use UserProfile for doing pwreset (bug 596263)

2010-09-22 11:57:58 -07:00 · 2010-09-22 11:57:58 -07:00 · 1763d8ea50
--- a/apps/users/forms.py
+++ b/apps/users/forms.py
@ -12,7 +12,8 @@ import happyforms
 from tower import ugettext as _, ugettext_lazy as _lazy

 from amo.utils import slug_validator
-from .models import UserProfile, BlacklistedUsername, BlacklistedEmailDomain
+from .models import (UserProfile, BlacklistedUsername, BlacklistedEmailDomain,
+                     DjangoUser)
 from . import tasks

 log = commonware.log.getLogger('z.users')
@ -23,6 +24,16 @@ class AuthenticationForm(auth_forms.AuthenticationForm):


 class PasswordResetForm(auth_forms.PasswordResetForm):
+
+    def clean_email(self):
+        email = self.cleaned_data['email']
+        self.users_cache = UserProfile.objects.filter(email__iexact=email)
+        if not self.users_cache:
+            raise forms.ValidationError(
+                _("That e-mail address doesn't have an associated user "
+                  "account. Are you sure you've registered?"))
+        return email
+
    def save(self, **kw):
        for user in self.users_cache:
            log.info(u'Password reset email sent for user (%s)' % user)
@ -35,11 +46,12 @@ class PasswordResetForm(auth_forms.PasswordResetForm):


 class SetPasswordForm(auth_forms.SetPasswordForm):
-    def __init__(self, user, *args, **kwargs):
-        super(SetPasswordForm, self).__init__(user, *args, **kwargs)
-        if self.user:
-            # We store our password in the users table, not auth_user like
-            # Django expects
+
+    def __init__(self, *args, **kwargs):
+        super(SetPasswordForm, self).__init__(*args, **kwargs)
+        # We store our password in the users table, not auth_user like
+        # Django expects.
+        if isinstance(self.user, DjangoUser):
            self.user = self.user.get_profile()

    def save(self, **kw):
--- a/apps/users/models.py
+++ b/apps/users/models.py
@ -145,6 +145,14 @@ class UserProfile(amo.models.ModelBase):

    welcome_name = name

+    @property
+    def last_login(self):
+        """Make UserProfile look more like auth.User."""
+        # Django expects this to be non-null, so fake a login attempt.
+        if not self.last_login_attempt:
+            self.update(last_login_attempt=datetime.now())
+        return self.last_login_attempt
+
    @amo.cached_property
    def reviews(self):
        """All reviews that are not dev replies."""
--- a/apps/users/tests/test_forms.py
+++ b/apps/users/tests/test_forms.py
@ -87,6 +87,14 @@ class TestPasswordResetForm(UserFormBase):
        assert mail.outbox[0].subject.find('Password reset') == 0
        assert mail.outbox[0].body.find('pwreset/%s' % self.uidb36) > 0

+    def test_amo_user_but_no_django_user(self):
+        # Password reset should work without a Django user.
+        self.user_profile.update(user=None, _signal=True)
+        self.user.delete()
+        self.client.post('/en-US/firefox/users/pwreset',
+                        {'email': self.user.email})
+        eq_(len(mail.outbox), 1)
+

 class TestUserDeleteForm(UserFormBase):

@ -106,7 +114,7 @@ class TestUserDeleteForm(UserFormBase):
    def test_success(self):
        self.client.login(username='jbalogh@mozilla.com', password='foo')
        data = {'password': 'foo', 'confirm': True, }
-        r = self.client.post('/en-US/firefox/users/delete', data, follow=True)
+        self.client.post('/en-US/firefox/users/delete', data, follow=True)
        # TODO XXX: Bug 593055
        #self.assertContains(r, "Profile Deleted")
        u = UserProfile.objects.get(id='4043307')
@ -115,7 +123,7 @@ class TestUserDeleteForm(UserFormBase):
    @patch('users.models.UserProfile.is_developer')
    def test_developer_attempt(self, f):
        """A developer's attempt to delete one's self must be thwarted."""
-        f = lambda: True
+        f.return_value = True
        self.client.login(username='jbalogh@mozilla.com', password='foo')
        data = {'password': 'foo', 'confirm': True, }
        r = self.client.post('/en-US/firefox/users/delete', data, follow=True)
@ -335,15 +343,15 @@ class TestUserRegisterForm(UserFormBase):

    @patch('captcha.fields.ReCaptchaField.clean')
    def test_success(self, clean):
-        clean = lambda: ''
+        clean.return_value = ''

        data = {'email': 'john.connor@sky.net',
                'password': 'carebears',
                'password2': 'carebears',
                'username': 'BigJC',
                'homepage': ''}
-        r = self.client.post('/en-US/firefox/users/register', data,
-                             follow=True)
+        self.client.post('/en-US/firefox/users/register', data,
+                         follow=True)
        # TODO XXX POSTREMORA: uncomment when remora goes away
        #self.assertContains(r, "Congratulations!")

--- a/apps/users/urls.py
+++ b/apps/users/urls.py
@ -4,10 +4,14 @@ from django.conf.urls.defaults import patterns, url, include
 from zadmin import jinja_for_django

 from . import forms, views
+from .models import UserProfile

 # So we can use the contrib logic for password resets, etc.
 auth_views.render_to_response = jinja_for_django

+# We need Django to use our User model.
+auth_views.User = UserProfile
+

 # These will all start with /user/<user_id>/
 detail_patterns = patterns('',
--- a/migrations/78-null-created.sql
+++ b/migrations/78-null-created.sql
@ -0,0 +1,2 @@
+-- Ah the joys of fake data.
+UPDATE users SET created = '2007-03-05 13:09:33'  WHERE created IS NULL;