Ticket #442: fix_email_verification.patch

File fix_email_verification.patch, 2.8 kB (added by s0undt3ch, 7 months ago)

don't check against anonymous users

  • a/acct_mgr/tests/functional/testcases.py

    old new  
    265265        self._tester.logout() 
    266266        self._smtpd.full_reset() 
    267267 
     268class NoEmailVerificationForAnonymousUsers(FunctionalTestCaseSetup): 
     269    def runTest(self): 
     270        """Anonymous users don't get their email address verified""" 
     271        tc.find("Login") 
     272        tc.follow("Preferences") 
     273        form_name = 'userprefs' 
     274        email_address = 'anonyous.user@fakedomain.tld' 
     275        tc.formvalue(form_name, 'email', email_address) 
     276        tc.submit() 
     277        tc.notfind('<strong>Notice:</strong> <span>An email has been sent to ' 
     278                   '%s with a token to <a href="/verify_email">verify your new ' 
     279                   'email address</a></span>' % email_address) 
     280        self._tester.go_to_front() 
     281        tc.notfind('<strong>Warning:</strong> <span>Your permissions have been ' 
     282                   'limited until you <a href="/verify_email">verify your email ' 
     283                   'address</a></span>') 
     284         
     285         
    268286def suite(): 
    269287    suite = FunctionalTestSuite() 
    270288    suite.addTest(TestFormLoginAdmin()) 
     
    284302    suite.addTest(DeleteAccountNotifiesAdmin()) 
    285303    suite.addTest(UserNoLongerLogins()) 
    286304    suite.addTest(UserIsAbleToRegisterWithSameUserName()) 
     305    suite.addTest(NoEmailVerificationForAnonymousUsers()) 
    287306    return suite 
    288307 
    289308 

  • a/acct_mgr/web_ui.py

    old new  
    514514    # IRequestFilter methods 
    515515 
    516516    def pre_process_request(self, req, handler): 
     517        if not req.session.authenticated: 
     518            # Anonymous users should register and perms should be tweaked so 
     519            # that anonymous users can't edit wiki pages and change or create 
     520            # tickets. As such, this email verifying code won't be used on them 
     521            return handler 
    517522        if handler is not self and 'email_verification_token' in req.session: 
    518523            chrome.add_warning(req, MessageWrapper(tag.span( 
    519524                    'Your permissions have been limited until you ', 
     
    523528        return handler 
    524529 
    525530    def post_process_request(self, req, template, data, content_type): 
     531        if not req.session.authenticated: 
     532            # Anonymous users should register and perms should be tweaked so 
     533            # that anonymous users can't edit wiki pages and change or create 
     534            # tickets. As such, this email verifying code won't be used on them 
     535            return template, data, content_type 
    526536        if req.session.get('email') != req.session.get('email_verification_sent_to'): 
    527537            req.session['email_verification_token'] = self._gen_token() 
    528538            req.session['email_verification_sent_to'] = req.session.get('email')