Merge pull request 'master' (#482) from master into Docker

Reviewed-on: #482

Dockerfile

@@ -0,0 +1,36 @@
+# Nutze ein schlankes Python-Image
+FROM python:3.11-slim-bullseye
+
+ENV PYTHONUNBUFFERED 1
+
+WORKDIR /konova
+
+# Installiere System-Abhängigkeiten
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    gdal-bin redis-server nginx \
+    && rm -rf /var/lib/apt/lists/*  # Platz sparen
+
+# Erstelle benötigte Verzeichnisse & setze Berechtigungen
+RUN mkdir -p /var/log/nginx /var/log/gunicorn /var/lib/nginx /tmp/nginx_client_body \
+    && touch /var/log/nginx/access.log /var/log/nginx/error.log \
+    && chown -R root:root /var/log/nginx /var/lib/nginx /tmp/nginx_client_body
+
+# Kopiere und installiere Python-Abhängigkeiten
+COPY ./requirements.txt /konova/
+RUN pip install --upgrade pip && pip install --no-cache-dir -r requirements.txt
+
+# Entferne Standard-Nginx-Site und ersetze sie durch eigene Config
+RUN rm -rf /etc/nginx/sites-enabled/default
+COPY ./nginx.conf /etc/nginx/conf.d
+
+# Kopiere restliche Projektdateien
+COPY . /konova/
+
+# Sammle statische Dateien
+RUN python manage.py collectstatic --noinput
+
+# Exponiere Ports
+#EXPOSE 80 6379 8000
+
+# Setze Entrypoint
+ENTRYPOINT ["/konova/docker-entrypoint.sh"]

README.md

@@ -4,6 +4,7 @@ the database postgresql and the css library bootstrap as well as the icon packag
 fontawesome for a modern look, following best practices from the industry.
 
 ## Background processes
+### !!! For non-docker run
 Konova uses celery for background processing. To start the worker you need to run
 ```shell
 $ celery -A konova worker -l INFO
@@ -18,3 +19,58 @@ Technical documention is provided in the projects git wiki.
 A user documentation is not available (and not needed, yet). 
 
 
+# Docker 
+To run the docker-compose as expected, you need to take the following steps:
+
+1. Create a database containing docker, using an appropriate Dockerfile, e.g. the following
+```
+version: '3.3'
+services:
+  postgis:
+    image: postgis/postgis
+    restart: always
+    container_name: postgis-docker
+    ports: 
+      - 5433:5432
+    volumes:
+      - db-volume:/var/lib/postgresql/data
+    environment:
+      - POSTGRES_PASSWORD=postgres
+      - POSTGRES_USER=postgres
+    networks:
+      - db-network-bridge
+
+networks:
+  db-network-bridge:
+    driver: "bridge"
+
+volumes:
+  db-volume:
+```
+This Dockerfile creates a Docker container running postgresql and postgis, creates the default superuser postgres, 
+creates a named volume for persisting the database and creates a new network bridge, which **must be used by any other
+container, which wants to write/read on this database**. 
+
+2. Make sure the name of the network bridge above matches the network in the konova docker-compose.yml  
+3. Get into the running postgis container (`docker exec -it postgis-docker bash`) and create new databases, users and so on. Make sure the database `konova` exists now!
+4. Replace all `CHANGE_ME_xy` values inside of konova/docker-compose.yml for your installation. Make sure the `SSO_HOST` holds the proper SSO host, e.g. for the arnova project `arnova.example.org` (Arnova must be installed and the webserver configured as well, of course)
+5. Take a look on konova/settings.py and konova/sub_settings/django_settings.py. Again: Replace all occurences of `CHANGE_ME` with proper values for your installation.
+   1. Make sure you have the proper host strings added to `ALLOWED_HOSTS` inside of django_settings.py.  
+6. Build and run the docker setup using `docker-compose build` and `docker-compose start` from the main directory of this project (where the docker-compose.yml lives)
+7. Run migrations! To do so, get into the konova service container (`docker exec -it konova-docker bash`) and run the needed commands (`python manage.py makemigrations LIST_OF_ALL_MIGRATABLE_APPS`, then `python manage.py migrate`)
+8. Run the setup command `python manage.py setup` and follow the instructions on the CLI
+9. To enable **SMTP** mail support, make sure your host machine (the one where the docker container run) has the postfix service configured properly. Make sure the `mynetworks` variable is xtended using the docker network bridge ip, created in the postgis container and used by the konova services.
+   1. **Hint**: You can find out this easily by trying to perform a test mail in the running konova web application (which will fail, of course). Then take a look to the latest entries in `/var/log/mail.log` on your host machine. The failed IP will be displayed there.
+   2. **Please note**: This installation guide is based on SMTP using postfix! 
+   3. Restart the postfix service on your host machine to reload the new configuration (`service postfix restart`)
+10. Finally, make sure your host machine webserver passes incoming requests properly to the docker nginx webserver of konova. A proper nginx config for the host machine may look like this:
+```
+server {
+    server_name konova.domain.org;
+
+    location / {
+        proxy_pass http://localhost:KONOVA_NGINX_DOCKER_PORT/;
+        proxy_set_header Host $host;
+    }
+}
+```

api/models/token.py

@@ -51,7 +51,7 @@ class APIUserToken(models.Model):
             if token_obj.valid_until is not None and token_obj.valid_until < _today:
                 raise PermissionError("Token validity expired")
         except ObjectDoesNotExist:
-            raise PermissionError("Credentials invalid")
+            raise PermissionError("Token unknown")
         return token_obj.user
 
 

api/tests/v1/update/test_api_update.py

@@ -12,7 +12,7 @@ from django.contrib.gis import geos
 from django.urls import reverse
 
 from api.tests.v1.share.test_api_sharing import BaseAPIV1TestCase
-from konova.sub_settings.lanis_settings import DEFAULT_SRID_RLP
+from konova.models import Geometry
 
 
 class APIV1UpdateTestCase(BaseAPIV1TestCase):
@@ -64,7 +64,7 @@ class APIV1UpdateTestCase(BaseAPIV1TestCase):
 
         put_props = put_body["properties"]
         put_geom = geos.fromstr(json.dumps(put_body))
-        put_geom.transform(DEFAULT_SRID_RLP)
+        put_geom = Geometry.cast_to_rlp_srid(put_geom)
         self.assertEqual(put_geom, self.intervention.geometry.geom)
         self.assertEqual(put_props["title"], self.intervention.title)
         self.assertNotEqual(modified_on, self.intervention.modified)
@@ -94,7 +94,7 @@ class APIV1UpdateTestCase(BaseAPIV1TestCase):
 
         put_props = put_body["properties"]
         put_geom = geos.fromstr(json.dumps(put_body))
-        put_geom.transform(DEFAULT_SRID_RLP)
+        put_geom = Geometry.cast_to_rlp_srid(put_geom)
         self.assertEqual(put_geom, self.compensation.geometry.geom)
         self.assertEqual(put_props["title"], self.compensation.title)
         self.assertNotEqual(modified_on, self.compensation.modified)
@@ -124,7 +124,7 @@ class APIV1UpdateTestCase(BaseAPIV1TestCase):
 
         put_props = put_body["properties"]
         put_geom = geos.fromstr(json.dumps(put_body))
-        put_geom.transform(DEFAULT_SRID_RLP)
+        put_geom = Geometry.cast_to_rlp_srid(put_geom)
         self.assertEqual(put_geom, self.eco_account.geometry.geom)
         self.assertEqual(put_props["title"], self.eco_account.title)
         self.assertNotEqual(modified_on, self.eco_account.modified)
@@ -156,7 +156,7 @@ class APIV1UpdateTestCase(BaseAPIV1TestCase):
 
         put_props = put_body["properties"]
         put_geom = geos.fromstr(json.dumps(put_body))
-        put_geom.transform(DEFAULT_SRID_RLP)
+        put_geom = Geometry.cast_to_rlp_srid(put_geom)
         self.assertEqual(put_geom, self.ema.geometry.geom)
         self.assertEqual(put_props["title"], self.ema.title)
         self.assertNotEqual(modified_on, self.ema.modified)

api/utils/serializer/serializer.py

@@ -13,7 +13,7 @@ from django.contrib.gis.geos import GEOSGeometry
 from django.core.paginator import Paginator
 from django.db.models import Q
 
-from konova.sub_settings.lanis_settings import DEFAULT_SRID_RLP
+from konova.models import Geometry
 from konova.utils.message_templates import DATA_UNSHARED
 
 
@@ -145,8 +145,8 @@ class AbstractModelAPISerializer:
         if isinstance(geojson, dict):
             geojson = json.dumps(geojson)
         geometry = geos.fromstr(geojson)
-        if geometry.srid != DEFAULT_SRID_RLP:
-            geometry.transform(DEFAULT_SRID_RLP)
+        geometry = Geometry.cast_to_rlp_srid(geometry)
+        geometry = Geometry.cast_to_multipolygon(geometry)
         return geometry
 
     def _get_obj_from_db(self, id, user):

api/views/views.py

@@ -50,14 +50,19 @@ class AbstractAPIView(View):
     def dispatch(self, request, *args, **kwargs):
         try:
             # Fetch the proper user from the given request header token
-            ksp_token = request.headers.get(KSP_TOKEN_HEADER_IDENTIFIER, None)
+            token = request.headers.get(KSP_TOKEN_HEADER_IDENTIFIER, None)
             ksp_user = request.headers.get(KSP_USER_HEADER_IDENTIFIER, None)
-            token_user = APIUserToken.get_user_from_token(ksp_token)
 
-            if ksp_user != token_user.username:
+            if not token and not ksp_user:
+                bearer_token = request.headers.get("authorization", None)
+                if not bearer_token:
+                    raise PermissionError("No token provided")
+                token = bearer_token.split(" ")[1]
+
+            token_user = APIUserToken.get_user_from_token(token)
+            if ksp_user and ksp_user != token_user.username:
                 raise PermissionError(f"Invalid token for {ksp_user}")
-            else:
-                self.user = token_user
+            self.user = token_user
 
             request.user = self.user
             if not self.user.is_default_user():

codelist/management/commands/update_codelist.py

@@ -82,8 +82,8 @@ class Command(BaseKonovaCommand):
                 atom_id = element.find("atomid").text
                 selectable = element.find("selectable").text.lower()
                 selectable = bool_map.get(selectable, False)
-                short_name = element.find("shortname").text
-                long_name = element.find("longname").text
+                short_name = element.find("shortname").text or ""
+                long_name = element.find("longname").text or ""
                 is_archived = bool_map.get((element.find("archive").text.lower()), False)
 
                 code = KonovaCode.objects.get_or_create(

compensation/views/compensation/report.py

@@ -12,11 +12,12 @@ from django.utils.translation import gettext_lazy as _
 
 from compensation.models import Compensation
 from konova.contexts import BaseContext
+from konova.decorators import uuid_required
 from konova.forms import SimpleGeomForm
 from konova.sub_settings.context_settings import TAB_TITLE_IDENTIFIER
 from konova.utils.generators import generate_qr_code
 
-
+@uuid_required
 def report_view(request: HttpRequest, id: str):
     """ Renders the public report view
 

compensation/views/eco_account/report.py

@@ -12,11 +12,13 @@ from django.utils.translation import gettext_lazy as _
 
 from compensation.models import EcoAccount
 from konova.contexts import BaseContext
+from konova.decorators import uuid_required
 from konova.forms import SimpleGeomForm
 from konova.sub_settings.context_settings import TAB_TITLE_IDENTIFIER
 from konova.utils.generators import generate_qr_code
 
 
+@uuid_required
 def report_view(request: HttpRequest, id: str):
     """ Renders the public report view
 

docker-compose.yml

@@ -0,0 +1,23 @@
+version: '3.3'
+
+services:
+  konova:
+    external_links:
+      - postgis:db
+      - arnova-nginx-server:arnova
+    build: .
+    image: "ksp/konova:1.8"
+    container_name: "konova-docker"
+    command: ./docker-entrypoint.sh
+    restart: always
+    volumes:
+      - /data/apps/konova/uploaded_files:/konova_uploaded_files
+    ports:
+      - "1337:80"
+
+# Instead of an own, new network, we need to connect to the existing one, which is provided by the postgis container
+# NOTE: THIS NETWORK MUST EXIST
+networks:
+  default:
+    external:
+      name: postgis_nat_it_backend

docker-entrypoint.sh

@@ -0,0 +1,27 @@
+#!/bin/bash
+
+set -e  # Beende Skript bei Fehlern
+set -o pipefail  # Fehler in Pipelines nicht ignorieren
+
+# Starte Redis
+redis-server --daemonize yes
+
+# Starte Celery Worker im Hintergrund
+celery -A konova worker --loglevel=info &
+
+# Starte Nginx als Hintergrundprozess
+nginx -g "daemon off;" &
+
+# Setze Gunicorn Worker-Anzahl (Standard: (2*CPUs)+1)
+WORKERS=${GUNICORN_WORKERS:-$((2 * $(nproc) + 1))}
+
+# Stelle sicher, dass Logs existieren
+mkdir -p /var/log/gunicorn
+touch /var/log/gunicorn/access.log /var/log/gunicorn/error.log
+
+# Starte Gunicorn als Hauptprozess
+exec gunicorn --workers="$WORKERS" konova.wsgi:application \
+    --bind=0.0.0.0:8000 \
+    --access-logfile /var/log/gunicorn/access.log \
+    --error-logfile /var/log/gunicorn/error.log \
+    --access-logformat '%({x-real-ip}i)s via %(h)s %(l)s %(u)s %(t)s "%(r)s" %(s)s %(b)s "%(f)s" "%(a)s"'

ema/views/report.py

@@ -12,11 +12,12 @@ from django.utils.translation import gettext_lazy as _
 
 from ema.models import Ema
 from konova.contexts import BaseContext
+from konova.decorators import uuid_required
 from konova.forms import SimpleGeomForm
 from konova.sub_settings.context_settings import TAB_TITLE_IDENTIFIER
 from konova.utils.generators import generate_qr_code
 
-
+@uuid_required
 def report_view(request:HttpRequest, id: str):
     """ Renders the public report view
 

konova/decorators.py

@@ -11,7 +11,7 @@ from uuid import UUID
 
 from bootstrap_modal_forms.mixins import is_ajax
 from django.contrib import messages
-from django.http import Http404
+from django.core.exceptions import BadRequest
 from django.shortcuts import redirect, get_object_or_404, render
 from django.urls import reverse
 from django.utils.translation import gettext_lazy as _
@@ -185,7 +185,7 @@ def uuid_required(function):
         try:
             uuid = UUID(uuid)
         except ValueError:
-            raise Http404(
+            raise BadRequest(
                 "Invalid UUID"
             )
         return function(request, *args, **kwargs)

konova/forms/geometry_form.py

@@ -117,8 +117,7 @@ class SimpleGeomForm(BaseForm):
             form_geom = form_geom.union(feature)
 
         # Make sure to convert into a MultiPolygon. Relevant if a single Polygon is provided.
-        if form_geom.geom_type != "MultiPolygon":
-            form_geom = MultiPolygon(form_geom, srid=DEFAULT_SRID_RLP)
+        form_geom = Geometry.cast_to_multipolygon(form_geom)
 
         # Write unioned Multipolygon into cleaned data
         if self.cleaned_data is None:

konova/management/commands/recalculate_parcels.py

@@ -34,7 +34,9 @@ class Command(BaseKonovaCommand):
     def recalculate_parcels(self, options: dict):
         force_all = options.get("force_all", False)
 
-        geometry_objects = Geometry.objects.all().exclude(
+        geometry_objects = Geometry.objects.filter(
+            geom__isempty=False,
+        ).exclude(
             geom=None
         )
 

konova/management/commands/test_identifier_generating.py

@@ -1,51 +0,0 @@
-"""
-Author: Michel Peltriaux
-Organization: Struktur- und Genehmigungsdirektion Nord, Rhineland-Palatinate, Germany
-Contact: michel.peltriaux@sgdnord.rlp.de
-Created on: 19.08.21
-
-"""
-from django.core.management import BaseCommand
-
-from intervention.models import Intervention
-
-
-class Command(BaseCommand):
-    help = "Performs test on collisions using the identifier generation"
-
-    def handle(self, *args, **options):
-        identifiers = {}
-        max_iterations = 100000
-        try:
-            collisions = 0
-            len_ids = len(identifiers)
-            while len_ids < max_iterations:
-                tmp_intervention = Intervention()
-                _id = tmp_intervention.generate_new_identifier()
-                len_ids = len(identifiers)
-                if _id not in identifiers:
-                    if len_ids % (max_iterations/5) == 0:
-                        print(len_ids)
-                    identifiers[_id] = None
-                else:
-                    collisions += 1
-                    print("+++ Collision after {} identifiers +++".format(len_ids))
-
-        except KeyboardInterrupt:
-            self._break_line()
-            exit(-1)
-        print(
-            "\n{} collisions in {} identifiers; Collision rate {}%".format(
-                collisions,
-                len_ids,
-                (collisions / len_ids)*100,
-            )
-        )
-
-    def _break_line(self):
-        """ Simply prints a line break
-
-        Returns:
-
-        """
-        self.stdout.write("\n")

konova/models/geometry.py

@@ -11,6 +11,7 @@ from django.contrib.gis.db.models import MultiPolygonField
 from django.core.exceptions import ObjectDoesNotExist, MultipleObjectsReturned
 from django.db import models, transaction
 from django.utils import timezone
+from django.contrib.gis.geos import MultiPolygon
 
 from konova.models import BaseResource, UuidModel
 from konova.sub_settings.lanis_settings import DEFAULT_SRID_RLP
@@ -383,6 +384,36 @@ class Geometry(BaseResource):
 
         return complexity_factor
 
+    @staticmethod
+    def cast_to_multipolygon(input_geom):
+        """ If input_geom is not a MultiPolygon, cast to MultiPolygon
+
+        Args:
+            input_geom ():
+
+        Returns:
+            output_geom
+        """
+        output_geom = input_geom
+        if input_geom.geom_type != "MultiPolygon":
+            output_geom = MultiPolygon(input_geom, srid=DEFAULT_SRID_RLP)
+        return output_geom
+
+    @staticmethod
+    def cast_to_rlp_srid(input_geom):
+        """ If input_geom is not of RLP SRID (25832), cast to RLP SRID
+
+        Args:
+            input_geom ():
+
+        Returns:
+            output_geom
+        """
+        output_geom = input_geom
+        if output_geom.srid != DEFAULT_SRID_RLP:
+            output_geom.transform(DEFAULT_SRID_RLP)
+        return output_geom
+
 
 class GeometryConflict(UuidModel):
     """

konova/sub_settings/django_settings.py

@@ -66,7 +66,6 @@ INSTALLED_APPS = [
     'django.contrib.staticfiles',
     'django.contrib.gis',
     'django.contrib.humanize',
-    'simple_sso.sso_server',
     'django_tables2',
     'bootstrap_modal_forms',
     'fontawesome_5',
@@ -193,11 +192,10 @@ STATICFILES_DIRS = [
 ]
 
 # EMAIL (see https://docs.djangoproject.com/en/dev/topics/email/)
-
-# CHANGE_ME !!! ONLY FOR DEVELOPMENT !!!
 if DEBUG:
+    # ONLY FOR DEVELOPMENT NEEDED
     EMAIL_BACKEND = 'django.core.mail.backends.filebased.EmailBackend'
-    EMAIL_FILE_PATH = '/tmp/app-messages' # change this to a proper location
+    EMAIL_FILE_PATH = '/tmp/app-messages'
 
 DEFAULT_FROM_EMAIL = env("DEFAULT_FROM_EMAIL")  # The default email address for the 'from' element
 SERVER_EMAIL = DEFAULT_FROM_EMAIL  # The default email sender address, which is used by Django to send errors via mail

konova/urls.py

@@ -42,5 +42,6 @@ urlpatterns = [
     path('client/proxy/wfs', ClientProxyParcelWFS.as_view(), name="client-proxy-wfs"),
 ]
 
+handler400 = "konova.views.error.get_400_view"
 handler404 = "konova.views.error.get_404_view"
 handler500 = "konova.views.error.get_500_view"

konova/utils/message_templates.py

@@ -91,3 +91,6 @@ INTERVENTION_HAS_REVOCATIONS_TEMPLATE = _("This intervention has {} revocations"
 DATA_CHECKED_ON_TEMPLATE = _("Checked on {} by {}")
 DATA_CHECKED_PREVIOUSLY_TEMPLATE = _("Data has changed since last check on {} by {}")
 DATA_IS_UNCHECKED = _("Current data not checked yet")
+
+# API TOKEN SETTINGS
+NEW_API_TOKEN_GENERATED = _("New token generated. Administrators need to validate.")

konova/utils/messenger.py

@@ -1,78 +0,0 @@
-"""
-Author: Michel Peltriaux
-Organization: Struktur- und Genehmigungsdirektion Nord, Rhineland-Palatinate, Germany
-Contact: michel.peltriaux@sgdnord.rlp.de
-Created on: 17.08.21
-
-"""
-from collections import Iterable
-
-import requests
-from user.models import User
-from django.utils.translation import gettext_lazy as _
-
-from konova.settings import SSO_SERVER_BASE, SSO_PUBLIC_KEY, PROXIES
-from konova.sub_settings.context_settings import BASE_TITLE_SHORT
-
-
-class Messenger:
-    """ Used to send messages to the SSO server.
-
-    Messages can be seen by the user the next time they login on their SSO dashboard.
-    Documentation for SSO Server-Client communication can be found here:
-    https://git.naturschutz.rlp.de/SGD-Nord/arnova/wiki/Messages
-
-    """
-    server_url = "{}communication/message/".format(SSO_SERVER_BASE)
-
-    def __init__(self, users: Iterable, subject: str = None, body: str = None, type: str = None):
-        self.users = users
-        self.msg_subject = subject
-        self.msg_body = body
-        self.msg_type = type
-
-    def send(self):
-        """ Sends a message
-
-        """
-        if self.msg_body is None or len(self.msg_body) == 0:
-            raise AttributeError("No message body set")
-
-        headers = {
-            "x-services-public-key": SSO_PUBLIC_KEY
-        }
-        for user in self.users:
-            data = {
-                "type": self.msg_type,
-                "sender": BASE_TITLE_SHORT,
-                "receiver": user.username,
-                "subject": self.msg_subject,
-                "body": self.msg_body,
-            }
-            requests.post(
-                self.server_url,
-                data=data,
-                headers=headers,
-                proxies=PROXIES
-            )
-
-    def send_object_checked(self, obj_identifier: str, performing_user: User, detail_view_url: str = ""):
-        """ Wraps sending of a message related to the checking of an object, like an intervention
-
-        Args:
-            obj_identifier (str): The object's identifier (e.g. 'EIV-123'
-            performing_user (User): The user who performed the checking
-            detail_view_url (str): If a direct link to the object shall be added to the message, it can be provided here
-
-        Returns:
-
-        """
-        self.msg_subject = _("{} checked").format(obj_identifier)
-        if len(detail_view_url) > 0:
-            detail_view_url = _('<a href="{}">Check it out</a>').format(detail_view_url)
-        self.msg_body = _("{} has been checked successfully by user {}! {}").format(
-            obj_identifier,
-            performing_user.username,
-            detail_view_url
-        )
-        self.send()

konova/utils/schneider/fetcher.py

@@ -11,6 +11,7 @@ from json import JSONDecodeError
 import requests
 
 from konova.sub_settings import schneider_settings
+from konova.sub_settings.lanis_settings import DEFAULT_SRID
 from konova.sub_settings.proxy_settings import PROXIES
 
 
@@ -34,6 +35,7 @@ class ParcelFetcher:
         if geom.area < buffer_threshold:
             # Fallback for malicious geometries which are way too small and would disappear on negative buffering
             geom = geometry.geom
+        geom.transform(DEFAULT_SRID)
         self.geojson = geom.ewkt
         self.results = []
 

konova/views/error.py

@@ -25,6 +25,20 @@ def get_404_view(request: HttpRequest, exception=None):
     return render(request, "404.html", context, status=404)
 
 
+def get_400_view(request: HttpRequest, exception=None):
+    """ Returns a 400 handling view
+
+    Args:
+        request ():
+        exception ():
+
+    Returns:
+
+    """
+    context = BaseContext.context
+    return render(request, "400.html", context, status=400)
+
+
 def get_500_view(request: HttpRequest):
     """ Returns a 404 handling view
 

konova/views/geometry.py

@@ -5,7 +5,6 @@ Contact: ksp-servicestelle@sgdnord.rlp.de
 Created on: 19.08.22
 
 """
-from django.contrib.auth.mixins import LoginRequiredMixin
 from django.contrib.gis.geos import MultiPolygon
 from django.http import HttpResponse, HttpRequest
 from django.shortcuts import get_object_or_404

konova/views/logout.py

@@ -25,9 +25,12 @@ class LogoutView(View):
             A redirect
         """
         user = request.user
-        oauth_token = user.oauth_token
-        if oauth_token:
-            oauth_token.revoke()
+        try:
+            oauth_token = user.oauth_token
+            if oauth_token:
+                oauth_token.revoke()
+        except AttributeError:
+            pass
 
         logout(request)
         return redirect(SSO_SERVER_BASE)

locale/de/LC_MESSAGES/django.po

@@ -38,13 +38,14 @@
 #: konova/forms/modals/remove_form.py:23
 #: konova/forms/modals/resubmission_form.py:22
 #: konova/forms/modals/resubmission_form.py:38 konova/forms/remove_form.py:25
-#: konova/tests/unit/test_forms.py:59 user/forms/user.py:39
+#: konova/tests/unit/test_forms.py:59 user/forms/modals/api_token.py:17
+#: user/forms/user.py:39
 #, fuzzy
 msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2024-08-19 10:32+0200\n"
+"POT-Creation-Date: 2025-05-12 14:22+0200\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -373,7 +374,6 @@ msgid "Identifier"
 msgstr "Kennung"
 
 #: compensation/forms/compensation.py:33 intervention/forms/intervention.py:33
-#: user/forms/user.py:77
 msgid "Generated automatically - not editable"
 msgstr "Automatisch generiert - nicht bearbeitbar"
 
@@ -1303,8 +1303,8 @@ msgstr "Kompensation {} bearbeitet"
 msgid "Edit {}"
 msgstr "Bearbeite {}"
 
-#: compensation/views/compensation/report.py:34
-#: compensation/views/eco_account/report.py:34 ema/views/report.py:34
+#: compensation/views/compensation/report.py:35
+#: compensation/views/eco_account/report.py:35 ema/views/report.py:35
 #: intervention/views/report.py:35
 msgid "Report {}"
 msgstr "Bericht {}"
@@ -1795,8 +1795,7 @@ msgstr "Bearbeitender Nutzer"
 msgid ""
 "Search for entries where this person has been participated according to log "
 "history"
-msgstr ""
-"Sucht nach Einträgen, an denen diese Person gearbeitet hat"
+msgstr "Sucht nach Einträgen, an denen diese Person gearbeitet hat"
 
 #: konova/forms/base_form.py:23 templates/form/collapsable/form.html:62
 msgid "Save"
@@ -1858,6 +1857,7 @@ msgstr ""
 "Ich, {} {}, bestätige, dass diese Daten wieder entzeichnet werden müssen."
 
 #: konova/forms/modals/remove_form.py:22 konova/forms/remove_form.py:24
+#: user/forms/modals/api_token.py:16
 msgid "Confirm"
 msgstr "Bestätige"
 
@@ -1928,11 +1928,11 @@ msgstr "Kontrolle am"
 msgid "Other"
 msgstr "Sonstige"
 
-#: konova/sub_settings/django_settings.py:157
+#: konova/sub_settings/django_settings.py:156
 msgid "German"
 msgstr ""
 
-#: konova/sub_settings/django_settings.py:158
+#: konova/sub_settings/django_settings.py:157
 msgid "English"
 msgstr ""
 
@@ -2283,17 +2283,9 @@ msgstr ""
 msgid "Current data not checked yet"
 msgstr "Momentane Daten noch nicht geprüft"
 
-#: konova/utils/messenger.py:70
-msgid "{} checked"
-msgstr "{} geprüft"
-
-#: konova/utils/messenger.py:72
-msgid "<a href=\"{}\">Check it out</a>"
-msgstr "<a href=\"{}\">Schauen Sie rein</a>"
-
-#: konova/utils/messenger.py:73
-msgid "{} has been checked successfully by user {}! {}"
-msgstr "{} wurde erfolgreich vom Nutzer {} geprüft! {}"
+#: konova/utils/message_templates.py:96
+msgid "New token generated. Administrators need to validate."
+msgstr "Neuer Token generiert. Administratoren sind informiert."
 
 #: konova/utils/quality.py:32
 msgid "missing"
@@ -2321,7 +2313,7 @@ msgstr "Home"
 msgid "Log"
 msgstr "Log"
 
-#: konova/views/map_proxy.py:70
+#: konova/views/map_proxy.py:84
 msgid ""
 "The external service is currently unavailable.<br>Please try again in a few "
 "moments..."
@@ -2385,6 +2377,18 @@ msgstr "Alle"
 msgid "News"
 msgstr "Neuigkeiten"
 
+#: templates/400.html:7
+msgid "Request was invalid"
+msgstr "Anfrage fehlerhaft"
+
+#: templates/400.html:10
+msgid "There seems to be a problem with the link you opened."
+msgstr "Es scheint ein Problem mit dem Link zu geben, den Sie geöffnet haben."
+
+#: templates/400.html:11
+msgid "Make sure the URL is valid (no whitespaces, properly copied, ...)."
+msgstr "Stellen Sie sicher, dass die URL gültig ist (keine Leerzeichen, fehlerfrei kopiert, ...)."
+
 #: templates/404.html:7
 msgid "Not found"
 msgstr "Nicht gefunden"
@@ -2831,10 +2835,8 @@ msgid "Reports"
 msgstr "Berichte"
 
 #: templates/navbars/navbar.html:57
-#, fuzzy
-#| msgid "Admins"
 msgid "Admin"
-msgstr "Administratoren"
+msgstr ""
 
 #: templates/navbars/navbar.html:59 user/templates/user/index.html:31
 msgid "Settings"
@@ -2873,6 +2875,22 @@ msgstr ""
 "Falls die Geometrie nicht leer ist, werden die Flurstücke aktuell berechnet. "
 "Bitte laden Sie diese Seite in ein paar Augenblicken erneut..."
 
+#: user/forms/modals/api_token.py:25
+msgid "Generate API Token"
+msgstr "API Token generieren"
+
+#: user/forms/modals/api_token.py:29
+msgid ""
+"You are about to create a new API token. The existing one will not be usable "
+"afterwards."
+msgstr ""
+"Wenn Sie fortfahren, generieren Sie einen neuen API Token. Ihren "
+"existierenden werden Sie dann nicht länger nutzen können."
+
+#: user/forms/modals/api_token.py:31
+msgid "A new token needs to be validated by an administrator!"
+msgstr "Neue Tokens müssen durch Administratoren freigeschaltet werden!"
+
 #: user/forms/modals/team.py:20 user/forms/modals/team.py:24
 #: user/forms/team.py:17 user/forms/team.py:22
 msgid "Team name"
@@ -2895,11 +2913,11 @@ msgstr ""
 "Mehrfachauswahl möglich - Sie können nur Nutzer wählen, die noch nicht "
 "Mitglieder dieses Teams sind. Geben Sie den ganzen Nutzernamen an."
 
-#: user/forms/modals/team.py:56 user/tests/unit/test_forms.py:31
+#: user/forms/modals/team.py:56 user/tests/unit/test_forms.py:30
 msgid "Create new team"
 msgstr "Neues Team anlegen"
 
-#: user/forms/modals/team.py:57 user/tests/unit/test_forms.py:32
+#: user/forms/modals/team.py:57 user/tests/unit/test_forms.py:31
 msgid ""
 "You will become the administrator for this group by default. You do not need "
 "to add yourself to the list of members."
@@ -2928,11 +2946,11 @@ msgid "There must be at least one admin on this team."
 msgstr "Es muss mindestens einen Administrator für das Team geben."
 
 #: user/forms/modals/team.py:160 user/templates/user/team/index.html:60
-#: user/tests/unit/test_forms.py:88
+#: user/tests/unit/test_forms.py:87
 msgid "Edit team"
 msgstr "Team bearbeiten"
 
-#: user/forms/modals/team.py:187 user/tests/unit/test_forms.py:165
+#: user/forms/modals/team.py:187 user/tests/unit/test_forms.py:164
 msgid ""
 "ATTENTION!\n"
 "\n"
@@ -2949,7 +2967,7 @@ msgstr ""
 "Sind Sie sicher, dass Sie dieses Team löschen möchten?"
 
 #: user/forms/modals/team.py:197 user/templates/user/team/index.html:56
-#: user/tests/unit/test_forms.py:198
+#: user/tests/unit/test_forms.py:197
 msgid "Leave team"
 msgstr "Team verlassen"
 
@@ -2981,22 +2999,10 @@ msgstr "Benachrichtigungen"
 msgid "Select the situations when you want to receive a notification"
 msgstr "Wann wollen Sie per E-Mail benachrichtigt werden?"
 
-#: user/forms/user.py:38 user/tests/unit/test_forms.py:234
+#: user/forms/user.py:38 user/tests/unit/test_forms.py:233
 msgid "Edit notifications"
 msgstr "Benachrichtigungen bearbeiten"
 
-#: user/forms/user.py:73
-msgid "Token"
-msgstr ""
-
-#: user/forms/user.py:88 user/tests/unit/test_forms.py:260
-msgid "Create new token"
-msgstr "Neuen Token generieren"
-
-#: user/forms/user.py:89 user/tests/unit/test_forms.py:261
-msgid "A new token needs to be validated by an administrator!"
-msgstr "Neue Tokens müssen durch Administratoren freigeschaltet werden!"
-
 #: user/models/user_action.py:23
 msgid "Unrecorded"
 msgstr "Entzeichnet"
@@ -3051,7 +3057,7 @@ msgid "Manage teams"
 msgstr ""
 
 #: user/templates/user/index.html:53 user/templates/user/team/index.html:19
-#: user/views/views.py:171
+#: user/views/views.py:135
 msgid "Teams"
 msgstr ""
 
@@ -3087,270 +3093,58 @@ msgstr "API Einstellungen"
 msgid "Current token"
 msgstr "Aktueller Token"
 
-#: user/templates/user/token.html:14
+#: user/templates/user/token.html:15
+msgid "Create new token"
+msgstr "Neuen Token generieren"
+
+#: user/templates/user/token.html:23
 msgid "Authenticated by admins"
 msgstr "Von Admin freigeschaltet"
 
-#: user/templates/user/token.html:18
+#: user/templates/user/token.html:27
 msgid "Token has been verified and can be used"
 msgstr "Token wurde freigeschaltet und kann verwendet werden"
 
-#: user/templates/user/token.html:20
+#: user/templates/user/token.html:29
 msgid "Token waiting for verification"
 msgstr "Token noch nicht freigeschaltet"
 
-#: user/templates/user/token.html:24
+#: user/templates/user/token.html:33
 msgid "Valid until"
 msgstr "Läuft ab am"
 
-#: user/views/views.py:35
-msgid "User settings"
-msgstr "Einstellungen"
-
-#: user/views/views.py:61
-msgid "Notifications edited"
-msgstr "Benachrichtigungen bearbeitet"
-
-#: user/views/views.py:73
-msgid "User notifications"
-msgstr "Benachrichtigungen"
-
-#: user/views/views.py:96
-msgid "New token generated. Administrators need to validate."
-msgstr "Neuer Token generiert. Administratoren sind informiert."
-
-#: user/views/views.py:107
+#: user/views/api_token.py:34
 msgid "User API token"
 msgstr "API Nutzer Token"
 
-#: user/views/views.py:183
+#: user/views/views.py:33
+msgid "User settings"
+msgstr "Einstellungen"
+
+#: user/views/views.py:59
+msgid "Notifications edited"
+msgstr "Benachrichtigungen bearbeitet"
+
+#: user/views/views.py:71
+msgid "User notifications"
+msgstr "Benachrichtigungen"
+
+#: user/views/views.py:147
 msgid "New team added"
 msgstr "Neues Team hinzugefügt"
 
-#: user/views/views.py:198
+#: user/views/views.py:162
 msgid "Team edited"
 msgstr "Team bearbeitet"
 
-#: user/views/views.py:213
+#: user/views/views.py:177
 msgid "Team removed"
 msgstr "Team gelöscht"
 
-#: user/views/views.py:228
+#: user/views/views.py:192
 msgid "You are not a member of this team"
 msgstr "Sie sind kein Mitglied dieses Teams"
 
-#: user/views/views.py:235
+#: user/views/views.py:199
 msgid "Left Team"
 msgstr "Team verlassen"
-
-#~ msgid "close"
-#~ msgstr "Schließen"
-
-#~ msgid "Options"
-#~ msgstr "Optionen"
-
-#~ msgid "Commands"
-#~ msgstr "Befehle"
-
-#~ msgid "Missing command."
-#~ msgstr "Befehl fehlt"
-
-#~ msgid "Missing argument"
-#~ msgstr "Argument fehlt"
-
-#~ msgid "Missing option"
-#~ msgstr "Option fehlt"
-
-#~ msgid "Missing parameter"
-#~ msgstr "Parameter fehlt"
-
-#~ msgid "Messages"
-#~ msgstr "Nachrichten"
-
-#~ msgid "This field is required."
-#~ msgstr "Pflichtfeld"
-
-#~ msgid "Monday"
-#~ msgstr "Montag"
-
-#~ msgid "Tuesday"
-#~ msgstr "Dienstag"
-
-#~ msgid "Wednesday"
-#~ msgstr "Mittwoch"
-
-#~ msgid "Thursday"
-#~ msgstr "Donnerstag"
-
-#~ msgid "Friday"
-#~ msgstr "Freitag"
-
-#~ msgid "Saturday"
-#~ msgstr "Samstag"
-
-#~ msgid "Sunday"
-#~ msgstr "Sonntag"
-
-#~ msgid "Mon"
-#~ msgstr "Mo"
-
-#~ msgid "Tue"
-#~ msgstr "Di"
-
-#~ msgid "Wed"
-#~ msgstr "Mi"
-
-#~ msgid "Thu"
-#~ msgstr "Do"
-
-#~ msgid "Fri"
-#~ msgstr "Fr"
-
-#~ msgid "Sat"
-#~ msgstr "Sa"
-
-#~ msgid "Sun"
-#~ msgstr "So"
-
-#~ msgid "January"
-#~ msgstr "Januar"
-
-#~ msgid "February"
-#~ msgstr "Februar"
-
-#~ msgid "March"
-#~ msgstr "März"
-
-#~ msgid "May"
-#~ msgstr "Mai"
-
-#~ msgid "June"
-#~ msgstr "Juni"
-
-#~ msgid "July"
-#~ msgstr "Juli"
-
-#~ msgid "October"
-#~ msgstr "Oktober"
-
-#~ msgid "December"
-#~ msgstr "Dezember"
-
-#~ msgid "mar"
-#~ msgstr "mär"
-
-#~ msgid "may"
-#~ msgstr "mai"
-
-#~ msgid "oct"
-#~ msgstr "okt"
-
-#~ msgid "dec"
-#~ msgstr "dez"
-
-#~ msgctxt "abbrev. month"
-#~ msgid "March"
-#~ msgstr "Mär"
-
-#~ msgctxt "abbrev. month"
-#~ msgid "May"
-#~ msgstr "Mai"
-
-#~ msgctxt "abbrev. month"
-#~ msgid "June"
-#~ msgstr "Juni"
-
-#~ msgctxt "abbrev. month"
-#~ msgid "July"
-#~ msgstr "Juli"
-
-#~ msgctxt "abbrev. month"
-#~ msgid "Oct."
-#~ msgstr "Okt."
-
-#~ msgctxt "abbrev. month"
-#~ msgid "Dec."
-#~ msgstr "Dez."
-
-#~ msgctxt "alt. month"
-#~ msgid "January"
-#~ msgstr "Januar"
-
-#~ msgctxt "alt. month"
-#~ msgid "February"
-#~ msgstr "Februar"
-
-#~ msgctxt "alt. month"
-#~ msgid "March"
-#~ msgstr "März"
-
-#~ msgctxt "alt. month"
-#~ msgid "May"
-#~ msgstr "Mai"
-
-#~ msgctxt "alt. month"
-#~ msgid "June"
-#~ msgstr "Juni"
-
-#~ msgctxt "alt. month"
-#~ msgid "July"
-#~ msgstr "Juli"
-
-#~ msgctxt "alt. month"
-#~ msgid "October"
-#~ msgstr "Oktober"
-
-#~ msgctxt "alt. month"
-#~ msgid "December"
-#~ msgstr "Dezember"
-
-#~ msgid "or"
-#~ msgstr "oder"
-
-#~ msgid ""
-#~ "Deductable surface can not be larger than existing surfaces in after "
-#~ "states"
-#~ msgstr ""
-#~ "Die abbuchbare Fläche darf die Gesamtfläche der Zielzustände nicht "
-#~ "überschreiten"
-
-#~ msgid ""
-#~ "Deductable surface can not be smaller than the sum of already existing "
-#~ "deductions. Please contact the responsible users for the deductions!"
-#~ msgstr ""
-#~ "Es wurde bereits mehr Fläche abgebucht, als Sie nun als abbuchbar "
-#~ "einstellen wollen. Kontaktieren Sie die für die Abbuchungen "
-#~ "verantwortlichen Nutzer!"
-
-#~ msgid "Added deadline"
-#~ msgstr "Frist/Termin hinzugefügt"
-
-#~ msgid "Change default configuration for your KSP map"
-#~ msgstr "Karteneinstellungen ändern"
-
-#~ msgid "Map settings"
-#~ msgstr "Karte"
-
-#~ msgid "There are errors on this intervention:"
-#~ msgstr "Es liegen Fehler in diesem Eingriff vor:"
-
-#~ msgid "Before"
-#~ msgstr "Vor"
-
-#~ msgid "Groups"
-#~ msgstr "Gruppen"
-
-#~ msgid "Show more..."
-#~ msgstr "Mehr anzeigen..."
-
-#~ msgid "Kreis"
-#~ msgstr "Kreis"
-
-#~ msgid "Gemarkung"
-#~ msgstr "Gemarkung"
-
-#~ msgid "Loading..."
-#~ msgstr "Lade..."
-
-#~ msgid "Who handles the eco-account"
-#~ msgstr "Wer für die Herrichtung des Ökokontos verantwortlich ist"

nginx.conf

@@ -0,0 +1,25 @@
+server {
+    listen 80;
+    client_max_body_size 25M;
+
+    location / {
+        proxy_pass http://127.0.0.1:8000;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header Host $host;
+        proxy_redirect off;
+        proxy_cache_bypass $http_upgrade;
+    }
+
+    location /static/ {
+        alias /konova/static/;
+        access_log /var/log/nginx/access.log;
+        autoindex off;
+        types {
+            text/css css;
+            application/javascript js;
+        }
+    }
+
+    error_log /var/log/nginx/error.log;
+}

requirements.txt

@@ -24,13 +24,11 @@ django-environ==0.11.2
 django-filter==24.3
 django-fontawesome-5==1.0.18
 django-oauth-toolkit==3.0.1
-django-simple-sso==1.2.0
 django-tables2==2.7.1
 et_xmlfile==2.0.0
 gunicorn==23.0.0
 idna==3.10
 importlib_metadata==8.5.0
-itsdangerous==0.24
 jwcrypto==1.5.6
 kombu==5.4.0rc1
 oauthlib==3.2.2
@@ -50,7 +48,7 @@ pytz==2024.2
 PyYAML==6.0.2
 qrcode==7.3.1
 redis==5.1.0b6
-requests==2.32.3
+requests<2.32.0
 six==1.16.0
 soupsieve==2.5
 sqlparse==0.5.1

templates/400.html

@@ -0,0 +1,21 @@
+{% extends 'public_base.html' %}
+{% load i18n fontawesome_5 static %}
+
+{% block body %}
+    <div class="jumbotron">
+        <div class="row">
+            <div class="col-auto">
+                <img src="{% static 'images/error_imgs/croc_technician_400.png' %}" style="max-width: 150px">
+            </div>
+            <div class="col-sm-12 col-md-9 col-lg-9 col-xl-10">
+                <h1 class="display-4">{% fa5_icon 'question-circle' %}400</h1>
+                <h1 class="display-4">{% trans 'Request was invalid' %}</h1>
+            </div>
+        </div>
+        <hr>
+        <p class="lead">
+            {% trans 'There seems to be a problem with the link you opened.' %}
+            {% trans 'Make sure the URL is valid (no whitespaces, properly copied, ...).' %}
+        </p>
+    </div>
+{% endblock %}

templates/500.html

@@ -1,10 +1,17 @@
 {% extends 'public_base.html' %}
-{% load i18n fontawesome_5 %}
+{% load i18n fontawesome_5 static %}
 
 {% block body %}
     <div class="jumbotron">
-        <h1 class="display-4">{% fa5_icon 'fire-extinguisher' %} {% fa5_icon 'fire-alt' %} 500</h1>
-        <h1 class="display-4">{% trans 'Server Error' %}</h1>
+        <div class="row">
+            <div class="col-auto">
+                <img src="{% static 'images/error_imgs/croc_technician_500.png' %}" style="max-width: 150px">
+            </div>
+            <div class="col-sm-12 col-md-9 col-lg-9 col-xl-10">
+                <h1 class="display-4">{% fa5_icon 'fire-alt' %} 500</h1>
+                <h1 class="display-4">{% trans 'Server Error' %}</h1>
+            </div>
+        </div>
         <hr>
         <p class="lead">
             {% trans 'Something happened. Admins have been informed. We are working on it!' %}

templates/map/client/config.json

@@ -1,19 +1,21 @@
 {
 	"layers":
 	[
-		{ "folder": 5, "type": "WMS", "title": "KOM Flächen", "url": "https://geodaten.naturschutz.rlp.de/kartendienste_naturschutz/mod_ogc/wms_getmap.php?mapfile=kom_f&", "name": "kom_f" },
-		{ "folder": 5, "type": "WMS", "title": "KOM Linien", "url": "https://geodaten.naturschutz.rlp.de/kartendienste_naturschutz/mod_ogc/wms_getmap.php?mapfile=kom_l&", "name": "kom_l" },
-		{ "folder": 5, "type": "WMS", "title": "KOM Punkte", "url": "https://geodaten.naturschutz.rlp.de/kartendienste_naturschutz/mod_ogc/wms_getmap.php?mapfile=komon&", "name": "kom_p" },
+		{ "folder": 5, "type": "WMS", "title": "KOM", "url": "https://geodaten.naturschutz.rlp.de/kartendienste_naturschutz/mod_ogc/wms_getmap.php?mapfile=kom_recorded&", "name": "kom_recorded" },
+		{ "folder": 5, "type": "WMS", "title": "KOM - In Bearbeitung", "url": "https://geodaten.naturschutz.rlp.de/kartendienste_naturschutz/mod_ogc/wms_getmap.php?mapfile=kom_unrecorded&", "name": "kom_unrecorded" },
+		{ "folder": 5, "type": "WMS", "title": "KOM - Unvollständige Altfälle", "url": "https://geodaten.naturschutz.rlp.de/kartendienste_naturschutz/mod_ogc/wms_getmap.php?mapfile=kom_unrecorded_old_entries&", "name": "kom_unrecorded_old_entries" },
 
-		{ "folder": 6, "type": "WMS", "title": "EIV Flächen", "url": "https://geodaten.naturschutz.rlp.de/kartendienste_naturschutz/mod_ogc/wms_getmap.php?mapfile=eiv_f&", "name": "eiv_f" },
-		{ "folder": 6, "type": "WMS", "title": "EIV Linien", "url": "https://geodaten.naturschutz.rlp.de/kartendienste_naturschutz/mod_ogc/wms_getmap.php?mapfile=eiv_l&", "name": "eiv_l" },
-		{ "folder": 6, "type": "WMS", "title": "EIV Punkte", "url": "https://geodaten.naturschutz.rlp.de/kartendienste_naturschutz/mod_ogc/wms_getmap.php?mapfile=eiv_p&", "name": "eiv_p" },
+		{ "folder": 6, "type": "WMS", "title": "EIV", "url": "https://geodaten.naturschutz.rlp.de/kartendienste_naturschutz/mod_ogc/wms_getmap.php?mapfile=eiv_recorded&", "name": "eiv_recorded" },
+		{ "folder": 6, "type": "WMS", "title": "EIV - In Bearbeitung", "url": "https://geodaten.naturschutz.rlp.de/kartendienste_naturschutz/mod_ogc/wms_getmap.php?mapfile=eiv_unrecorded&", "name": "eiv_unrecorded" },
+		{ "folder": 6, "type": "WMS", "title": "EIV - Unvollständige Altfälle", "url": "https://geodaten.naturschutz.rlp.de/kartendienste_naturschutz/mod_ogc/wms_getmap.php?mapfile=eiv_unrecorded_old_entries&", "name": "eiv_unrecorded_old_entries" },
 
-		{ "folder": 7, "type": "WMS", "title": "OEK Flächen", "url": "https://geodaten.naturschutz.rlp.de/kartendienste_naturschutz/mod_ogc/wms_getmap.php?mapfile=oek_f&", "name": "oek_f" },
+		{ "folder": 7, "type": "WMS", "title": "OEK", "url": "https://geodaten.naturschutz.rlp.de/kartendienste_naturschutz/mod_ogc/wms_getmap.php?mapfile=oek_recorded&", "name": "oek_recorded" },
+		{ "folder": 7, "type": "WMS", "title": "OEK - In Bearbeitung", "url": "https://geodaten.naturschutz.rlp.de/kartendienste_naturschutz/mod_ogc/wms_getmap.php?mapfile=oek_unrecorded&", "name": "oek_unrecorded" },
 
-		{ "folder": 8, "type": "WMS", "title": "EMA Flächen", "url": "https://geodaten.naturschutz.rlp.de/kartendienste_naturschutz/mod_ogc/wms_getmap.php?mapfile=ema_f&", "name": "ema_f" },
+		{ "folder": 8, "type": "WMS", "title": "EMA", "url": "https://geodaten.naturschutz.rlp.de/kartendienste_naturschutz/mod_ogc/wms_getmap.php?mapfile=ema_recorded&", "name": "ema_recorded" },
+		{ "folder": 8, "type": "WMS", "title": "EMA - In Bearbeitung", "url": "https://geodaten.naturschutz.rlp.de/kartendienste_naturschutz/mod_ogc/wms_getmap.php?mapfile=ema_unrecorded&", "name": "ema_unrecorded" },
 
-		{ "folder": 9, "type": "WMS", "title": "MAE Flächen", "url": "https://geodaten.naturschutz.rlp.de/kartendienste_naturschutz/mod_ogc/wms_getmap.php?mapfile=mae&", "name": "mae" },
+		{ "folder": 9, "type": "WMS", "title": "MAE", "url": "https://geodaten.naturschutz.rlp.de/kartendienste_naturschutz/mod_ogc/wms_getmap.php?mapfile=mae&", "name": "mae" },
 
 		{ "folder": 10, "type": "WMS", "title": "Naturschutzgebiete", "url": "https://geodaten.naturschutz.rlp.de/kartendienste_naturschutz/mod_ogc/wms_getmap.php?mapfile=naturschutzgebiet&", "name": "naturschutzgebiet" },
 		{ "folder": 10, "type": "WMS", "title": "Naturparkzonen", "url": "https://geodaten.naturschutz.rlp.de/kartendienste_naturschutz/mod_ogc/wms_getmap.php?mapfile=naturparkzonen&", "name": "naturparkzonen" },
@@ -39,7 +41,7 @@
 
 		{ "folder": 15, "type": "WMS", "order": -1, "title": "farbig", "attribution": "LVermGeo", "url": "https://maps.service24.rlp.de/gisserver/services/RP/RP_WebAtlasRP/MapServer/WmsServer?", "name": "RP_WebAtlasRP", "active": true},
 		{ "folder": 15, "type": "WMS", "title": "grau", "attribution": "LVermGeo", "url": "https://maps.service24.rlp.de/gisserver/services/RP/RP_ETRS_Gt/MapServer/WmsServer?", "name": "0", "active": false },
-		{ "folder": 0, "type": "WMS", "title": "Luftbilder", "attribution": "LVermGeo", "url": "http://geo4.service24.rlp.de/wms/dop_basis.fcgi?", "name": "rp_dop", "active": false },
+		{ "folder": 0, "type": "WMS", "title": "Luftbilder", "attribution": "LVermGeo", "url": "https://geo4.service24.rlp.de/wms/rp_dop20.fcgi?", "name": "rp_dop20", "active": false },
 		{ "folder": 14, "type": "WMS", "title": "farbig", "attribution": "BKG", "url": "https://sgx.geodatenzentrum.de/wms_basemapde?", "name": "de_basemapde_web_raster_farbe", "active": false },
 		{ "folder": 14, "type": "WMS", "title": "grau", "attribution": "BKG", "url": "https://sgx.geodatenzentrum.de/wms_basemapde?", "name": "de_basemapde_web_raster_grau", "active": false },
 		{ "folder": 13, "type": "WMS", "title": "farbig", "attribution": "LVermGeo", "url": "https://geo4.service24.rlp.de/wms/dtk5_rp.fcgi?", "name": "rp_dtk5", "active": false },

user/autocomplete/share.py

@@ -17,10 +17,11 @@ class ShareUserAutocomplete(Select2QuerySetView):
 
     """
     def get_queryset(self):
+        qs = User.objects.none()
         if self.request.user.is_anonymous:
-            return User.objects.none()
-        qs = User.objects.all()
+            return qs
         if self.q:
+            qs = User.objects.all()
             # Due to privacy concerns only a full username match will return the proper user entry
             qs = qs.filter(
                 Q(username=self.q) |
@@ -41,13 +42,13 @@ class ShareTeamAutocomplete(Select2QuerySetView):
 
     """
     def get_queryset(self):
+        qs = Team.objects.none()
         if self.request.user.is_anonymous:
-            return Team.objects.none()
-        qs = Team.objects.filter(
-            deleted__isnull=True
-        )
+            return qs
         if self.q:
-            # Due to privacy concerns only a full username match will return the proper user entry
+            qs = Team.objects.filter(
+                deleted__isnull=True
+            )
             q_parts = self.q.split(" ")
             q = Q()
             for part in q_parts:

user/forms/modals/api_token.py

@@ -0,0 +1,49 @@
+"""
+Author: Michel Peltriaux
+Created on: 08.01.25
+
+"""
+from django import forms
+from django.utils.translation import gettext_lazy as _
+
+from api.models import APIUserToken
+from konova.forms.modals import BaseModalForm
+from konova.utils.mailer import Mailer
+
+
+class NewAPITokenModalForm(BaseModalForm):
+    confirm = forms.BooleanField(
+        label=_("Confirm"),
+        label_suffix=_(""),
+        widget=forms.CheckboxInput(),
+        required=True,
+    )
+
+    def __init__(self, *args, **kwargs):
+        self.template = "modal/modal_form.html"
+        super().__init__(*args, **kwargs)
+        self.form_title = _("Generate API Token")
+
+        self.form_caption = ""
+        if self.__user_has_api_token():
+            self.form_caption = _("You are about to create a new API token. The existing one will not be usable afterwards.")
+            self.form_caption += "\n"
+        self.form_caption += _("A new token needs to be validated by an administrator!")
+        # Disable automatic w-100 setting for this type of modal form. Looks kinda strange
+        self.fields["confirm"].widget.attrs["class"] = ""
+
+    def __user_has_api_token(self):
+        return self.instance.api_token is not None
+
+    def save(self):
+        user = self.instance
+        if user.api_token is not None:
+            user.api_token.delete()
+        user.api_token = APIUserToken.objects.create()
+        user.save()
+
+        mailer = Mailer()
+        mailer.send_mail_verify_api_token(user)
+
+        return user.api_token
+

user/forms/user.py

@@ -66,48 +66,3 @@ class UserNotificationForm(BaseForm):
             id__in=selected_notification_ids,
         )
         self.user.notifications.set(notifications)
-
-
-class UserAPITokenForm(BaseForm):
-    token = forms.CharField(
-        label=_("Token"),
-        label_suffix="",
-        max_length=255,
-        required=True,
-        help_text=_("Generated automatically - not editable"),
-        widget=GenerateInput(
-            attrs={
-                "class": "form-control",
-                "url": reverse_lazy("api:generate-new-token"),
-            }
-        )
-    )
-
-    def __init__(self, *args, **kwargs):
-        super().__init__(*args, **kwargs)
-        self.form_title = _("Create new token")
-        self.form_caption = _("A new token needs to be validated by an administrator!")
-
-        self.action_url = reverse("user:api-token")
-        self.cancel_redirect = reverse("user:index")
-
-        # Make direct token editing by user impossible. Instead set the proper url for generating a new token
-        self.initialize_form_field("token", None)
-        self.fields["token"].widget.attrs["readonly"] = True
-
-    def save(self):
-        """ Saves the form data
-
-        Returns:
-            api_token (APIUserToken)
-        """
-        user = self.instance
-        new_token = self.cleaned_data["token"]
-        if user.api_token is not None:
-            user.api_token.delete()
-        new_token = APIUserToken.objects.create(
-            token=new_token
-        )
-        user.api_token = new_token
-        user.save()
-        return new_token

user/templates/user/token.html

@@ -8,7 +8,16 @@
             <table class="table table-hover">
                 <tr>
                     <th scope="row">{% trans 'Current token' %}</th>
-                    <td>{{ user.api_token.token }}</td>
+                    <td>
+                        <div class="row">
+                            <div class="col-10">{{ user.api_token.token }}</div>
+                            <div class="col-2">
+                                <button class="btn btn-default btn-modal" data-form-url="{% url 'user:api-token-new' %}" title="{% trans 'Create new token' %}">
+                                    {% fa5_icon 'dice' %}
+                                </button>
+                            </div>
+                        </div>
+                    </td>
                 </tr>
                 <tr>
                     <th scope="row">{% trans 'Authenticated by admins' %}</th>
@@ -27,7 +36,9 @@
             </table>
         </div>
     </div>
-    <hr>
-    {% include 'form/table/generic_table_form.html' %}
-
+    
+{% with 'btn-modal' as btn_class %}
+    {% include 'modal/modal_form_script.html' %}
+{% endwith %}
+    
 {% endblock %}

user/tests/unit/test_forms.py

@@ -5,15 +5,14 @@ Contact: ksp-servicestelle@sgdnord.rlp.de
 Created on: 12.09.23
 
 """
-from django.core.exceptions import ObjectDoesNotExist
 from django.test import RequestFactory
 from django.urls import reverse
 from django.utils.translation import gettext_lazy as _
 
-from api.models import APIUserToken
 from konova.tests.test_views import BaseTestCase
+from user.forms.modals.api_token import NewAPITokenModalForm
 from user.forms.modals.team import NewTeamModalForm, EditTeamModalForm, RemoveTeamModalForm, LeaveTeamModalForm
-from user.forms.user import UserNotificationForm, UserAPITokenForm
+from user.forms.user import UserNotificationForm
 from user.models import Team, UserAction, UserNotification
 
 
@@ -252,35 +251,28 @@ class UserNotificationFormTestCase(BaseTestCase):
         self.assertIn(selected_notification, self.user.notifications.all())
 
 
-class UserAPITokenFormTestCase(BaseTestCase):
-    def test_init(self):
-        form = UserAPITokenForm(
-            instance=self.user
-        )
-        self.assertEqual(form.form_title, str(_("Create new token")))
-        self.assertEqual(form.form_caption, str(_("A new token needs to be validated by an administrator!")))
-        self.assertEqual(form.action_url, reverse("user:api-token"))
-        self.assertEqual(form.cancel_redirect, reverse("user:index"))
-
-        self.assertIsNone(form.fields["token"].initial)
-        self.assertTrue(form.fields["token"].widget.attrs["readonly"])
-
-    def test_save(self):
-        data = {
-            "token": APIUserToken().token
+class ApiTokenFormTestCase(BaseTestCase):
+    def test_new_token_and_recreating_token(self):
+        request = RequestFactory().request()
+        request.user = self.user
+        request.POST = {
+            "confirm": True
         }
-        form = UserAPITokenForm(
-            data,
-            instance=self.user
-        )
-        self.assertTrue(form.is_valid(), msg=form.errors)
+
         self.assertIsNone(self.user.api_token)
-        token = form.save()
-        self.assertEqual(self.user.api_token, token)
-        new_token = form.save()
-        self.assertEqual(self.user.api_token, new_token)
-        try:
-            token.refresh_from_db()
-            self.fail("Token should be deleted and not be fetchable anymore")
-        except ObjectDoesNotExist:
-            pass
+        form = NewAPITokenModalForm(request.POST, instance=self.user)
+        form.save()
+        self.user.refresh_from_db()
+        token = self.user.api_token
+        self.assertFalse(token.is_active)
+        self.assertIsNone(token.valid_until)
+        self.assertIsNotNone(token.token)
+
+        old_token = token.token
+        form.save()
+        self.user.refresh_from_db()
+        new_token = self.user.api_token
+        self.assertNotEqual(new_token.token, old_token)
+        self.assertFalse(new_token.is_active)
+        self.assertIsNone(new_token.valid_until)
+

user/urls.py

@@ -9,6 +9,7 @@ from django.urls import path
 
 from user.autocomplete.share import ShareUserAutocomplete, ShareTeamAutocomplete
 from user.autocomplete.team import TeamAdminAutocomplete
+from user.views.api_token import APITokenView, new_api_token_view
 from user.views.propagate import PropagateUserView
 from user.views.views import *
 
@@ -17,7 +18,8 @@ urlpatterns = [
     path("", index_view, name="index"),
     path("propagate/", PropagateUserView.as_view(), name="propagate"),
     path("notifications/", notifications_view, name="notifications"),
-    path("token/api", api_token_view, name="api-token"),
+    path("token/api", APITokenView.as_view(), name="api-token"),
+    path("token/api/new", new_api_token_view, name="api-token-new"),
     path("contact/<id>", contact_view, name="contact"),
     path("team/", index_team_view, name="team-index"),
     path("team/new", new_team_view, name="team-new"),
@@ -30,4 +32,4 @@ urlpatterns = [
     path("atcmplt/share/u", ShareUserAutocomplete.as_view(), name="share-user-autocomplete"),
     path("atcmplt/share/t", ShareTeamAutocomplete.as_view(), name="share-team-autocomplete"),
     path("atcmplt/team/admin", TeamAdminAutocomplete.as_view(), name="team-admin-autocomplete"),
-]
+]

user/views/api_token.py

@@ -0,0 +1,57 @@
+"""
+Author: Michel Peltriaux
+Created on: 08.01.25
+
+"""
+from django.contrib.auth.decorators import login_required
+from django.http import HttpRequest
+from django.shortcuts import render
+from django.urls import reverse
+from django.utils.decorators import method_decorator
+from django.views import View
+from django.utils.translation import gettext_lazy as _
+
+from konova.contexts import BaseContext
+from konova.decorators import default_group_required
+from konova.sub_settings.context_settings import TAB_TITLE_IDENTIFIER
+from konova.utils.message_templates import NEW_API_TOKEN_GENERATED
+from user.forms.modals.api_token import NewAPITokenModalForm
+
+
+class APITokenView(View):
+
+    @method_decorator(login_required)
+    @method_decorator(default_group_required)
+    def dispatch(self, request, *args, **kwargs):
+        return super().dispatch(request, *args, **kwargs)
+
+    def get(self, request: HttpRequest):
+        template = "user/token.html"
+        user = request.user
+
+        context = {
+            "user": user,
+            TAB_TITLE_IDENTIFIER: _("User API token"),
+        }
+        context = BaseContext(request, context).context
+        return render(request, template, context)
+
+
+def new_api_token_view(request: HttpRequest):
+    """ Function based view for processing ModalForm
+    (Currently ModalForms only work properly with function based views)
+
+    Args:
+        request ():
+
+    Returns:
+
+    """
+    user = request.user
+
+    form = NewAPITokenModalForm(request.POST or None, instance=user, request=request)
+    return form.process_request(
+        request=request,
+        msg_success=NEW_API_TOKEN_GENERATED,
+        redirect_url=reverse("user:api-token"),
+    )

user/views/views.py

@@ -3,19 +3,17 @@ from django.contrib.auth.decorators import login_required
 from django.urls import reverse
 
 from konova.sub_settings.context_settings import TAB_TITLE_IDENTIFIER
-from konova.utils.mailer import Mailer
-from konova.utils.message_templates import FORM_INVALID
 from user.forms.modals.team import NewTeamModalForm, EditTeamModalForm, RemoveTeamModalForm, LeaveTeamModalForm
 from user.forms.modals.user import UserContactForm
 from user.forms.team import TeamDataForm
-from user.forms.user import UserNotificationForm, UserAPITokenForm
+from user.forms.user import UserNotificationForm
 from user.models import User, Team
 from django.http import HttpRequest, Http404
 from django.shortcuts import render, redirect, get_object_or_404
 from django.utils.translation import gettext_lazy as _
 
 from konova.contexts import BaseContext
-from konova.decorators import any_group_check, default_group_required, login_required_modal
+from konova.decorators import any_group_check, login_required_modal
 
 
 @login_required
@@ -76,40 +74,6 @@ def notifications_view(request: HttpRequest):
     return render(request, template, context)
 
 
-@login_required
-@default_group_required
-def api_token_view(request: HttpRequest):
-    """ Handles the request for user api frontend settings
-
-    Args:
-        request (HttpRequest): The incoming request
-
-    Returns:
-
-    """
-    template = "user/token.html"
-    user = request.user
-    form = UserAPITokenForm(request.POST or None, instance=user)
-    if request.method == "POST":
-        if form.is_valid():
-            token = form.save()
-            messages.info(request, _("New token generated. Administrators need to validate."))
-            mailer = Mailer()
-            mailer.send_mail_verify_api_token(user)
-            return redirect("user:api-token")
-        else:
-            messages.error(request, FORM_INVALID, extra_tags="danger")
-    elif request.method != "GET":
-        raise NotImplementedError
-    context = {
-        "user": user,
-        "form": form,
-        TAB_TITLE_IDENTIFIER: _("User API token"),
-    }
-    context = BaseContext(request, context).context
-    return render(request, template, context)
-
-
 @login_required_modal
 @login_required
 def contact_view(request: HttpRequest, id: str):