Fixed #26719 -- Normalized email in AbstractUser.clean().

[tamhuynhit]

https://code.djangoproject.com/ticket/26719

[claudep]

I wonder what's the more correct way to do that, the save() or the clean() method?
We might get more guaranties that normalization occurs with the save() method at the expense of calling normalization methods a bit too much. clean() might be a more fine-grained approach as we are essentially protecting against user input which should pass through clean() (via ModelForm).

[claudep]

I guess this line should also disappear?

[tamhuynhit]

👍 Yes, thanks a lot. Somehow I forgot to delete that line after several double checks 😞

[timgraham]

Normalizing in clean() seems more expected to me so that any user code would see the normalized values. On the other hand, normalizing in the manager as is done now seems like a good idea too so that things like the createsuperuser command are protected.

[timgraham]

Might want to account for the possibility of a custom manager with something like self.__class__._default_manager.normalize_email.

[tamhuynhit]

Thanks for your suggestion. It looks better to me, will fix this in the next commit

[claudep]

On the other hand, normalizing in the manager as is done now seems like a good idea too so that things like the createsuperuser command are protected.

Sure, in my local patch, I'm calling user.clean() in the manager.

[claudep]

FYI here's my current local patch: https://gist.github.com/claudep/78e3661224a9b1767b8b0ea3b8ac8e9b

[tamhuynhit]

@claudep 👍 Thanks for the patch. I will update the code with normalization happen in clean method. But I have some problem with testing from the discussion above.

[timgraham]

Please let me know if you have time to work on this in the next 8 hours. If not, I can pick it up since we're trying to get the beta release out today. Thanks!

[tamhuynhit]

@timgraham Thanks, I am working on it, will push the code soon

[timgraham]

I don't expect this would be needed since Model.clean() is called as part of ModelForm validation (the test passes with this commented out). Was it just an oversight on your part?

[timgraham]

I'll open a PR to your branch for these changes.

[timgraham]

Edits at tamhuynhit#1. I think this is good to go after that although if @claudep can take a look, that would be welcome.

[tamhuynhit]

PR is merged. Thanks for helping me on this @timgraham @claudep

[claudep]

Looks better and better! The remaining questions for me:

• Does it make sense to keep having the normalize methods on the manager instead of on the AbstractUser model itself?
• Should we normalize the username based on get_username(), maybe even on AbstractBaseUser.clean() level?

[tamhuynhit]

@claudep About the first question, I think you make sense to have that concern since the current code to call normalize_email have to go through many steps: self.__class__.objects.normalize_email. Move them to AbstractBaseUser seems good to me.
I didn't realize we have get_username before. I try to find some edge cases when USERNAME_FIELD point to any special field but not found yet. However if we want to use get_username, I think we should modify get_username with an empty default value, or force_text function will return a string 'None':

def get_username(self):
    return getattr(self, self.USERNAME_FIELD, '')

Move them up to AbstractBaseUser is a good idea. So should we make these changes happen ?

[timgraham]

I think I'll do a separate PR to make the changes for username. Then we can rebase this PR and make the changes for email which is more complicated with respect to backwards-compatibility if we want to move the manager method. Changing how email is normalized also isn't a release blocker for 1.10.

[timgraham]

Patch for username changes only: #6819

[timgraham]

With the other patch merged, you can either rebase your branch and force push, or open a new PR to continue the changes for normalizing email.

[timgraham]

We're targeting 1.11 for this change. This only needs to mention email now.

[timgraham]

Please move this to the 1.11 release notes and also update the versionadded annotation.

[tamhuynhit]

Ok I've moved them to 1.11, you can check again if I didn't make it right

[timgraham]

You can squash commits when updating too.

[timgraham]

merged in 09119df, thanks!