Permalink
Browse files

backend: Add support for multiuse user invite link.

  • Loading branch information...
hackerkid authored and timabbott committed Aug 10, 2017
1 parent 68ccfe7 commit b4fedaa765cec3e9a3bad2481f7c781cadeba8a0
Showing with 161 additions and 15 deletions.
  1. +3 −0 confirmation/models.py
  2. +1 −1 templates/zerver/accounts_home.html
  3. +3 −1 zerver/forms.py
  4. +122 −5 zerver/tests/test_signup.py
  5. +29 −8 zerver/views/registration.py
  6. +3 −0 zproject/urls.py
View
@@ -98,6 +98,7 @@ class Confirmation(models.Model):
EMAIL_CHANGE = 3
UNSUBSCRIBE = 4
SERVER_REGISTRATION = 5
MULTIUSE_INVITE = 6
type = models.PositiveSmallIntegerField() # type: int
def __unicode__(self):
@@ -117,6 +118,8 @@ def __init__(self, url_name, validity_in_days=settings.CONFIRMATION_LINK_DEFAULT
Confirmation.EMAIL_CHANGE: ConfirmationType('zerver.views.user_settings.confirm_email_change'),
Confirmation.UNSUBSCRIBE: ConfirmationType('zerver.views.unsubscribe.email_unsubscribe',
validity_in_days=1000000), # should never expire
Confirmation.MULTIUSE_INVITE: ConfirmationType('zerver.views.registration.accounts_home_from_multiuse_invite',
validity_in_days=settings.INVITATION_LINK_VALIDITY_DAYS)
}
# Conirmation pathways for which there is no content_object that we need to
@@ -15,7 +15,7 @@
<div class="lead">
<h1 class="get-started">{{ _("Sign up for Zulip") }}</h1>
</div>
<div class="app-main register-page-container white-box {% if realm_invite_required %}closed-realm{% endif %}">
<div class="app-main register-page-container white-box {% if realm_invite_required and not from_multiuse_invite %}closed-realm{% endif %}">
<div class="register-form new-style">
{% if realm_name %}
<div class="left-side">
View
@@ -118,6 +118,7 @@ class HomepageForm(forms.Form):
def __init__(self, *args, **kwargs):
# type: (*Any, **Any) -> None
self.realm = kwargs.pop('realm', None)
self.from_multiuse_invite = kwargs.pop('from_multiuse_invite', False)
super(HomepageForm, self).__init__(*args, **kwargs)
def clean_email(self):
@@ -131,6 +132,7 @@ def clean_email(self):
# Otherwise, the user is trying to join a specific realm.
realm = self.realm
from_multiuse_invite = self.from_multiuse_invite
if realm is None and not settings.REALMS_HAVE_SUBDOMAINS:
realm = get_realm_by_email_domain(email)
@@ -144,7 +146,7 @@ def clean_email(self):
"correspond to any existing "
"organization.").format(email=email))
if realm.invite_required:
if not from_multiuse_invite and realm.invite_required:
raise ValidationError(_("Please request an invite for {email} "
"from the organization "
"administrator.").format(email=email))
View
@@ -11,12 +11,12 @@
from mock import patch, MagicMock
from zerver.lib.test_helpers import MockLDAP
from confirmation.models import Confirmation, create_confirmation_link
from confirmation.models import Confirmation, create_confirmation_link, MultiuseInvite, \
generate_key, confirmation_url
from zilencer.models import Deployment
from zerver.forms import HomepageForm, WRONG_SUBDOMAIN_ERROR
from zerver.lib.actions import do_change_password
from zerver.lib.actions import do_change_password, gather_subscriptions
from zerver.views.auth import login_or_register_remote_user
from zerver.views.invite import get_invitee_emails_set
from zerver.views.registration import confirmation_key, \
@@ -64,8 +64,7 @@
from typing import Any, Dict, List, Optional, Set, Text
from six.moves import urllib
from six.moves import range
from six.moves import urllib, range, zip
import os
class RedirectAndLogIntoSubdomainTestCase(ZulipTestCase):
@@ -798,6 +797,124 @@ def test_if_emails_in_mixed_style_are_parsed_correctly(self):
expected_set = {self.email1, self.email2, self.email3}
self.assertEqual(get_invitee_emails_set(emails_raw), expected_set)
class MultiuseInviteTest(ZulipTestCase):
def setUp(self):
# type: () -> None
self.realm = get_realm('zulip')
self.realm.invite_required = True
self.realm.save()
def generate_multiuse_invite_link(self, streams=None, date_sent=None):
# type: (List[Stream], Optional[datetime.datetime]) -> Text
invite = MultiuseInvite(realm=self.realm, referred_by=self.example_user("iago"))
invite.save()
if streams is not None:
invite.streams = streams
invite.save()
if date_sent is None:
date_sent = timezone_now()
key = generate_key()
Confirmation.objects.create(content_object=invite, date_sent=date_sent,
confirmation_key=key, type=Confirmation.MULTIUSE_INVITE)
return confirmation_url(key, self.realm.host, Confirmation.MULTIUSE_INVITE)
def check_user_able_to_register(self, email, invite_link):
# type: (Text, Text) -> None
password = "password"
result = self.client_post(invite_link, {'email': email})
self.assertEqual(result.status_code, 302)
self.assertTrue(result["Location"].endswith(
"/accounts/send_confirm/%s" % (email,)))
result = self.client_get(result["Location"])
self.assert_in_response("Check your email so we can get started.", result)
confirmation_url = self.get_confirmation_url_from_outbox(email)
result = self.client_get(confirmation_url)
self.assertEqual(result.status_code, 200)
result = self.submit_reg_form_for_user(email, password)
self.assertEqual(result.status_code, 302)
from django.core.mail import outbox
outbox.pop()
def check_user_subscribed_only_to_streams(self, user_name, streams):
# type: (str, List[Stream]) -> None
sorted(streams, key=lambda x: x.name)
subscribed_streams = gather_subscriptions(self.nonreg_user(user_name))[0]
self.assertEqual(len(subscribed_streams), len(streams))
for x, y in zip(subscribed_streams, streams):
self.assertEqual(x["name"], y.name)
def test_valid_multiuse_link(self):
# type: () -> None
email1 = self.nonreg_email("test")
email2 = self.nonreg_email("test1")
email3 = self.nonreg_email("alice")
date_sent = timezone_now() - datetime.timedelta(days=settings.INVITATION_LINK_VALIDITY_DAYS - 1)
invite_link = self.generate_multiuse_invite_link(date_sent=date_sent)
self.check_user_able_to_register(email1, invite_link)
self.check_user_able_to_register(email2, invite_link)
self.check_user_able_to_register(email3, invite_link)
def test_expired_multiuse_link(self):
# type: () -> None
email = self.nonreg_email('newuser')
date_sent = timezone_now() - datetime.timedelta(days=settings.INVITATION_LINK_VALIDITY_DAYS)
invite_link = self.generate_multiuse_invite_link(date_sent=date_sent)
result = self.client_post(invite_link, {'email': email})
self.assertEqual(result.status_code, 200)
self.assert_in_response("Whoops. The confirmation link has expired.", result)
def test_invalid_multiuse_link(self):
# type: () -> None
email = self.nonreg_email('newuser')
invite_link = "/join/invalid_key/"
result = self.client_post(invite_link, {'email': email})
self.assertEqual(result.status_code, 200)
self.assert_in_response("Whoops. The confirmation link is malformed.", result)
def test_invalid_multiuse_link_in_open_realm(self):
# type: () -> None
self.realm.invite_required = False
self.realm.save()
email = self.nonreg_email('newuser')
invite_link = "/join/invalid_key/"
with self.settings(REALMS_HAVE_SUBDOMAINS=True):
with patch('zerver.views.registration.get_realm_from_request', return_value=self.realm):
with patch('zerver.views.registration.get_realm', return_value=self.realm):
self.check_user_able_to_register(email, invite_link)
def test_multiuse_link_with_specified_streams(self):
# type: () -> None
name1 = "newuser"
name2 = "bob"
email1 = self.nonreg_email(name1)
email2 = self.nonreg_email(name2)
stream_names = ["Rome", "Scotland", "Venice"]
streams = [get_stream(stream_name, self.realm) for stream_name in stream_names]
invite_link = self.generate_multiuse_invite_link(streams=streams)
self.check_user_able_to_register(email1, invite_link)
self.check_user_subscribed_only_to_streams(name1, streams)
stream_names = ["Rome", "Verona"]
streams = [get_stream(stream_name, self.realm) for stream_name in stream_names]
invite_link = self.generate_multiuse_invite_link(streams=streams)
self.check_user_able_to_register(email2, invite_link)
self.check_user_subscribed_only_to_streams(name2, streams)
class EmailUnsubscribeTests(ZulipTestCase):
def test_error_unsubscribe(self):
@@ -12,7 +12,7 @@
from django.utils.timezone import now
from django.core.exceptions import ValidationError
from django.core import validators
from zerver.models import UserProfile, Realm, Stream, PreregistrationUser, \
from zerver.models import UserProfile, Realm, Stream, PreregistrationUser, MultiuseInvite, \
name_changes_disabled, email_to_username, \
completely_open, get_unique_open_realm, email_allowed_for_realm, \
get_realm, get_realm_by_email_domain, get_user_profile_by_email
@@ -34,8 +34,9 @@
from zerver.lib.timezone import get_all_timezones
from zproject.backends import password_auth_enabled
from confirmation.models import Confirmation, RealmCreationKey, check_key_is_valid, \
create_confirmation_link
from confirmation.models import Confirmation, RealmCreationKey, ConfirmationKeyException, \
check_key_is_valid, create_confirmation_link, get_object_from_key, \
render_confirmation_key_error
import logging
import requests
@@ -358,18 +359,26 @@ def redirect_to_deactivation_notice():
# type: () -> HttpResponse
return HttpResponseRedirect(reverse('zerver.views.registration.show_deactivation_notice'))
def accounts_home(request):
# type: (HttpRequest) -> HttpResponse
def accounts_home(request, multiuse_object=None):
# type: (HttpRequest, Optional[MultiuseInvite]) -> HttpResponse
realm = get_realm_from_request(request)
if realm and realm.deactivated:
return redirect_to_deactivation_notice()
from_multiuse_invite = False
streams_to_subscribe = None
if multiuse_object:
realm = multiuse_object.realm
streams_to_subscribe = multiuse_object.streams.all()
from_multiuse_invite = True
if request.method == 'POST':
form = HomepageForm(request.POST, realm=realm)
form = HomepageForm(request.POST, realm=realm, from_multiuse_invite=from_multiuse_invite)
if form.is_valid():
email = form.cleaned_data['email']
try:
send_registration_completion_email(email, request)
send_registration_completion_email(email, request, streams=streams_to_subscribe)
except smtplib.SMTPException as e:
logging.error('Error in accounts_home: %s' % (str(e),))
return HttpResponseRedirect("/config-error/smtp")
@@ -385,9 +394,21 @@ def accounts_home(request):
form = HomepageForm(realm=realm)
return render(request,
'zerver/accounts_home.html',
context={'form': form, 'current_url': request.get_full_path},
context={'form': form, 'current_url': request.get_full_path,
'from_multiuse_invite': from_multiuse_invite},
)
def accounts_home_from_multiuse_invite(request, confirmation_key):
# type: (HttpRequest, str) -> HttpResponse
multiuse_object = None
try:
multiuse_object = get_object_from_key(confirmation_key)
except ConfirmationKeyException as exception:
realm = get_realm_from_request(request)
if realm is None or realm.invite_required:
return render_confirmation_key_error(request, exception)
return accounts_home(request, multiuse_object=multiuse_object)
def generate_204(request):
# type: (HttpRequest) -> HttpResponse
return HttpResponse(content=None, status=204)
View
@@ -138,6 +138,9 @@
url(r'^register/$', zerver.views.registration.accounts_home, name='register'),
url(r'^login/$', zerver.views.auth.login_page, {'template_name': 'zerver/login.html'}, name='zerver.views.auth.login_page'),
url(r'^join/(?P<confirmation_key>\S+)/$', zerver.views.registration.accounts_home_from_multiuse_invite,
name='zerver.views.registration.accounts_home_from_multiuse_invite'),
# API and integrations documentation
url(r'^api/$', APIView.as_view(template_name='zerver/api.html')),
url(r'^api/endpoints/$', zerver.views.integrations.api_endpoint_docs, name='zerver.views.integrations.api_endpoint_docs'),

0 comments on commit b4fedaa

Please sign in to comment.