0001-urls-move-public-view-into-their-own-prefix-12932.patch
src/authentic2/urls.py | ||
---|---|---|
44 | 44 |
views.registration_completion, |
45 | 45 |
name='registration_activate', |
46 | 46 |
), |
47 |
url(r'^register/$', views.RegistrationView.as_view(), name='registration_register'), |
|
48 |
url(r'^register/complete/$', views.registration_complete, name='registration_complete'), |
|
49 |
url( |
|
50 |
r'^register/closed/$', |
|
51 |
TemplateView.as_view(template_name='registration/registration_closed.html'), |
|
52 |
name='registration_disallowed', |
|
53 |
), |
|
54 | 47 |
url(r'^delete/$', login_required(views.AccountDeleteView.as_view()), name='delete_account'), |
55 | 48 |
url( |
56 | 49 |
r'validate-deletion/(?P<deletion_token>[\w: -]+)/$', |
... | ... | |
81 | 74 |
dj_auth_views.PasswordChangeDoneView.as_view(), |
82 | 75 |
name='password_change_done', |
83 | 76 |
), |
77 |
# permament redirections for views moved to /self/ |
|
78 |
url(r'^register/$', RedirectView.as_view(permanent=True, pattern_name='registration_register')), |
|
79 |
url(r'^register/complete/$', RedirectView.as_view(permanent=True, pattern_name='registration_complete')), |
|
80 |
url(r'^register/closed/$', RedirectView.as_view(permanent=True, pattern_name='registration_disallowed')), |
|
81 |
url( |
|
82 |
r'^password/reset/confirm/(?P<token>[A-Za-z0-9_ -]+)/$', |
|
83 |
RedirectView.as_view(permanent=True, pattern_name='password_reset_confirm'), |
|
84 |
), |
|
85 |
url(r'^password/reset/$', RedirectView.as_view(permanent=True, pattern_name='password_reset')), |
|
86 |
url( |
|
87 |
r'^password/reset/instructions/$', |
|
88 |
RedirectView.as_view(permanent=True, pattern_name='password_reset_instructions'), |
|
89 |
), |
|
90 |
url( |
|
91 |
r'^password/reset/.*', |
|
92 |
RedirectView.as_view(permanent=True, pattern_name='invalid-password-reset-urls'), |
|
93 |
), |
|
94 |
] |
|
95 | ||
96 |
self_urlpatterns = [ |
|
97 |
# Registration |
|
98 |
url(r'^register/$', views.RegistrationView.as_view(), name='registration_register'), |
|
99 |
url(r'^register/complete/$', views.registration_complete, name='registration_complete'), |
|
100 |
url( |
|
101 |
r'^register/closed/$', |
|
102 |
TemplateView.as_view(template_name='registration/registration_closed.html'), |
|
103 |
name='registration_disallowed', |
|
104 |
), |
|
84 | 105 |
# Password reset |
85 | 106 |
url( |
86 | 107 |
r'^password/reset/confirm/(?P<token>[A-Za-z0-9_ -]+)/$', |
... | ... | |
111 | 132 |
url(r'^logout/$', views.logout, name='auth_logout'), |
112 | 133 |
url(r'^su/(?P<uuid>[A-Za-z0-9_-]+)/$', views.su, name='su'), |
113 | 134 |
url(r'^accounts/', include(accounts_urlpatterns)), |
135 |
url(r'^self/', include(self_urlpatterns)), |
|
114 | 136 |
url(r'^admin/', admin.site.urls), |
115 | 137 |
url(r'^idp/', include('authentic2.idp.urls')), |
116 | 138 |
url(r'^manage/', include('authentic2.manager.urls')), |
tests/auth_fc/test_auth_fc.py | ||
---|---|---|
546 | 546 | |
547 | 547 |
def test_registration_page(settings, app, franceconnect, hooks): |
548 | 548 |
assert User.objects.count() == 0 |
549 |
assert app.get('/accounts/register/?service=portail&next=/idp/')
|
|
549 |
assert app.get('/self/register/?service=portail&next=/idp/')
|
|
550 | 550 |
franceconnect.login_with_fc_fixed_params(app) |
551 | 551 | |
552 | 552 |
# a new user has been created |
tests/test_api.py | ||
---|---|---|
1290 | 1290 |
assert len(mailoutbox) == 1 |
1291 | 1291 |
mail = mailoutbox[0] |
1292 | 1292 |
assert mail.to[0] == email |
1293 |
assert 'http://testserver/accounts/password/reset/confirm/' in mail.body
|
|
1293 |
assert 'http://testserver/self/password/reset/confirm/' in mail.body
|
|
1294 | 1294 |
assert_event('manager.user.password.reset.request', user=admin, api=True) |
1295 | 1295 | |
1296 | 1296 |
tests/test_attribute_kinds.py | ||
---|---|---|
34 | 34 |
) |
35 | 35 |
qs = User.objects.filter(first_name='John') |
36 | 36 | |
37 |
response = app.get('/accounts/register/')
|
|
37 |
response = app.get('/self/register/')
|
|
38 | 38 |
form = response.form |
39 | 39 |
form.set('email', 'john.doe@example.com') |
40 | 40 |
response = form.submit().follow() |
... | ... | |
80 | 80 | |
81 | 81 |
def test_fr_postcode(db, app, admin, mailoutbox): |
82 | 82 |
def register_john(): |
83 |
response = app.get('/accounts/register/')
|
|
83 |
response = app.get('/self/register/')
|
|
84 | 84 |
form = response.form |
85 | 85 |
form.set('email', 'john.doe@example.com') |
86 | 86 |
response = form.submit().follow() |
... | ... | |
191 | 191 |
settings.A2_EMAILS_ADDRESS_RATELIMIT = None |
192 | 192 | |
193 | 193 |
def register_john(): |
194 |
response = app.get('/accounts/register/')
|
|
194 |
response = app.get('/self/register/')
|
|
195 | 195 |
form = response.form |
196 | 196 |
form.set('email', 'john.doe@example.com') |
197 | 197 |
response = form.submit().follow() |
... | ... | |
271 | 271 |
settings.A2_EMAILS_ADDRESS_RATELIMIT = None |
272 | 272 | |
273 | 273 |
def register_john(): |
274 |
response = app.get('/accounts/register/')
|
|
274 |
response = app.get('/self/register/')
|
|
275 | 275 |
form = response.form |
276 | 276 |
form.set('email', 'john.doe@example.com') |
277 | 277 |
response = form.submit().follow() |
... | ... | |
402 | 402 | |
403 | 403 |
def test_birthdate(db, app, admin, mailoutbox, freezer): |
404 | 404 |
def register_john(): |
405 |
response = app.get('/accounts/register/')
|
|
405 |
response = app.get('/self/register/')
|
|
406 | 406 |
form = response.form |
407 | 407 |
form.set('email', 'john.doe@example.com') |
408 | 408 |
response = form.submit().follow() |
... | ... | |
508 | 508 |
def john(): |
509 | 509 |
return User.objects.get(first_name='John') |
510 | 510 | |
511 |
response = app.get('/accounts/register/')
|
|
511 |
response = app.get('/self/register/')
|
|
512 | 512 |
form = response.form |
513 | 513 |
form.set('email', 'john.doe@example.com') |
514 | 514 |
response = form.submit().follow() |
tests/test_auth_oidc.py | ||
---|---|---|
485 | 485 | |
486 | 486 |
with utils.check_log(caplog, "'error': 'invalid request'"): |
487 | 487 |
with oidc_provider_mock(oidc_provider, oidc_provider_jwkset, code): |
488 |
response = app.get( |
|
489 |
login_callback_url(oidc_provider), params={'code': 'yyyy', 'state': state} |
|
490 |
).maybe_follow() |
|
491 |
assert 'Requête invalide' in response |
|
488 |
response = app.get(login_callback_url(oidc_provider), params={'code': 'yyyy', 'state': state}) |
|
489 |
assert 'Authentication on Server failed with error' in app.cookies['messages'] |
|
492 | 490 |
with utils.check_log(caplog, 'invalid id_token'): |
493 | 491 |
with oidc_provider_mock(oidc_provider, oidc_provider_jwkset, code, extra_id_token={'iss': None}): |
494 | 492 |
response = app.get(login_callback_url(oidc_provider), params={'code': code, 'state': state}) |
tests/test_csv_import.py | ||
---|---|---|
559 | 559 |
assert importer.run() |
560 | 560 |
thomas = User.objects.get(email='tnoel@entrouvert.com') |
561 | 561 |
assert len(mail.outbox) == 1 |
562 |
assert 'http://testserver/accounts/password/reset/confirm/' in mail.outbox[0].body
|
|
562 |
assert 'http://testserver/self/password/reset/confirm/' in mail.outbox[0].body
|
|
563 | 563 | |
564 | 564 |
password = thomas.password |
565 | 565 |
del mail.outbox[0] |
tests/test_password_reset.py | ||
---|---|---|
69 | 69 | |
70 | 70 | |
71 | 71 |
def test_can_reset_by_username(app, db, simple_user, settings, mailoutbox): |
72 |
resp = app.get('/accounts/password/reset/')
|
|
72 |
resp = app.get('/self/password/reset/')
|
|
73 | 73 |
assert 'email_or_username' not in resp.form.fields |
74 | 74 |
settings.A2_USER_CAN_RESET_PASSWORD_BY_USERNAME = True |
75 |
resp = app.get('/accounts/password/reset/')
|
|
75 |
resp = app.get('/self/password/reset/')
|
|
76 | 76 |
assert 'email_or_username' in resp.form.fields |
77 | 77 | |
78 | 78 |
resp.form.set('email_or_username', simple_user.username) |
... | ... | |
94 | 94 | |
95 | 95 |
def test_can_reset_by_username_with_email(app, db, simple_user, settings, mailoutbox): |
96 | 96 |
settings.A2_USER_CAN_RESET_PASSWORD_BY_USERNAME = True |
97 |
resp = app.get('/accounts/password/reset/')
|
|
97 |
resp = app.get('/self/password/reset/')
|
|
98 | 98 |
resp.form.set('email_or_username', simple_user.email) |
99 | 99 |
resp = resp.form.submit().follow() |
100 | 100 |
assert 'An email has been sent to %s' % simple_user.username in resp |
... | ... | |
102 | 102 | |
103 | 103 | |
104 | 104 |
def test_reset_by_email_no_account(app, db, mailoutbox): |
105 |
resp = app.get('/accounts/password/reset/')
|
|
105 |
resp = app.get('/self/password/reset/')
|
|
106 | 106 |
resp.form.set('email', 'john.doe@example.com') |
107 | 107 |
resp = resp.form.submit().follow() |
108 | 108 | |
... | ... | |
114 | 114 |
def test_can_reset_by_username_no_account(app, db, settings, mailoutbox): |
115 | 115 |
settings.A2_USER_CAN_RESET_PASSWORD_BY_USERNAME = True |
116 | 116 | |
117 |
resp = app.get('/accounts/password/reset/')
|
|
117 |
resp = app.get('/self/password/reset/')
|
|
118 | 118 |
resp.form.set('email_or_username', 'john.doe') |
119 | 119 |
resp = resp.form.submit().follow() |
120 | 120 |
assert 'An email has been sent to john.doe' in resp |
... | ... | |
124 | 124 |
def test_can_reset_by_username_no_account_email(app, db, settings, mailoutbox): |
125 | 125 |
settings.A2_USER_CAN_RESET_PASSWORD_BY_USERNAME = True |
126 | 126 | |
127 |
resp = app.get('/accounts/password/reset/')
|
|
127 |
resp = app.get('/self/password/reset/')
|
|
128 | 128 |
resp.form.set('email_or_username', 'john.doe@example.com') |
129 | 129 |
resp = resp.form.submit().follow() |
130 | 130 |
assert 'An email has been sent to john.doe' in resp |
... | ... | |
143 | 143 | |
144 | 144 | |
145 | 145 |
def test_old_url_redirect(app): |
146 |
response = app.get('/accounts/password/reset/whatever')
|
|
147 |
assert response.location == '/accounts/password/reset/'
|
|
146 |
response = app.get('/self/password/reset/whatever')
|
|
147 |
assert response.location == '/self/password/reset/'
|
|
148 | 148 |
response = response.follow() |
149 | 149 |
assert 'please reset your password again' in response |
150 | 150 | |
... | ... | |
165 | 165 |
for body in (mail.body, mail.alternatives[0][0]): |
166 | 166 |
assert 'no account was found associated with this address' in body |
167 | 167 |
if settings.REGISTRATION_OPEN: |
168 |
assert 'http://testserver/accounts/register/' in body
|
|
168 |
assert 'http://testserver/self/register/' in body
|
|
169 | 169 |
else: |
170 |
assert 'http://testserver/accounts/register/' not in body
|
|
170 |
assert 'http://testserver/self/register/' not in body
|
|
171 | 171 | |
172 | 172 | |
173 | 173 |
def test_send_password_reset_email_disabled_account(app, simple_user, mailoutbox): |
... | ... | |
185 | 185 | |
186 | 186 | |
187 | 187 |
def test_email_validation(app, db): |
188 |
resp = app.get('/accounts/password/reset/')
|
|
188 |
resp = app.get('/self/password/reset/')
|
|
189 | 189 |
resp.form.set('email', 'coin@') |
190 | 190 |
resp = resp.form.submit() |
191 | 191 |
assert 'Enter a valid email address.' in resp |
tests/test_registration.py | ||
---|---|---|
393 | 393 | |
394 | 394 |
def test_registration_email_blacklist(app, settings, db): |
395 | 395 |
def test_register(email): |
396 |
response = app.get('/accounts/register/')
|
|
396 |
response = app.get('/self/register/')
|
|
397 | 397 |
assert 'email' in response.form.fields |
398 | 398 |
response.form.set('email', email) |
399 | 399 |
response = response.form.submit() |
... | ... | |
427 | 427 |
models.Attribute.objects.filter(name='first_name').update(required=False) |
428 | 428 | |
429 | 429 |
activation_url = utils_misc.build_activation_url( |
430 |
rf.post('/accounts/register/'),
|
|
430 |
rf.post('/self/register/'),
|
|
431 | 431 |
email='john.doe@example.com', |
432 | 432 |
next_url='/', |
433 | 433 |
first_name='John', |
... | ... | |
439 | 439 |
response = app.get(activation_url, status=302) |
440 | 440 | |
441 | 441 |
activation_url = utils_misc.build_activation_url( |
442 |
rf.post('/accounts/register/'),
|
|
442 |
rf.post('/self/register/'),
|
|
443 | 443 |
email='john.doe@example.com', |
444 | 444 |
next_url='/', |
445 | 445 |
last_name='Doe', |
... | ... | |
452 | 452 |
assert set(response.context['form'].fields.keys()) == {'first_name', 'last_name'} |
453 | 453 | |
454 | 454 |
activation_url = utils_misc.build_activation_url( |
455 |
rf.post('/accounts/register/'),
|
|
455 |
rf.post('/self/register/'),
|
|
456 | 456 |
email='john.doe@example.com', |
457 | 457 |
next_url='/', |
458 | 458 |
last_name='Doe', |
... | ... | |
630 | 630 | |
631 | 631 |
def test_authentication_method(app, db, rf, hooks): |
632 | 632 |
activation_url = utils_misc.build_activation_url( |
633 |
rf.post('/accounts/register/'),
|
|
633 |
rf.post('/self/register/'),
|
|
634 | 634 |
email='john.doe@example.com', |
635 | 635 |
next_url='/', |
636 | 636 |
first_name='John', |
... | ... | |
647 | 647 |
assert hooks.calls['event'][-1]['kwargs']['how'] == 'email' |
648 | 648 | |
649 | 649 |
activation_url = utils_misc.build_activation_url( |
650 |
rf.post('/accounts/register/'),
|
|
650 |
rf.post('/self/register/'),
|
|
651 | 651 |
email='jane.doe@example.com', |
652 | 652 |
next_url='/', |
653 | 653 |
first_name='Jane', |
... | ... | |
691 | 691 |
'authentication_method': 'france-connect', |
692 | 692 |
} |
693 | 693 | |
694 |
activation_url = utils_misc.build_activation_url(rf.post('/accounts/register/'), next_url='/', **data)
|
|
694 |
activation_url = utils_misc.build_activation_url(rf.post('/self/register/'), next_url='/', **data)
|
|
695 | 695 | |
696 | 696 |
response = app.get(activation_url) |
697 | 697 |
response.form.set('first_name', data['first_name']) |
... | ... | |
778 | 778 |
'authentication_method': 'france-connect', |
779 | 779 |
} |
780 | 780 | |
781 |
activation_url = utils_misc.build_activation_url(rf.post('/accounts/register/'), next_url='/', **data)
|
|
781 |
activation_url = utils_misc.build_activation_url(rf.post('/self/register/'), next_url='/', **data)
|
|
782 | 782 | |
783 | 783 |
response = app.get(activation_url) |
784 | 784 |
response.form.set('first_name', data['first_name']) |
tests/test_utils.py | ||
---|---|---|
77 | 77 | |
78 | 78 | |
79 | 79 |
def test_select_next_url(db, rf, settings): |
80 |
request = rf.get('/accounts/register/', data={'next': '/admin/'})
|
|
80 |
request = rf.get('/self/register/', data={'next': '/admin/'})
|
|
81 | 81 |
assert select_next_url(request, '/') == '/admin/' |
82 |
request = rf.get('/accounts/register/', data={'next': 'http://example.com/'})
|
|
82 |
request = rf.get('/self/register/', data={'next': 'http://example.com/'})
|
|
83 | 83 |
assert select_next_url(request, '/') == '/' |
84 | 84 |
settings.A2_REDIRECT_WHITELIST = ['//example.com/'] |
85 | 85 |
assert select_next_url(request, '/') == 'http://example.com/' |
tests/test_views.py | ||
---|---|---|
270 | 270 |
settings.A2_LOGIN_DISPLAY_A_CANCEL_BUTTON = True |
271 | 271 |
response = app.get(reverse('auth_login'), params={'next': '/foo/', 'nonce': 'xxx'}) |
272 | 272 |
assert response.html.find('button', {'class': 'cancel-button'}) |
273 | ||
274 | ||
275 |
def test_redirect_views(app): |
|
276 |
assert app.get('/accounts/register/').location == '/self/register/' |
|
277 |
assert ( |
|
278 |
app.get('/accounts/password/reset/confirm/abcd1234/').location |
|
279 |
== '/self/password/reset/confirm/abcd1234/' |
|
280 |
) |
|
273 |
- |