From 5e2e6094742afa5da1d8fc4d7c8a6aba5213e1de Mon Sep 17 00:00:00 2001 From: Jean-Romain Garnier Date: Fri, 17 Apr 2020 00:16:56 +0000 Subject: [PATCH] Fix handling of confirmation email for front facing elements --- users/forms.py | 13 ++++++---- users/models.py | 3 ++- users/templates/users/profil.html | 40 +++++++++++------------------ users/views.py | 42 ++++++++++++++++++------------- 4 files changed, 49 insertions(+), 49 deletions(-) diff --git a/users/forms.py b/users/forms.py index 5669b155..c9f97508 100644 --- a/users/forms.py +++ b/users/forms.py @@ -368,6 +368,8 @@ class AdherentForm(FormRevMixin, FieldPermissionFormMixin, ModelForm): label=_("Force the move?"), initial=False, required=False ) + should_send_confirmation_email = False + def clean_email(self): if not OptionalUser.objects.first().local_email_domain in self.cleaned_data.get( "email" @@ -398,18 +400,19 @@ class AdherentForm(FormRevMixin, FieldPermissionFormMixin, ModelForm): def save(self, commit=True): """On met à jour l'état de l'utilisateur en fonction de son mail""" - user = super(AdherentForm, self).save(commit=False) + user = super(AdherentForm, self).save(commit=commit) if user.email != self.initial["email"]: # Send a confirmation email if user.state in [User.STATE_ACTIVE, User.STATE_DISABLED, User.STATE_NOT_YET_ACTIVE, User.STATE_EMAIL_NOT_YET_CONFIRMED]: user.state = User.STATE_EMAIL_NOT_YET_CONFIRMED - user.confirm_email_address_mail() + self.should_send_confirmation_email = True - # Always keep the oldest change date - if user.email_change_date is None: - user.email_change_date = timezone.now() + # Always keep the oldest change date + if user.email_change_date is None: + user.email_change_date = timezone.now() + user.save() return user diff --git a/users/models.py b/users/models.py index 8671fba0..48c91be9 100755 --- a/users/models.py +++ b/users/models.py @@ -226,7 +226,7 @@ class User( shortcuts_enabled = models.BooleanField( verbose_name=_("enable shortcuts on Re2o website"), default=True ) - email_change_date = None + email_change_date = models.DateTimeField(default=None, null=True) USERNAME_FIELD = "pseudo" REQUIRED_FIELDS = ["surname", "email"] @@ -795,6 +795,7 @@ class User( req.type = Request.EMAIL req.user = self req.save() + template = loader.get_template("users/email_confirmation_request") context = { "name": req.user.get_full_name(), diff --git a/users/templates/users/profil.html b/users/templates/users/profil.html index cb8358a8..2cbfe9ce 100644 --- a/users/templates/users/profil.html +++ b/users/templates/users/profil.html @@ -39,35 +39,23 @@ with this program; if not, write to the Free Software Foundation, Inc., {% endif %} -
- {% if users.state == Users.STATE_NOT_YET_ACTIVE %} -

{% blocktrans with name=users.name surname=users.surname %}Welcome {{ name }} {{ surname }}{% endblocktrans %}

- {% else %} -

{% blocktrans with name=users.name surname=users.surname %}Profile of {{ name }} {{ surname }}{% endblocktrans %}

- {% endif %} + +{% if users.state == users.STATE_EMAIL_NOT_YET_CONFIRMED %} +
+ {% blocktrans %}Please confirm your email address.{% endblocktrans %} +
+ + {% blocktrans %}Didn't receive the email?{% endblocktrans %} +
- +{% elif users.state == users.STATE_DISABLED %} +
+ {% blocktrans %}Your account has been disabled{% endblocktrans %} +
+{% endif %}
- {% if users.state == Users.STATE_NOT_YET_ACTIVE %} -
-
- {% blocktrans %}Please confirm your email address{% endblocktrans %} -
- - {% blocktrans %}Resend the email{% endblocktrans %} - -
-
- {% elif users.state == Users.STATE_DISABLED %} -
-
- {% blocktrans %}Your account has been disabled{% endblocktrans %} -
-
- {% endif %} -
{% if users.is_ban%} @@ -210,7 +198,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
{% trans "Email address" %}
-
{{ users.email }}{% if users.email_change_date is not None %}{% trans "Pending confirmation..." %}{% endif %}
+
{{ users.email }}{% if users.email_change_date is not None %}
{% trans "Pending confirmation..." %}{% endif %}
diff --git a/users/views.py b/users/views.py index 266c0717..16acd748 100644 --- a/users/views.py +++ b/users/views.py @@ -223,8 +223,13 @@ def edit_info(request, user, userid): ) if user_form.is_valid(): if user_form.changed_data: - user_form.save() + user = user_form.save() messages.success(request, _("The user was edited.")) + + if user_form.should_send_confirmation_email: + user.confirm_email_address_mail(request) + messages.warning(request, _("Sent a new confirmation email")) + return redirect(reverse("users:profil", kwargs={"userid": str(userid)})) return form( {"userform": user_form, "action_name": _("Edit")}, @@ -994,12 +999,15 @@ def reset_password(request): def process(request, token): - """Process, lien pour la reinitialisation du mot de passe""" + """Process, lien pour la reinitialisation du mot de passe + et la confirmation de l'email""" valid_reqs = Request.objects.filter(expires_at__gt=timezone.now()) req = get_object_or_404(valid_reqs, token=token) if req.type == Request.PASSWD: return process_passwd(request, req) + elif req.type == Request.EMAIL: + return process_email(request, req) else: messages.error(request, _("Error: please contact an admin.")) redirect(reverse("index")) @@ -1024,31 +1032,31 @@ def process_passwd(request, req): ) -def resend_confirmation_email(request): +def resend_confirmation_email(request, userid): """ Renvoie du mail de confirmation """ userform = ResendConfirmationEmailForm(request.POST or None) if userform.is_valid(): - request.user.confirm_email_address_mail() + try: + user = User.objects.get( + id=userid, + state__in=[User.STATE_EMAIL_NOT_YET_CONFIRMED], + ) + except User.DoesNotExist: + messages.error(request, _("The user doesn't exist.")) + return form( + {"userform": userform, "action_name": _("Reset")}, + "users/user.html", + request, + ) + user.confirm_email_address_mail(request) messages.success(request, _("An email to confirm your address was sent.")) - return redirect(reverse("index")) + return redirect(reverse("users:profil", kwargs={"userid": userid})) return form( {"userform": userform, "action_name": _("Send")}, "users/user.html", request ) -def confirm_email(request, token): - """Lien pour la confirmation de l'email""" - valid_reqs = Request.objects.filter(expires_at__gt=timezone.now()) - req = get_object_or_404(valid_reqs, token=token) - - if req.type == Request.EMAIL: - return process_email(request, req) - else: - messages.error(request, _("Error: please contact an admin.")) - redirect(reverse("index")) - - def process_email(request, req): """Process la confirmation de mail, renvoie le formulaire de validation"""