Skip to content

Beowulf

Compare
Choose a tag to compare
@DragoonAethis DragoonAethis released this 27 Feb 16:54
· 228 commits to main since this release

Second system release, as used on Remcon 2023. Rough changelog:

Ticket Previews

  • The ticket preview system was completely reworked. Instead of generating previews using a predefined overlay template, the generator can now invoke a Docker container with arbitrary preview generation logic inside.
  • Generated previews can now include metadata from the ticket (nickname, code, role, etc). This enables generating print-ready images.
  • On Remcon 2023, the generator used a Jinja2 template to generate HTML files which were then rendered from Chromium to a PNG file. This generator is shipped in the repo for reference.
  • Ticket previews can now be generated in multiple variants - we used this to generate front and back sides of each final ticket to print.
  • Previews and personalization is now optional on a per-type basis.
  • The personalization section was removed from the registration page to keep it simple.

Dynamic Forms

  • The dynamic form system was also reworked and now uses a JSON-based form schema system. This makes them a lot less painful to work with on the Python side, but much more so on the admin side.
  • At the moment, there's no admin GUI available to customize the forms. You just gotta JSON by hand. Sorry.
  • The new form schema fixes a number of annoying parsing issues present in the first iteration and enables new features in the future, although not that many are present just yet.
  • It's now possible to make the labels/help text display Markdown or HTML directly.

Custom Event Pages

  • It is now possible to set up a custom payment info page - if a specific event does not require fully-automated payments, a selected Event Page can be shown instead when "Pay Online" is clicked.
  • That Event Page is shown only where relevant.

Crew Panel

  • The entire Crew Panel got a visual rework, making it easier to process an attendee step by step.
  • The ID query fields are now focused automatically. (Thanks to Rozz for the suggestion.)

Maintenance and Security

  • Upgraded to Python 3.10, Django 4.1 and bumped most libraries to +/- latest as of the release date.
  • The deployment scripts were upgraded to target Ubuntu 22.04.
  • The app now runs as www-data, not root. Most of its permissions were stripped with systemd service isolation features.
  • Fixed lots of PyCharm warnings and inspections.

Odds and Ends

  • Fixed race conditions around available ticket counts. It was possible to overpurchase ticket types in high demand - now that's no longer the case.
  • Added rate-limited ticket purchases (one ticket every X seconds per user/IP address).
  • It's now possible to force attendees to register a ticket before submitting any applications.
  • Passwords are now hashed with scrypt (and will be upgraded on any login).
  • Applications now store a JSON block with all answers, next to the formatted text block.
  • Reworked the attendee-side application details view - everything is now in a fancy table.
  • Sent email titles are now translated as well.
  • Admin site now displays lots of columns on most models, and is far more useful now.
  • Application export dumps its data to XLSX instead of CSV.
  • Superadmins can now peek some user-facing pages even if they don't own a given object directly. User-facing pages are now linked on the admin pages.
  • On-site tickets are no longer shown in "Your Tickets". In practice users with on-site tickets never see them on their account at all, and it's just system admins that end up with 100s of tickets on their front pages.
  • Added user hijacking - admins can now impersonate any specified user to aid troubleshooting and see what they see.
  • Staff users can be now exempt from the 2FA requirement. This is useful for service accounts during the event itself.
  • Enabled Sentry profiling, which makes it easier to spot routes taking way longer than it should. (Hello P24, we'll have a talk later.)
  • Ticket prices can be now overridden per individual ticket.
  • Some system messages (sales over, etc) can now be personalized on a per-Event basis.
  • Notification channels can now output to Telegram. Configuring this is a pain, but we kinda used this successfully.
  • A bunch of random misc things I forgot about. Sorry!