0002-users-api-unset-verified-flag-on-a-modified-email-ad.patch

Paul Marillonnet, 11 mars 2019 18:10

Voir les différences: en ligne côte à côte

Subject: [PATCH 2/2] users api: unset verified flag on a modified email
 address (#30740)

 src/authentic2/api_views.py |   5 ++
 tests/test_api.py           | 116 ++++++++++++++++++++++++++++++++++++
 2 files changed, 121 insertions(+)

             self.check_perm('custom_user.change_user', instance.ou)
             if 'ou' in validated_data:
                 self.check_perm('custom_user.change_user', validated_data.get('ou'))
             if validated_data.get('email') != instance.email and \
                     not validated_data.get('email_verified'):
                 instance.email_verified = False
             super(BaseUserSerializer, self).update(instance, validated_data)
             for key, value in attributes.iteritems():
                 if is_verified.get(key):
-...
                     'errors': serializer.errors
+                }
                 return Response(response, status.HTTP_400_BAD_REQUEST)
             user.email_verified = False
             user.save()
             utils.send_email_change_email(user, serializer.validated_data['email'], request=request)
             return Response({'result': 1})

         assert resp.json['next'] is None
     def test_api_users_update_with_email_verified(settings, app, admin, simple_user):
         from django.contrib.auth import get_user_model
         simple_user.email_verified = True
         simple_user.save()
         User = get_user_model()
         payload = {
             'username': simple_user.username,
             'id': simple_user.id,
             'email': 'john.doe@nowhere.null',
             'first_name': 'Johnny',
             'last_name': 'Doeny',
             'email_verified': True,
+        }
         headers = basic_authorization_header(admin)
         resp = app.put_json('/api/users/{}/'.format(simple_user.uuid),
                 params=payload, headers=headers, status=200)
         user = User.objects.get(id=simple_user.id)
         assert user.email_verified
         assert resp.json['email_verified']
         user.email_verified = True
         user.email = 'johnny.doeny@foo.bar'
         user.save()
         resp = app.patch_json('/api/users/{}/'.format(simple_user.uuid),
                 params=payload, headers=headers, status=200)
         user = User.objects.get(id=simple_user.id)
         assert user.email_verified
         assert resp.json['email_verified']
     def test_api_users_update_without_email_verified(settings, app, admin, simple_user):
         from django.contrib.auth import get_user_model
         simple_user.email_verified = True
         simple_user.save()
         User = get_user_model()
         payload = {
             'username': simple_user.username,
             'id': simple_user.id,
             'email': 'john.doe@nowhere.null',
             'first_name': 'Johnny',
             'last_name': 'Doeny',
+        }
         headers = basic_authorization_header(admin)
         resp = app.put_json('/api/users/{}/'.format(simple_user.uuid),
                 params=payload, headers=headers, status=200)
         user = User.objects.get(id=simple_user.id)
         assert not user.email_verified
         assert not resp.json['email_verified']
         user.email_verified = True
         user.email = 'johnny.doeny@foo.bar'
         user.save()
         resp = app.patch_json('/api/users/{}/'.format(simple_user.uuid),
                 params=payload, headers=headers, status=200)
         user = User.objects.get(id=simple_user.id)
         assert not user.email_verified
         assert not resp.json['email_verified']
     def test_api_users_create_with_email_verified(settings, app, admin):
         from django.contrib.auth import get_user_model
         payload = {
             'username': 'janedoe',
             'email': 'jane.doe@nowhere.null',
             'first_name': 'Jane',
             'last_name': 'Doe',
             'email_verified': True,
+        }
         headers = basic_authorization_header(admin)
         resp = app.post_json('/api/users/', headers=headers, params=payload,
                 status=201)
         assert resp.json['email_verified']
         User = get_user_model()
         user = User.objects.get(uuid=resp.json['uuid'])
         assert user.email_verified
     def test_api_users_create_without_email_verified(settings, app, admin):
         from django.contrib.auth import get_user_model
         payload = {
             'username': 'janedoe',
             'email': 'jane.doe@nowhere.null',
             'first_name': 'Jane',
             'last_name': 'Doe',
+        }
         headers = basic_authorization_header(admin)
         resp = app.post_json('/api/users/', headers=headers, params=payload,
                 status=201)
         assert not resp.json['email_verified']
         User = get_user_model()
         user = User.objects.get(uuid=resp.json['uuid'])
         assert not user.email_verified
     def test_api_email_unset_verification(settings, app, admin, simple_user):
         from django.contrib.auth import get_user_model
         simple_user.email_verified = True
         simple_user.save()
         User = get_user_model()
         payload = {
             'email': 'john.doe@nowhere.null',
+        }
         headers = basic_authorization_header(admin)
         resp = app.post_json('/api/users/{}/email/'.format(simple_user.uuid),
                 params=payload, headers=headers, status=200)
         user = User.objects.get(id=simple_user.id)
         assert not user.email_verified
     def test_api_users_boolean_attribute(app, superuser):
         from authentic2.models import Attribute, AttributeValue
         at = Attribute.objects.create(
+    -

Projet

Général

Profil

Produits Entr'ouvert » Authentic 2

0002-users-api-unset-verified-flag-on-a-modified-email-ad.patch