You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@allura.apache.org by je...@apache.org on 2014/10/15 12:56:16 UTC
[06/12] git commit: [#7704] ticket:662 Moved user activation to auth
plugin, extended tests
[#7704] ticket:662 Moved user activation to auth plugin, extended tests
Project: http://git-wip-us.apache.org/repos/asf/allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/9685b2cd
Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/9685b2cd
Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/9685b2cd
Branch: refs/heads/je/42cc_7704
Commit: 9685b2cd6b4531a209270eecdba370211c58461c
Parents: 193bede
Author: Aleksey 'LXj' Alekseyev <go...@gmail.com>
Authored: Thu Oct 9 15:42:33 2014 +0300
Committer: Igor Bondarenko <je...@gmail.com>
Committed: Wed Oct 15 11:24:55 2014 +0300
----------------------------------------------------------------------
Allura/allura/controllers/auth.py | 11 +++--
Allura/allura/lib/plugin.py | 12 ++++++
Allura/allura/lib/widgets/forms.py | 13 ++++--
Allura/allura/tests/functional/test_auth.py | 55 ++++++++++++++++++++----
4 files changed, 73 insertions(+), 18 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/allura/blob/9685b2cd/Allura/allura/controllers/auth.py
----------------------------------------------------------------------
diff --git a/Allura/allura/controllers/auth.py b/Allura/allura/controllers/auth.py
index c78b980..d3a8475 100644
--- a/Allura/allura/controllers/auth.py
+++ b/Allura/allura/controllers/auth.py
@@ -227,12 +227,11 @@ class AuthController(BaseController):
dict(username=username,
display_name=display_name,
password=pw,
- email_addresses=[email],
- pending=True))
+ pending=asbool(config.get('auth.require_email_addr', False))))
plugin.AuthenticationProvider.get(request).login(user)
- em = M.EmailAddress.create(email)
- em.claimed_by_user_id = user._id
- em.send_verification_link()
+ if email is not None:
+ em = user.claim_address(email)
+ em.send_verification_link()
flash('User "%s" registered' % username)
redirect('/')
@@ -270,7 +269,7 @@ class AuthController(BaseController):
user = addr.claimed_by_user()
if user.pending:
- user.pending = False
+ plugin.AuthenticationProvider.get(request).activate_user(user)
else:
flash('Unknown verification link', 'error')
http://git-wip-us.apache.org/repos/asf/allura/blob/9685b2cd/Allura/allura/lib/plugin.py
----------------------------------------------------------------------
diff --git a/Allura/allura/lib/plugin.py b/Allura/allura/lib/plugin.py
index eb9feef..7264dce 100644
--- a/Allura/allura/lib/plugin.py
+++ b/Allura/allura/lib/plugin.py
@@ -183,6 +183,10 @@ class AuthenticationProvider(object):
'''Enable user account'''
raise NotImplementedError, 'enable_user'
+ def activate_user(self, user):
+ '''Activate user after registration'''
+ raise NotImplementedError, 'activate_user'
+
def by_username(self, username):
'''
Find a user by username.
@@ -344,6 +348,11 @@ class LocalAuthenticationProvider(AuthenticationProvider):
session(user).flush(user)
h.auditlog_user(u'Account enabled', user=user)
+ def activate_user(self, user):
+ user.pending = False
+ session(user).flush(user)
+ h.auditlog_user('Account activated', user=user)
+
def validate_password(self, user, password):
return self._validate_password(user, password)
@@ -589,6 +598,9 @@ class LdapAuthenticationProvider(AuthenticationProvider):
def enable_user(self, user):
return LocalAuthenticationProvider(None).enable_user(user)
+ def activate_user(self, user):
+ return LocalAuthenticationProvider(None).activate_user(user)
+
def get_last_password_updated(self, user):
return LocalAuthenticationProvider(None).get_last_password_updated(user)
http://git-wip-us.apache.org/repos/asf/allura/blob/9685b2cd/Allura/allura/lib/widgets/forms.py
----------------------------------------------------------------------
diff --git a/Allura/allura/lib/widgets/forms.py b/Allura/allura/lib/widgets/forms.py
index 3d243e2..6f23e40 100644
--- a/Allura/allura/lib/widgets/forms.py
+++ b/Allura/allura/lib/widgets/forms.py
@@ -27,6 +27,7 @@ import ew.jinja2_ew as ew
from pytz import common_timezones, country_timezones, country_names
from paste.deploy.converters import aslist, asint, asbool
import tg
+from tg import config
from allura.lib import validators as V
from allura.lib import helpers as h
@@ -749,16 +750,19 @@ class RegistrationForm(ForgeForm):
'Usernames must include only letters, numbers, and dashes.'
' They must also start with a letter and be at least 3 characters'
' long.')
- return [
+ fields = [
ew.TextField(
name='display_name',
label='Displayed Name',
validator=fev.UnicodeString(not_empty=True)),
username,
- ew.TextField(
+ ]
+ if asbool(config.get('auth.require_email_addr', False)):
+ fields.append(ew.TextField(
name='email',
label='Your e-mail',
- validator=fev.Email()),
+ validator=fev.Email(not_empty=True)))
+ fields += [
ew.PasswordField(
name='pw',
label='New Password',
@@ -766,11 +770,12 @@ class RegistrationForm(ForgeForm):
not_empty=True,
min=asint(tg.config.get('auth.min_password_len', 6)),
max=asint(tg.config.get('auth.max_password_len', 30)))),
- ew.PasswordField(
+ ew.PasswordField(
name='pw2',
label='New Password (again)',
validator=fev.UnicodeString(not_empty=True)),
]
+ return fields
@ew_core.core.validator
def to_python(self, value, state):
http://git-wip-us.apache.org/repos/asf/allura/blob/9685b2cd/Allura/allura/tests/functional/test_auth.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/functional/test_auth.py b/Allura/allura/tests/functional/test_auth.py
index 058ae09..da6c652 100644
--- a/Allura/allura/tests/functional/test_auth.py
+++ b/Allura/allura/tests/functional/test_auth.py
@@ -379,8 +379,7 @@ class TestAuth(TestController):
username='aaa',
pw='12345678',
pw2='12345678',
- display_name='Test Me',
- email='test@example.com'))
+ display_name='Test Me'))
r = r.follow()
assert 'User "aaa" registered' in unentity(r.body)
r = self.app.post(
@@ -389,19 +388,58 @@ class TestAuth(TestController):
username='aaa',
pw='12345678',
pw2='12345678',
- display_name='Test Me',
- email='test@example.com'))
+ display_name='Test Me'))
assert 'That username is already taken. Please choose another.' in r
r = self.app.get('/auth/logout')
- user = M.User.query.get(username='aaa')
- assert user.pending
- user.pending = False
- session(user).flush(user)
r = self.app.post(
'/auth/do_login',
params=dict(username='aaa', password='12345678'),
status=302)
+ def test_create_account_require_email(self):
+ with h.push_config(config, **{'auth.require_email_addr': 'false'}):
+ self.app.post(
+ '/auth/save_new',
+ params=dict(
+ username='aaa',
+ pw='12345678',
+ pw2='12345678',
+ display_name='Test Me',
+ email='test@example.com'))
+ user = M.User.query.get(username='aaa')
+ assert not user.pending
+ with h.push_config(config, **{'auth.require_email_addr': 'true'}):
+ self.app.post(
+ '/auth/save_new',
+ params=dict(
+ username='bbb',
+ pw='12345678',
+ pw2='12345678',
+ display_name='Test Me',
+ email='test@example.com'))
+ user = M.User.query.get(username='bbb')
+ assert user.pending
+
+ def test_verify_email(self):
+ with h.push_config(config, **{'auth.require_email_addr': 'true'}):
+ r = self.app.post(
+ '/auth/save_new',
+ params=dict(
+ username='aaa',
+ pw='12345678',
+ pw2='12345678',
+ display_name='Test Me',
+ email='test@example.com'))
+ r = r.follow()
+ user = M.User.query.get(username='aaa')
+ em = M.EmailAddress.query.get(email='test@example.com')
+ assert user._id == em.claimed_by_user_id
+ r = self.app.get('/auth/verify_addr', params=dict(a=em.nonce))
+ user = M.User.query.get(username='aaa')
+ em = M.EmailAddress.query.get(email='test@example.com')
+ assert not user.pending
+ assert em.confirmed
+
def test_create_account_disabled_header_link(self):
with h.push_config(config, **{'auth.allow_user_registration': 'false'}):
r = self.app.get('/')
@@ -441,6 +479,7 @@ class TestAuth(TestController):
session(user).flush(user)
assert M.ProjectRole.query.find(
dict(user_id=user._id, project_id=p._id)).count() == 0
+
self.app.get('/p/test/admin/permissions',
extra_environ=dict(username='aaa'), status=403)
assert M.ProjectRole.query.find(