0001-urls-move-public-view-into-their-own-prefix-12932.patch

Benjamin Dauvergne, 12 janvier 2022 19:39

Voir les différences: en ligne côte à côte

Subject: [PATCH] urls: move public view into their own prefix (#12932)

 src/authentic2/urls.py        | 36 ++++++++++++++++++++++++++++-------
 tests/auth_fc/test_auth_fc.py |  2 +-
 tests/test_api.py             |  2 +-
 tests/test_attribute_kinds.py | 12 ++++++------
 tests/test_auth_oidc.py       |  6 ++----
 tests/test_csv_import.py      |  2 +-
 tests/test_password_reset.py  | 22 ++++++++++-----------
 tests/test_registration.py    | 16 ++++++++--------
 tests/test_utils.py           |  4 ++--
 9 files changed, 61 insertions(+), 41 deletions(-)

             views.registration_completion,
             name='registration_activate',
         ),
         url(r'^register/$', views.RegistrationView.as_view(), name='registration_register'),
         url(r'^register/complete/$', views.registration_complete, name='registration_complete'),
         url(
             r'^register/closed/$',
             TemplateView.as_view(template_name='registration/registration_closed.html'),
             name='registration_disallowed',
         ),
         url(r'^delete/$', login_required(views.AccountDeleteView.as_view()), name='delete_account'),
         url(
             r'validate-deletion/(?P<deletion_token>[\w: -]+)/$',
-...
             dj_auth_views.PasswordChangeDoneView.as_view(),
             name='password_change_done',
         ),
         # permament redirections for views moved to /self/
         url(r'^register/$', RedirectView.as_view(permanent=True, pattern_name='registration_register')),
         url(r'^register/complete/$', RedirectView.as_view(permanent=True, pattern_name='registration_complete')),
         url(r'^register/closed/$', RedirectView.as_view(permanent=True, pattern_name='registration_disallowed')),
         url(
             r'^password/reset/confirm/(?P<token>[A-Za-z0-9_ -]+)/$',
             RedirectView.as_view(permanent=True, pattern_name='password_reset_confirm'),
         ),
         url(r'^password/reset/$', RedirectView.as_view(permanent=True, pattern_name='password_reset')),
         url(
             r'^password/reset/instructions/$',
             RedirectView.as_view(permanent=True, pattern_name='password_reset_instructions'),
         ),
         url(
             r'^password/reset/.*',
             RedirectView.as_view(permanent=True, pattern_name='invalid-password-reset-urls'),
         ),
+    ]
     self_urlpatterns = [
         # Registration
         url(r'^register/$', views.RegistrationView.as_view(), name='registration_register'),
         url(r'^register/complete/$', views.registration_complete, name='registration_complete'),
         url(
             r'^register/closed/$',
             TemplateView.as_view(template_name='registration/registration_closed.html'),
             name='registration_disallowed',
         ),
         # Password reset
         url(
             r'^password/reset/confirm/(?P<token>[A-Za-z0-9_ -]+)/$',
-...
         url(r'^logout/$', views.logout, name='auth_logout'),
         url(r'^su/(?P<uuid>[A-Za-z0-9_-]+)/$', views.su, name='su'),
         url(r'^accounts/', include(accounts_urlpatterns)),
         url(r'^self/', include(self_urlpatterns)),
         url(r'^admin/', admin.site.urls),
         url(r'^idp/', include('authentic2.idp.urls')),
         url(r'^manage/', include('authentic2.manager.urls')),

     def test_registration_page(settings, app, franceconnect, hooks):
         assert User.objects.count() == 0
         assert app.get('/accounts/register/?service=portail&next=/idp/')
         assert app.get('/self/register/?service=portail&next=/idp/')
         franceconnect.login_with_fc_fixed_params(app)
         # a new user has been created

         assert len(mailoutbox) == 1
         mail = mailoutbox[0]
         assert mail.to[0] == email
         assert 'http://testserver/accounts/password/reset/confirm/' in mail.body
         assert 'http://testserver/self/password/reset/confirm/' in mail.body
         assert_event('manager.user.password.reset.request', user=admin, api=True)

+        )
         qs = User.objects.filter(first_name='John')
         response = app.get('/accounts/register/')
         response = app.get('/self/register/')
         form = response.form
         form.set('email', 'john.doe@example.com')
         response = form.submit().follow()
-...
     def test_fr_postcode(db, app, admin, mailoutbox):
         def register_john():
             response = app.get('/accounts/register/')
             response = app.get('/self/register/')
             form = response.form
             form.set('email', 'john.doe@example.com')
             response = form.submit().follow()
-...
         settings.A2_EMAILS_ADDRESS_RATELIMIT = None
         def register_john():
             response = app.get('/accounts/register/')
             response = app.get('/self/register/')
             form = response.form
             form.set('email', 'john.doe@example.com')
             response = form.submit().follow()
-...
         settings.A2_EMAILS_ADDRESS_RATELIMIT = None
         def register_john():
             response = app.get('/accounts/register/')
             response = app.get('/self/register/')
             form = response.form
             form.set('email', 'john.doe@example.com')
             response = form.submit().follow()
-...
     def test_birthdate(db, app, admin, mailoutbox, freezer):
         def register_john():
             response = app.get('/accounts/register/')
             response = app.get('/self/register/')
             form = response.form
             form.set('email', 'john.doe@example.com')
             response = form.submit().follow()
-...
         def john():
             return User.objects.get(first_name='John')
         response = app.get('/accounts/register/')
         response = app.get('/self/register/')
         form = response.form
         form.set('email', 'john.doe@example.com')
         response = form.submit().follow()

         with utils.check_log(caplog, "'error': 'invalid request'"):
             with oidc_provider_mock(oidc_provider, oidc_provider_jwkset, code):
                 response = app.get(
                     login_callback_url(oidc_provider), params={'code': 'yyyy', 'state': state}
                 ).maybe_follow()
                 assert 'Requête invalide' in response
                 response = app.get(login_callback_url(oidc_provider), params={'code': 'yyyy', 'state': state})
                 assert 'Authentication on Server failed with error' in app.cookies['messages']
         with utils.check_log(caplog, 'invalid id_token'):
             with oidc_provider_mock(oidc_provider, oidc_provider_jwkset, code, extra_id_token={'iss': None}):
                 response = app.get(login_callback_url(oidc_provider), params={'code': code, 'state': state})

         assert importer.run()
         thomas = User.objects.get(email='tnoel@entrouvert.com')
         assert len(mail.outbox) == 1
         assert 'http://testserver/accounts/password/reset/confirm/' in mail.outbox[0].body
         assert 'http://testserver/self/password/reset/confirm/' in mail.outbox[0].body
         password = thomas.password
         del mail.outbox[0]

     def test_can_reset_by_username(app, db, simple_user, settings, mailoutbox):
         resp = app.get('/accounts/password/reset/')
         resp = app.get('/self/password/reset/')
         assert 'email_or_username' not in resp.form.fields
         settings.A2_USER_CAN_RESET_PASSWORD_BY_USERNAME = True
         resp = app.get('/accounts/password/reset/')
         resp = app.get('/self/password/reset/')
         assert 'email_or_username' in resp.form.fields
         resp.form.set('email_or_username', simple_user.username)
-...
     def test_can_reset_by_username_with_email(app, db, simple_user, settings, mailoutbox):
         settings.A2_USER_CAN_RESET_PASSWORD_BY_USERNAME = True
         resp = app.get('/accounts/password/reset/')
         resp = app.get('/self/password/reset/')
         resp.form.set('email_or_username', simple_user.email)
         resp = resp.form.submit().follow()
         assert 'An email has been sent to %s' % simple_user.username in resp
-...
     def test_reset_by_email_no_account(app, db, mailoutbox):
         resp = app.get('/accounts/password/reset/')
         resp = app.get('/self/password/reset/')
         resp.form.set('email', 'john.doe@example.com')
         resp = resp.form.submit().follow()
-...
     def test_can_reset_by_username_no_account(app, db, settings, mailoutbox):
         settings.A2_USER_CAN_RESET_PASSWORD_BY_USERNAME = True
         resp = app.get('/accounts/password/reset/')
         resp = app.get('/self/password/reset/')
         resp.form.set('email_or_username', 'john.doe')
         resp = resp.form.submit().follow()
         assert 'An email has been sent to john.doe' in resp
-...
     def test_can_reset_by_username_no_account_email(app, db, settings, mailoutbox):
         settings.A2_USER_CAN_RESET_PASSWORD_BY_USERNAME = True
         resp = app.get('/accounts/password/reset/')
         resp = app.get('/self/password/reset/')
         resp.form.set('email_or_username', 'john.doe@example.com')
         resp = resp.form.submit().follow()
         assert 'An email has been sent to john.doe' in resp
-...
     def test_old_url_redirect(app):
         response = app.get('/accounts/password/reset/whatever')
         assert response.location == '/accounts/password/reset/'
         response = app.get('/self/password/reset/whatever')
         assert response.location == '/self/password/reset/'
         response = response.follow()
         assert 'please reset your password again' in response
-...
         for body in (mail.body, mail.alternatives[0][0]):
             assert 'no account was found associated with this address' in body
             if settings.REGISTRATION_OPEN:
                 assert 'http://testserver/accounts/register/' in body
                 assert 'http://testserver/self/register/' in body
             else:
                 assert 'http://testserver/accounts/register/' not in body
                 assert 'http://testserver/self/register/' not in body
     def test_send_password_reset_email_disabled_account(app, simple_user, mailoutbox):
-...
     def test_email_validation(app, db):
         resp = app.get('/accounts/password/reset/')
         resp = app.get('/self/password/reset/')
         resp.form.set('email', 'coin@')
         resp = resp.form.submit()
         assert 'Enter a valid email address.' in resp

     def test_registration_email_blacklist(app, settings, db):
         def test_register(email):
             response = app.get('/accounts/register/')
             response = app.get('/self/register/')
             assert 'email' in response.form.fields
             response.form.set('email', email)
             response = response.form.submit()
-...
         models.Attribute.objects.filter(name='first_name').update(required=False)
         activation_url = utils_misc.build_activation_url(
             rf.post('/accounts/register/'),
             rf.post('/self/register/'),
             email='john.doe@example.com',
             next_url='/',
             first_name='John',
-...
         response = app.get(activation_url, status=302)
         activation_url = utils_misc.build_activation_url(
             rf.post('/accounts/register/'),
             rf.post('/self/register/'),
             email='john.doe@example.com',
             next_url='/',
             last_name='Doe',
-...
         assert set(response.context['form'].fields.keys()) == {'first_name', 'last_name'}
         activation_url = utils_misc.build_activation_url(
             rf.post('/accounts/register/'),
             rf.post('/self/register/'),
             email='john.doe@example.com',
             next_url='/',
             last_name='Doe',
-...
     def test_authentication_method(app, db, rf, hooks):
         activation_url = utils_misc.build_activation_url(
             rf.post('/accounts/register/'),
             rf.post('/self/register/'),
             email='john.doe@example.com',
             next_url='/',
             first_name='John',
-...
         assert hooks.calls['event'][-1]['kwargs']['how'] == 'email'
         activation_url = utils_misc.build_activation_url(
             rf.post('/accounts/register/'),
             rf.post('/self/register/'),
             email='jane.doe@example.com',
             next_url='/',
             first_name='Jane',
-...
             'authentication_method': 'france-connect',
+        }
         activation_url = utils_misc.build_activation_url(rf.post('/accounts/register/'), next_url='/', **data)
         activation_url = utils_misc.build_activation_url(rf.post('/self/register/'), next_url='/', **data)
         response = app.get(activation_url)
         response.form.set('first_name', data['first_name'])
-...
             'authentication_method': 'france-connect',
+        }
         activation_url = utils_misc.build_activation_url(rf.post('/accounts/register/'), next_url='/', **data)
         activation_url = utils_misc.build_activation_url(rf.post('/self/register/'), next_url='/', **data)
         response = app.get(activation_url)
         response.form.set('first_name', data['first_name'])

     def test_select_next_url(db, rf, settings):
         request = rf.get('/accounts/register/', data={'next': '/admin/'})
         request = rf.get('/self/register/', data={'next': '/admin/'})
         assert select_next_url(request, '/') == '/admin/'
         request = rf.get('/accounts/register/', data={'next': 'http://example.com/'})
         request = rf.get('/self/register/', data={'next': 'http://example.com/'})
         assert select_next_url(request, '/') == '/'
         settings.A2_REDIRECT_WHITELIST = ['//example.com/']
         assert select_next_url(request, '/') == 'http://example.com/'
+    -

Projet

Général

Profil

Produits Entr'ouvert » Authentic 2

0001-urls-move-public-view-into-their-own-prefix-12932.patch