def update(self, instance, validated_data):
user = self.context['request'].user
primary = validated_data.get('primary', None)
verified = validated_data.get('verified', None)
if primary and instance.confirmed:
user.username = instance.address
user.save()
elif primary and not instance.confirmed:
raise exceptions.ValidationError(
'You cannot set an unconfirmed email address as your primary email address.'
)
if verified and not instance.verified:
if not instance.confirmed:
raise exceptions.ValidationError(
'You cannot verify an email address that has not been confirmed by a user.'
)
user.confirm_email(token=instance.id, merge=instance.is_merge)
instance.verified = True
instance.is_merge = False
new_email = Email.objects.get(address=instance.address, user=user)
instance.id = hashids.encode(new_email.id)
user.save()
return instance
def get_default_queryset(self):
user = self.get_user()
serialized_emails = []
for email in user.emails.all():
primary = email.address == user.username
hashed_id = hashids.encode(email.id)
serialized_email = UserEmail(email_id=hashed_id,
address=email.address,
confirmed=True,
verified=True,
primary=primary)
serialized_emails.append(serialized_email)
email_verifications = user.email_verifications or {}
for token, detail in email_verifications.iteritems():
is_merge = Email.objects.filter(address=detail['email']).exists()
serialized_unconfirmed_email = UserEmail(
email_id=token,
address=detail['email'],
confirmed=detail['confirmed'],
verified=False,
primary=False,
is_merge=is_merge,
)
serialized_emails.append(serialized_unconfirmed_email)
return serialized_emails
def test_get_email_detail(self, app, confirmed_url, user_one, user_two,
unconfirmed_url):
# logged in and authorized and confirmed
res = app.get(confirmed_url, auth=user_one.auth)
assert res.status_code == 200
assert 'resend_confirmation' not in res.json['data']['links'].keys()
# not logged in
res = app.get(confirmed_url, expect_errors=True)
assert res.status_code == 401
# logged in as different user
res = app.get(confirmed_url, auth=user_two.auth, expect_errors=True)
assert res.status_code == 403
# unconfirmed email detail
res_unconfirmed = app.get(unconfirmed_url, auth=user_one.auth)
assert res_unconfirmed.status_code == 200
assert res_unconfirmed.json['data']['attributes']['confirmed'] is False
assert 'resend_confirmation' in res_unconfirmed.json['data'][
'links'].keys()
assert '{}?resend_confirmation=true'.format(
unconfirmed_url
) in res_unconfirmed.json['data']['links']['resend_confirmation']
# token for unconfirmed email different user
res = app.get(unconfirmed_url, auth=user_two.auth, expect_errors=True)
assert res.status_code == 403
# id does not exist
url = '/{}users/{}/settings/emails/thisisnotarealid/'.format(
API_BASE, user_one._id)
res = app.get(url, auth=user_one.auth, expect_errors=True)
assert res.status_code == 404
# id is a real hashid but the database id does not exist
potential_id = hashids.encode(10000000)
url = '/{}users/{}/settings/emails/{}/'.format(API_BASE, user_one._id,
potential_id)
res = app.get(url, auth=user_one.auth, expect_errors=True)
assert res.status_code == 404
# primary email detail
primary_email = Email.objects.get(address=user_one.username)
primary_hash = self.get_hashid(primary_email.id)
url = '/{}users/{}/settings/emails/{}/'.format(API_BASE, user_one._id,
primary_hash)
res_primary = app.get(url, auth=user_one.auth)
assert res_primary.status_code == 200
assert res_primary.json['data']['attributes']['primary'] is True
# is_merge field
token = user_one.add_unconfirmed_email(user_two.username)
user_one.save()
url = '/{}users/{}/settings/emails/{}/'.format(API_BASE, user_one._id,
token)
res_merge = app.get(url, auth=user_one.auth)
assert res_merge.json['data']['attributes']['is_merge'] is True
assert res_unconfirmed.json['data']['attributes']['is_merge'] is False
assert res_primary.json['data']['attributes']['is_merge'] is False
def test_get_email_detail(self, app, confirmed_url, user_one, user_two, unconfirmed_url):
# logged in and authorized and confirmed
res = app.get(confirmed_url, auth=user_one.auth)
assert res.status_code == 200
assert 'resend_confirmation' not in res.json['data']['links'].keys()
# not logged in
res = app.get(confirmed_url, expect_errors=True)
assert res.status_code == 401
# logged in as different user
res = app.get(confirmed_url, auth=user_two.auth, expect_errors=True)
assert res.status_code == 403
# unconfirmed email detail
res_unconfirmed = app.get(unconfirmed_url, auth=user_one.auth)
assert res_unconfirmed.status_code == 200
assert res_unconfirmed.json['data']['attributes']['confirmed'] is False
assert 'resend_confirmation' in res_unconfirmed.json['data']['links'].keys()
assert '{}?resend_confirmation=true'.format(unconfirmed_url) in res_unconfirmed.json['data']['links']['resend_confirmation']
# token for unconfirmed email different user
res = app.get(unconfirmed_url, auth=user_two.auth, expect_errors=True)
assert res.status_code == 403
# id does not exist
url = '/{}users/{}/settings/emails/thisisnotarealid/'.format(API_BASE, user_one._id)
res = app.get(url, auth=user_one.auth, expect_errors=True)
assert res.status_code == 404
# id is a real hashid but the database id does not exist
potential_id = hashids.encode(10000000)
url = '/{}users/{}/settings/emails/{}/'.format(API_BASE, user_one._id, potential_id)
res = app.get(url, auth=user_one.auth, expect_errors=True)
assert res.status_code == 404
# primary email detail
primary_email = Email.objects.get(address=user_one.username)
primary_hash = self.get_hashid(primary_email.id)
url = '/{}users/{}/settings/emails/{}/'.format(API_BASE, user_one._id, primary_hash)
res_primary = app.get(url, auth=user_one.auth)
assert res_primary.status_code == 200
assert res_primary.json['data']['attributes']['primary'] is True
# is_merge field
token = user_one.add_unconfirmed_email(user_two.username)
user_one.save()
url = '/{}users/{}/settings/emails/{}/'.format(API_BASE, user_one._id, token)
res_merge = app.get(url, auth=user_one.auth)
assert res_merge.json['data']['attributes']['is_merge'] is True
assert res_unconfirmed.json['data']['attributes']['is_merge'] is False
assert res_primary.json['data']['attributes']['is_merge'] is False
def get_queryset(self):
user = self.get_user()
serialized_emails = []
for email in user.emails.all():
primary = email.address == user.username
hashed_id = hashids.encode(email.id)
serialized_email = UserEmail(email_id=hashed_id, address=email.address, confirmed=True, primary=primary)
serialized_emails.append(serialized_email)
email_verifications = user.email_verifications or []
for token in email_verifications:
detail = user.email_verifications[token]
serialized_unconfirmed_email = UserEmail(email_id=token, address=detail['email'], confirmed=detail['confirmed'], primary=False)
serialized_emails.append(serialized_unconfirmed_email)
return serialized_emails
def test_get_email_detail(self, app, url, user_one, user_two):
# logged in and authorized
res = app.get(url, auth=user_one.auth)
assert res.status_code == 200
# not logged in
res = app.get(url, expect_errors=True)
assert res.status_code == 401
# logged in as different user
res = app.get(url, auth=user_two.auth, expect_errors=True)
assert res.status_code == 403
# token for unconfirmed email
token = user_one.add_unconfirmed_email('*****@*****.**')
user_one.save()
url = '/{}users/{}/settings/emails/{}/'.format(API_BASE, user_one._id,
token)
res = app.get(url, auth=user_one.auth)
assert res.status_code == 200
assert res.json['data']['attributes']['confirmed'] is False
# token for unconfirmed email different user
res = app.get(url, auth=user_two.auth, expect_errors=True)
assert res.status_code == 403
# id does not exist
url = '/{}users/{}/settings/emails/thisisnotarealid/'.format(
API_BASE, user_one._id)
res = app.get(url, auth=user_one.auth, expect_errors=True)
assert res.status_code == 404
# id is a real hashid but the database id does not exist
potential_id = hashids.encode(10000000)
url = '/{}users/{}/settings/emails/{}/'.format(API_BASE, user_one._id,
potential_id)
res = app.get(url, auth=user_one.auth, expect_errors=True)
assert res.status_code == 404
# primary email detail
primary_email = Email.objects.get(address=user_one.username)
primary_hash = self.get_hashid(primary_email.id)
url = '/{}users/{}/settings/emails/{}/'.format(API_BASE, user_one._id,
primary_hash)
res = app.get(url, auth=user_one.auth)
assert res.status_code == 200
assert res.json['data']['attributes']['primary'] is True
def test_get_email_detail(self, app, url, user_one, user_two):
# logged in and authorized
res = app.get(url, auth=user_one.auth)
assert res.status_code == 200
# not logged in
res = app.get(url, expect_errors=True)
assert res.status_code == 401
# logged in as different user
res = app.get(url, auth=user_two.auth, expect_errors=True)
assert res.status_code == 403
# token for unconfirmed email
token = user_one.add_unconfirmed_email('*****@*****.**')
user_one.save()
url = '/{}users/{}/settings/emails/{}/'.format(API_BASE, user_one._id, token)
res = app.get(url, auth=user_one.auth)
assert res.status_code == 200
assert res.json['data']['attributes']['confirmed'] is False
# token for unconfirmed email different user
res = app.get(url, auth=user_two.auth, expect_errors=True)
assert res.status_code == 403
# id does not exist
url = '/{}users/{}/settings/emails/thisisnotarealid/'.format(API_BASE, user_one._id)
res = app.get(url, auth=user_one.auth, expect_errors=True)
assert res.status_code == 404
# id is a real hashid but the database id does not exist
potential_id = hashids.encode(10000000)
url = '/{}users/{}/settings/emails/{}/'.format(API_BASE, user_one._id, potential_id)
res = app.get(url, auth=user_one.auth, expect_errors=True)
assert res.status_code == 404
# primary email detail
primary_email = Email.objects.get(address=user_one.username)
primary_hash = self.get_hashid(primary_email.id)
url = '/{}users/{}/settings/emails/{}/'.format(API_BASE, user_one._id, primary_hash)
res = app.get(url, auth=user_one.auth)
assert res.status_code == 200
assert res.json['data']['attributes']['primary'] is True
def update(self, instance, validated_data):
user = self.context['request'].user
primary = validated_data.get('primary', None)
verified = validated_data.get('verified', None)
if primary and instance.confirmed:
user.username = instance.address
user.save()
elif primary and not instance.confirmed:
raise exceptions.ValidationError('You cannot set an unconfirmed email address as your primary email address.')
if verified and not instance.verified:
if not instance.confirmed:
raise exceptions.ValidationError('You cannot verify an email address that has not been confirmed by a user.')
user.confirm_email(token=instance.id, merge=instance.is_merge)
instance.verified = True
instance.is_merge = False
new_email = Email.objects.get(address=instance.address, user=user)
instance.id = hashids.encode(new_email.id)
user.save()
return instance
def get_queryset(self):
user = self.get_user()
serialized_emails = []
for email in user.emails.all():
primary = email.address == user.username
hashed_id = hashids.encode(email.id)
serialized_email = UserEmail(email_id=hashed_id,
address=email.address,
confirmed=True,
primary=primary)
serialized_emails.append(serialized_email)
email_verifications = user.email_verifications or []
for token in email_verifications:
detail = user.email_verifications[token]
serialized_unconfirmed_email = UserEmail(
email_id=token,
address=detail['email'],
confirmed=detail['confirmed'],
primary=False)
serialized_emails.append(serialized_unconfirmed_email)
return serialized_emails
def get_default_queryset(self):
user = self.get_user()
serialized_emails = []
for email in user.emails.all():
primary = email.address == user.username
hashed_id = hashids.encode(email.id)
serialized_email = UserEmail(email_id=hashed_id, address=email.address, confirmed=True, verified=True, primary=primary)
serialized_emails.append(serialized_email)
email_verifications = user.email_verifications or {}
for token, detail in email_verifications.iteritems():
is_merge = Email.objects.filter(address=detail['email']).exists()
serialized_unconfirmed_email = UserEmail(
email_id=token,
address=detail['email'],
confirmed=detail['confirmed'],
verified=False,
primary=False,
is_merge=is_merge,
)
serialized_emails.append(serialized_unconfirmed_email)
return serialized_emails
def get_hashid(self, id_to_hash):
return hashids.encode(id_to_hash)
def get_hashid(self, id_to_hash):
return hashids.encode(id_to_hash)
