Nemo

New features
* Added Safety data sheets:
* ChemicalHazard (flammable, toxic, etc.) and Chemical objects should be added in the Detailed administration
* Chemical document can be either uploaded to NEMO or set with a URL
* Common hazard icons are available [in the resources folder](https://github.com/usnistgov/NEMO/tree/master/resources/icons/chemical_hazard_logos)
* Keywords/synonyms can be set for a Chemical and search through in the Safety data sheet page
* There is no direct link in the navigation bar. A `Landing page choice` option needs to be added for this with url `/safety_data_sheets/`. An SDS icon is available for download [in the resources folder](https://github.com/usnistgov/NEMO/tree/master/resources//icons/sds.png)
* Added a button in the calendar to only display qualified tools for non-staff users. This feature is disabled by default and needs to be activated in the Customization page. Thx pdessauw and NIST MML for the contribution!

Improvements
* Updated style of Rate table in Tool control. The table is collapsed by default and can be expanded by default by checking the box in Customization -> Rates
* Added LDAP "username_format" property to allow for custom formatting of the username
* Checks during login are now case insensitive for username
* Added Staff absence note which will only be visible to facility managers
* Non-working days will not be shown as absence on the facility manager view of staff status
* Updated display of comments in Tool control to keep new lines

Bug fixes
* Fixed a bug preventing rates from being loaded at startup
* Fixed a bug when running migrate of makemigrations before database is initialized
* Fixed a bug when authentication fails and is not sending to the correct page due to not allowing POST
* Fixed interlock configuration not accepting 0 as coil number
* Fixed an issue where all tools would disappear when expanding/collapsing categories and switching from Calendar to Tool control
* Fixed a ClosureTime warning on the staff status page
* Fixed validation for reservation questions not being updated when adding/removing a group question

Librairies
* Django 3.2.13 -> 3.2.15 (vulnerability)
* drf-flex-fields 0.9.8 -> 1.0.0
* cryptography 37.0.2 -> 37.0.4
* django-filter 21.1 -> 22.1
* requests 2.27.1 -> 2.28.1
* Pillow 9.1.1 -> 9.2.0

* Updated Django 3.2.13 -> 3.2.14 (vulnerability fix)

Bug fix
* fixed an issue when accessing admin area access page that would try to load all access records ever created.

Upgrade notes
To enable the new sensor data plugin:
* Add `'NEMO.apps.sensors'` to `INSTALLED_APPS` in your `settings.py`
* Add a cron job to run every minute, either calling `docker exec -it nemo django-admin manage_sensor_data` or sending an http request to `/manage_sensor_data`

Live demo!
A live splash pad demo is now available at [https://nemo.nist.gov/demo](https://nemo.nist.gov/demo).
You can find the instructions on how to use it [here](https://github.com/usnistgov/NEMO#online-demo)

New features
* Added Sensor data plugin for temperature, humidity, gases etc.:
* Sensor cards can be created in a similar way to the interlock cards. Currently only Modbus TCP connection is available for sensors.
* Sensors can be added to a sensor card as well as Sensor categories to organize all the sensors.
* Sensor data can be displayed as a graph with different date ranges and data can be exported in csv file for further processing.
* Sensor email alerts can be set with a trigger condition or when no data is read for a sensor.
* The sensor dashboard will display sensor or categories as red when an alert has been triggered.
* Split customization settings into tabs for better readability and refactored it in a way that plugins can now add their own.
* Added option to make training required flag for new users optional (in customizations page).
* Added alternate email in user preferences (gear icon on top right corner in NEMO) as well as flags to decide which NEMO emails should be sent to the alternate email address.

Improvements
* Added landing page option flag to hide item from staff (visible to facility managers and admin only)
* Added minified version of most Javascript libraries to improve page load time
* Date pickers will now follow the format set for `DATETIME_INPUT_FORMAT`, `DATE_INPUT_FORMAT` and `TIME_INPUT_FORMAT` for better consistency throughout the application. Remove Bootstrap datepicker in favor of more versatile datetimepicker.
* Added red border on required reservation and post usage questions, and on failed validation to better spot where the error is. Updated validation checks to happen on any input rather than only on required ones.
* Added new REST_FRAMEWORK API permission: `'NEMO.permissions.DjangoModelPermissions'` that allows for more granular permissions. With this permission class, users need view permission on individual models (UsageEvent, Project, Account etc.) to be able to access the data in the REST API. The only exception is for accessing billing data, which requires the special `use_billing_api` permission to access since no models are directly associated with billing.

Bug fixes
* Fixed issue where staff status calendar was not respecting the closure staff_absent flag (always showing closure rather than only when flag is set)
* Fixed "Cancel outage" button not showing anymore
* Users should be logged in to access any media files. Thanks r-xyz for reporting and fixing this!
* Fixed a chicken-and-egg situation when migrating or creating migrations

Libraries
* Django 3.2.12 -> 3.2.13 (vulnerability)
* Moment 2.10.2 -> 2.29.3
* cryptography 36.0.2 -> 37.0.2
* Pillow 9.1.0 -> 9.1.1 (vulnerability)

**Django 3.2 update: if you are using plugins, we recommend waiting until they are tested/updated to work with this major update**

Upgrade notes
* In `settings.py`:
* Set `DEFAULT_AUTO_FIELD = 'django.db.models.AutoField'`
* In `REST_FRAMEWORK` -> `DEFAULT_RENDERER_CLASSES` replace renderer `'drf_renderer_xlsx.renderers.XLSXRenderer'` by `'drf_excel.renderers.XLSXRenderer'`
* If using postgres database, replace database engine `django.db.backends.postgresql_psycopg2` by `django.db.backends.postgresql`
* Some web browsers will cache old CSS/Javascript from detailed administration. If you are having issues (blank screens) in the admin section, try `Ctrl + Shift + R` or `Ctrl + F5` to force a refresh or clear your browser's cache

Improvements
* Closure alert preview and validation were added to catch potential issues before the automatic alert is created.
* Closure on staff status calendar will now display the alert content if one is set.
* Added interlock card `enabled` field on interlock view in detailed administration.

Interlock Modbus support
* Support for Modbus over TCP was added to provide greater flexibility and support more interlock types.

Libraries
* Django 2.2 -> 3.2.17
* drf_renderer_xlsx 0.4.5 -> drf_excel 2.1.0
* cryptography 36.0.1 -> 36.0.2
* Pillow 9.0.1 -> 9.1.0
* drf-flex-fields 0.9.7 -> 0.9.8
* Added pymodbus 2.5.3 as new dependency

New features
* Added export of email addresses on broadcast email page. For use outside of NEMO.
* Added option to send broadcast email using the users default email client. This only works when the list of emails is less than 2000 characters total due to limitations of the MAILTO feature. Use the export function to get around it.

Improvements
* Tool configurations can now be enabled/disabled for more flexibility.
* Added `day` view option for staff status page which is also the new default view.
* Added settings in customizations to control whether users and or staff members can look at past/future staff availability and what view choices users can have (day/week/month) for more privacy control.
* Added separate Staff availability categories to allow more flexibility in ordering staff in the staff status page.
* Added user preference so users can choose their default staff status view.

Bug fixes
* Fixed a bug with tool usage counter throwing an error when being updated from post usage questions. Thanks cnf-clark for reporting it!

Libraries
* Pillow 9.0.0 -> Pillow 9.0.1