqual(result, expected)
+        # given
+        request = MockRequest(user=self.user_1)
+        obj = self.modeladmin.get_queryset(request).get(pk=self.group_1.pk)
+        # when
+        result = self.modeladmin._properties(obj)
+        self.assertListEqual(result, ['Default'])
 
     def test_properties_2(self):
-        expected = ['Internal']
-        result = self.modeladmin._properties(self.group_2)
-        self.assertListEqual(result, expected)
+        # given
+        request = MockRequest(user=self.user_1)
+        obj = self.modeladmin.get_queryset(request).get(pk=self.group_2.pk)
+        # when
+        result = self.modeladmin._properties(obj)
+        self.assertListEqual(result, ['Internal'])
 
     def test_properties_3(self):
-        expected = ['Hidden']
-        result = self.modeladmin._properties(self.group_3)
-        self.assertListEqual(result, expected)
+        # given
+        request = MockRequest(user=self.user_1)
+        obj = self.modeladmin.get_queryset(request).get(pk=self.group_3.pk)
+        # when
+        result = self.modeladmin._properties(obj)
+        self.assertListEqual(result, ['Hidden'])
 
     def test_properties_4(self):
-        expected = ['Open']
-        result = self.modeladmin._properties(self.group_4)
-        self.assertListEqual(result, expected)
+        # given
+        request = MockRequest(user=self.user_1)
+        obj = self.modeladmin.get_queryset(request).get(pk=self.group_4.pk)
+        # when
+        result = self.modeladmin._properties(obj)
+        self.assertListEqual(result, ['Open'])
 
     def test_properties_5(self):
-        expected = ['Public']
-        result = self.modeladmin._properties(self.group_5)
-        self.assertListEqual(result, expected)
+        # given
+        request = MockRequest(user=self.user_1)
+        obj = self.modeladmin.get_queryset(request).get(pk=self.group_5.pk)
+        # when
+        result = self.modeladmin._properties(obj)
+        self.assertListEqual(result, ['Public'])
 
     def test_properties_6(self):
-        expected = ['Hidden', 'Open', 'Public']
-        result = self.modeladmin._properties(self.group_6)
-        self.assertListEqual(result, expected)
+        # given
+        request = MockRequest(user=self.user_1)
+        obj = self.modeladmin.get_queryset(request).get(pk=self.group_6.pk)
+        # when
+        result = self.modeladmin._properties(obj)
+        self.assertListEqual(result, ['Hidden', 'Open', 'Public'])
 
     if _has_auto_groups:
         @patch(MODULE_PATH + '._has_auto_groups', True)
-        def test_properties_7(self):
+        def test_should_show_autogroup_for_corporation(self):
+            # given
             self._create_autogroups()
-            expected = ['Auto Group']
-            my_group = Group.objects\
-                .filter(managedcorpgroup__isnull=False)\
-                .first()
-            result = self.modeladmin._properties(my_group)
-            self.assertListEqual(result, expected)
+            request = MockRequest(user=self.user_1)
+            queryset = self.modeladmin.get_queryset(request)
+            obj = queryset.filter(managedcorpgroup__isnull=False).first()
+            # when
+            result = self.modeladmin._properties(obj)
+            # then
+            self.assertListEqual(result, ['Auto Group'])
+
+        @patch(MODULE_PATH + '._has_auto_groups', True)
+        def test_should_show_autogroup_for_alliance(self):
+            # given
+            self._create_autogroups()
+            request = MockRequest(user=self.user_1)
+            queryset = self.modeladmin.get_queryset(request)
+            obj = queryset.filter(managedalliancegroup__isnull=False).first()
+            # when
+            result = self.modeladmin._properties(obj)
+            # then
+            self.assertListEqual(result, ['Auto Group'])
 
     # actions
 
@@ -396,3 +444,238 @@ class TestGroupAdmin(TestCase):
         c.login(username='superuser', password='secret')
         response = c.get(get_admin_change_view_url(self.group_1))
         self.assertEqual(response.status_code, 200)
+
+    def test_should_create_new_group(self):
+        # given
+        user = User.objects.create_superuser("bruce")
+        self.client.force_login(user)
+        # when
+        response = self.client.post(
+            "/admin/groupmanagement/group/add/",
+            data={
+                "name": "new group",
+                "authgroup-TOTAL_FORMS": 1,
+                "authgroup-INITIAL_FORMS": 0,
+                "authgroup-MIN_NUM_FORMS": 0,
+                "authgroup-MAX_NUM_FORMS": 1,
+            }
+        )
+        # then
+        self.assertEqual(response.status_code, 302)
+        self.assertEqual(response.url, "/admin/groupmanagement/group/")
+        self.assertTrue(Group.objects.filter(name="new group").exists())
+
+    def test_should_not_allow_creating_new_group_with_reserved_name(self):
+        # given
+        ReservedGroupName.objects.create(
+            name="new group", reason="dummy", created_by="bruce"
+        )
+        user = User.objects.create_superuser("bruce")
+        self.client.force_login(user)
+        # when
+        response = self.client.post(
+            "/admin/groupmanagement/group/add/",
+            data={
+                "name": "New group",
+                "authgroup-TOTAL_FORMS": 1,
+                "authgroup-INITIAL_FORMS": 0,
+                "authgroup-MIN_NUM_FORMS": 0,
+                "authgroup-MAX_NUM_FORMS": 1,
+            }
+        )
+        # then
+        self.assertContains(
+            response, "This name has been reserved and can not be used for groups"
+        )
+        self.assertFalse(Group.objects.filter(name="new group").exists())
+
+    def test_should_not_allow_changing_name_of_existing_group_to_reserved_name(self):
+        # given
+        ReservedGroupName.objects.create(
+            name="new group", reason="dummy", created_by="bruce"
+        )
+        group = Group.objects.create(name="dummy")
+        user = User.objects.create_superuser("bruce")
+        self.client.force_login(user)
+        # when
+        response = self.client.post(
+            f"/admin/groupmanagement/group/{group.pk}/change/",
+            data={
+                "name": "new group",
+                "authgroup-TOTAL_FORMS": 1,
+                "authgroup-INITIAL_FORMS": 0,
+                "authgroup-MIN_NUM_FORMS": 0,
+                "authgroup-MAX_NUM_FORMS": 1,
+            }
+        )
+        # then
+        self.assertContains(
+            response, "This name has been reserved and can not be used for groups"
+        )
+        self.assertFalse(Group.objects.filter(name="new group").exists())
+
+
+class TestGroupAdminChangeFormSuperuserExclusiveEdits(WebTest):
+    @classmethod
+    def setUpClass(cls) -> None:
+        super().setUpClass()
+        cls.super_admin = User.objects.create_superuser("super_admin")
+        cls.staff_admin = User.objects.create_user("staff_admin")
+        cls.staff_admin.is_staff = True
+        cls.staff_admin.save()
+        cls.staff_admin = AuthUtils.add_permissions_to_user_by_name(
+            [
+                "auth.add_group",
+                "auth.change_group",
+                "auth.view_group",
+                "groupmanagement.add_group",
+                "groupmanagement.change_group",
+                "groupmanagement.view_group",
+            ],
+            cls.staff_admin
+        )
+        cls.superuser_exclusive_fields = ["permissions", "authgroup-0-restricted"]
+
+    def test_should_show_all_fields_to_superuser_for_add(self):
+        # given
+        self.app.set_user(self.super_admin)
+        page = self.app.get("/admin/groupmanagement/group/add/")
+        # when
+        form = page.forms["group_form"]
+        # then
+        for field in self.superuser_exclusive_fields:
+            with self.subTest(field=field):
+                self.assertIn(field, form.fields)
+
+    def test_should_not_show_all_fields_to_staff_admins_for_add(self):
+        # given
+        self.app.set_user(self.staff_admin)
+        page = self.app.get("/admin/groupmanagement/group/add/")
+        # when
+        form = page.forms["group_form"]
+        # then
+        for field in self.superuser_exclusive_fields:
+            with self.subTest(field=field):
+                self.assertNotIn(field, form.fields)
+
+    def test_should_show_all_fields_to_superuser_for_change(self):
+        # given
+        self.app.set_user(self.super_admin)
+        group = Group.objects.create(name="Dummy group")
+        page = self.app.get(f"/admin/groupmanagement/group/{group.pk}/change/")
+        # when
+        form = page.forms["group_form"]
+        # then
+        for field in self.superuser_exclusive_fields:
+            with self.subTest(field=field):
+                self.assertIn(field, form.fields)
+
+    def test_should_not_show_all_fields_to_staff_admin_for_change(self):
+        # given
+        self.app.set_user(self.staff_admin)
+        group = Group.objects.create(name="Dummy group")
+        page = self.app.get(f"/admin/groupmanagement/group/{group.pk}/change/")
+        # when
+        form = page.forms["group_form"]
+        # then
+        for field in self.superuser_exclusive_fields:
+            with self.subTest(field=field):
+                self.assertNotIn(field, form.fields)
+
+
+@override_settings(CELERY_ALWAYS_EAGER=True, CELERY_EAGER_PROPAGATES_EXCEPTIONS=True)
+class TestGroupAdmin2(TestCase):
+    @classmethod
+    def setUpClass(cls):
+        super().setUpClass()
+        cls.superuser = User.objects.create_superuser("super")
+
+    def test_should_remove_users_from_state_groups(self):
+        # given
+        user_member = AuthUtils.create_user("Bruce Wayne")
+        character_member = AuthUtils.add_main_character_2(
+            user_member,
+            name="Bruce Wayne",
+            character_id=1001,
+            corp_id=2001,
+            corp_name="Wayne Technologies",
+        )
+        user_guest = AuthUtils.create_user("Lex Luthor")
+        AuthUtils.add_main_character_2(
+            user_guest,
+            name="Lex Luthor",
+            character_id=1011,
+            corp_id=2011,
+            corp_name="Luthor Corp",
+        )
+        member_state = AuthUtils.get_member_state()
+        member_state.member_characters.add(character_member)
+        user_member.refresh_from_db()
+        user_guest.refresh_from_db()
+        group = Group.objects.create(name="dummy")
+        user_member.groups.add(group)
+        user_guest.groups.add(group)
+        group.authgroup.states.add(member_state)
+        self.client.force_login(self.superuser)
+        # when
+        response = self.client.post(
+            f"/admin/groupmanagement/group/{group.pk}/change/",
+            data={
+                "name": f"{group.name}",
+                "authgroup-TOTAL_FORMS": "1",
+                "authgroup-INITIAL_FORMS": "1",
+                "authgroup-MIN_NUM_FORMS": "0",
+                "authgroup-MAX_NUM_FORMS": "1",
+                "authgroup-0-description": "",
+                "authgroup-0-states": f"{member_state.pk}",
+                "authgroup-0-internal": "on",
+                "authgroup-0-hidden": "on",
+                "authgroup-0-group": f"{group.pk}",
+                "authgroup-__prefix__-description": "",
+                "authgroup-__prefix__-internal": "on",
+                "authgroup-__prefix__-hidden": "on",
+                "authgroup-__prefix__-group": f"{group.pk}",
+                "_save": "Save"
+            }
+        )
+        # then
+        self.assertEqual(response.status_code, 302)
+        self.assertEqual(response.url, "/admin/groupmanagement/group/")
+        self.assertIn(group, user_member.groups.all())
+        self.assertNotIn(group, user_guest.groups.all())
+
+
+class TestReservedGroupNameAdmin(TestCase):
+    @classmethod
+    def setUpClass(cls):
+        super().setUpClass()
+        cls.user = User.objects.create_superuser("bruce")
+
+    def test_should_create_new_entry(self):
+        # given
+        self.client.force_login(self.user)
+        # when
+        response = self.client.post(
+            "/admin/groupmanagement/reservedgroupname/add/",
+            data={"name": "Test", "reason": "dummy"}
+        )
+        # then
+        self.assertEqual(response.status_code, 302)
+        self.assertEqual(response.url, "/admin/groupmanagement/reservedgroupname/")
+        obj = ReservedGroupName.objects.get(name="test")
+        self.assertEqual(obj.name, "test")
+        self.assertEqual(obj.created_by, self.user.username)
+        self.assertTrue(obj.created_at)
+
+    def test_should_not_allow_names_of_existing_groups(self):
+        # given
+        Group.objects.create(name="Already taken")
+        self.client.force_login(self.user)
+        # when
+        response = self.client.post(
+            "/admin/groupmanagement/reservedgroupname/add/",
+            data={"name": "already taken", "reason": "dummy"}
+        )
+        # then
+        self.assertContains(response, "There already exists a group with that name")
+        self.assertFalse(ReservedGroupName.objects.filter(name="already taken").exists())

allianceauth/groupmanagement/tests/test_managers.py

@@ -1,8 +1,5 @@
-from unittest.mock import Mock, patch
-
 from django.contrib.auth.models import Group, User
 from django.test import TestCase
-from django.urls import reverse
 
 from allianceauth.eveonline.models import EveCorporationInfo, EveAllianceInfo
 from allianceauth.tests.auth_utils import AuthUtils
@@ -44,9 +41,9 @@ class GroupManagementVisibilityTestCase(TestCase):
         self._refresh_user()
         groups = GroupManager.get_group_leaders_groups(self.user)
 
-        self.assertIn(self.group1, groups)  #avail due to user
-        self.assertNotIn(self.group2, groups)  #not avail due to group
-        self.assertNotIn(self.group3, groups)  #not avail at all
+        self.assertIn(self.group1, groups)  # avail due to user
+        self.assertNotIn(self.group2, groups)  # not avail due to group
+        self.assertNotIn(self.group3, groups)  # not avail at all
 
         self.user.groups.add(self.group1)
         self._refresh_user()
@@ -71,70 +68,66 @@ class GroupManagementVisibilityTestCase(TestCase):
 
 
 class TestGroupManager(TestCase):
-
-    @classmethod
-    def setUpClass(cls):
-        super().setUpClass()
-
+    def setUp(self) -> None:
         # group 1
-        cls.group_default = Group.objects.create(name='default')
-        cls.group_default.authgroup.description = 'Default Group'
-        cls.group_default.authgroup.internal = False
-        cls.group_default.authgroup.hidden = False
-        cls.group_default.authgroup.save()
+        self.group_default = Group.objects.create(name='default')
+        self.group_default.authgroup.description = 'Default Group'
+        self.group_default.authgroup.internal = False
+        self.group_default.authgroup.hidden = False
+        self.group_default.authgroup.save()
 
         # group 2
-        cls.group_internal = Group.objects.create(name='internal')
-        cls.group_internal.authgroup.description = 'Internal Group'
-        cls.group_internal.authgroup.internal = True
-        cls.group_internal.authgroup.save()
+        self.group_internal = Group.objects.create(name='internal')
+        self.group_internal.authgroup.description = 'Internal Group'
+        self.group_internal.authgroup.internal = True
+        self.group_internal.authgroup.save()
 
         # group 3
-        cls.group_hidden = Group.objects.create(name='hidden')
-        cls.group_hidden.authgroup.description = 'Hidden Group'
-        cls.group_hidden.authgroup.internal = False
-        cls.group_hidden.authgroup.hidden = True
-        cls.group_hidden.authgroup.save()
+        self.group_hidden = Group.objects.create(name='hidden')
+        self.group_hidden.authgroup.description = 'Hidden Group'
+        self.group_hidden.authgroup.internal = False
+        self.group_hidden.authgroup.hidden = True
+        self.group_hidden.authgroup.save()
 
         # group 4
-        cls.group_open = Group.objects.create(name='open')
-        cls.group_open.authgroup.description = 'Open Group'
-        cls.group_open.authgroup.internal = False
-        cls.group_open.authgroup.hidden = False
-        cls.group_open.authgroup.open = True
-        cls.group_open.authgroup.save()
+        self.group_open = Group.objects.create(name='open')
+        self.group_open.authgroup.description = 'Open Group'
+        self.group_open.authgroup.internal = False
+        self.group_open.authgroup.hidden = False
+        self.group_open.authgroup.open = True
+        self.group_open.authgroup.save()
 
         # group 5
-        cls.group_public_1 = Group.objects.create(name='public 1')
-        cls.group_public_1.authgroup.description = 'Public Group 1'
-        cls.group_public_1.authgroup.internal = False
-        cls.group_public_1.authgroup.hidden = False
-        cls.group_public_1.authgroup.public = True
-        cls.group_public_1.authgroup.save()
+        self.group_public_1 = Group.objects.create(name='public 1')
+        self.group_public_1.authgroup.description = 'Public Group 1'
+        self.group_public_1.authgroup.internal = False
+        self.group_public_1.authgroup.hidden = False
+        self.group_public_1.authgroup.public = True
+        self.group_public_1.authgroup.save()
 
         # group 6
-        cls.group_public_2 = Group.objects.create(name='public 2')
-        cls.group_public_2.authgroup.description = 'Public Group 2'
-        cls.group_public_2.authgroup.internal = False
-        cls.group_public_2.authgroup.hidden = True
-        cls.group_public_2.authgroup.open = True
-        cls.group_public_2.authgroup.public = True
-        cls.group_public_2.authgroup.save()
+        self.group_public_2 = Group.objects.create(name='public 2')
+        self.group_public_2.authgroup.description = 'Public Group 2'
+        self.group_public_2.authgroup.internal = False
+        self.group_public_2.authgroup.hidden = True
+        self.group_public_2.authgroup.open = True
+        self.group_public_2.authgroup.public = True
+        self.group_public_2.authgroup.save()
 
         # group 7
-        cls.group_default_member = Group.objects.create(name='default members')
-        cls.group_default_member.authgroup.description = \
+        self.group_default_member = Group.objects.create(name='default members')
+        self.group_default_member.authgroup.description = \
             'Default Group for members only'
-        cls.group_default_member.authgroup.internal = False
-        cls.group_default_member.authgroup.hidden = False
-        cls.group_default_member.authgroup.open = False
-        cls.group_default_member.authgroup.public = False
-        cls.group_default_member.authgroup.states.add(
+        self.group_default_member.authgroup.internal = False
+        self.group_default_member.authgroup.hidden = False
+        self.group_default_member.authgroup.open = False
+        self.group_default_member.authgroup.public = False
+        self.group_default_member.authgroup.states.add(
             AuthUtils.get_member_state()
         )
-        cls.group_default_member.authgroup.save()
+        self.group_default_member.authgroup.save()
 
-    def setUp(self):
+        # user
         self.user = AuthUtils.create_user('Bruce Wayne')
 
     def test_get_joinable_group_member(self):
@@ -241,7 +234,7 @@ class TestGroupManager(TestCase):
 
     def test_get_joinable_groups_for_user_member_w_permission(self):
         AuthUtils.assign_state(self.user, AuthUtils.get_member_state(), True)
-        AuthUtils.add_permission_to_user_by_name(
+        self.user = AuthUtils.add_permission_to_user_by_name(
             'groupmanagement.request_groups', self.user
         )
         result = GroupManager.get_joinable_groups_for_user(self.user)
@@ -257,7 +250,7 @@ class TestGroupManager(TestCase):
 
     def test_get_joinable_groups_for_user_member_w_permission_no_hidden(self):
         AuthUtils.assign_state(self.user, AuthUtils.get_member_state(), True)
-        AuthUtils.add_permission_to_user_by_name(
+        self.user = AuthUtils.add_permission_to_user_by_name(
             'groupmanagement.request_groups', self.user
         )
         result = GroupManager.get_joinable_groups_for_user(
@@ -273,7 +266,7 @@ class TestGroupManager(TestCase):
 
     def test_has_management_permission(self):
         user = AuthUtils.create_user('Clark Kent')
-        AuthUtils.add_permission_to_user_by_name(
+        user = AuthUtils.add_permission_to_user_by_name(
             'auth.group_management', user
         )
         self.assertTrue(GroupManager.has_management_permission(user))
@@ -288,7 +281,7 @@ class TestGroupManager(TestCase):
 
     def test_can_manage_groups_has_perm(self):
         user = AuthUtils.create_user('Clark Kent')
-        AuthUtils.add_permission_to_user_by_name(
+        user = AuthUtils.add_permission_to_user_by_name(
             'auth.group_management', user
         )
         self.assertTrue(GroupManager.can_manage_groups(user))
@@ -306,7 +299,7 @@ class TestGroupManager(TestCase):
 
     def test_can_manage_group_has_perm(self):
         user = AuthUtils.create_user('Clark Kent')
-        AuthUtils.add_permission_to_user_by_name(
+        user = AuthUtils.add_permission_to_user_by_name(
             'auth.group_management', user
         )
         self.assertTrue(
@@ -433,11 +426,21 @@ class TestPendingRequestsCountForUser(TestCase):
         # when user_requestor is requesting access to group 1
         # then return 1 for user_leader_4
         user_leader_4 = AuthUtils.create_member("Lex Luther")
-        AuthUtils.add_permission_to_user_by_name("auth.group_management", user_leader_4)
-        user_leader_4 = User.objects.get(pk=user_leader_4.pk)
-        GroupRequest.objects.create(
-            user=self.user_requestor, group=self.group_1
+        user_leader_4 = AuthUtils.add_permission_to_user_by_name(
+            "auth.group_management", user_leader_4
         )
+        GroupRequest.objects.create(user=self.user_requestor, group=self.group_1)
         self.assertEqual(
             GroupManager.pending_requests_count_for_user(self.user_leader_1), 1
         )
+
+    def test_single_request_for_members_of_leading_group(self):
+        # given
+        leader_group = Group.objects.create(name="Leaders")
+        self.group_3.authgroup.group_leader_groups.add(leader_group)
+        self.user_leader_1.groups.add(leader_group)
+        GroupRequest.objects.create(user=self.user_requestor, group=self.group_3)
+        # when
+        result = GroupManager.pending_requests_count_for_user(self.user_leader_1)
+        # then
+        self.assertEqual(result, 1)

allianceauth/groupmanagement/tests/test_models.py

@@ -1,31 +1,22 @@
 from unittest import mock
 
-from django.contrib.auth.models import User, Group
-from django.test import TestCase
+from django.contrib.auth.models import Group
+from django.test import TestCase, override_settings
 
 from allianceauth.tests.auth_utils import AuthUtils
-from allianceauth.eveonline.models import (
-    EveCorporationInfo, EveAllianceInfo, EveCharacter
-)
 
-from ..models import GroupRequest, RequestLog
+from ..models import GroupRequest, RequestLog, ReservedGroupName
+
+MODULE_PATH = "allianceauth.groupmanagement.models"
 
 
 def create_testdata():
-    # clear DB
-    User.objects.all().delete()
-    Group.objects.all().delete()
-    EveCharacter.objects.all().delete()
-    EveCorporationInfo.objects.all().delete()
-    EveAllianceInfo.objects.all().delete()
-
     # group 1
     group = Group.objects.create(name='Superheros')
     group.authgroup.description = 'Default Group'
     group.authgroup.internal = False
     group.authgroup.hidden = False
     group.authgroup.save()
-
     # user 1
     user_1 = AuthUtils.create_user('Bruce Wayne')
     AuthUtils.add_main_character_2(
@@ -37,7 +28,6 @@ def create_testdata():
     )
     user_1.groups.add(group)
     group.authgroup.group_leaders.add(user_1)
-
     # user 2
     user_2 = AuthUtils.create_user('Clark Kent')
     AuthUtils.add_main_character_2(
@@ -45,18 +35,25 @@ def create_testdata():
         name='Clark Kent',
         character_id=1002,
         corp_id=2002,
-        corp_name='Wayne Technologies'
+        corp_name='Wayne Food'
     )
-    return group, user_1, user_2
-
+    # user 3
+    user_3 = AuthUtils.create_user('Peter Parker')
+    AuthUtils.add_main_character_2(
+        user_2,
+        name='Peter Parker',
+        character_id=1003,
+        corp_id=2002,
+        corp_name='Wayne Food'
+    )
+    return group, user_1, user_2, user_3
 
 
 class TestGroupRequest(TestCase):
-
     @classmethod
     def setUpClass(cls):
         super().setUpClass()
-        cls.group, cls.user_1, _ = create_testdata()
+        cls.group, cls.user_1, cls.user_2, cls.user_3 = create_testdata()
 
     def test_main_char(self):
         group_request = GroupRequest.objects.create(
@@ -74,13 +71,85 @@ class TestGroupRequest(TestCase):
         expected = 'Bruce Wayne:Superheros'
         self.assertEqual(str(group_request), expected)
 
+    @override_settings(GROUPMANAGEMENT_REQUESTS_NOTIFICATION=True)
+    def test_should_notify_leaders_about_join_request(self):
+        # given
+        group_request = GroupRequest.objects.create(
+            user=self.user_2, group=self.group
+        )
+        # when
+        with mock.patch(MODULE_PATH + ".notify") as mock_notify:
+            group_request.notify_leaders()
+        # then
+        self.assertTrue(mock_notify.called)
+        _, kwargs = mock_notify.call_args
+        self.assertEqual(kwargs["user"],self.user_1)
+
+    @override_settings(GROUPMANAGEMENT_REQUESTS_NOTIFICATION=True)
+    def test_should_notify_leaders_about_leave_request(self):
+        # given
+        group_request = GroupRequest.objects.create(
+            user=self.user_2, group=self.group
+        )
+        # when
+        with mock.patch(MODULE_PATH + ".notify") as mock_notify:
+            group_request.notify_leaders()
+        # then
+        self.assertTrue(mock_notify.called)
+
+    @override_settings(GROUPMANAGEMENT_REQUESTS_NOTIFICATION=True)
+    def test_should_handle_notify_leaders_without_leaders(self):
+        # given
+        group = Group.objects.create(name='Dummy')
+        group.authgroup.internal = False
+        group.authgroup.hidden = False
+        group.authgroup.save()
+        group_request = GroupRequest.objects.create(
+            user=self.user_2, group=group
+        )
+        # when
+        with mock.patch(MODULE_PATH + ".notify") as mock_notify:
+            group_request.notify_leaders()
+        # then
+        self.assertFalse(mock_notify.called)
+
+    @override_settings(GROUPMANAGEMENT_REQUESTS_NOTIFICATION=False)
+    def test_should_not_notify_leaders_if_disabled(self):
+        # given
+        group_request = GroupRequest.objects.create(
+            user=self.user_2, group=self.group
+        )
+        # when
+        with mock.patch(MODULE_PATH + ".notify") as mock_notify:
+            group_request.notify_leaders()
+        # then
+        self.assertFalse(mock_notify.called)
+
+    @override_settings(GROUPMANAGEMENT_REQUESTS_NOTIFICATION=True)
+    def test_should_notify_members_of_leader_groups_about_join_request(self):
+        # given
+        child_group = Group.objects.create(name='Child')
+        child_group.authgroup.internal = False
+        child_group.authgroup.hidden = False
+        child_group.authgroup.save()
+        child_group.authgroup.group_leader_groups.add(self.group)
+        group_request = GroupRequest.objects.create(
+            user=self.user_2, group=child_group
+        )
+        # when
+        with mock.patch(MODULE_PATH + ".notify") as mock_notify:
+            group_request.notify_leaders()
+        # then
+        self.assertTrue(mock_notify.called)
+        _, kwargs = mock_notify.call_args
+        self.assertEqual(kwargs["user"],self.user_1)
+
 
 class TestRequestLog(TestCase):
-
     @classmethod
     def setUpClass(cls):
         super().setUpClass()
-        cls.group, cls.user_1, cls.user_2 = create_testdata()
+        cls.group, cls.user_1, cls.user_2, _ = create_testdata()
 
     def test_requestor(self):
         request_log = RequestLog.objects.create(
@@ -126,7 +195,7 @@ class TestRequestLog(TestCase):
             group=self.group,
             request_info='Clark Kent:Superheros',
             request_actor=self.user_1,
-            action = True
+            action=True
         )
         expected = 'Accept'
         self.assertEqual(request_log.action_to_str(), expected)
@@ -136,7 +205,7 @@ class TestRequestLog(TestCase):
             group=self.group,
             request_info='Clark Kent:Superheros',
             request_actor=self.user_1,
-            action = False
+            action=False
         )
         expected = 'Reject'
         self.assertEqual(request_log.action_to_str(), expected)
@@ -146,14 +215,13 @@ class TestRequestLog(TestCase):
             group=self.group,
             request_info='Clark Kent:Superheros',
             request_actor=self.user_1,
-            action = False
+            action=False
         )
         expected = self.user_2.profile.main_character
         self.assertEqual(request_log.req_char(), expected)
 
 
 class TestAuthGroup(TestCase):
-
     def test_str(self):
         group = Group.objects.create(name='Superheros')
         group.authgroup.description = 'Default Group'
@@ -163,3 +231,107 @@ class TestAuthGroup(TestCase):
 
         expected = 'Superheros'
         self.assertEqual(str(group.authgroup), expected)
+
+    def test_should_remove_guests_from_group_when_restricted_to_members_only(self):
+        # given
+        user_member = AuthUtils.create_user("Bruce Wayne")
+        character_member = AuthUtils.add_main_character_2(
+            user_member,
+            name="Bruce Wayne",
+            character_id=1001,
+            corp_id=2001,
+            corp_name="Wayne Technologies",
+        )
+        user_guest = AuthUtils.create_user("Lex Luthor")
+        AuthUtils.add_main_character_2(
+            user_guest,
+            name="Lex Luthor",
+            character_id=1011,
+            corp_id=2011,
+            corp_name="Luthor Corp",
+        )
+        member_state = AuthUtils.get_member_state()
+        member_state.member_characters.add(character_member)
+        user_member.refresh_from_db()
+        user_guest.refresh_from_db()
+        group = Group.objects.create(name="dummy")
+        user_member.groups.add(group)
+        user_guest.groups.add(group)
+        group.authgroup.states.add(member_state)
+        # when
+        group.authgroup.remove_users_not_matching_states()
+        # then
+        self.assertIn(group, user_member.groups.all())
+        self.assertNotIn(group, user_guest.groups.all())
+
+
+class TestAuthGroupRequestApprovers(TestCase):
+    def setUp(self) -> None:
+        self.group, self.user_1, self.user_2, self.user_3 = create_testdata()
+
+    def test_should_return_leaders_of_main_group_only(self):
+        # when
+        leaders = self.group.authgroup.group_request_approvers()
+        # then
+        self.assertSetEqual(leaders, {self.user_1})
+
+    def test_should_return_members_of_leading_groups_only(self):
+        # given
+        parent_group = Group.objects.create(name='Parent')
+        parent_group.authgroup.group_leaders.add(self.user_2)
+        self.user_1.groups.add(parent_group)
+        child_group = Group.objects.create(name='Child')
+        child_group.authgroup.internal = False
+        child_group.authgroup.hidden = False
+        child_group.authgroup.save()
+        child_group.authgroup.group_leader_groups.add(parent_group)
+        # when
+        leaders = child_group.authgroup.group_request_approvers()
+        # then
+        self.assertSetEqual(leaders, {self.user_1})
+
+    def test_should_return_leaders_of_main_group_and_members_of_leading_groups(self):
+        # given
+        parent_group = Group.objects.create(name='Parent')
+        parent_group.authgroup.group_leaders.add(self.user_2)
+        self.user_1.groups.add(parent_group)
+        child_group = Group.objects.create(name='Child')
+        child_group.authgroup.internal = False
+        child_group.authgroup.hidden = False
+        child_group.authgroup.save()
+        child_group.authgroup.group_leaders.add(self.user_3)
+        child_group.authgroup.group_leader_groups.add(self.group)
+        # when
+        leaders = child_group.authgroup.group_request_approvers()
+        # then
+        self.assertSetEqual(leaders, {self.user_1, self.user_3})
+
+    def test_can_handle_group_without_leaders(self):
+        # given
+        child_group = Group.objects.create(name='Child')
+        child_group.authgroup.internal = False
+        child_group.authgroup.hidden = False
+        child_group.authgroup.save()
+        # when
+        leaders = child_group.authgroup.group_request_approvers()
+        # then
+        self.assertSetEqual(leaders, set())
+
+
+class TestReservedGroupName(TestCase):
+    def test_should_return_name(self):
+        # given
+        obj = ReservedGroupName(name="test", reason="abc", created_by="xxx")
+        # when
+        result = str(obj)
+        # then
+        self.assertEqual(result, "test")
+
+    def test_should_not_allow_creating_reserved_name_for_existing_group(self):
+        # given
+        Group.objects.create(name="Dummy")
+        # when
+        with self.assertRaises(RuntimeError):
+            ReservedGroupName.objects.create(
+                name="dummy", reason="abc", created_by="xxx"
+            )

allianceauth/groupmanagement/tests/test_signals.py

@@ -6,6 +6,27 @@ from allianceauth.eveonline.autogroups.models import AutogroupsConfig
 from allianceauth.tests.auth_utils import AuthUtils
 
 
+from ..models import ReservedGroupName
+
+
+class TestGroupSignals(TestCase):
+    def test_should_create_authgroup_when_group_is_created(self):
+        # when
+        group = Group.objects.create(name="test")
+        # then
+        self.assertEqual(group.authgroup.group, group)
+
+    def test_should_rename_group_that_conflicts_with_reserved_name(self):
+        # given
+        ReservedGroupName.objects.create(name="test", reason="dummy", created_by="xyz")
+        ReservedGroupName.objects.create(name="test_1", reason="dummy", created_by="xyz")
+        # when
+        group = Group.objects.create(name="Test")
+        # then
+        self.assertNotEqual(group.name, "test")
+        self.assertNotEqual(group.name, "test_1")
+
+
 class TestCheckGroupsOnStateChange(TestCase):
 
     @classmethod