allura-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jetm...@apache.org
Subject [07/12] allura git commit: [#7704] ticket:662 Moved user activation to auth plugin, extended tests
Date Mon, 10 Nov 2014 09:37:33 GMT
[#7704] ticket:662 Moved user activation to auth plugin, extended tests


Project: http://git-wip-us.apache.org/repos/asf/allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/566f3038
Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/566f3038
Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/566f3038

Branch: refs/heads/ib/7704
Commit: 566f3038f99f5a5e0547679a7ae29808dfaa0c9a
Parents: 87c509d
Author: Aleksey 'LXj' Alekseyev <gotletter@gmail.com>
Authored: Thu Oct 9 15:42:33 2014 +0300
Committer: Igor Bondarenko <jetmind2@gmail.com>
Committed: Tue Nov 4 13:57:02 2014 +0000

----------------------------------------------------------------------
 Allura/allura/controllers/auth.py           | 11 ++--
 Allura/allura/lib/plugin.py                 | 12 ++++
 Allura/allura/lib/widgets/forms.py          | 13 ++--
 Allura/allura/tests/functional/test_auth.py | 84 ++++++++++++++++++------
 4 files changed, 89 insertions(+), 31 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/allura/blob/566f3038/Allura/allura/controllers/auth.py
----------------------------------------------------------------------
diff --git a/Allura/allura/controllers/auth.py b/Allura/allura/controllers/auth.py
index b9e3d3b..4076b14 100644
--- a/Allura/allura/controllers/auth.py
+++ b/Allura/allura/controllers/auth.py
@@ -227,12 +227,11 @@ class AuthController(BaseController):
             dict(username=username,
                  display_name=display_name,
                  password=pw,
-                 email_addresses=[email],
-                 pending=True))
+                 pending=asbool(config.get('auth.require_email_addr', False))))
         plugin.AuthenticationProvider.get(request).login(user)
-        em = M.EmailAddress.create(email)
-        em.claimed_by_user_id = user._id
-        em.send_verification_link()
+        if email is not None:
+            em = user.claim_address(email)
+            em.send_verification_link()
         flash('User "%s" registered' % username)
         redirect('/')
 
@@ -263,7 +262,7 @@ class AuthController(BaseController):
 
             user = addr.claimed_by_user()
             if user.pending:
-                user.pending = False
+                plugin.AuthenticationProvider.get(request).activate_user(user)
         else:
             flash('Unknown verification link', 'error')
 

http://git-wip-us.apache.org/repos/asf/allura/blob/566f3038/Allura/allura/lib/plugin.py
----------------------------------------------------------------------
diff --git a/Allura/allura/lib/plugin.py b/Allura/allura/lib/plugin.py
index 82284f2..6389360 100644
--- a/Allura/allura/lib/plugin.py
+++ b/Allura/allura/lib/plugin.py
@@ -189,6 +189,10 @@ class AuthenticationProvider(object):
         '''Enable user account'''
         raise NotImplementedError, 'enable_user'
 
+    def activate_user(self, user):
+        '''Activate user after registration'''
+        raise NotImplementedError, 'activate_user'
+
     def by_username(self, username):
         '''
         Find a user by username.
@@ -350,6 +354,11 @@ class LocalAuthenticationProvider(AuthenticationProvider):
         session(user).flush(user)
         h.auditlog_user(u'Account enabled', user=user)
 
+    def activate_user(self, user):
+        user.pending = False
+        session(user).flush(user)
+        h.auditlog_user('Account activated', user=user)
+
     def validate_password(self, user, password):
         return self._validate_password(user, password)
 
@@ -601,6 +610,9 @@ class LdapAuthenticationProvider(AuthenticationProvider):
     def enable_user(self, user):
         return LocalAuthenticationProvider(None).enable_user(user)
 
+    def activate_user(self, user):
+        return LocalAuthenticationProvider(None).activate_user(user)
+
     def get_last_password_updated(self, user):
         return LocalAuthenticationProvider(None).get_last_password_updated(user)
 

http://git-wip-us.apache.org/repos/asf/allura/blob/566f3038/Allura/allura/lib/widgets/forms.py
----------------------------------------------------------------------
diff --git a/Allura/allura/lib/widgets/forms.py b/Allura/allura/lib/widgets/forms.py
index 3d243e2..6f23e40 100644
--- a/Allura/allura/lib/widgets/forms.py
+++ b/Allura/allura/lib/widgets/forms.py
@@ -27,6 +27,7 @@ import ew.jinja2_ew as ew
 from pytz import common_timezones, country_timezones, country_names
 from paste.deploy.converters import aslist, asint, asbool
 import tg
+from tg import config
 
 from allura.lib import validators as V
 from allura.lib import helpers as h
@@ -749,16 +750,19 @@ class RegistrationForm(ForgeForm):
             'Usernames must include only letters, numbers, and dashes.'
             ' They must also start with a letter and be at least 3 characters'
             ' long.')
-        return [
+        fields = [
             ew.TextField(
                 name='display_name',
                 label='Displayed Name',
                 validator=fev.UnicodeString(not_empty=True)),
             username,
-            ew.TextField(
+        ]
+        if asbool(config.get('auth.require_email_addr', False)):
+            fields.append(ew.TextField(
                 name='email',
                 label='Your e-mail',
-                validator=fev.Email()),
+                validator=fev.Email(not_empty=True)))
+        fields += [
             ew.PasswordField(
                 name='pw',
                 label='New Password',
@@ -766,11 +770,12 @@ class RegistrationForm(ForgeForm):
                     not_empty=True,
                     min=asint(tg.config.get('auth.min_password_len', 6)),
                     max=asint(tg.config.get('auth.max_password_len', 30)))),
-             ew.PasswordField(
+            ew.PasswordField(
                 name='pw2',
                 label='New Password (again)',
                 validator=fev.UnicodeString(not_empty=True)),
         ]
+        return fields
 
     @ew_core.core.validator
     def to_python(self, value, state):

http://git-wip-us.apache.org/repos/asf/allura/blob/566f3038/Allura/allura/tests/functional/test_auth.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/functional/test_auth.py b/Allura/allura/tests/functional/test_auth.py
index 3a50b7c..2206f37 100644
--- a/Allura/allura/tests/functional/test_auth.py
+++ b/Allura/allura/tests/functional/test_auth.py
@@ -532,31 +532,72 @@ class TestAuth(TestController):
         r = self.app.post('/auth/save_new',
                           params=dict(username='aaa', pw='123'))
         assert 'Enter a value 6 characters long or more' in r
-        r = self.app.post('/auth/save_new',
-                          params=dict(
-                              username='aaa',
-                              pw='12345678',
-                              pw2='12345678',
-                              display_name='Test Me',
-                              email='test@example.com'))
+        r = self.app.post(
+            '/auth/save_new',
+            params=dict(
+                username='aaa',
+                pw='12345678',
+                pw2='12345678',
+                display_name='Test Me'))
         r = r.follow()
         assert 'User "aaa" registered' in unentity(r.body)
-        r = self.app.post('/auth/save_new',
-                          params=dict(
-                              username='aaa',
-                              pw='12345678',
-                              pw2='12345678',
-                              display_name='Test Me',
-                              email='test@example.com'))
+        r = self.app.post(
+            '/auth/save_new',
+            params=dict(
+                username='aaa',
+                pw='12345678',
+                pw2='12345678',
+                display_name='Test Me'))
         assert 'That username is already taken. Please choose another.' in r
         r = self.app.get('/auth/logout')
-        user = M.User.query.get(username='aaa')
-        assert user.pending
-        user.pending = False
-        session(user).flush(user)
-        r = self.app.post('/auth/do_login',
-                          params=dict(username='aaa', password='12345678'),
-                          status=302)
+        r = self.app.post(
+            '/auth/do_login',
+            params=dict(username='aaa', password='12345678'),
+            status=302)
+
+    def test_create_account_require_email(self):
+        with h.push_config(config, **{'auth.require_email_addr': 'false'}):
+            self.app.post(
+                '/auth/save_new',
+                params=dict(
+                    username='aaa',
+                    pw='12345678',
+                    pw2='12345678',
+                    display_name='Test Me',
+                    email='test@example.com'))
+            user = M.User.query.get(username='aaa')
+            assert not user.pending
+        with h.push_config(config, **{'auth.require_email_addr': 'true'}):
+            self.app.post(
+                '/auth/save_new',
+                params=dict(
+                    username='bbb',
+                    pw='12345678',
+                    pw2='12345678',
+                    display_name='Test Me',
+                    email='test@example.com'))
+            user = M.User.query.get(username='bbb')
+            assert user.pending
+
+    def test_verify_email(self):
+        with h.push_config(config, **{'auth.require_email_addr': 'true'}):
+            r = self.app.post(
+                '/auth/save_new',
+                params=dict(
+                    username='aaa',
+                    pw='12345678',
+                    pw2='12345678',
+                    display_name='Test Me',
+                    email='test@example.com'))
+            r = r.follow()
+            user = M.User.query.get(username='aaa')
+            em = M.EmailAddress.query.get(email='test@example.com')
+            assert user._id == em.claimed_by_user_id
+            r = self.app.get('/auth/verify_addr', params=dict(a=em.nonce))
+            user = M.User.query.get(username='aaa')
+            em = M.EmailAddress.query.get(email='test@example.com')
+            assert not user.pending
+            assert em.confirmed
 
     def test_create_account_disabled_header_link(self):
         with h.push_config(config, **{'auth.allow_user_registration': 'false'}):
@@ -595,6 +636,7 @@ class TestAuth(TestController):
         session(user).flush(user)
         assert M.ProjectRole.query.find(
             dict(user_id=user._id, project_id=p._id)).count() == 0
+
         self.app.get('/p/test/admin/permissions',
                      extra_environ=dict(username='aaa'), status=403)
         assert M.ProjectRole.query.find(


Mime
View raw message