From 0d86dc760386a119f27e15a6decb7a135e71e806 Mon Sep 17 00:00:00 2001 From: Valentin Deniaud Date: Mon, 5 Oct 2020 16:13:00 +0200 Subject: [PATCH] manager: look for duplicates on user creation (#45419) --- src/authentic2/manager/app_settings.py | 1 + .../authentic2/manager/user_add.html | 15 +++++++++++ src/authentic2/manager/user_views.py | 12 +++++++++ tests/test_user_manager.py | 26 +++++++++++++++++++ 4 files changed, 54 insertions(+) diff --git a/src/authentic2/manager/app_settings.py b/src/authentic2/manager/app_settings.py index 587c99c2..3a2f338f 100644 --- a/src/authentic2/manager/app_settings.py +++ b/src/authentic2/manager/app_settings.py @@ -28,6 +28,7 @@ class AppSettings(object): 'USER_SEARCH_MINIMUM_CHARS': 0, 'LOGIN_URL': None, 'SITE_TITLE': None, + 'CHECK_DUPLICATE_USERS': False, } def __getattr__(self, name): diff --git a/src/authentic2/manager/templates/authentic2/manager/user_add.html b/src/authentic2/manager/templates/authentic2/manager/user_add.html index 2e4f3192..14cc5c75 100644 --- a/src/authentic2/manager/templates/authentic2/manager/user_add.html +++ b/src/authentic2/manager/templates/authentic2/manager/user_add.html @@ -5,6 +5,21 @@ {% trans "Add an user" %} {% endblock %} +{% block beforeform %} +{% if duplicate_users %} + +
+

{% trans "This user may already exist, please check the list below before creating it :" %}

+ +
+{% endif %} +{% endblock %} + {% block hidden_inputs %} {{ block.super }} {% if next %}{% endif %} diff --git a/src/authentic2/manager/user_views.py b/src/authentic2/manager/user_views.py index a0e03e1e..eac49242 100644 --- a/src/authentic2/manager/user_views.py +++ b/src/authentic2/manager/user_views.py @@ -148,6 +148,7 @@ class UserAddView(BaseAddView): form_class = UserAddForm permissions = ['custom_user.add_user'] template_name = 'authentic2/manager/user_add.html' + duplicate_users = None def dispatch(self, request, *args, **kwargs): qs = request.user.ous_with_perm('custom_user.add_user') @@ -193,9 +194,20 @@ class UserAddView(BaseAddView): field_name='cancel') context['next'] = select_next_url(self.request, default=None, include_post=True) context['ou'] = self.ou + context['duplicate_users'] = self.duplicate_users return context def form_valid(self, form): + if app_settings.CHECK_DUPLICATE_USERS: + duplicate_users = User.objects.find_duplicates( + first_name=form.cleaned_data['first_name'], + last_name=form.cleaned_data['last_name'], + birthdate=form.cleaned_data.get('birthdate'), + ) + if duplicate_users and not 'confirm-creation' in self.request.POST: + self.duplicate_users = duplicate_users + return self.form_invalid(form) + response = super(UserAddView, self).form_valid(form) hooks.call_hooks('event', name='manager-add-user', user=self.request.user, instance=form.instance, form=form) diff --git a/tests/test_user_manager.py b/tests/test_user_manager.py index 764cc6ed..5607ca49 100644 --- a/tests/test_user_manager.py +++ b/tests/test_user_manager.py @@ -920,3 +920,29 @@ def test_manager_user_authorizations(app, superuser, simple_user): resp = resp.follow() assert resp.html.find('td').text == \ 'This user has not granted profile data access to any service yet.' + + +def test_manager_create_user_duplicates(admin, app, ou1, settings): + settings.A2_MANAGER_CHECK_DUPLICATE_USERS = True + login(app, admin) + user = User.objects.create(first_name='Alexander', last_name='Longname') + user2 = User.objects.create(first_name='Alexandra', last_name='Longname') + + url = '/manage/users/%s/add/' % ou1.pk + resp = app.get(url) + + form = resp.form + form.set('first_name', 'Alexandre') + form.set('last_name', 'Longname') + form.set('email', 'alexandre.longname@entrouvert.com') + form.set('password1', 'ABcd1234') + form.set('password2', 'ABcd1234') + resp = form.submit() + + assert 'user may already exist' in resp.text + assert '/users/%s/' % user.pk in resp.text + assert '/users/%s/' % user2.pk in resp.text + + # simply submitting again creates user + resp = resp.form.submit().follow() + assert User.objects.filter(first_name='Alexandre').count() == 1 -- 2.20.1