diff --git a/zerver/views/__init__.py b/zerver/views/__init__.py index 0047d2631c..44f008a7fb 100644 --- a/zerver/views/__init__.py +++ b/zerver/views/__init__.py @@ -158,15 +158,15 @@ def accounts_register(request): if isinstance(backend, LDAPBackend): ldap_attrs = _LDAPUser(backend, backend.django_to_ldap_username(email)).attrs try: - request.session['authenticated_full_name'] = ldap_attrs[settings.AUTH_LDAP_USER_ATTR_MAP['full_name']][0] + ldap_full_name = ldap_attrs[settings.AUTH_LDAP_USER_ATTR_MAP['full_name']][0] + request.session['authenticated_full_name'] = ldap_full_name name_validated = True # We don't use initial= here, because if the form is # complete (that is, no additional fields need to be # filled out by the user) we want the form to validate, # so they can be directly registered without having to # go through this interstitial. - form = RegistrationForm( - {'full_name': request.session['authenticated_full_name']}) + form = RegistrationForm({'full_name': ldap_full_name}) # FIXME: This will result in the user getting # validation errors if they have to enter a password. # Not relevant for ONLY_SSO, though. @@ -726,6 +726,11 @@ def send_registration_completion_email(email, request, realm_creation=False): return Confirmation.objects.send_confirmation(prereg_user, email, additional_context=context) +def redirect_to_email_login_url(email): + login_url = reverse('django.contrib.auth.views.login') + redirect_url = login_url + '?email=' + urllib.parse.quote_plus(email) + return HttpResponseRedirect(redirect_url) + """ When settings.OPEN_REALM_CREATION is enabled public users can create new realm. For creating the realm the user should not be the member of any current realm. The realm is created with domain same as the that of the user's email. @@ -738,7 +743,9 @@ def create_realm(request, creation_key=None): return render_to_response("zerver/realm_creation_failed.html", {'message': _('New organization creation disabled.')}) elif not check_key_is_valid(creation_key): - return render_to_response("zerver/realm_creation_failed.html", {'message': _('The organization creation link has been expired or is not valid.')}) + return render_to_response("zerver/realm_creation_failed.html", + {'message': _('The organization creation link has been expired' + ' or is not valid.')}) if request.method == 'POST': form = RealmCreationForm(request.POST, domain=request.session.get("domain")) @@ -756,7 +763,7 @@ def create_realm(request, creation_key=None): except ValidationError: # if the user user is already registered he can't create a new realm as a realm # with the same domain as user's email already exists - return HttpResponseRedirect(reverse('django.contrib.auth.views.login') + '?email=' + urllib.parse.quote_plus(email)) + return redirect_to_email_login_url(email) else: form = RealmCreationForm(domain=request.session.get("domain")) return render_to_response('zerver/create_realm.html', @@ -779,7 +786,7 @@ def accounts_home(request): # Note: We don't check for uniqueness is_inactive(email) except ValidationError: - return HttpResponseRedirect(reverse('django.contrib.auth.views.login') + '?email=' + urllib.parse.quote_plus(email)) + return redirect_to_email_login_url(email) else: form = create_homepage_form(request) return render_to_response('zerver/accounts_home.html', @@ -1121,7 +1128,8 @@ def update_realm(request, user_profile, name=REQ(validator=check_string, default do_set_realm_create_stream_by_admins_only(realm, create_stream_by_admins_only) data['create_stream_by_admins_only'] = create_stream_by_admins_only if (allow_message_editing is not None and realm.allow_message_editing != allow_message_editing) or \ - (message_content_edit_limit_seconds is not None and realm.message_content_edit_limit_seconds != message_content_edit_limit_seconds): + (message_content_edit_limit_seconds is not None and + realm.message_content_edit_limit_seconds != message_content_edit_limit_seconds): if allow_message_editing is None: allow_message_editing = realm.allow_message_editing if message_content_edit_limit_seconds is None: @@ -1142,16 +1150,21 @@ def api_fetch_api_key(request, username=REQ(), password=REQ()): else: user_profile = authenticate(username=username, password=password, return_data=return_data) if return_data.get("inactive_user") == True: - return json_error(_("Your account has been disabled."), data={"reason": "user disable"}, status=403) + return json_error(_("Your account has been disabled."), + data={"reason": "user disable"}, status=403) if return_data.get("inactive_realm") == True: - return json_error(_("Your realm has been deactivated."), data={"reason": "realm deactivated"}, status=403) + return json_error(_("Your realm has been deactivated."), + data={"reason": "realm deactivated"}, status=403) if return_data.get("password_auth_disabled") == True: - return json_error(_("Password auth is disabled in your team."), data={"reason": "password auth disabled"}, status=403) + return json_error(_("Password auth is disabled in your team."), + data={"reason": "password auth disabled"}, status=403) if user_profile is None: if return_data.get("valid_attestation") == True: # We can leak that the user is unregistered iff they present a valid authentication string for the user. - return json_error(_("This user is not registered; do so from a browser."), data={"reason": "unregistered"}, status=403) - return json_error(_("Your username or password is incorrect."), data={"reason": "incorrect_creds"}, status=403) + return json_error(_("This user is not registered; do so from a browser."), + data={"reason": "unregistered"}, status=403) + return json_error(_("Your username or password is incorrect."), + data={"reason": "incorrect_creds"}, status=403) return json_success({"api_key": user_profile.api_key, "email": user_profile.email}) @csrf_exempt