backend: Make password reset form support multi realm membership.

This commit is contained in:
Vishnu Ks 2017-11-25 07:51:53 +05:30 committed by Tim Abbott
parent 9f225360dc
commit 610eb557b8
5 changed files with 39 additions and 23 deletions

View File

@ -4,13 +4,25 @@
<p>
{% if no_account_in_realm %}
Someone (possibly you) requested a password reset email for {{ email }}
on {{ realm_uri }}, but {{ email }} does not have an
on {{ realm_uri }}, but you do not have an
active account in {{ realm_uri }}.
{% if account_exists_another_realm %}
However, {{ email }} does have an active account in the {{ user.realm.uri }}
{% if accounts %}
{% if multiple_accounts %}
However, you do have active accounts in the following
organizations.
<ul>
{% for account in accounts %}
<li>{{ account.realm.uri }}</li>
{% endfor %}
</ul>
You can try logging in or resetting your password in the organization
you want.
{% else %}
However, you do have an active account in the {{ accounts[0].realm.uri }}
organization; you can try logging in or resetting your password there.
{% endif %}
{% endif %}
{% else %}
Psst. Word on the street is that you need a new password, {{ email }}.<br />
It's all good. Click here and we'll take care of the rest:<br />

View File

@ -1,12 +1,19 @@
{% if no_account_in_realm %}
Someone (possibly you) requested a password reset email for
{{ email }} on {{ realm_uri }}, but
{{ email }} does not have an active account in
{{ realm_uri }}.
{% if account_exists_another_realm %}
However, {{ email }} does have an active account in
{{ user.realm.uri }} organization; you can try
logging in or resetting your password there.
you do not have an active account in {{ realm_uri }}.
{% if accounts %}
{% if multiple_accounts %}
However, you do have active accounts in the following organizations.
{% for account in accounts %}
{{ account.realm.uri }}
{% endfor %}
You can try logging in or resetting your password in the organization
you want.
{% else %}
However, you do have an active account in the {{ accounts[0].realm.uri }}
organization; you can try logging in or resetting your password there.
{% endif %}
{% endif %}
{% else %}
Psst. Word on the street is that you need a new password, {{ email }}.

View File

@ -1,3 +1,3 @@
ZULIP_VERSION = "1.7.1+git"
PROVISION_VERSION = '13.0'
PROVISION_VERSION = '13.1'

View File

@ -24,7 +24,7 @@ from zerver.lib.request import JsonableError
from zerver.lib.send_email import send_email, FromAddress
from zerver.lib.subdomains import get_subdomain, user_matches_subdomain, is_root_domain_available
from zerver.lib.users import check_full_name
from zerver.models import Realm, get_user_profile_by_email, UserProfile, \
from zerver.models import Realm, get_user, UserProfile, \
get_realm, email_to_domain, email_allowed_for_realm
from zproject.backends import email_auth_enabled
@ -208,25 +208,23 @@ class ZulipPasswordResetForm(PasswordResetForm):
"""
email = self.cleaned_data["email"]
subdomain = get_subdomain(request)
realm = get_realm(subdomain)
realm = get_realm(get_subdomain(request))
if not email_auth_enabled(realm):
logging.info("Password reset attempted for %s even though password auth is disabled." % (email,))
return
try:
user = get_user_profile_by_email(email)
user = get_user(email, realm)
except UserProfile.DoesNotExist:
user = None
context = {
'email': email,
'realm_uri': realm.uri,
'user': user,
}
if user is not None and user_matches_subdomain(subdomain, user):
if user is not None:
token = token_generator.make_token(user)
uid = urlsafe_base64_encode(force_bytes(user.id))
endpoint = reverse('django.contrib.auth.views.password_reset_confirm',
@ -234,16 +232,15 @@ class ZulipPasswordResetForm(PasswordResetForm):
context['no_account_in_realm'] = False
context['reset_url'] = "{}{}".format(user.realm.uri, endpoint)
send_email('zerver/emails/password_reset', to_user_id=user.id,
from_name="Zulip Account Security",
from_address=FromAddress.NOREPLY, context=context)
else:
context['no_account_in_realm'] = True
if user is not None:
context['account_exists_another_realm'] = True
else:
context['account_exists_another_realm'] = False
accounts = UserProfile.objects.filter(email__iexact=email)
if accounts:
context['accounts'] = accounts
context['multiple_accounts'] = accounts.count() != 1
send_email('zerver/emails/password_reset', to_email=email,
from_name="Zulip Account Security",
from_address=FromAddress.NOREPLY, context=context)

View File

@ -238,7 +238,7 @@ class PasswordResetTest(ZulipTestCase):
self.assertIn(FromAddress.NOREPLY, message.from_email)
self.assertIn('Someone (possibly you) requested a password',
message.body)
self.assertIn("hamlet@zulip.com does not have an active account in\nhttp://zephyr.testserver",
self.assertIn("but\nyou do not have an active account in http://zephyr.testserver",
message.body)
def test_invalid_subdomain(self) -> None: