* feat: django-rest-framework + Person/Email API (#8233)
* chore: djangorestframework -> requirements.txt
* chore: auth/perm/schema classes for drf
* chore: settings for drf and friends
* chore: comment that api/serializer.py is not DRF
* feat: URL router for DRF
* feat: simple api/v3/person/{id} endpoint
* fix: actually working demo endpoint
* chore: no auth for PersonViewSet
* ci: params in ci-run-tests.yml
* Revert "ci: params in ci-run-tests.yml"
This reverts commit 03808ddf94afe42b7382ddd3730959987389612b.
* feat: email addresses for person API
* feat: email update api (WIP)
* fix: working Email API endpoint
* chore: annotate address format in api schema
* chore: api adjustments
* feat: expose SpectacularAPIView
At least for now...
* chore: better schema_path_prefix
* feat: permissions for DRF API
* refactor: use permissions classes
* refactor: extract NewEmailForm validation for reuse
* refactor: ietfauth.validators module
* refactor: send new email conf req via helper
* feat: API call to issue new address request
* chore: move datatracker DRF api to /api/core/
* fix: unused import
* fix: lint
* test: drf URL names + API tests (#8248)
* refactor: better drf URL naming
* test: test person-detail view
* test: permissions
* test: add_email tests + stubs
* test: test email update
* test: test 404 vs 403
* fix: fix permissions
* test: test email partial update
* test: assert we have a nonexistent PK
* chore: disable DRF api for now
* chore: fix git inanity
* fix: lint
* test: disable tests of disabled code
* test: more lint
* feat: insensitive username matching at django authentication
* feat: use iexact when using the User object manager
* fix: more places to ignore username case
* fix: remove unused management command
* fix: avoid get when probing for object existance
* fix: force lowercase new usernames in secr/rolodex
* fix: use explicit arguments when creating user
* fix: Only send password reset email to known, active addresses
Limits password reset to Users with a Person and at least one active
address on file. Avoids the possibility of sending a password reset to
a spoofed address as in CVE-2019-19844.
* test: Use factory instead of explicit construction
* test: Test that a User with no Person cannot reset password
* fix: Fix handling of User.person field when it's null
* test: Test that reset emails are sent to known, active addresses
* chore: Use codespell to fix typos in code.
Second part of replacement of #4651
@rjsparks, I probably need to revert some things here, and I also
still need to add that new migration - how do I do that?
* Revert migrations
* Migrate "Whitelisted" to "Allowlisted"
* TEST_COVERAGE_MASTER_FILE -> TEST_COVERAGE_MAIN_FILE
* Fix permissions
* Add suggestions from @jennifer-richards
* fix: remove help/personal-information and the prompt-for-consent email management command.
* fix: remove gdpr treatment except for consent checkbox. Rename Submit.
* fix: drom the consent column from Person and Person.History
* fix: remove the consent boolean. Reorganize the account info form.
* chore: reorder migrations
* feat: add pronouns
* fix: include migrations
* fix: correct daggers on person form.
* fix: clean pronouns
* feat: add choices to pronouns
* feat: show pronouns on public profile
* feat: add pronouns to oidc userinfo
* fix: move pronouns to new claim. Add tests.
* fix: improve html generated by new widget
* feat: use a MultiWidget for pronouns
* refactor: use two fields on Person for the two types of pronoun entry.
* chore: update copyrights
people fill it in correctly. Blank it out if it's unchanged from name
and use unidecode to set it automatically (with a warning if it
actually converts something). Branch ready for merge.
- Legacy-Id: 11752
(reusing code previously written for the community lists) instead of
the a custom MD5 scheme, add tests of all views, rewrite custom form
handling code to use plain forms and ensure that the data is properly
validated and errors visible in the UI. Move help texts on the Person
form up to the model.
- Legacy-Id: 11136
Fixed profile update page to keep Alias table up to date. Also, roles for inactive groups are no longer displayed on the profile page.
- Legacy-Id: 4776
Note: SVN reference [4737] has been migrated to Git commit 6d87558b06
