Implement referral code system with leaderboard

[DonnieBLT]

User description

Related to #3697

---

For more details, open the Copilot Workspace session.

---

PR Type

Enhancement

---

Description

• Added referral clicks and signups tracking to leaderboards.

• Introduced methods to increment referral metrics in InviteFriend model.

• Updated user profile model to include referral metrics.

• Enhanced views to handle referral clicks and signups.

---

Changes walkthrough 📝

Relevant files

Enhancement

_leaderboard_widget.html Added referral metrics display in leaderboard widget          website/templates/includes/_leaderboard_widget.html Displayed referral clicks and signups for each leaderboard user. Added new UI elements for referral metrics. +2/-0      leaderboard_eachmonth.html Added referral metrics to monthly leaderboard                        website/templates/leaderboard_eachmonth.html Displayed referral clicks and signups in the monthly leaderboard. Enhanced leaderboard UI with referral metrics. +2/-0      leaderboard_global.html Introduced referral leaderboard in global leaderboard        website/templates/leaderboard_global.html Added a new referral leaderboard section. Displayed referral clicks and signups for global leaderboard users. Handled cases with no referral data. +35/-0    models.py Added referral metrics fields and methods in models            website/models.py Added referral_clicks and referral_signups fields to user profile. Implemented methods to increment referral metrics in InviteFriend. +11/-0    user.py Enhanced views to track referral metrics                                  website/views/user.py Updated handle_user_signup to increment referral signups. Enhanced referral_signup to track referral clicks. +2/-0

---

Need help?

Type /help how to ... in the comments thread for any questions about PR-Agent usage.

Check out the documentation for more information.

[github-actions]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

🎫 Ticket compliance analysis 🔶 3697 - Partially compliant Compliant requirements: Implement a referral system with tracking for clicks and signups. Display referral clicks and signups in the leaderboard. Non-compliant requirements: Sort the leaderboard by signups. Requires further human verification: Verify that the leaderboard correctly displays and sorts by signups in the UI.

⏱️ Estimated effort to review: 3 🔵🔵🔵⚪⚪

🧪 No relevant tests

🔒 No security concerns identified

⚡ Recommended focus areas for review UI Consistency Ensure that the added display of referral clicks and signups aligns visually with the existing leaderboard design and does not cause layout issues. <span class="w-full overflow-clip font-semibold text-[#500000bd] text-[12px] mb-2">Clicks: {{ leader.userprofile.referral_clicks }}</span> <span class="w-full overflow-clip font-semibold text-[#500000bd] text-[12px] mb-2">Signups: {{ leader.userprofile.referral_signups }}</span> Data Integrity Validate that the increment_referral_clicks and increment_referral_signups methods correctly update the UserProfile model without introducing race conditions or data inconsistencies. def increment_referral_clicks(self): self.sender.userprofile.referral_clicks += 1 self.sender.userprofile.save() def increment_referral_signups(self): self.sender.userprofile.referral_signups += 1 self.sender.userprofile.save() Referral Handling Confirm that the referral token handling logic in handle_user_signup and referral_signup functions is robust and handles edge cases like invalid or missing tokens gracefully. def handle_user_signup(request, user, **kwargs): referral_token = request.session.get("ref") if referral_token: try: invite = InviteFriend.objects.get(referral_code=referral_token) invite.recipients.add(user) invite.point_by_referral += 2 invite.increment_referral_signups() invite.save()

[github-actions]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
Security	Escape user-provided data in templates Sanitize the leader.userprofile.referral_clicks and leader.userprofile.referral_signups values to prevent potential injection attacks or display issues if the data contains unexpected characters. website/templates/includes/_leaderboard_widget.html [139-140] -<span class="w-full overflow-clip font-semibold text-[#500000bd] text-[12px] mb-2">Clicks: {{ leader.userprofile.referral_clicks }}</span> -<span class="w-full overflow-clip font-semibold text-[#500000bd] text-[12px] mb-2">Signups: {{ leader.userprofile.referral_signups }}</span> +<span class="w-full overflow-clip font-semibold text-[#500000bd] text-[12px] mb-2">Clicks: {{ leader.userprofile.referral_clicks|escape }}</span> +<span class="w-full overflow-clip font-semibold text-[#500000bd] text-[12px] mb-2">Signups: {{ leader.userprofile.referral_signups|escape }}</span> Suggestion importance[1-10]: 9 __ Why: Escaping user-provided data is a crucial security measure to prevent XSS vulnerabilities, especially in templates where dynamic content is rendered.	High
	Escape dynamic content in templates Ensure that the leader.userprofile.referral_signups and leader.userprofile.referral_clicks values are escaped to prevent potential XSS vulnerabilities when rendering user-generated content. website/templates/leaderboard_global.html [292-293] -<span class="pull-right badge">{{ leader.userprofile.referral_signups }} Signups</span> -<span class="pull-right badge">{{ leader.userprofile.referral_clicks }} Clicks</span> +<span class="pull-right badge">{{ leader.userprofile.referral_signups|escape }} Signups</span> +<span class="pull-right badge">{{ leader.userprofile.referral_clicks|escape }} Clicks</span> Suggestion importance[1-10]: 9 __ Why: Escaping dynamic content in templates is essential to mitigate XSS risks, ensuring that user-generated data is safely rendered.	High
Possible issue	Add error handling for missing user profiles Add error handling for potential exceptions when accessing self.sender.userprofile in the increment_referral_clicks and increment_referral_signups methods to avoid runtime errors if userprofile is missing or improperly configured. website/models.py [635-641] def increment_referral_clicks(self): - self.sender.userprofile.referral_clicks += 1 - self.sender.userprofile.save() + if hasattr(self.sender, 'userprofile'): + self.sender.userprofile.referral_clicks += 1 + self.sender.userprofile.save() def increment_referral_signups(self): - self.sender.userprofile.referral_signups += 1 - self.sender.userprofile.save() + if hasattr(self.sender, 'userprofile'): + self.sender.userprofile.referral_signups += 1 + self.sender.userprofile.save() Suggestion importance[1-10]: 8 __ Why: Adding error handling for missing user profiles is a critical improvement to prevent runtime errors, ensuring robustness when userprofile is not configured correctly.	Medium