adds no_implicit_role to always force a profile manager to accept requests

smirolo · smirolo · commit 1b98c971c4a5 · 2026-02-14T08:46:58.000-08:00
diff --git a/docs/conf.py b/docs/conf.py
@@ -61,9 +61,9 @@
 # built documents.
 #
 # The short X.Y version.
-version = '1.1'
+version = '1.2'
 # The full version, including alpha/beta/rc tags.
-release = '1.1.7-dev'
+release = '1.2.0-dev'
 
 # The language for content autogenerated by Sphinx. Refer to documentation
 # for a list of supported languages.
diff --git a/saas/__init__.py b/saas/__init__.py
@@ -1,4 +1,4 @@
-# Copyright (c) 2025, DjaoDjin inc.
+# Copyright (c) 2026, DjaoDjin inc.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
@@ -26,4 +26,4 @@
 PEP 386-compliant version number for the saas django app.
 """
 
-__version__ = '1.1.7-dev'
+__version__ = '1.2.0-dev'
diff --git a/saas/api/agreements.py b/saas/api/agreements.py
@@ -1,4 +1,4 @@
-# Copyright (c) 2025, DjaoDjin inc.
+# Copyright (c) 2026, DjaoDjin inc.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
@@ -30,7 +30,8 @@
 from rest_framework.response import Response
 
 from .serializers import (AgreementSerializer, AgreementCreateSerializer,
-    AgreementDetailSerializer, AgreementUpdateSerializer)
+    AgreementDetailSerializer, AgreementUpdateSerializer,
+    PrivacyCookiesSerializer)
 from .. import settings
 from ..docs import extend_schema, OpenApiResponse
 from ..filters import OrderingFilter, SearchFilter
@@ -181,7 +182,7 @@ def create(self, request, *args, **kwargs):
             headers=headers)
 
 
-class AgreementDetailAPIView(generics.RetrieveAPIView):
+class AgreementDetailAPIView(CreateModelMixin, generics.RetrieveAPIView):
     """
     Retrieves a legal agreement
 
@@ -214,6 +215,13 @@ class AgreementDetailAPIView(generics.RetrieveAPIView):
     lookup_field = 'slug'
     lookup_url_kwarg = 'agreement'
 
+    def get_serializer_class(self):
+        if self.request.method.lower() in ('post',):
+            return PrivacyCookiesSerializer
+        return super(AgreementDetailAPIView, self).get_serializer_class()
+
+    @extend_schema(responses={
+        200: OpenApiResponse(AgreementDetailSerializer)})
     def post(self, request, *args, **kwargs):
         """
         Update privacy settings
@@ -255,8 +263,7 @@ def post(self, request, *args, **kwargs):
         return self.get(request, *args, **kwargs)
 
 
-class AgreementUpdateAPIView(UpdateModelMixin, DestroyModelMixin,
-                             AgreementDetailAPIView):
+class AgreementUpdateAPIView(generics.RetrieveUpdateDestroyAPIView):
     """
     Retrieves a legal agreement (broker)
 
@@ -285,6 +292,8 @@ class AgreementUpdateAPIView(UpdateModelMixin, DestroyModelMixin,
             }
     """
     serializer_class = AgreementDetailSerializer
+    queryset = Agreement.objects.all()
+    lookup_field = 'slug'
     lookup_url_kwarg = 'document'
 
     def get_serializer_class(self):
diff --git a/saas/api/serializers.py b/saas/api/serializers.py
@@ -1,4 +1,4 @@
-# Copyright (c) 2025, DjaoDjin inc.
+# Copyright (c) 2026, DjaoDjin inc.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
@@ -430,6 +430,17 @@ class MetricsSerializer(NoModelSerializer):
         help_text=_("Data series"))
 
 
+class PrivacyCookiesSerializer(NoModelSerializer):
+    # matches `settings.PRIVACY_COOKIES_ENABLED`
+
+    analytics = serializers.BooleanField(required=False,
+        help_text=_("True when analytics cookies are enabled"))
+    social_media = serializers.BooleanField(required=False,
+        help_text=_("True when social_media cookies are enabled"))
+    advertising = serializers.BooleanField(required=False,
+        help_text=_("True when advertising cookies are enabled"))
+
+
 class RefundChargeItemSerializer(NoModelSerializer):
     """
     One item to refund on a `Charge`.
@@ -535,6 +546,8 @@ class OrganizationDetailSerializer(OrganizationSerializer):
         help_text=_("Zip/Postal code"))
     country = CountryField(required=False, allow_blank=True,
         help_text=_("Country as 2-letter code (ISO 3166-1)"))
+    no_implicit_role = serializers.BooleanField(required=False, default=False,
+        help_text=_("When `True`, the profile does not allow implicit roles"))
     is_bulk_buyer = serializers.BooleanField(required=False, default=False,
         help_text=_("Enable GroupBuy"))
     extra = ExtraField(required=False, allow_null=True,
@@ -548,8 +561,8 @@ class Meta(OrganizationSerializer.Meta):
         fields = OrganizationSerializer.Meta.fields + (
             'full_name', 'created_at', 'email', 'phone',
             'street_address', 'locality', 'region', 'postal_code', 'country',
-            'default_timezone', 'is_provider', 'is_bulk_buyer', 'extra',
-            'detail')
+            'default_timezone', 'no_implicit_role', 'is_provider',
+            'is_bulk_buyer', 'extra', 'detail')
         read_only_fields = ('created_at', 'detail')
 
 
diff --git a/saas/api/transactions.py b/saas/api/transactions.py
@@ -571,7 +571,7 @@ def post(self, request, *args, **kwargs):
         .. code-block:: json
 
             {
-                "plan": "basic",
+                "plan": "premium",
                 "use": "requests"
             }
 
diff --git a/saas/forms.py b/saas/forms.py
@@ -189,7 +189,8 @@ class OrganizationForm(PostalFormMixin, forms.ModelForm):
     class Meta:
         model = get_organization_model()
         fields = ('slug', 'full_name', 'email', 'phone', 'country',
-                  'region', 'locality', 'street_address', 'postal_code')
+                  'region', 'locality', 'street_address', 'postal_code',
+                  'no_implicit_role')
         widgets = {'country': forms.widgets.Select(choices=countries)}
 
     def __init__(self, *args, **kwargs):
diff --git a/saas/migrations/0006_0_3_0.py b/saas/migrations/0006_0_3_0.py
@@ -29,7 +29,7 @@ class Migration(migrations.Migration):
                 ('created_at', models.DateTimeField(auto_now_add=True,
                     help_text='Date/time of creation (in ISO format)')),
                 ('use_amount', models.PositiveIntegerField(default=0,
-                  help_text='Amount of the use charge in plan currency unit')),
+                  help_text='Amount per unit defined by the provider of the use charge in plan currency unit (ex: $0.01/request)')),
                 ('extra', models.TextField(null=True)),
             ],
             bases=(saas.utils.SlugTitleMixin, models.Model),
diff --git a/saas/migrations/0022_v1_2_0.py b/saas/migrations/0022_v1_2_0.py
@@ -0,0 +1,18 @@
+# Generated by Django 4.2.27 on 2026-02-14 15:59
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('saas', '0021_v1_0_0'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='organization',
+            name='no_implicit_role',
+            field=models.BooleanField(default=False, help_text='The profile does not allow implicit roles'),
+        ),
+    ]
diff --git a/saas/models.py b/saas/models.py
@@ -1,4 +1,4 @@
-# Copyright (c) 2025, DjaoDjin inc.
+# Copyright (c) 2026, DjaoDjin inc.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
@@ -168,7 +168,8 @@ def accessible_by(self, user, role_descr=None, includes_personal=True):
     def find_candidates_by_domain(self, domain):
         if domain and domain[0] != '@':
             domain = '@' + domain
-        return self.filter(is_active=True, email__endswith=domain)
+        return self.filter(is_active=True, email__endswith=domain).exclude(
+            no_implicit_role=True)
 
     def find_candidates(self, full_name, user=None):
         """
@@ -285,6 +286,9 @@ class AbstractOrganization(models.Model):
     is_provider = models.BooleanField(default=False,
         help_text=_("The profile can fulfill the provider side"\
         " of a subscription."))
+    no_implicit_role = models.BooleanField(default=False,
+        help_text=_("The profile does not allow implicit roles"))
+
     default_timezone = models.CharField(
         max_length=100, default=settings.TIME_ZONE,
         help_text=_("Timezone to use when reporting metrics"))
diff --git a/saas/static/js/djaodjin-resources-vue.js b/saas/static/js/djaodjin-resources-vue.js
@@ -22,7 +22,7 @@ const DESC_SORT_PRE = '-';
 
 /** Displays notification messages to the user
 
-     requires `jQuery`, showErrorMessages
+     requires `jQuery`, djaodjin-resources.js exports
      optional toastr
  */
 var messagesMixin = {
@@ -111,7 +111,10 @@ var paramsMixin = {
     computed: {
         _start_at: {
             get: function() {
-                return this.asDateInputField(this.params.start_at);
+                if( this.params.start_at ) {
+                    return this.asDateInputField(this.params.start_at);
+                }
+                return null;
             },
             set: function(newVal) {
                 if( newVal ) {
@@ -135,7 +138,10 @@ var paramsMixin = {
                 //
                 // const dateValue = moment(this.params.ends_at).add(1,'days');
                 // return dateValue.isValid() ? dateValue.format("YYYY-MM-DD") : null;
-                return this.asDateInputField(this.params.ends_at);
+                if( this.params.ends_at ) {
+                    return this.asDateInputField(this.params.ends_at);
+                }
+                return null;
             },
             set: function(newVal) {
                 if( newVal ) {
diff --git a/saas/static/js/djaodjin-resources.js b/saas/static/js/djaodjin-resources.js
@@ -21,6 +21,11 @@
 function clearMessages() {
     "use strict";
     jQuery("#messages-content").empty();
+
+    // removes decoration on the fields.
+    jQuery(".form-group.has-error").removeClass("has-error");
+    jQuery(".is-invalid").removeClass("is-invalid");
+    jQuery(".invalid-feedback").text("");
 };
 
 function showMessages(messages, style) {
@@ -135,29 +140,35 @@ function _showErrorMessages(resp) {
             messages = [resp.detail];
         }
     }
-    if( messages.length === 0 && hasContextMessages ) {
-        if( _showErrorMessagesOnFields ) {
-            messages = [_showErrorMessagesOnFields];
+    if( messages.length === 0 ) {
+        if( hasContextMessages ) {
+            if( typeof _showErrorMessagesOnFields !== 'undefined' &&
+                _showErrorMessagesOnFields ) {
+                messages = [_showErrorMessagesOnFields];
+            }
+        } else {
+            messages = ["Err " + resp.status + ": " + resp.statusText];
         }
     }
     return messages;
 };
 
 
 function showErrorMessages(resp) {
+    var messages = [];
     if( resp.status >= 500 && resp.status < 600 ) {
         msg = "Err " + resp.status + ": " + resp.statusText;
-        if( _showErrorMessagesProviderNotified ) {
+        if( typeof _showErrorMessagesProviderNotified !== 'undefined' &&
+            _showErrorMessagesProviderNotified ) {
             msg += "<br />" + _showErrorMessagesProviderNotified;
         }
         messages = [msg];
     } else {
-        var messages = _showErrorMessages(resp);
-        if( messages.length === 0 ) {
-            messages = ["Err " + resp.status + ": " + resp.statusText];
-        }
+        messages = _showErrorMessages(resp);
+    }
+    if( messages.length > 0 ) {
+        showMessages(messages, "error");
     }
-    showMessages(messages, "error");
 };
 
 
@@ -301,7 +312,7 @@ const djApi = {
         // - http(elem, url, data, success)
         // - http(elem, url, data, success, fail)
         args['elem'] = elem;
-        if( typeof url != 'string' && !self._isArray(arg) ) {
+        if( typeof url != 'string' && !self._isArray(url) ) {
             throw '`url` should be a string or an array of ajax queries';
         }
         args['url'] = url;
@@ -452,7 +463,7 @@ const djApi = {
         fetch(self._safeUrl(self.apiBase, args.url), {
             method: "POST",
             headers: headers,
-            body: JSON.stringify(args.data),
+            body: args.data ? JSON.stringify(args.data) : null,
             credentials: 'include',
             traditional: true,
         }).then(async function(resp) {
@@ -571,7 +582,7 @@ const djApi = {
         fetch(self._safeUrl(self.apiBase, args.url), {
             method: "PUT",
             headers: headers,
-            body: JSON.stringify(args.data),
+            body: args.data ? JSON.stringify(args.data) : null,
             credentials: 'include',
             traditional: true,
         }).then(async function(resp) {
@@ -631,7 +642,7 @@ const djApi = {
         fetch(self._safeUrl(self.apiBase, args.url), {
             method: "PATCH",
             headers: headers,
-            body: JSON.stringify(args.data),
+            body: args.data ? JSON.stringify(args.data) : null,
             credentials: 'include',
             traditional: true,
         }).then(async function(resp) {
@@ -763,7 +774,7 @@ const djApi = {
             args.failureCallback);
     }
 
-}
+};
 
     // attach properties to the exports object to define
     // the exported module properties.
diff --git a/testsite/fixtures/200-saas-roles.json b/testsite/fixtures/200-saas-roles.json
@@ -1290,4 +1290,34 @@
       "created_at": "2026-01-01T00:00:00+00:00",
       "role_description": 1,
       "organization": 250, "user": 251}, "model": "saas.Role", "pk": 251
-}]
+},
+
+{
+    "fields": {
+      "full_name": "NoImplicitRole",
+      "created_at": "2026-01-01T00:00:00+00:00",
+      "email": "no-implicit-role-252@@noimplicitrole252.localdomain",
+      "is_active": 1,
+      "no_implicit_role": true,
+      "slug": "no-implicit-role-252"}, "model": "saas.Organization", "pk": 252
+},
+{
+    "fields": {
+      "date_joined": "2026-01-01T00:00:00-09:00",
+      "last_login": "2026-01-01T00:00:00-09:00",
+      "email": "xia+252@noimplicitrole252.localdomain",
+      "first_name": "Xia",
+      "is_active": true,
+      "is_staff": false,
+      "is_superuser": false,
+      "last_name": "NoImplicitRole",
+      "password": "pbkdf2_sha256$10000$z0MBiWn0Rlem$iZdC6uHomlE07qGK/TqfcfxNzKJtFp03c0JILF1frRc=",
+      "username": "xia252"}, "model": "auth.User", "pk": 252
+},
+{
+    "fields": {
+      "last_signed": "2026-01-01T00:00:00+00:00",
+      "agreement": 1,
+      "user": 252}, "model": "saas.signature", "pk": 252
+}
+]
diff --git a/testsite/requirements.txt b/testsite/requirements.txt
@@ -2,8 +2,8 @@
 # py312-django5.2.
 
 Django==3.2.25 ; python_version < "3.9"
-Django==4.2.23 ; python_version >= "3.9" and python_version < "3.12"
-Django==5.2.5  ; python_version >= "3.12"
+Django==4.2.28 ; python_version >= "3.9" and python_version < "3.12"
+Django==5.2.11 ; python_version >= "3.12"
 djangorestframework==3.14.0 ; python_version < "3.9"
                                       # 3.12.4 not compatible with Django4.2
 djangorestframework==3.15.2 ; python_version >= "3.9" # Breaking

Original file line number	Diff line number	Diff line change
`@@ -571,7 +571,7 @@ def post(self, request, args, *kwargs):`
`571`	`571`	`.. code-block:: json`
`572`	`572`
`573`	`573`	`{`
`574`		`- "plan": "basic",`
	`574`	`+ "plan": "premium",`
`575`	`575`	`"use": "requests"`
`576`	`576`	`}`
`577`	`577`