Perth-Artifactory/member_portal
Perth-Artifactory/member_portal
3
0
Fork 0
Code Issues 23 Pull requests Projects Releases 29 Packages Activity
29 releases 35 tags
  • v0.11.1 22fe7ebbc3

    v0.11.1 Stable

    Fletcher released this 2026-03-23 04:09:05 +00:00 | 0 commits to main since this release

    Added

    • Training bookings: Warning when requesting a slot that starts within 24 hours (short notice)
    • Training bookings: Filter upcoming open slots by a specific available induction
    • Training bookings (pending): Prompt for time debt when signing off trainee
    • Training bookings (pending): Add modal to view existing inductions
    • Training bookings: When a booking is confirmed, the assigned trainer receives a portal notification (in addition to the trainee)

    Changed

    • Training bookings (pending): Reduce number of API calls made when prepping a manual booking 🖥️
    • Database schema: Freeze baseline to current state of models.py 🖥️
    • Training bookings: Recent sessions expanded beyond 6h, completed, added cancel button
    • Navigation: Expand (grand)parent navigation items on mobile to aid in submenu navigation (switching between training pages etc)

    Fixed

  • v0.11.0 c80f2f4f28

    v0.11.0 Stable

    Fletcher released this 2026-03-19 19:13:49 +00:00 | 9 commits to main since this release

    Added

    • Database: Schema changes are now handled through Alembic 🖥️
  • v0.10.10 e3a6152db6

    v0.10.10 Stable

    Fletcher released this 2026-03-19 19:10:31 +00:00 | 10 commits to main since this release

    Added

    • Material creation: Labels can now be printed directly in the creation flow rather than afterwards
    • Training booking Slack messages: Track post lifecycle (active/passed/deleted), auto-mark posts as passed after 48h, and add an admin tool to mark missing active posts as deleted

    Changed

    • Admin contacts (mobile): Row expansion is now via button instead of row tap (too many other targets)
    • Booking board: Bookings placed from the pending tray are marked as confirmed not assigned
    • Training booking Slack messages: Passed/deleted posts are now hidden by default (with an option to show them)
    • Training bookings: Formatting of upcoming slots adjusted to better show they exist during loading
    • Training bookings: Available inductions are now collapsed by default
    • Training bookings: Notify assigned trainer when booking is cancelled by user
    • Training bookings: Trainee side cancellations <6h from the session time are marked as no shows
    • Training bookings: Requests for training are now posted to the training channel on Slack
    • Training bookings: The UI now makes it clearer that training requests are requests not bookings
    • Navigation: Create new Storage menu, move materials (member side)
    • Lockers: Move to storage section instead of profile
    • Lockers: Add explainer card and membership check
    • Member Work: Move into Storage menu, rename in navigation to Files

    Fixed

    • Volunteer statistics: All sections now respect datetime filters
    • Volunteer statistics: Time debt is sorted by hours
    • Admin contacts: Pagination navigation no longer causes horizontal scrolling on mobile
    • Admin notifications list: Localised datetimes in notifications are translated
    • Training bookings: "Book this slot" buttons correctly fill the form rather than submitting
    • Booking board: Booking cards moved from the pending tray to the board now save
    • Booking board conflict detection: ETag comparison fixed 🖥️
    • Training booking notifications: Start time incorrectly used the requested slot time instead of the scheduled booking time for notifications
    • Training bookings: Assign Booking modal now allows assigning a trainer without selecting a slot
    • Training bookings: Assign Booking modal warns about induction duration mismatches and offers potential fixes
    • Training bookings: Removed the "no slot" suffix from portal-day Slack summaries
    • Training bookings: Slack booking summaries now sort by booking start time instead of slot start time
    • Markdown: Nested lists now render correctly
    • Training endorsements table: Fix bug in alphabetical view that prevented switching
    • Volunteer token entries: Bucket splits with zero hours are now removed before DB write 🖥️
    • Training docs: "View content" wiki modal wraps preformatted text instead of scrolling horizontally
  • v0.10.9 99c2c0c825

    v0.10.9 Stable

    Fletcher released this 2026-03-15 15:34:05 +00:00 | 29 commits to main since this release

    Added

    • Booking board: Add dynamic board to help arrange bookings
    • Notification datetimes: Added a framework to include localised datetimes in notifications 🖥️

    Changed

    Fixed

    • Linked accounts: Fix styling of passkey buttons (primary->success) 🖥️
    • Training notifications: Training notifications no longer send datetimes as UTC 🖥️
  • v0.10.8 281bbf5fa4

    v0.10.8 Stable

    Fletcher released this 2026-03-14 00:27:24 +00:00 | 35 commits to main since this release

    Added

    • General calendar feed: Add a general calendar feed that features all public events, page styling/name adjusted to accommodate
    • Training booking messages: Backend page to directly control posting of booking posts to Slack (including refreshing the post)

    Changed

    • Slack auth: Migrate from OAuth2 to OpenID, including scheduled token refresh task 🖥️
    • Training booking suggestions: Suggested training weighting now factors in bookings -14d +30d and endorsement breadth (wider=lower ranking)
    • Manual booking: UI streamlined, options now restrict based on selected dropdowns
    • Manual Training Slack messages: Posting selector improved, added support for whole day posts
    • General calendar feed: Presented as alternate info source on all event lists 🖥️

    Fixed

    • Training in calendar feeds: Fixed error with description generation 🖥️
    • Manual training bookings: Bookings created at the confirmed stage no longer send assigned notifications as well
    • Training booking notifications: Assigned notifications no longer ask users to confirm bookings
    • Notification drafts: Added missing short_text column to NotificationDraft model so draft list and save use the attribute correctly 🖥️
    • Committee training pending bookings: Fix the "Use this" button
    • Training post: Rendering is now triggered on all relevant changes 🖥️
    • Merge accounts tool: The merge tool now correctly transfers training bookings 🖥️

    Security

    • Event feeds (subscriptions): Force https for ics url regardless of proxy config 🖥️
  • v0.10.7 b5f8e378a1

    v0.10.7 Stable

    Fletcher released this 2026-03-11 16:40:46 +00:00 | 50 commits to main since this release

    Added

    • SSO account creation: Shared helper to create User + OAuthAccount from a provider identity; used by OAuth callbacks and Slack App Home, and reusable for other SSO routes 🖥️
    • UserProfile from OAuth: New users created via the provider-identity helper now get a Celery task enqueued to populate UserProfile from their OAuth account profile data (TidyHQ, Slack, etc.) 🖥️

    Changed

    Fixed

    • Committee materials: Delete confirmation modal deletes the material rather than opening another modal
    • User settings: Don't create user_settings for user IDs that aren't in the users table (fixes FK violations for stale or Slack-only sessions) Underlying cause fixed below but change added to prevent issues in core functionality in the future 🖥️
    • Slack App Home: User ID is no longer half created if the first interaction with the portal is generating a Slack app home 🖥️
    • Committee tokens cumulative chart: Removed leading zero-padding in "Total individual hours over time" so each line begins at the first recorded contribution
    • Material scan mode: Treat organisation-owned material as member-owned for scan status colouring, and skip unused-threshold warnings for organisation-owned material
    • Committee material creation: Fix transparency on user search results
    • Material scan mode: Only log location changes when the location actually changes; otherwise log a "committee scanned" audit entry
    • Training bookings: Only show competency check indicator on inductions that have it enabled
    • Training bookings waitlist: Exclude incompatible events from request list
  • v0.10.6 153931c09b

    v0.10.6 Stable

    Fletcher released this 2026-03-09 20:02:49 +00:00 | 59 commits to main since this release

    This release focuses on preparing the application for wider usage within the test org.

    Security

    • Clickjacking: Prevent iframes 🖥️
    • Image endpoint: Implement access control for image endpoint based on reference keys 🖥️
    • Volunteer tokens approval UI: Escape entry descriptions when rendering to prevent stored XSS for approvers viewing the tokens page 🖥️
    • Admin concessions CRN: Sanitise CRN to alphanumeric only before display and copy to prevent XSS 🖥️
    • Forgejo webhook: Reject webhook requests when no secret is configured instead of skipping verification 🖥️
    • Post-login redirect: Further restrict post-login redirect targets 🖥️
    • Form statistics charts: Escaped chart titles in bar charts so user-controlled text cannot break out of script context 🖥️
    • Volunteer token authorisation: Restricted token user search endpoints to volunteer and approval roles, and blocked non-approvers from reassigning token entries 🖥️
    • Notification tracking links: Encrypted notification tracking tokens to prevent exposing notification IDs in forwarded emails 🖥️
    • Remote image fetching: Blocked private-network and non-public image URLs during server-side image imports to reduce SSRF risk 🖥️
    • Training wiki rendering: Removed Jinja template evaluation from wiki content responses to reduce server-side template injection risk 🖥️
    • Markdown rendering: Added nh3 sanitisation to rendered markdown 🖥️
    • OAuth login flow: Added state protection for SSO sign in and linking flows 🖥️
    • API key authentication: Remove query support for api keys 🖥️
    • Request forgery protection: Added CSRF protection for browser-based mutating requests and changed logout to use POST 🖥️
  • v0.10.5 2cbd89bcf6

    v0.10.5 Stable

    Fletcher released this 2026-03-09 16:53:50 +00:00 | 69 commits to main since this release

    Added

    • Forms: Add custom form framework
    • Slack forms shortcut: Added a /form slash command that opens a modal linking to Member Portal forms (Replacing functionality from previous form app)
  • v0.10.4 1ca3e0e15c

    v0.10.4 Stable

    Fletcher released this 2026-03-08 20:59:40 +00:00 | 71 commits to main since this release

    Added

    • Carpool Optimiser: Added a route optimiser for group pickup/dropoffs
    • Event name badges: Event managers can print name badges for event attendees
    • Material statistics: Added material statistics page showing material distribution, ownership, and usage over time
    • Material lists: Add system explainer
    • Trainer availability: Added explainers for system
    • Food orders pickup: Volunteers can generate a shareable link with order details to allow non-volunteers to pick up food
    • Others personal volunteering stats: Committee can now view volunteering stat pages as other users rather than relying on the data on the overall page

    Changed

    • Minification configuration: Asset minification is now configurable 🖥️
    • Material lists: Added creation date/last seen to tables, make columns sortable, add pagination
    • Material lists: Added confirmation before printing bulk labels
    • Non member interaction with material system: Disable creation and claiming for non members
    • Trainer availability: Dismissal of available slots is now stored server side. Prompt cards are now rendered regardless of presented options 🖥️

    Fixed

    • Training availability: Improved error handling for adding availability to ensure success messages are properly displayed 🖥️
    • Training availability: Fixed bookmarked events collapse state being lost when confirming availability
  • v0.10.3 6e68cb0b20

    v0.10.3 Stable

    Fletcher released this 2026-03-05 12:44:12 +00:00 | 90 commits to main since this release

    Added

    • Label printer support: Added the backend functionality to send text and images to a label printer
    • Material labels: Added material label printing
    • Total individual hours chart: Added a graph showing total individual hours over time to volunteering stats
    • Organisation locker assignments: Added the ability to assign lockers to the organisation as a whole, in addition to individual users

    Changed

    • Request logging: Request logs now include user display names alongside truncated user IDs 🖥️
    • App home logging: Slack app home render logs now include portal display name if set 🖥️
    • Trainer endorsements table: Table formatting cleaned up
    • Event restrictions table: Support wider screens

    Fixed

    • Failure to delete material: Database conflict caused materials to not delete
    • Material bulk operations selector: Material selections weren't cleared after a bulk operation
    • Material browser prompts: Browser prompts on the material pages have been replaced with modals
    • Event managers past events visibility: Event managers can now see all past events, not just events they created or hosted
    • Member type mapping: Correctly map community memberships