0001-utils-remove-global-recording-of-password-resets-536.patch
src/authentic2/forms/passwords.py | ||
---|---|---|
23 | 23 |
from django.forms import Form |
24 | 24 |
from django.utils.translation import ugettext_lazy as _ |
25 | 25 | |
26 |
from authentic2.journal import journal |
|
27 | ||
26 | 28 |
from .. import app_settings, hooks, models, utils, validators |
27 | 29 |
from ..backends import get_user_queryset |
28 | 30 |
from .fields import CheckPasswordField, NewPasswordField, PasswordField, ValidatedEmailField |
... | ... | |
79 | 81 |
utils.send_password_reset_mail( |
80 | 82 |
user, set_random_password=set_random_password, next_url=self.cleaned_data.get('next_url') |
81 | 83 |
) |
84 |
journal.record('user.password.reset.request', email=user.email, user=user) |
|
82 | 85 |
for user in self.users.filter(is_active=False): |
83 | 86 |
logger.info('password reset failed for user "%r": account is disabled', user) |
84 | 87 |
utils.send_templated_mail(user, ['authentic2/password_reset_refused']) |
src/authentic2/utils/__init__.py | ||
---|---|---|
903 | 903 |
sign_next_url=True, |
904 | 904 |
**kwargs, |
905 | 905 |
): |
906 |
from authentic2.journal import journal |
|
907 | ||
908 | 906 |
from .. import middleware |
909 | 907 | |
910 | 908 |
if not user.email: |
... | ... | |
948 | 946 |
logger.info( |
949 | 947 |
'password reset request for user %s, email sent to %s ' 'with token %s', user, user.email, token.uuid |
950 | 948 |
) |
951 |
journal.record('user.password.reset.request', email=user.email, user=user) |
|
952 | 949 | |
953 | 950 | |
954 | 951 |
def batch(iterable, size): |
tests/test_manager.py | ||
---|---|---|
30 | 30 | |
31 | 31 |
from authentic2.a2_rbac.models import MANAGE_MEMBERS_OP |
32 | 32 |
from authentic2.a2_rbac.utils import get_default_ou |
33 |
from authentic2.apps.journal.models import Event |
|
33 | 34 |
from authentic2.validators import EmailValidator |
34 | 35 |
from django_rbac.models import VIEW_OP |
35 | 36 |
from django_rbac.utils import get_operation, get_ou_model, get_permission_model, get_role_model |
36 | 37 | |
37 |
from .utils import get_link_from_mail, login, request_select2 |
|
38 |
from .utils import assert_event, get_link_from_mail, login, request_select2
|
|
38 | 39 | |
39 | 40 |
pytestmark = pytest.mark.django_db |
40 | 41 | |
... | ... | |
131 | 132 |
resp = resp.forms['object-actions'].submit('password_reset') |
132 | 133 |
assert 'A mail was sent to' in resp |
133 | 134 |
assert len(mail.outbox) == 1 |
135 |
assert_event('manager.user.password.reset.request', user=superuser, session=app.session) |
|
136 |
assert not Event.objects.filter(type__name='user.password.reset.request').exists() |
|
137 | ||
134 | 138 |
url = get_link_from_mail(mail.outbox[0]) |
135 | 139 |
relative_url = url.split('testserver')[1] |
136 | 140 |
resp = app.get('/logout/').maybe_follow() |
tests/test_password_reset.py | ||
---|---|---|
31 | 31 |
legacy_body_templates=['registration/password_reset_email.html'], |
32 | 32 |
) |
33 | 33 |
assert len(mailoutbox) == 1 |
34 |
utils.assert_event('user.password.reset.request', user=simple_user, email=simple_user.email) |
|
35 | 34 |
url = utils.get_link_from_mail(mailoutbox[0]) |
36 | 35 |
relative_url = url.split('testserver')[1] |
37 | 36 |
resp = app.get(relative_url, status=200) |
38 |
- |