From 1b9cec231895d9519948be741767d7eac3711477 Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne
Date: Tue, 7 Nov 2017 17:33:37 +0100
Subject: [PATCH] always unlink from all FC accounts (fixes #19947)
---
.../locale/fr/LC_MESSAGES/django.po | 62 +++++++++++-----------
.../templates/authentic2_auth_fc/linking.html | 4 +-
.../templates/authentic2_auth_fc/unlink.html | 7 ++-
src/authentic2_auth_fc/urls.py | 2 +-
src/authentic2_auth_fc/views.py | 33 +++++-------
tests/test_auth_fc.py | 11 ++++
6 files changed, 58 insertions(+), 61 deletions(-)
diff --git a/src/authentic2_auth_fc/locale/fr/LC_MESSAGES/django.po b/src/authentic2_auth_fc/locale/fr/LC_MESSAGES/django.po
index e2e9073..5a7aec6 100644
--- a/src/authentic2_auth_fc/locale/fr/LC_MESSAGES/django.po
+++ b/src/authentic2_auth_fc/locale/fr/LC_MESSAGES/django.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: authentic2-auth-fc 1.0\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2017-01-30 22:51+0100\n"
+"POT-Creation-Date: 2017-11-07 17:32+0100\n"
"PO-Revision-Date: 2016-09-14 09:35+0200\n"
"Last-Translator: Benjamin Dauvergne \n"
"Language-Team: french \n"
@@ -21,15 +21,15 @@ msgstr ""
msgid "FranceConnect"
msgstr "FranceConnect"
-#: authentic2_auth_fc/models.py:25
+#: authentic2_auth_fc/models.py:69
msgid "user"
msgstr "utilisateur"
-#: authentic2_auth_fc/models.py:28
+#: authentic2_auth_fc/models.py:72
msgid "sub"
msgstr "sub"
-#: authentic2_auth_fc/models.py:30 authentic2_auth_fc/models.py:31
+#: authentic2_auth_fc/models.py:74 authentic2_auth_fc/models.py:75
msgid "access token"
msgstr "jeton d'accès"
@@ -43,7 +43,7 @@ msgid "Create your account with FranceConnect"
msgstr "Créez votre compte avec FranceConnect"
#: authentic2_auth_fc/templates/authentic2_auth_fc/connecting.html:18
-#: authentic2_auth_fc/templates/authentic2_auth_fc/linking.html:29
+#: authentic2_auth_fc/templates/authentic2_auth_fc/linking.html:27
msgid "What is FranceConnect?"
msgstr "Qu'est-ce que FranceConnect ?"
@@ -64,32 +64,30 @@ msgstr ""
msgid "Linked FranceConnect accounts"
msgstr "Comptes FranceConnect associés"
-#: authentic2_auth_fc/templates/authentic2_auth_fc/linking.html:15
+#: authentic2_auth_fc/templates/authentic2_auth_fc/linking.html:14
msgid "Delete link"
msgstr "Supprimer la liaison"
-#: authentic2_auth_fc/templates/authentic2_auth_fc/linking.html:22
+#: authentic2_auth_fc/templates/authentic2_auth_fc/linking.html:20
msgid "Link with a FranceConnect account"
msgstr "Se lier avec un compte FranceConnect"
#: authentic2_auth_fc/templates/authentic2_auth_fc/unlink.html:7
-#, python-format
msgid ""
"\n"
" You're about to delete the link between your user account and your "
-"FranceConnect account :\n"
-" %(fc_account)s.\n"
+"FranceConnect account.\n"
" "
msgstr ""
"\n"
"Vous êtes sur le point de supprimer la liaison entre votre compte usager et "
-"votre compte FranceConnect : %(fc_account)s."
+"votre compte FranceConnect."
-#: authentic2_auth_fc/templates/authentic2_auth_fc/unlink.html:13
+#: authentic2_auth_fc/templates/authentic2_auth_fc/unlink.html:12
msgid ""
"\n"
-" Delete this link won't delete those accounts. However, once all the "
-"links with FranceConnect\n"
+" Deleting this link won't delete those accounts. However, once all "
+"the links with FranceConnect\n"
" are deleted, it's no more possible to use the FranceConnect to "
"automatically login to your\n"
" user account. It is still possible to link those accounts once again "
@@ -104,11 +102,11 @@ msgstr ""
"utilisant FranceConnect. Il sera toujours possible de lier à nouveau ces "
"comptes en utilisant le bouton FranceConnect sur la page de connexion."
-#: authentic2_auth_fc/templates/authentic2_auth_fc/unlink.html:22
+#: authentic2_auth_fc/templates/authentic2_auth_fc/unlink.html:21
msgid ""
"\n"
-" Your user account has no password and remove this link may make this "
-"account inaccessible.\n"
+" Your user account has no password and removing this link may make "
+"this account inaccessible.\n"
" To avoid this situation, please provide a password.\n"
" "
msgstr ""
@@ -117,51 +115,51 @@ msgstr ""
"rendre votre compte usager inaccessible. Pour éviter cela, merci de fournir "
"un mot de passe."
-#: authentic2_auth_fc/templates/authentic2_auth_fc/unlink.html:31
+#: authentic2_auth_fc/templates/authentic2_auth_fc/unlink.html:30
msgid "Unlink"
msgstr "Délier"
-#: authentic2_auth_fc/templates/authentic2_auth_fc/unlink.html:32
+#: authentic2_auth_fc/templates/authentic2_auth_fc/unlink.html:31
msgid "Cancel"
msgstr "Annuler"
-#: authentic2_auth_fc/views.py:211
+#: authentic2_auth_fc/views.py:231
msgid "You refused the connection."
msgstr "Vous avez refusé la connexion."
-#: authentic2_auth_fc/views.py:223 authentic2_auth_fc/views.py:232
-#: authentic2_auth_fc/views.py:245
+#: authentic2_auth_fc/views.py:243 authentic2_auth_fc/views.py:252
+#: authentic2_auth_fc/views.py:261 authentic2_auth_fc/views.py:268
+#: authentic2_auth_fc/views.py:279
msgid "Unable to connect to FranceConnect."
msgstr "Impossible de se connecter à FranceConnect."
-#: authentic2_auth_fc/views.py:300
+#: authentic2_auth_fc/views.py:335
msgid "The FranceConnect account {} is already linked with another account."
msgstr "Le compte FranceConnect {} est déjà associé à un autre compte."
-#: authentic2_auth_fc/views.py:317
+#: authentic2_auth_fc/views.py:353
msgid "Your FranceConnect account {} with email {} has been linked."
msgstr "Votre compte FranceConnect {} avec le courriel {} a été associé."
-#: authentic2_auth_fc/views.py:320
+#: authentic2_auth_fc/views.py:357
msgid "Your FranceConnect account {} has been linked."
msgstr "Votre compte FranceConnect {} a été associé."
-#: authentic2_auth_fc/views.py:326
+#: authentic2_auth_fc/views.py:363
msgid "Your local account has been updated."
msgstr "Votre compte local a été mis à jour."
-#: authentic2_auth_fc/views.py:341
+#: authentic2_auth_fc/views.py:399
msgid ""
"If you already have an account, please log in, else create your account."
msgstr ""
"Si vous avez déjà un compte saisissez vos identifiants sinon créez votre "
"compte."
-#: authentic2_auth_fc/views.py:359
+#: authentic2_auth_fc/views.py:429
msgid "FranceConnect didn't provide your email address, please do."
msgstr "FranceConnect n'a pas fourni votre adresse email, merci de le faire."
-#: authentic2_auth_fc/views.py:420
-#, python-brace-format
-msgid "The link with the FranceConnect account {fc_account} has been deleted."
-msgstr "La liaison avec le compte FranceConnect {fc_account} a été supprimée"
+#: authentic2_auth_fc/views.py:478
+msgid "The link with the FranceConnect account has been deleted."
+msgstr "La liaison avec le compte FranceConnect a été supprimée."
diff --git a/src/authentic2_auth_fc/templates/authentic2_auth_fc/linking.html b/src/authentic2_auth_fc/templates/authentic2_auth_fc/linking.html
index ea473c8..ca02693 100644
--- a/src/authentic2_auth_fc/templates/authentic2_auth_fc/linking.html
+++ b/src/authentic2_auth_fc/templates/authentic2_auth_fc/linking.html
@@ -11,9 +11,7 @@
{% trans "Linked FranceConnect accounts" %}
{% else %}
diff --git a/src/authentic2_auth_fc/templates/authentic2_auth_fc/unlink.html b/src/authentic2_auth_fc/templates/authentic2_auth_fc/unlink.html
index d9c819b..58406b7 100644
--- a/src/authentic2_auth_fc/templates/authentic2_auth_fc/unlink.html
+++ b/src/authentic2_auth_fc/templates/authentic2_auth_fc/unlink.html
@@ -5,13 +5,12 @@
{% block content %}
{% blocktrans %}
- You're about to delete the link between your user account and your FranceConnect account :
- {{ fc_account }}.
+ You're about to delete the link between your user account and your FranceConnect account.
{% endblocktrans %}
{% blocktrans %}
- Delete this link won't delete those accounts. However, once all the links with FranceConnect
+ Deleting this link won't delete those accounts. However, once all the links with FranceConnect
are deleted, it's no more possible to use the FranceConnect to automatically login to your
user account. It is still possible to link those accounts once again by using the
button FranceConnect on the login page.
@@ -20,7 +19,7 @@
{% if no_password %}
{% blocktrans %}
- Your user account has no password and remove this link may make this account inaccessible.
+ Your user account has no password and removing this link may make this account inaccessible.
To avoid this situation, please provide a password.
{% endblocktrans %}
diff --git a/src/authentic2_auth_fc/urls.py b/src/authentic2_auth_fc/urls.py
index a5af028..bbfb6ae 100644
--- a/src/authentic2_auth_fc/urls.py
+++ b/src/authentic2_auth_fc/urls.py
@@ -10,5 +10,5 @@ fcpatterns = patterns('',
urlpatterns = patterns('',
url(r'^fc/', include(fcpatterns)),
url(r'^accounts/fc/register/$', views.registration, name='fc-registration'),
- url(r'^accounts/fc/unlink/(?P\d+)/$', views.unlink, name='fc-unlink'),
+ url(r'^accounts/fc/unlink/$', views.unlink, name='fc-unlink'),
)
diff --git a/src/authentic2_auth_fc/views.py b/src/authentic2_auth_fc/views.py
index 7163314..ab45779 100644
--- a/src/authentic2_auth_fc/views.py
+++ b/src/authentic2_auth_fc/views.py
@@ -437,8 +437,7 @@ class RegistrationView(LoggerMixin, View):
return HttpResponseRedirect(activation_url)
-class UnlinkView(LoggerMixin, SingleObjectMixin, FormView):
- model = models.FcAccount
+class UnlinkView(LoggerMixin, FormView):
template_name = 'authentic2_auth_fc/unlink.html'
def get_success_url(self):
@@ -449,14 +448,14 @@ class UnlinkView(LoggerMixin, SingleObjectMixin, FormView):
def get_form_class(self):
form_class = Form
- if not self.fc_account.user.has_usable_password():
+ if not self.request.user.has_usable_password():
form_class = SET_PASSWORD_FORM_CLASS
return form_class
def get_form_kwargs(self, **kwargs):
kwargs = super(UnlinkView, self).get_form_kwargs(**kwargs)
- if not self.fc_account.user.has_usable_password():
- kwargs['user'] = self.fc_account.user
+ if not self.request.user.has_usable_password():
+ kwargs['user'] = self.request.user
return kwargs
def dispatch(self, request, *args, **kwargs):
@@ -467,30 +466,22 @@ class UnlinkView(LoggerMixin, SingleObjectMixin, FormView):
a2_app_settings.A2_REGISTRATION_CAN_CHANGE_PASSWORD:
# Prevent access to the view.
raise Http404
- self.fc_account = self.object = self.get_object()
- self.check_access(self.fc_account)
return super(UnlinkView, self).dispatch(request, *args, **kwargs)
- def check_access(self, fc_account):
- if self.request.user != fc_account.user:
- raise PermissionDenied
-
def form_valid(self, form):
- if not self.fc_account.user.has_usable_password():
+ if not self.request.user.has_usable_password():
form.save()
- self.logger.info(u'user %s has set a password', self.fc_account.user)
- self.fc_account.user.backend = 'authentic2.backends.models_backend.ModelBackend'
- msg_tpl = _('The link with the FranceConnect account {fc_account} has been deleted.')
- msg = msg_tpl.format(fc_account=self.fc_account)
- self.logger.info(u'user %s unlinked from %s', self.fc_account.user, self.fc_account)
- self.fc_account.delete()
- messages.info(self.request, msg)
+ self.logger.info(u'user %s has set a password', self.request.user)
+ links = models.FcAccount.objects.filter(user=self.request.user)
+ for link in links:
+ self.logger.info(u'user %s unlinked from %s', self.request.user, link)
+ messages.info(self.request, _('The link with the FranceConnect account has been deleted.'))
+ links.delete()
return super(UnlinkView, self).form_valid(form)
def get_context_data(self, **kwargs):
context = super(UnlinkView, self).get_context_data(**kwargs)
- context['fc_account'] = self.fc_account
- if not self.fc_account.user.has_usable_password():
+ if not self.request.user.has_usable_password():
context['no_password'] = True
return context
diff --git a/tests/test_auth_fc.py b/tests/test_auth_fc.py
index 3d0671d..e1fe396 100644
--- a/tests/test_auth_fc.py
+++ b/tests/test_auth_fc.py
@@ -13,6 +13,8 @@ from django.utils.timezone import now
from authentic2.utils import timestamp_from_datetime
+from authentic2_auth_fc import models
+
User = get_user_model()
@@ -99,6 +101,15 @@ def test_login(app, fc_settings, caplog, exp):
assert User.objects.count() == 0
else:
assert User.objects.count() == 1
+ if User.objects.count():
+ assert models.FcAccount.objects.count() == 1
+ response = app.get('/accounts/')
+ response = response.click('Delete link')
+ response.form.set('new_password1', 'ikKL1234')
+ response.form.set('new_password2', 'ikKL1234')
+ response = response.form.submit(name='unlink')
+ assert 'The link with the FranceConnect account has been deleted' in response.content
+ assert models.FcAccount.objects.count() == 0
def test_login_email_is_unique(app, fc_settings, caplog):
--
2.1.4