Not everyone at ICS is part of the 'ICS Employees' AD group.
We have to accept 'ICS Consultants' as well.

The CSENTRY_LDAP_GROUPS settings now takes a list of groups instead of
just one.

Remove unused is_member_of_all_groups method.

Fixes INFRA-225

Fix error:
User instance is not bound to a Session; attribute refresh operation cannot proceed

The network range defines the IP to be allocated.
This is to reserve some specific addresses (for gateway for example).

An admin user should be able to define an interface outside the network
range.

The IP address select field was replaced with a string field
(initialized to the first available IP).

Fixes INFRA-200

- add domain_id on NetworkScope table to define a default domain
- add domain_id on Network (default to the Network Scope one)

Fixes INFRA-194

Allow to keep track of batches of small parts.

Command shall be run every night to keep the users in the database in
sync with the LDAP server.
If a user is not found:
- set its groups to []
- revoke all its tokens

The string representation of a Network is the vlan_name.
This is what we should allow to pass as string to create an interface.

Note that if we pass network_id instead of network when creating
and interface, the validate_interfaces method from the Network class
is not called.

The user_id is stored in the flask session. On every page load, we query
the database to get:
- the user objet (user_account table)
- the user's groups (group table) to know what the user can access

If we try to cache the user_load function, the following error is raised
when retrieving the groups:
sqlalchemy.orm.exc.DetachedInstanceError: Parent instance <User at
0x7f51e050a940> is not bound to a Session; lazy load operation of
attribute 'grp' cannot proceed

The groups from AD are only stored to map them with CSENTRY_LDAP_GROUPS.
We don't do any query on them (get all users from one group).
As we always query them with one user, it's more efficient to store them
in the user_account table as an array than in a separate table.
This allows to easily cache the load_user function.

Note that we have to remember to add the current_user to the sqlalchemy session if
we want to modify it or access a relationship (like tokens)!

The load_user function is now cached for 30 minutes. This decreases a
lot the number of database queries.

Fix INFRA-156

Some tags (like gateway) should only be selectable by admin users.

- The query to retrieve used ICS ids was run at each iteration of the
  loop...
- Use a set to quickly test the existence of used ICS ids

Having the description field only on the Model class makes things
inconsistent.
It's nice to have a description on other attributes as well.

The generation of the QR code image is quite slow and makes the page
displaying them take a long time to load when it includes more a few.
The data never changes and can easily be cached (the repr() of the class
is used in the cache key, so if the name or id changes, the cache will
be recomputed - there is no need for a timeout).

The user_id is used to track the item creator. It's not supposed to be
updated afterwards. There is no need to track changes.

Strings are automatically converted to datetime object.
Note that datetime are stored without timezone in the database (in UTC).

text is really generic and could conflict with another variable.
body is often used for comments.

Required to create users when importing items from JIRA.

Renamed blueprint from "users" to "user" to be consistent with other
blueprints (inventory and network).

+ fix tests

This allows to easily register items via the API without giving an ICS
id.

- This will help tracking who and what was created / changed
- Move fetch_current_user_id to utils.py
- Make ItemComment inherit from CreatedMixin

Add delete and delete-orphan options to the cascade behavior:
- delete: delete from database associated cnames when deleting an
  interface
- delete-orphan: delete cname when removing it from the list of
  interface.cnames

Allow to create/delete cnames when creating/deleting interfaces

Move regex to validators.py

A gateway should be an interface like any other IP.
Use tag to identify it.

It shouldn't be possible to change the ICS id of an item.
But when registering a bunch of existing items via the API, we need to
allocate an ics_id otherwise not much can be done in the interface.
The id is required for the view and edit page.

The solution is to define some "temporary" ids that don't correspond to
any pre-printed labels.
Items with a temporary id can be assigned a real ics_id when assigning a
label.

Reserved ids start with 'ZZ' (from ZZA000 to ZZZ999)

ICS id can now be non nullable.

Description shall be filled at the host level

See http://docs.sqlalchemy.org/en/latest/core/compiler.html#utc-timestamp-function

TODO: we should be able to render HTML in the comments
Look at https://github.com/miguelgrinberg/Flask-PageDown

- Rename Host to Interface
- Create new Host table to group interfaces

There is no point displaying the LDAP groups in the profile

- All created tokens are stored in the database.
  To revoke a token, we just delete it from the database.
  Tokens not found in the database are thus considered unvalid / revoked.

- Add button to copy generated token to the clipboard

- Redesign profile page