Nemo

Upgrade notes
- For the area auto logout feature, a timed service action/systemd service needs to be enabled on the server. See `nemo_auto_logout.service` and `nemo_auto_logout.timer` files in [the systemd resource folder](https://github.com/usnistgov/NEMO/tree/master/resources/systemd)
- If your are using Django Rest Framework's pagination, change the `DEFAULT_PAGINATION_CLASS` to `NEMO.rest_pagination.NEMOPageNumberPagination` to be able to override page size on the fly using the `page_size` request parameter

New features
- Added the ability to set an auto-logout time for each area. A timed service task needs to be enabled for this feature to work (thanks `Cornell NanoScale Facility` for the contribution!).
- Added checkboxes in calendar view to allow viewing more than one tool/area at a time (thanks `Stanford SNF` for the contribution!)
- Configuration agenda's `near future` days can now be configured in `Customization -> Tools` (thanks `Polytechnique Montreal` for the contribution!)
- Added an option in Customization -> Tools to allow tool superusers to be exempt from reservation policy rules (thanks `UPenn Singh Center` for the contribution!)
- A `topic` has been added to the email subject in the broadcast email feature. This topic will be the tool, project or account selected to send an email about. The topic is not added when more than one tool/project/account is selected (thanks `UPenn Singh Center` for the contribution!)
- Consumables can be set to be checked out by regular users (True by default). This only affect instances where consumable self checkout is enabled (thanks `Stanford SNF` for the contribution!)
- Added support for banks for NCD/ProXR interlocks and support for relay 0 to turn on/off all relays (thanks `Stanford SNF` for the contribution!)
- Reviewers for adjustment requests and access requests can now be set on the relevant tool/area and defaults to all facility managers if left blank. This replaces the manager's preference fields to limit adjustment requests (thanks `Stanford SNF` for the contribution!)

Improvements
- In status dashboard, jumbotron and tool status, now displaying the date using Django's MONTH_DAY_FORMAT setting (default to "October 9th"). See 159
- Added the ability to attach pictures when using the broadcast email feature (thanks `UPenn Singh Center` for the contribution!)
- Added a resizing limit for attached images when reporting a tool problem (thanks `UPenn Singh Center` for the contribution!)
- Added a setting to send new tool problems to all qualified users (thanks `USC Nanofab` for the contribution!)
- For PIs in usage page, now showing user's own usage by default, instead of all managed projects (thanks `Cornell NanoScale Facility` for the contribution!)
- Showing project PIs in edit user page when available
- For temporary access requests, the user office will not be cc'd anymore
- Freed time notifications will now be sent when a reservation is missed or shortened
- Added `service personnel` checkbox on edit user page to give users the service personnel role
- Added notes for consumables, updated user interface to show both notes and quantity left (thanks `Stanford SNF` for the contribution!)
- Added label support for dynamic form (post usage questions, reservation questions) for radio buttons, checkboxes and dropdown types. This allows to show different values than the one being submitted
- Added actions to enable/disabled multiple interlock and sensor cards at the same time

API
- Added exact filters wherever iexact was used
- Added filters for validated and validated_by for all charge types
- Added readonly PIs field in Projects endpoint
- When using pagination and the new `NEMOPageNumberPagination` class, the page size can be changed on the fly by using the `page_size` request parameter
- Pagination is now automatically bypassed for any requests not rendered using the Browsable API (except if the page_size parameter is used explicitly in the request). Consequently, exporting in json, excel, etc. will return all results and be less confusing.

Bug fixes
- Fixed a bug in staff status not showing closures when the closure is on the last day of the period the user is looking at
- Fixed conditional expression in tool status wrongly showing usage data history tab to staff even when no post usage questions are set (164)
- Fixed API issue when data would not be rolled back when bulk saving users with integrity errors (non unique username for example)
- Fixed tab issue in requests not showing the correct default tab in some cases

Libraries
- cryptography 41.0.2 -> 41.0.4
- Pillow 10.0.0 -> 10.0.1 (vulnerability)
- Django 3.2.21 -> 3.2.22 (vulnerability)
- django-filter 23.2 -> 23.3

Libraries
- Django 3.2.20 -> 3.2.21 (vulnerability)

Improvements
- Now passing user to rates to allow filtering

Bug fixes
- Fixed non visible staff in staff status throwing error
- Fixed consumable withdrawal not being validated before saving them
- Fixed a bug when forcing another user out and the wrong user's reservation is shortened
- Fixed bug when managers would get notifications/emails for adjustment requests but not see them in the list

Improvements
- Added user preferences setting for facility managers to limit areas to receive adjustment request for

Improvements
- updated colors for status dashboard, jumbotron and occupancy

Bug fixes
- Fixed staff status previous button not working
- Fixed customization name not allowing more than 50 characters
- Fixed case when no one could receive adjustment notifications if all managers have a restricted list of tools for adjustments (sending to all if that's the case)
- Fixed deprecated ANTIALIAS property from Pillow

Improvements
- Added Customization to not show areas in use in usage reminder notification email

Upgrade notes
- If using the consumables/supplies self-checkout feature, a dashboard icon (landing page choice with url `/consumables/` in detailed administration) needs to be added for regular users to have a link to it (one is available in the [icons folder](https://github.com/usnistgov/NEMO/tree/master/resources/icons))
- To enable the new contracts sub-plugin:
- `"NEMO.apps.contracts"` needs to be added to `INSTALLED_APPS` in `settings.py`.
- A timed service job needs to be created for contract reminders to be sent (an example is available in the [systemd folder](https://github.com/usnistgov/NEMO/tree/master/resources/systemd)).

New features
- Added new contracts sub-plugin, where Service contracts, Procurements and Contractor agreements can be tracked:
- Service contracts and contractor agreements have a reminder date and facility managers receive emails when they are due for renewal
- Contractor agreements are linked to either Service contracts or Procurements
- Service contracts and contractor agreements can be renewed (a new item is created with year +1)
- Each list can be exported in CSV format
- Added an option to let user self-checkout consumables and supplies in Customization -> Application (thanks `Cornell NanoScale Facility` for the contribution!)
- In Area access plugin, added an option to automatically log users out when they are trying to login to the same area again, so tablets can be used for both entrance and exit (thanks `UPenn Singh Center` for the contribution!)
- Added tool freed time notifications, allowing users to set a list of tools they want to be notified for, when time is freed up either from a cancellation or moving a reservation. Users can set the tool list in **preferences**, and set the minimum time and days in the future to trigger the notifications (thanks `Princeton Micro/NanoFabrication Center` for the contribution!)
- Added new setting in setting.py called `NEMO_EMAIL_SUBJECT_PREFIX` to add a prefix to all NEMO related emails (thanks `UPenn Singh Center` for the contribution!).

Improvements
- Updated colors and contrasts, added label and better support for screen readers and accessibility in NEMO (thanks to `Cornell NanoScale Facility` detailed report on accessibility).
- Added task resolution time to task update emails
- Added item id in billing api
- Added option to set default badge reader configuration and fixed a bunch of issues when only using send key and not using any recording key (thanks `UPenn Singh Center` for the contribution!)
- Added option to retry sensor data reading before triggering a no data alert
- Added alert logs in sensor categories, limited to the last 30 alerts
- Added flag on tools to prevent qualification from ever expiring (thanks `Polytechnique Montreal` for the contribution)
- Optimized status dashboard loading time and made first page load asynchronous.
- Added an option in preferences for facility managers to limit tools they are receiving/viewing adjustment requests for.
- Added an option in preferences for facility managers, technical staff and service personnel to either limit or add tools they want to view maintenance records for and view task notifications for. This is particularly useful with facilities with multiple managers handling separate sets of tools (thanks `UPenn Singh Center` for the contribution!)
- When technical staff have a reservation and are done working on a tool, they will now be offered the option to free up the remaining time on their reservation.
- Added customization setting to allow Technical staff, User office or Accounting staff to see the details of a staff absence (type of leave, notes) in the staff status tab of the status dashboard.
- Updated NEMO references in email templates to automatically use the site title customization (thanks r-xyz for the contribution!).
- Reservation start and end date can now be changed manually in the reservation details page (only by the reservation user or staff). Thanks jat255 for the suggestion.

Bug fixes
- Fixed badge number issue when importing users from API (wrongly rejecting duplicates)
- Fixed bug when trying to validate an ongoing staff charge
- Fixed API file import issues when redirecting (for example when redirecting http -> https)
- Fixed sensor reading not allowing to read at address 0
- Fixed trying to open the door when no interlocks are set
- Fixed unanswered post usage question email when forced off by staff to be sent by user office email (instead of site email). Thanks r-xyz for the contribution!
- Fixed delayed splash_pad container removal (thanks r-xyz for the contribution!).

Libraries
- Django 3.2.19 -> 3.2.20 (vulnerability)
- cryptography 40.0.1 -> 41.0.2
- django-auditlog 2.2.2 -> 2.3.0
- django-filter 23.1 -> 23.2
- drf-excel 2.3.0 -> 2.4.0
- Pillow 9.5.0 -> 10.0.0
- pymodbus 3.2.2 -> 3.3.2
- requests 2.28.2 -> 2.31.0