0001-misc-use-non-autoescaping-template-render-for-email-.patch

Benjamin Dauvergne, 23 février 2021 16:29

Voir les différences: en ligne côte à côte

Subject: [PATCH] misc: use non-autoescaping template render for email text
 bodies and subjects (#51374)

 .../user_change_email_notification_body.txt   |  4 ++--
 ...user_change_email_notification_subject.txt |  2 +-
 src/authentic2/settings.py                    | 22 +++++++++++++++++++
 .../account_delete_notification_body.txt      |  3 +--
 .../account_delete_notification_subject.txt   |  2 +-
 .../authentic2/account_deletion_code_body.txt |  3 +--
 .../account_deletion_code_subject.txt         |  2 +-
 .../change_email_notification_body.txt        |  4 ++--
 .../change_email_notification_subject.txt     |  2 +-
 .../authentic2/registration_success_body.txt  |  4 +---
 .../registration_success_subject.txt          |  2 +-
 .../authentic2/unused_account_alert_body.txt  |  5 +----
 .../unused_account_alert_subject.txt          |  7 +-----
 .../authentic2/unused_account_delete_body.txt |  8 ++-----
 .../unused_account_delete_subject.txt         |  2 +-
 .../registration/activation_email.txt         |  4 ++--
 .../registration/activation_email_subject.txt |  2 +-
 .../registration/password_reset_subject.txt   |  4 +---
 src/authentic2/utils/__init__.py              |  4 ++--
 19 files changed, 45 insertions(+), 41 deletions(-)

     {% load i18n %}{% autoescape off %}{% if email_is_not_unique%}{% blocktrans with name=user.get_short_name old_email=user.email %}Hi {{ name }} !
     {% load i18n %}{% if email_is_not_unique%}{% blocktrans with name=user.get_short_name old_email=user.email %}Hi {{ name }} !
     An administrator requested for changing your email on {{ domain }} from:
-...
     This link will be valid for {{ token_lifetime }}.
     --
     {{ domain }}{% endblocktrans %}{% endif %}{% endautoescape %}
     {{ domain }}{% endblocktrans %}{% endif %}

src/authentic2/manager/templates/authentic2/manager/user_change_email_notification_subject.txt

{% load i18n %}{% autoescape off %}{% blocktrans %}Change email on {{ domain }} requested by an administrator{% endblocktrans %}{% endautoescape %}

{% load i18n %}{% blocktrans %}Change email on {{ domain }} requested by an administrator{% endblocktrans %}

                 ],
             },
         },
+        {
             'NAME': 'plain_text',
             'BACKEND': 'django.template.backends.django.DjangoTemplates',
             'DIRS': [
                 os.path.join(BASE_DIR, 'templates'),
             ],
             'APP_DIRS': True,
             'OPTIONS': {
                 'autoescape': False,
                 'context_processors': [
                     'django.contrib.auth.context_processors.auth',
                     'django_rbac.context_processors.auth',
                     'django.template.context_processors.debug',
                     'django.template.context_processors.i18n',
                     'django.template.context_processors.media',
                     'django.template.context_processors.request',
                     'django.contrib.messages.context_processors.messages',
                     'django.template.context_processors.static',
                     'authentic2.context_processors.a2_processor',
                 ],
             },
         },
+    ]

     {% load i18n %}{% autoescape off %}{% blocktrans %}{{ full_name }},{% endblocktrans %}
     {% load i18n %}{% blocktrans %}{{ full_name }},{% endblocktrans %}
     {% blocktrans %}
     Your account on {{ site }} has been deleted.
     All related data will be deleted today.
     You cannot log in with it anymore.
     {% endblocktrans %}
     {% endautoescape %}

src/authentic2/templates/authentic2/account_delete_notification_subject.txt
1		{% load i18n %}{% autoescape off %}{% blocktrans %}Account deletion on {{ site }}{% endblocktrans %}{% endautoescape %}
	1	{% load i18n %}{% blocktrans %}Account deletion on {{ site }}{% endblocktrans %}

     {% load i18n %}{% autoescape off %}{% blocktrans %}{{ full_name }},{% endblocktrans %}
     {% load i18n %}{% blocktrans %}{{ full_name }},{% endblocktrans %}
     {% blocktrans %}
     Please click on {{ deletion_url }}
-...
     If so, all related data will be deleted in the next few hours.
     You won't be able to log in with this account anymore.
     {% endblocktrans %}
     {% endautoescape %}

src/authentic2/templates/authentic2/account_deletion_code_subject.txt

{% load i18n %}{% autoescape off %}{% blocktrans %}Validate account deletion request on {{ site }}{% endblocktrans %}{% endautoescape %}

{% load i18n %}{% blocktrans %}Validate account deletion request on {{ site }}{% endblocktrans %}

     {% load i18n %}{% autoescape off %}{% if email_is_not_unique%}{% blocktrans with name=user.get_short_name old_email=user.email %}Hi {{ name }} !
     {% load i18n %}{% if email_is_not_unique%}{% blocktrans with name=user.get_short_name old_email=user.email %}Hi {{ name }} !
     You asked for changing your email on {{ domain }} from:
-...
     This link will be valid for {{ token_lifetime }}.
     --
     {{ domain }}{% endblocktrans %}{% endif %}{% endautoescape %}
     {{ domain }}{% endblocktrans %}{% endif %}

src/authentic2/templates/authentic2/change_email_notification_subject.txt
1		{% load i18n %}{% autoescape off %}{% blocktrans %}Change email on {{ domain }}{% endblocktrans %}{% endautoescape %}
	1	{% load i18n %}{% blocktrans %}Change email on {{ domain }}{% endblocktrans %}

     {% load i18n %}{% autoescape off %}{% blocktrans with full_name=user.get_full_name %}Hi {{ full_name }} !
     {% load i18n %}{% blocktrans with full_name=user.get_full_name %}Hi {{ full_name }} !
     Your registration on {{ site }} was successful!
-...
     	{% trans "Email:" %} {{ user.email }}{% if user.first_name %}
     	{% trans "First name:" %} {{ user.first_name }}{% endif %}{% if user.last_name %}
     	{% trans "Last name:" %} {{ user.last_name }}{% endif %}
     {% endautoescape %}

src/authentic2/templates/authentic2/registration_success_subject.txt
1		{% load i18n %}{% autoescape off %}{% trans "You successfully registered on" %} {{ site }}{% endautoescape %}
	1	{% load i18n %}{% trans "You successfully registered on" %} {{ site }}

     {% load i18n humanize %}
     {% autoescape off %}
     {% blocktrans %}Hi {{ user.get_full_name }},{% endblocktrans %}
     {% load i18n humanize %}{% blocktrans %}Hi {{ user.get_full_name }},{% endblocktrans %}
     {% blocktrans with last_login_date=user.last_login|naturaltime %}Your last logging was {{ last_login_date }}.{% endblocktrans %}
     {% blocktrans %}In order to keep your account, you must log in within {{ days_to_deletion }} days.{% endblocktrans %}
     {% trans "Otherwise, it will be deleted after this time." %}
     {% endautoescape %}

src/authentic2/templates/authentic2/unused_account_alert_subject.txt
1		{% load i18n humanize %}
2		{% autoescape off %}
3		{% blocktrans trimmed with last_login_date=user.last_login\|naturaltime %}
4		Alert: {{ user.get_full_name }} your last login was {{ last_login_date }}
5		{% endblocktrans %}
6		{% endautoescape %}
	1	{% load i18n humanize %}{% blocktrans trimmed with last_login_date=user.last_login\|naturaltime %}Alert: {{ user.get_full_name }} your last login was {{ last_login_date }}{% endblocktrans %}

     {% load i18n humanize %}
     {% autoescape off %}
     {% blocktrans with last_login_date=user.last_login|naturaltime %}
     {% load i18n humanize %}{% blocktrans with last_login_date=user.last_login|naturaltime %}
     Hi {{ user }},
     Since your last logging was {{ last_login_date }}, your account has been deleted.
     {% endblocktrans %}
     {% endautoescape %}
     Since your last logging was {{ last_login_date }}, your account has been deleted.{% endblocktrans %}

src/authentic2/templates/authentic2/unused_account_delete_subject.txt

{% load i18n %}{% autoescape off %}{% blocktrans %}Notification: {{ user }}, your account has been deleted{% endblocktrans %}{% endautoescape %}

{% load i18n %}{% blocktrans %}Notification: {{ user }}, your account has been deleted{% endblocktrans %}

     {% load i18n %}{% autoescape off %}{% if not existing_accounts %}{% blocktrans %}You requested registration on {{ site }}.
     {% load i18n %}{% if not existing_accounts %}{% blocktrans %}You requested registration on {{ site }}.
     To finish your registration, please go to:
       {{ registration_url }}
-...
     {% if expiration_days > 1 %}{% blocktrans %}Link is valid for {{ expiration_days }} days.{% endblocktrans %}
     {% else %}{% blocktrans %}Link is valid for 24 hours.{% endblocktrans %}{% endif %}
     {% blocktrans %}If you did not register on {{ site }}, ignore this email.{% endblocktrans %}{% endautoescape %}
     {% blocktrans %}If you did not register on {{ site }}, ignore this email.{% endblocktrans %}

src/authentic2/templates/registration/activation_email_subject.txt
1		{% load i18n %}{% autoescape off %}{% trans "You requested registration on" %} {{ site }}{% endautoescape %}
	1	{% load i18n %}{% trans "You requested registration on" %} {{ site }}

src/authentic2/templates/registration/password_reset_subject.txt
1		{% load i18n %}{% autoescape off %}
2		{% blocktrans with hostname=request.get_host %}Password reset on {{ hostname }}{% endblocktrans %}
3		{% endautoescape %}
	1	{% load i18n %}{% blocktrans with hostname=request.get_host %}Password reset on {{ hostname }}{% endblocktrans %}

         subject_template_names = [template_name + '_subject.txt' for template_name in template_names]
         subject_template_names += legacy_subject_templates or []
         subject = render_to_string(subject_template_names, ctx, request=request).strip()
         subject = render_to_string(subject_template_names, ctx, request=request, using='plain_text').strip()
         body_template_names = [template_name + '_body.txt' for template_name in template_names]
         body_template_names += legacy_body_templates or []
         body = render_to_string(body_template_names, ctx, request=request)
         body = render_to_string(body_template_names, ctx, request=request, using='plain_text')
         html_body = None
         html_body_template_names = [template_name + '_body.html' for template_name in template_names]
+    -

Projet

Général

Profil

Produits Entr'ouvert » Authentic 2

0001-misc-use-non-autoescaping-template-render-for-email-.patch