From fa0655a8517899d0a5ecc37564856bb04a254174 Mon Sep 17 00:00:00 2001 From: Josue Kouka Date: Fri, 15 Dec 2017 16:55:18 +0100 Subject: [PATCH] include query string in password change uri (#20750) --- mandayejs/mandaye/views.py | 6 +++--- tests/test_mandayejs.py | 16 +++++++++++++--- 2 files changed, 16 insertions(+), 6 deletions(-) diff --git a/mandayejs/mandaye/views.py b/mandayejs/mandaye/views.py index f5bc1a3..dbe3e90 100644 --- a/mandayejs/mandaye/views.py +++ b/mandayejs/mandaye/views.py @@ -17,7 +17,7 @@ from __future__ import absolute_import import logging -from urlparse import urlparse +from urlparse import urlsplit, urlunsplit from django.contrib.auth.models import User from django.contrib.auth.decorators import login_required @@ -172,8 +172,8 @@ def post_login_do(request, *args, **kwargs): messages.error(request, _('invalid response from server')) url = resolve_url('associate') elif result.get('result') == 'redirect': - url = urlparse(result.get('url', '/')) - url = url.path + url = urlsplit(result.get('url', '/')) + url = urlunsplit((None, None, url.path, url.query, url.fragment)) else: credentials.linked = True credentials.save() diff --git a/tests/test_mandayejs.py b/tests/test_mandayejs.py index f9d700c..10fff5f 100644 --- a/tests/test_mandayejs.py +++ b/tests/test_mandayejs.py @@ -333,13 +333,20 @@ def test_credentials_json_encoding(user_john): assert cred.locators['birth_date'] == '1995-06-11' +@pytest.fixture(params=[ + {'url1': 'http://mydomain.com/update_password.aspx'}, + {'url2': 'http://mydomain.com/index?path=change_pass'}]) +def redirect_url(request): + return request.param + + @mock.patch('mandayejs.mandaye.utils.subprocess.Popen') @mock.patch('mandayejs.applications.Test.SITE_LOCATORS', MOCKED_SITE_LOCATORS) -def test_post_login_do(mocked_popen, user_john): +def test_post_login_do(mocked_popen, user_john, redirect_url): expected_output = { "result": "redirect", "reason": "password change required", - "url": "http://mydomain.com/update_password.aspx" + "url": redirect_url.get('url1') or redirect_url.get('url2') } expected_output = '%s' % json.dumps(expected_output) mocked_popen.return_value = MockedPopen(expected_output=(expected_output, None)) @@ -353,7 +360,10 @@ def test_post_login_do(mocked_popen, user_john): request = request.get(reverse('post-login-do')) request.user = user_john response = post_login_do(request) - assert 'window.top.location = "/update_password.aspx"' in response.content + if 'url1' in redirect_url: + assert 'window.top.location = "/update_password.aspx"' in response.content + else: + assert 'window.top.location = "/index?path=change_pass"' in response.content @mock.patch('mandayejs.mandaye.utils.subprocess.Popen') -- 2.11.0