From 2212922bc13aef76ac17e32dd036d6ecd570f2db Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Tue, 19 May 2020 17:29:39 +0200
Subject: [PATCH 4/5] manager: set created user's OU in clean() (#43074)

Any modification to the model should be done trough clean() method, as
it enables later checks like uniqueness validation. No instance
initialization should ever be done in save() methods unless it's
garanteed that it cannot mess with validation.
---
 src/authentic2/manager/forms.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/authentic2/manager/forms.py b/src/authentic2/manager/forms.py
index 10eba0f2..518049b8 100644
--- a/src/authentic2/manager/forms.py
+++ b/src/authentic2/manager/forms.py
@@ -312,6 +312,7 @@ class UserAddForm(UserChangePasswordForm, UserEditForm):
         super(UserAddForm, self).__init__(*args, **kwargs)
 
     def clean(self):
+        self.instance.ou = self.ou
         super(UserAddForm, self).clean()
         # check if this account is going to be real online account, i.e. with a
         # password, it it's the case complain that there is no identifiers.
@@ -330,7 +331,6 @@ class UserAddForm(UserChangePasswordForm, UserEditForm):
         return bool(self.cleaned_data.get('email'))
 
     def save(self, commit=True):
-        self.instance.ou = self.ou
         user = super(UserAddForm, self).save(commit=commit)
         if self.cleaned_data.get('reset_password_at_next_login'):
             if commit:
-- 
2.26.2