pep-dortmund / member-database Goto Github PK

Currently it's not possible to get data using commandline utilities like curl or httpie, even requests sessions do not work.

something like curl -u <user> <url>/members should work and would make testing during developement much easier

Looks like poetry won. 1.0 is imminent

Some Ideas of the meeting in Essen and before:

• Let members change their data (employer, email-address etc.)
• Easier access for us, add new members, edit, customized mails etc.

Datenschutzhinweise bei

• Jeder Veranstaltung (Auf jedem Formular ist genau anzugeben, welche Daten zu welchem Zweck verarbeitet werden)
• Vereinsanmeldung
• Dokument mit Datenschutzerklärung

• werde Mitglied
• Daten beantragen
• Startseite

For memorable, human readable names:

E.g. registration.pep-dortmund.org/events/soak20/registration

This could be implemented by e.g.:

@events.route('/<name: str>/registration')
def registration_by_name(name):
    event = Event.query.filter_by(shortlink=name).first()
    return event_registration(event.id)

I gave number of guests > max but got not warning what was wrong, just a page reload without any indication.

If new EventRegistrations come in while an Event is edited, saving the Event will override the new Registrations.

• AG Schneider counts as E4b?
• email@test is possible, could it be checked for . in domain?
• if the external place is chosen, maybe there is a place to specify where it was written

Currently, the gdpr request email points to a edit form that does not return a response, see

Homepage should include links to

• events
• gdpr request
• pep main page

The login button is relatively dominant in the navigation bar. Registrants could expect this button to provide some login for their registrations as well. So maybe for now we could just add a email-field in the login form to request a main containing links to all active registrations for that email.

• Add pytest config
• Write tests
  • events
  • auth
• setup CI on travis

Every event requires to inform all participants. A feature for organisers to send a mail would be very helpful.

Users should be able to change/reset their passwords

We should use flask_bootstrap for the forms (login for now).

This should be a fairly simple task, just following https://blog.miguelgrinberg.com/post/the-flask-mega-tutorial-part-xi-facelift

We should replace or remove it so we can use bootstrap 4

A member database sounds quite like a classical use case for SQl.

Please discuss.

We should proably make the admin page inherit from our base template

https://github.com/pep-dortmund/member-database/tree/beckstev-error_handling/migrations/versions

To catch errors specific to postgres, we should also run a CI instance using a postgres database

Which license? Is there any PLP (PEP Licence Policy)?

Members should be able to give us a SEPA Mandat

A single Person might use multiple emails.

We should enable:

• A person to have a primary and multiple secondary emails (via a SecondaryMails table)
• Merging of persons after confirmation of the secondary mail

Users should have the right to see every information of the database. Grouping of users with same rights could help in that matter

So right now an individual vue-app is added for each input field:

One could think of input field connections like in the old PARS interface: You select the "Bachelor" degree and the title of the thesis field becomes "Bachelor-thesis" 😎

This is very low priority of course.

The password hash is required and there is no easy way to produce it.

The error notification for "You are already participating" should have an option to resend the email

We should change this to:
applied_for_mship = True/False, to check if the Person wants to be a member of PeP.

Add the possibility to send a mail or mail with pdf attachment containing all information we have about a member on request. (GDPR data request)

• Add an endpoint with method post and form data email.

• Add a template for the email

• Write the queries that dump all data we have for a Person

Missing and probably necessary:

• email
• date
• time
• date-time

See :
https://json-schema.org/understanding-json-schema/reference/string.html

I suggest providing a ledger-mode, i.e. if you want to change an entry, you create a copy with all desired modifcations, link it to the "old" entry and then set the old entry to "archive". This way we can easily get a nice log of all changes in the BD / our member's data (names, adresses, payment history, whatever)

👍 or 👎?

Should be only visible to logged-in users

• Geschäftsführung
  • Alle Daten einsehen
  • Mitgliedsanträge genehmigen

If I register with an existing Person's email address, I can define a different name. I think we could allow that, but in this case the adjusted name does not show up in the /event/<id>/participats endpoint.

Setup email exception logging like in https://blog.miguelgrinberg.com/post/the-flask-mega-tutorial-part-vii-error-handling

Using SQLCipher should be an option if we stick to SQLite anyway, see https://docs.sqlalchemy.org/en/latest/dialects/sqlite.html#module-sqlalchemy.dialects.sqlite.pysqlcipher.

related to #90 we should store the email a person registered with in the data blob

The member-database needs to have a very cool name so people will love it!

It is especially hard on mobile, to click the submit button of registration forms due to the bottom spacing. Simply adding some whitespace, i.e. a footer might already help.