def update(self, instance, validated_data): user = self.context['request'].user primary = validated_data.get('primary', None) verified = validated_data.get('verified', None) if primary and instance.confirmed: user.username = instance.address user.save() elif primary and not instance.confirmed: raise exceptions.ValidationError( 'You cannot set an unconfirmed email address as your primary email address.' ) if verified and not instance.verified: if not instance.confirmed: raise exceptions.ValidationError( 'You cannot verify an email address that has not been confirmed by a user.' ) user.confirm_email(token=instance.id, merge=instance.is_merge) instance.verified = True instance.is_merge = False new_email = Email.objects.get(address=instance.address, user=user) instance.id = hashids.encode(new_email.id) user.save() return instance
def get_default_queryset(self): user = self.get_user() serialized_emails = [] for email in user.emails.all(): primary = email.address == user.username hashed_id = hashids.encode(email.id) serialized_email = UserEmail(email_id=hashed_id, address=email.address, confirmed=True, verified=True, primary=primary) serialized_emails.append(serialized_email) email_verifications = user.email_verifications or {} for token, detail in email_verifications.iteritems(): is_merge = Email.objects.filter(address=detail['email']).exists() serialized_unconfirmed_email = UserEmail( email_id=token, address=detail['email'], confirmed=detail['confirmed'], verified=False, primary=False, is_merge=is_merge, ) serialized_emails.append(serialized_unconfirmed_email) return serialized_emails
def test_get_email_detail(self, app, confirmed_url, user_one, user_two, unconfirmed_url): # logged in and authorized and confirmed res = app.get(confirmed_url, auth=user_one.auth) assert res.status_code == 200 assert 'resend_confirmation' not in res.json['data']['links'].keys() # not logged in res = app.get(confirmed_url, expect_errors=True) assert res.status_code == 401 # logged in as different user res = app.get(confirmed_url, auth=user_two.auth, expect_errors=True) assert res.status_code == 403 # unconfirmed email detail res_unconfirmed = app.get(unconfirmed_url, auth=user_one.auth) assert res_unconfirmed.status_code == 200 assert res_unconfirmed.json['data']['attributes']['confirmed'] is False assert 'resend_confirmation' in res_unconfirmed.json['data'][ 'links'].keys() assert '{}?resend_confirmation=true'.format( unconfirmed_url ) in res_unconfirmed.json['data']['links']['resend_confirmation'] # token for unconfirmed email different user res = app.get(unconfirmed_url, auth=user_two.auth, expect_errors=True) assert res.status_code == 403 # id does not exist url = '/{}users/{}/settings/emails/thisisnotarealid/'.format( API_BASE, user_one._id) res = app.get(url, auth=user_one.auth, expect_errors=True) assert res.status_code == 404 # id is a real hashid but the database id does not exist potential_id = hashids.encode(10000000) url = '/{}users/{}/settings/emails/{}/'.format(API_BASE, user_one._id, potential_id) res = app.get(url, auth=user_one.auth, expect_errors=True) assert res.status_code == 404 # primary email detail primary_email = Email.objects.get(address=user_one.username) primary_hash = self.get_hashid(primary_email.id) url = '/{}users/{}/settings/emails/{}/'.format(API_BASE, user_one._id, primary_hash) res_primary = app.get(url, auth=user_one.auth) assert res_primary.status_code == 200 assert res_primary.json['data']['attributes']['primary'] is True # is_merge field token = user_one.add_unconfirmed_email(user_two.username) user_one.save() url = '/{}users/{}/settings/emails/{}/'.format(API_BASE, user_one._id, token) res_merge = app.get(url, auth=user_one.auth) assert res_merge.json['data']['attributes']['is_merge'] is True assert res_unconfirmed.json['data']['attributes']['is_merge'] is False assert res_primary.json['data']['attributes']['is_merge'] is False
def test_get_email_detail(self, app, confirmed_url, user_one, user_two, unconfirmed_url): # logged in and authorized and confirmed res = app.get(confirmed_url, auth=user_one.auth) assert res.status_code == 200 assert 'resend_confirmation' not in res.json['data']['links'].keys() # not logged in res = app.get(confirmed_url, expect_errors=True) assert res.status_code == 401 # logged in as different user res = app.get(confirmed_url, auth=user_two.auth, expect_errors=True) assert res.status_code == 403 # unconfirmed email detail res_unconfirmed = app.get(unconfirmed_url, auth=user_one.auth) assert res_unconfirmed.status_code == 200 assert res_unconfirmed.json['data']['attributes']['confirmed'] is False assert 'resend_confirmation' in res_unconfirmed.json['data']['links'].keys() assert '{}?resend_confirmation=true'.format(unconfirmed_url) in res_unconfirmed.json['data']['links']['resend_confirmation'] # token for unconfirmed email different user res = app.get(unconfirmed_url, auth=user_two.auth, expect_errors=True) assert res.status_code == 403 # id does not exist url = '/{}users/{}/settings/emails/thisisnotarealid/'.format(API_BASE, user_one._id) res = app.get(url, auth=user_one.auth, expect_errors=True) assert res.status_code == 404 # id is a real hashid but the database id does not exist potential_id = hashids.encode(10000000) url = '/{}users/{}/settings/emails/{}/'.format(API_BASE, user_one._id, potential_id) res = app.get(url, auth=user_one.auth, expect_errors=True) assert res.status_code == 404 # primary email detail primary_email = Email.objects.get(address=user_one.username) primary_hash = self.get_hashid(primary_email.id) url = '/{}users/{}/settings/emails/{}/'.format(API_BASE, user_one._id, primary_hash) res_primary = app.get(url, auth=user_one.auth) assert res_primary.status_code == 200 assert res_primary.json['data']['attributes']['primary'] is True # is_merge field token = user_one.add_unconfirmed_email(user_two.username) user_one.save() url = '/{}users/{}/settings/emails/{}/'.format(API_BASE, user_one._id, token) res_merge = app.get(url, auth=user_one.auth) assert res_merge.json['data']['attributes']['is_merge'] is True assert res_unconfirmed.json['data']['attributes']['is_merge'] is False assert res_primary.json['data']['attributes']['is_merge'] is False
def get_queryset(self): user = self.get_user() serialized_emails = [] for email in user.emails.all(): primary = email.address == user.username hashed_id = hashids.encode(email.id) serialized_email = UserEmail(email_id=hashed_id, address=email.address, confirmed=True, primary=primary) serialized_emails.append(serialized_email) email_verifications = user.email_verifications or [] for token in email_verifications: detail = user.email_verifications[token] serialized_unconfirmed_email = UserEmail(email_id=token, address=detail['email'], confirmed=detail['confirmed'], primary=False) serialized_emails.append(serialized_unconfirmed_email) return serialized_emails
def test_get_email_detail(self, app, url, user_one, user_two): # logged in and authorized res = app.get(url, auth=user_one.auth) assert res.status_code == 200 # not logged in res = app.get(url, expect_errors=True) assert res.status_code == 401 # logged in as different user res = app.get(url, auth=user_two.auth, expect_errors=True) assert res.status_code == 403 # token for unconfirmed email token = user_one.add_unconfirmed_email('*****@*****.**') user_one.save() url = '/{}users/{}/settings/emails/{}/'.format(API_BASE, user_one._id, token) res = app.get(url, auth=user_one.auth) assert res.status_code == 200 assert res.json['data']['attributes']['confirmed'] is False # token for unconfirmed email different user res = app.get(url, auth=user_two.auth, expect_errors=True) assert res.status_code == 403 # id does not exist url = '/{}users/{}/settings/emails/thisisnotarealid/'.format( API_BASE, user_one._id) res = app.get(url, auth=user_one.auth, expect_errors=True) assert res.status_code == 404 # id is a real hashid but the database id does not exist potential_id = hashids.encode(10000000) url = '/{}users/{}/settings/emails/{}/'.format(API_BASE, user_one._id, potential_id) res = app.get(url, auth=user_one.auth, expect_errors=True) assert res.status_code == 404 # primary email detail primary_email = Email.objects.get(address=user_one.username) primary_hash = self.get_hashid(primary_email.id) url = '/{}users/{}/settings/emails/{}/'.format(API_BASE, user_one._id, primary_hash) res = app.get(url, auth=user_one.auth) assert res.status_code == 200 assert res.json['data']['attributes']['primary'] is True
def test_get_email_detail(self, app, url, user_one, user_two): # logged in and authorized res = app.get(url, auth=user_one.auth) assert res.status_code == 200 # not logged in res = app.get(url, expect_errors=True) assert res.status_code == 401 # logged in as different user res = app.get(url, auth=user_two.auth, expect_errors=True) assert res.status_code == 403 # token for unconfirmed email token = user_one.add_unconfirmed_email('*****@*****.**') user_one.save() url = '/{}users/{}/settings/emails/{}/'.format(API_BASE, user_one._id, token) res = app.get(url, auth=user_one.auth) assert res.status_code == 200 assert res.json['data']['attributes']['confirmed'] is False # token for unconfirmed email different user res = app.get(url, auth=user_two.auth, expect_errors=True) assert res.status_code == 403 # id does not exist url = '/{}users/{}/settings/emails/thisisnotarealid/'.format(API_BASE, user_one._id) res = app.get(url, auth=user_one.auth, expect_errors=True) assert res.status_code == 404 # id is a real hashid but the database id does not exist potential_id = hashids.encode(10000000) url = '/{}users/{}/settings/emails/{}/'.format(API_BASE, user_one._id, potential_id) res = app.get(url, auth=user_one.auth, expect_errors=True) assert res.status_code == 404 # primary email detail primary_email = Email.objects.get(address=user_one.username) primary_hash = self.get_hashid(primary_email.id) url = '/{}users/{}/settings/emails/{}/'.format(API_BASE, user_one._id, primary_hash) res = app.get(url, auth=user_one.auth) assert res.status_code == 200 assert res.json['data']['attributes']['primary'] is True
def update(self, instance, validated_data): user = self.context['request'].user primary = validated_data.get('primary', None) verified = validated_data.get('verified', None) if primary and instance.confirmed: user.username = instance.address user.save() elif primary and not instance.confirmed: raise exceptions.ValidationError('You cannot set an unconfirmed email address as your primary email address.') if verified and not instance.verified: if not instance.confirmed: raise exceptions.ValidationError('You cannot verify an email address that has not been confirmed by a user.') user.confirm_email(token=instance.id, merge=instance.is_merge) instance.verified = True instance.is_merge = False new_email = Email.objects.get(address=instance.address, user=user) instance.id = hashids.encode(new_email.id) user.save() return instance
def get_queryset(self): user = self.get_user() serialized_emails = [] for email in user.emails.all(): primary = email.address == user.username hashed_id = hashids.encode(email.id) serialized_email = UserEmail(email_id=hashed_id, address=email.address, confirmed=True, primary=primary) serialized_emails.append(serialized_email) email_verifications = user.email_verifications or [] for token in email_verifications: detail = user.email_verifications[token] serialized_unconfirmed_email = UserEmail( email_id=token, address=detail['email'], confirmed=detail['confirmed'], primary=False) serialized_emails.append(serialized_unconfirmed_email) return serialized_emails
def get_default_queryset(self): user = self.get_user() serialized_emails = [] for email in user.emails.all(): primary = email.address == user.username hashed_id = hashids.encode(email.id) serialized_email = UserEmail(email_id=hashed_id, address=email.address, confirmed=True, verified=True, primary=primary) serialized_emails.append(serialized_email) email_verifications = user.email_verifications or {} for token, detail in email_verifications.iteritems(): is_merge = Email.objects.filter(address=detail['email']).exists() serialized_unconfirmed_email = UserEmail( email_id=token, address=detail['email'], confirmed=detail['confirmed'], verified=False, primary=False, is_merge=is_merge, ) serialized_emails.append(serialized_unconfirmed_email) return serialized_emails
def get_hashid(self, id_to_hash): return hashids.encode(id_to_hash)
def get_hashid(self, id_to_hash): return hashids.encode(id_to_hash)