Allow to invite specific person on person detail page

aleksis/core/forms.py

@@ -6,7 +6,7 @@ from django.conf import settings
 from django.contrib.auth import get_user_model
 from django.contrib.auth.models import Permission
 from django.contrib.sites.models import Site
-from django.core.exceptions import ValidationError
+from django.core.exceptions import ValidationError, SuspiciousOperation
 from django.db.models import QuerySet
 from django.http import HttpRequest
 from django.utils.translation import gettext_lazy as _
@@ -568,20 +568,22 @@ class AccountRegisterForm(SignupForm, ExtensibleForm):
         request = kwargs.pop("request", None)
         super(AccountRegisterForm, self).__init__(*args, **kwargs)
 
-        try:
+        if request.session.get("account_verified_email"):
             email = request.session["account_verified_email"]
-            person = Person.objects.filter(email=email)
+
+            try:
+                person = Person.objects.get(email=email)
+            except (Person.DoesNotExist, Person.MultipleObjectsReturned):
+                raise SuspiciousOperation()
 
             self.fields["email"].disabled = True
             self.fields["email2"].disabled = True
 
             if person:
-                self.fields["first_name"].initial = person.first().first_name
+                self.fields["first_name"].initial = person.first_name
                 self.fields["first_name"].disabled = True
-                self.fields["last_name"].initial = person.first().first_name
+                self.fields["last_name"].initial = person.last_name
                 self.fields["last_name"].disabled = True
-        except KeyError:
-            pass
 
 
 class ActionForm(forms.Form):

aleksis/core/models.py

 # flake8: noqa: DJ01
-
 import hmac
 from datetime import date, datetime, timedelta
 from typing import Iterable, List, Optional, Sequence, Union
@@ -1077,10 +1076,7 @@ class PersonInvitation(AbstractBaseInvitation, PureDjangoModel):
 
     @classmethod
     def create(cls, email, inviter=None, **kwargs):
-        length = get_site_preferences()["auth__invite_code_length"]
-        packet_size = get_site_preferences()["auth__invite_code_packet_size"]
-        key = generate_random_code(length, packet_size)
-        instance = cls._default_manager.create(email=email, key=key, inviter=inviter, **kwargs)
+        instance = cls._default_manager.create(email=email, inviter=inviter, **kwargs)
         return instance
 
     def __str__(self) -> str:

aleksis/core/preferences.py

@@ -268,7 +268,7 @@ class SignupOpen(BooleanPreference):
     section = auth
     name = "signup_open"
     default = False
-    verbose_name = _("Signup open for everyone.")
+    verbose_name = _("Signup open for everyone")
 
 
 @site_preferences_registry.register

aleksis/core/settings.py

@@ -6,7 +6,7 @@ from django.utils.translation import gettext_lazy as _
 
 from dynaconf import LazySettings
 
-from .util.core_helpers import get_app_packages, merge_app_settings, monkey_patch
+from .util.core_helpers import get_app_packages, merge_app_settings, monkey_patch, lazy_preference
 
 monkey_patch()
 
@@ -354,7 +354,7 @@ ACCOUNT_UNIQUE_EMAIL = _settings.get("auth.login.registration.unique_email", Tru
 
 ACCOUNT_ADAPTER = "invitations.models.InvitationsAdapter"
 
-INVITATIONS_INVITATION_EXPIRY = _settings.get("auth.invitation.expiry", 3)
+INVITATIONS_INVITATION_EXPIRY = lazy_preference("auth", "invite_day_expiry")
 
 INVITATIONS_EMAIL_SUBJECT_PREFIX = ACCOUNT_EMAIL_SUBJECT_PREFIX
 
@@ -534,8 +534,6 @@ YARN_INSTALLED_APPS = [
 
 merge_app_settings("YARN_INSTALLED_APPS", YARN_INSTALLED_APPS, True)
 
-CLEAVE_JS = "cleave.js/dist/cleave.min.js"
-
 JS_URL = _settings.get("js_assets.url", STATIC_URL)
 JS_ROOT = _settings.get("js_assets.root", NODE_MODULES_ROOT + "/node_modules")
 
@@ -563,10 +561,13 @@ ANY_JS = {
     "Roboto700": {"css_url": JS_URL + "/@fontsource/roboto/700.css"},
     "Roboto900": {"css_url": JS_URL + "/@fontsource/roboto/900.css"},
     "Sentry": {"js_url": JS_URL + "/@sentry/tracing/build/bundle.tracing.js"},
+    "cleavejs": {"js_url": "cleave.js/dist/cleave.min.js"}
 }
 
 merge_app_settings("ANY_JS", ANY_JS, True)
 
+CLEAVE_JS = ANY_JS["cleavejs"]["js_url"]
+
 SASS_PROCESSOR_ENABLED = True
 SASS_PROCESSOR_AUTO_INCLUDE = False
 SASS_PROCESSOR_CUSTOM_FUNCTIONS = {

aleksis/core/tables.py

@@ -6,6 +6,7 @@ import django_tables2 as tables
 from django_tables2.utils import A
 
 from .models import Person
+from .util.core_helpers import get_site_preferences
 
 
 class SchoolTermTable(tables.Table):
@@ -108,7 +109,8 @@ class InvitationCodeColumn(tables.Column):
     """Returns invitation code in a more readable format."""
 
     def render(self, value):
-        return "-".join(wrap(value, 5))
+        packet_size = get_site_preferences()["auth__invite_code_packet_size"]
+        return "-".join(wrap(value, packet_size))
 
 
 class InvitationsTable(tables.Table):

aleksis/core/templates/core/person/full.html

@@ -47,7 +47,7 @@
     {% endif %}
     {% if can_invite and not person.user %}
         <a href="{% url "invite_person_by_id" person.id %}" class="btn waves-effect waves-light">
-          <i class="material-icons left">giftcard</i>
+          <i class="material-icons left">card_giftcard</i>
           {% trans "Invite user" %}
         </a>
     {% endif %}

aleksis/core/urls.py

@@ -62,7 +62,7 @@ urlpatterns = [
     path("person/<int:id_>/", views.person, name="person_by_id"),
     path("person/<int:pk>/edit/", views.EditPersonView.as_view(), name="edit_person_by_id"),
     path("person/<int:id_>/delete/", views.delete_person, name="delete_person_by_id"),
-    path("person/<int:id_>/invite/", views.invite_person, name="invite_person_by_id"),
+    path("person/<int:id_>/invite/", views.invite_person_by_id, name="invite_person_by_id"),
     path("groups", views.groups, name="groups"),
     path("groups/additional_fields", views.additional_fields, name="additional_fields"),
     path("groups/child_groups/", views.groups_child_groups, name="groups_child_groups"),

aleksis/core/views.py

@@ -1393,11 +1393,8 @@ class AccountRegisterView(SignupView):
     success_url = "index"
 
     def dispatch(self, request, *args, **kwargs):
-        if not get_site_preferences()["auth__signup_open"]:
-            try:
-                session = request.session["account_verified_email"]
-            except KeyError:
-                raise PermissionDenied()
+        if not get_site_preferences()["auth__signup_open"] and not request.session.get("account_verified_email"):
+            raise PermissionDenied()
         return super(AccountRegisterView, self).dispatch(request, *args, **kwargs)
 
     def get_form_kwargs(self):
@@ -1411,9 +1408,22 @@ def invite_person_by_id(request: HttpRequest, id_: int) -> HttpResponse:
 
     person = Person.objects.get(id=id_)
 
-    invite = PersonInvitation.objects.create(
-        inviter=request.user,
-        person=person,
-        email=person.email,
-    )
-    invite.send_invitation()
+    if not PersonInvitation.objects.filter(email=person.email).exists():
+        length = get_site_preferences()["auth__invite_code_length"]
+        packet_size = get_site_preferences()["auth__invite_code_packet_size"]
+        key = generate_random_code(length, packet_size)
+        invite = PersonInvitation.objects.create(
+            person=person,
+            key=key
+        )
+        if person.email:
+            invite.email = person.email
+        invite.inviter = request.user
+        invite.save()
+        
+        invite.send_invitation(request)
+        messages.success(request, _("Person was invited successfully."))
+    else:
+        messages.success(request, _("Person was already invited."))
+
+    return redirect("person_by_id", person.pk)