You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@allura.apache.org by br...@apache.org on 2015/10/16 19:06:59 UTC
[03/46] allura git commit: [#7991] limit phone number usage to once
[#7991] limit phone number usage to once
Project: http://git-wip-us.apache.org/repos/asf/allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/b79b8546
Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/b79b8546
Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/b79b8546
Branch: refs/heads/db/7919
Commit: b79b854693f1aadebe408e7f95bad2a747cbf047
Parents: c8300e1
Author: Dave Brondsema <da...@brondsema.net>
Authored: Mon Oct 5 15:19:55 2015 -0400
Committer: Dave Brondsema <da...@brondsema.net>
Committed: Mon Oct 5 15:38:26 2015 -0400
----------------------------------------------------------------------
Allura/allura/lib/plugin.py | 7 ++++++-
Allura/allura/tests/functional/test_neighborhood.py | 16 +++++++++++++++-
2 files changed, 21 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/allura/blob/b79b8546/Allura/allura/lib/plugin.py
----------------------------------------------------------------------
diff --git a/Allura/allura/lib/plugin.py b/Allura/allura/lib/plugin.py
index 2270dcb..46cd3e8 100644
--- a/Allura/allura/lib/plugin.py
+++ b/Allura/allura/lib/plugin.py
@@ -726,11 +726,16 @@ class ProjectRegistrationProvider(object):
return True
return bool(user.get_tool_data('phone_verification', 'number_hash'))
- def verify_phone(self, user, number):
+ def verify_phone(self, user, number, allow_reuse=False):
+ from allura import model as M
ok = {'status': 'ok'}
if not asbool(config.get('project.verify_phone')):
return ok
number = utils.clean_phone_number(number)
+ number_hash = utils.phone_number_hash(number)
+ if not allow_reuse and M.User.query.find({'tool_data.phone_verification.number_hash': number_hash}).count():
+ return {'status': 'error',
+ 'error': 'That phone number has already been used.'}
return g.phone_service.verify(number)
def check_phone_verification(self, user, request_id, pin, number_hash):
http://git-wip-us.apache.org/repos/asf/allura/blob/b79b8546/Allura/allura/tests/functional/test_neighborhood.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/functional/test_neighborhood.py b/Allura/allura/tests/functional/test_neighborhood.py
index 8b6a74f..9b8b215 100644
--- a/Allura/allura/tests/functional/test_neighborhood.py
+++ b/Allura/allura/tests/functional/test_neighborhood.py
@@ -24,7 +24,7 @@ import PIL
from mock import patch
from tg import config
from nose.tools import assert_equal, assert_in, assert_not_equal
-from ming.orm.ormsession import ThreadLocalORMSession
+from ming.orm.ormsession import ThreadLocalORMSession, session
from paste.httpexceptions import HTTPFound
from pylons import app_globals as g
@@ -33,6 +33,7 @@ from allura import model as M
from allura.tests import TestController
from allura.tests import decorators as td
from allura.lib import helpers as h
+from allura.lib import utils
from alluratest.controller import setup_trove_categories
@@ -1006,6 +1007,19 @@ class TestPhoneVerificationOnProjectRegistration(TestController):
}
assert_equal(r.json, expected)
+ @patch.object(g, 'phone_service', autospec=True)
+ def test_verify_phone_already_used(self, phone_service):
+ with h.push_config(config, **{'project.verify_phone': 'true'}):
+ u = M.User.register(dict(username='existing-user'), make_project=False)
+ u.set_tool_data('phone_verification', number_hash=utils.phone_number_hash('1-555-444-9999'))
+ session(u).flush(u)
+ phone_service.verify.return_value = {'request_id': 'request-id', 'status': 'ok'}
+ r = self.app.get('/p/verify_phone', {'number': '1-555-444-9999'})
+ assert_equal(r.json, {
+ 'status': 'error',
+ 'error': u'That phone number has already been used.'
+ })
+
def test_check_phone_verification_no_params(self):
with h.push_config(config, **{'project.verify_phone': 'true'}):
self.app.get('/p/check_phone_verification', status=404)