From 610eb557b8492b0ecf3893f047e705c549e57047 Mon Sep 17 00:00:00 2001 From: Vishnu Ks Date: Sat, 25 Nov 2017 07:51:53 +0530 Subject: [PATCH] backend: Make password reset form support multi realm membership. --- .../zerver/emails/password_reset.source.html | 20 +++++++++++++++---- templates/zerver/emails/password_reset.txt | 19 ++++++++++++------ version.py | 2 +- zerver/forms.py | 19 ++++++++---------- zerver/tests/test_signup.py | 2 +- 5 files changed, 39 insertions(+), 23 deletions(-) diff --git a/templates/zerver/emails/password_reset.source.html b/templates/zerver/emails/password_reset.source.html index e016ee9d7b..1024137a34 100644 --- a/templates/zerver/emails/password_reset.source.html +++ b/templates/zerver/emails/password_reset.source.html @@ -4,12 +4,24 @@

{% if no_account_in_realm %} Someone (possibly you) requested a password reset email for {{ email }} - on {{ realm_uri }}, but {{ email }} does not have an + on {{ realm_uri }}, but you do not have an active account in {{ realm_uri }}. - {% if account_exists_another_realm %} - However, {{ email }} does have an active account in the {{ user.realm.uri }} - organization; you can try logging in or resetting your password there. + {% if accounts %} + {% if multiple_accounts %} + However, you do have active accounts in the following + organizations. +

+ You can try logging in or resetting your password in the organization + you want. + {% else %} + However, you do have an active account in the {{ accounts[0].realm.uri }} + organization; you can try logging in or resetting your password there. + {% endif %} {% endif %} {% else %} Psst. Word on the street is that you need a new password, {{ email }}.
diff --git a/templates/zerver/emails/password_reset.txt b/templates/zerver/emails/password_reset.txt index 645997eaac..eba77db648 100644 --- a/templates/zerver/emails/password_reset.txt +++ b/templates/zerver/emails/password_reset.txt @@ -1,12 +1,19 @@ {% if no_account_in_realm %} Someone (possibly you) requested a password reset email for {{ email }} on {{ realm_uri }}, but -{{ email }} does not have an active account in -{{ realm_uri }}. -{% if account_exists_another_realm %} -However, {{ email }} does have an active account in -{{ user.realm.uri }} organization; you can try -logging in or resetting your password there. +you do not have an active account in {{ realm_uri }}. +{% if accounts %} +{% if multiple_accounts %} +However, you do have active accounts in the following organizations. +{% for account in accounts %} +{{ account.realm.uri }} +{% endfor %} +You can try logging in or resetting your password in the organization +you want. +{% else %} +However, you do have an active account in the {{ accounts[0].realm.uri }} +organization; you can try logging in or resetting your password there. +{% endif %} {% endif %} {% else %} Psst. Word on the street is that you need a new password, {{ email }}. diff --git a/version.py b/version.py index 3b95df0375..f4674f9364 100644 --- a/version.py +++ b/version.py @@ -1,3 +1,3 @@ ZULIP_VERSION = "1.7.1+git" -PROVISION_VERSION = '13.0' +PROVISION_VERSION = '13.1' diff --git a/zerver/forms.py b/zerver/forms.py index dea89f95e4..cbe466a902 100644 --- a/zerver/forms.py +++ b/zerver/forms.py @@ -24,7 +24,7 @@ from zerver.lib.request import JsonableError from zerver.lib.send_email import send_email, FromAddress from zerver.lib.subdomains import get_subdomain, user_matches_subdomain, is_root_domain_available from zerver.lib.users import check_full_name -from zerver.models import Realm, get_user_profile_by_email, UserProfile, \ +from zerver.models import Realm, get_user, UserProfile, \ get_realm, email_to_domain, email_allowed_for_realm from zproject.backends import email_auth_enabled @@ -208,25 +208,23 @@ class ZulipPasswordResetForm(PasswordResetForm): """ email = self.cleaned_data["email"] - subdomain = get_subdomain(request) - realm = get_realm(subdomain) + realm = get_realm(get_subdomain(request)) if not email_auth_enabled(realm): logging.info("Password reset attempted for %s even though password auth is disabled." % (email,)) return try: - user = get_user_profile_by_email(email) + user = get_user(email, realm) except UserProfile.DoesNotExist: user = None context = { 'email': email, 'realm_uri': realm.uri, - 'user': user, } - if user is not None and user_matches_subdomain(subdomain, user): + if user is not None: token = token_generator.make_token(user) uid = urlsafe_base64_encode(force_bytes(user.id)) endpoint = reverse('django.contrib.auth.views.password_reset_confirm', @@ -234,16 +232,15 @@ class ZulipPasswordResetForm(PasswordResetForm): context['no_account_in_realm'] = False context['reset_url'] = "{}{}".format(user.realm.uri, endpoint) - send_email('zerver/emails/password_reset', to_user_id=user.id, from_name="Zulip Account Security", from_address=FromAddress.NOREPLY, context=context) else: context['no_account_in_realm'] = True - if user is not None: - context['account_exists_another_realm'] = True - else: - context['account_exists_another_realm'] = False + accounts = UserProfile.objects.filter(email__iexact=email) + if accounts: + context['accounts'] = accounts + context['multiple_accounts'] = accounts.count() != 1 send_email('zerver/emails/password_reset', to_email=email, from_name="Zulip Account Security", from_address=FromAddress.NOREPLY, context=context) diff --git a/zerver/tests/test_signup.py b/zerver/tests/test_signup.py index 5c40c3f30c..a3ba35bc50 100644 --- a/zerver/tests/test_signup.py +++ b/zerver/tests/test_signup.py @@ -238,7 +238,7 @@ class PasswordResetTest(ZulipTestCase): self.assertIn(FromAddress.NOREPLY, message.from_email) self.assertIn('Someone (possibly you) requested a password', message.body) - self.assertIn("hamlet@zulip.com does not have an active account in\nhttp://zephyr.testserver", + self.assertIn("but\nyou do not have an active account in http://zephyr.testserver", message.body) def test_invalid_subdomain(self) -> None: