def test_subscriber_validator_email_address(self):
self.assertEqual(subscriber_validator('*****@*****.**'),
'*****@*****.**')
def on_post(self, request, response):
"""Create a new member."""
try:
validator = Validator(
list_id=str,
subscriber=subscriber_validator(self.api),
display_name=str,
delivery_mode=enum_validator(DeliveryMode),
role=enum_validator(MemberRole),
pre_verified=bool,
pre_confirmed=bool,
pre_approved=bool,
_optional=('delivery_mode', 'display_name', 'role',
'pre_verified', 'pre_confirmed', 'pre_approved'))
arguments = validator(request)
except ValueError as error:
bad_request(response, str(error))
return
# Dig the mailing list out of the arguments.
list_id = arguments.pop('list_id')
mlist = getUtility(IListManager).get_by_list_id(list_id)
if mlist is None:
bad_request(response, b'No such list')
return
# Figure out what kind of subscriber is being registered. Either it's
# a user via their preferred email address or it's an explicit address.
# If it's a UUID, then it must be associated with an existing user.
subscriber = arguments.pop('subscriber')
user_manager = getUtility(IUserManager)
# We use the display name if there is one.
display_name = arguments.pop('display_name', '')
if isinstance(subscriber, UUID):
user = user_manager.get_user_by_id(subscriber)
if user is None:
bad_request(response, b'No such user')
return
subscriber = user
else:
# This must be an email address. See if there's an existing
# address object associated with this email.
address = user_manager.get_address(subscriber)
if address is None:
# Create a new address, which of course will not be validated.
address = user_manager.create_address(
subscriber, display_name)
subscriber = address
# What role are we subscribing? Regular members go through the
# subscription policy workflow while owners, moderators, and
# nonmembers go through the legacy API for now.
role = arguments.pop('role', MemberRole.member)
if role is MemberRole.member:
# Get the pre_ flags for the subscription workflow.
pre_verified = arguments.pop('pre_verified', False)
pre_confirmed = arguments.pop('pre_confirmed', False)
pre_approved = arguments.pop('pre_approved', False)
# Now we can run the registration process until either the
# subscriber is subscribed, or the workflow is paused for
# verification, confirmation, or approval.
registrar = IRegistrar(mlist)
try:
token, token_owner, member = registrar.register(
subscriber,
pre_verified=pre_verified,
pre_confirmed=pre_confirmed,
pre_approved=pre_approved)
except AlreadySubscribedError:
conflict(response, b'Member already subscribed')
return
except MissingPreferredAddressError:
bad_request(response, b'User has no preferred address')
return
except MembershipIsBannedError:
bad_request(response, b'Membership is banned')
return
except SubscriptionPendingError:
conflict(response, b'Subscription request already pending')
return
if token is None:
assert token_owner is TokenOwner.no_one, token_owner
# The subscription completed. Let's get the resulting member
# and return the location to the new member. Member ids are
# UUIDs and need to be converted to URLs because JSON doesn't
# directly support UUIDs.
member_id = self.api.from_uuid(member.member_id)
location = self.api.path_to('members/{}'.format(member_id))
created(response, location)
return
# The member could not be directly subscribed because there are
# some out-of-band steps that need to be completed. E.g. the user
# must confirm their subscription or the moderator must approve
# it. In this case, an HTTP 202 Accepted is exactly the code that
# we should use, and we'll return both the confirmation token and
# the "token owner" so the client knows who should confirm it.
assert token is not None, token
assert token_owner is not TokenOwner.no_one, token_owner
assert member is None, member
content = dict(token=token, token_owner=token_owner.name)
accepted(response, etag(content))
return
# 2015-04-15 BAW: We're subscribing some role other than a regular
# member. Use the legacy API for this for now.
assert role in (MemberRole.owner,
MemberRole.moderator,
MemberRole.nonmember)
# 2015-04-15 BAW: We're limited to using an email address with this
# legacy API, so if the subscriber is a user, the user must have a
# preferred address, which we'll use, even though it will subscribe
# the explicit address. It is an error if the user does not have a
# preferred address.
#
# If the subscriber is an address object, just use that.
if IUser.providedBy(subscriber):
if subscriber.preferred_address is None:
bad_request(response, b'User without preferred address')
return
email = subscriber.preferred_address.email
else:
assert IAddress.providedBy(subscriber)
email = subscriber.email
delivery_mode = arguments.pop('delivery_mode', DeliveryMode.regular)
record = RequestRecord(email, display_name, delivery_mode)
try:
member = add_member(mlist, record, role)
except MembershipIsBannedError:
bad_request(response, b'Membership is banned')
return
except AlreadySubscribedError:
bad_request(response,
'{} is already an {} of {}'.format(
email, role.name, mlist.fqdn_listname))
return
# The subscription completed. Let's get the resulting member
# and return the location to the new member. Member ids are
# UUIDs and need to be converted to URLs because JSON doesn't
# directly support UUIDs.
member_id = self.api.from_uuid(member.member_id)
location = self.api.path_to('members/{}'.format(member_id))
created(response, location)
def test_subscriber_validator_uuid(self):
# Convert from an existing user id to a UUID.
anne = getUtility(IUserManager).make_user('*****@*****.**')
uuid = subscriber_validator(str(anne.user_id.int))
self.assertEqual(anne.user_id, uuid)
def test_subscriber_validator_bad_int_uuid(self):
# In API 3.0, UUIDs are ints.
self.assertRaises(ValueError,
subscriber_validator(API30), 'not-a-thing')
def test_subscriber_validator_bad_int_hex(self):
# In API 3.1, UUIDs are hexes.
self.assertRaises(ValueError,
subscriber_validator(API31), 'not-a-thing')
def test_subscriber_validator_bad_int_uuid(self):
# In API 3.0, UUIDs are ints.
self.assertRaises(ValueError, subscriber_validator(API30),
'not-a-thing')
def test_subscriber_validator_no_int_uuid(self):
# API 3.1 does not accept ints as subscriber id's.
anne = getUtility(IUserManager).make_user('*****@*****.**')
self.assertRaises(ValueError,
subscriber_validator(API31), str(anne.user_id.int))
def test_subscriber_validator_no_int_uuid(self):
# API 3.1 does not accept ints as subscriber id's.
anne = getUtility(IUserManager).make_user('*****@*****.**')
self.assertRaises(ValueError, subscriber_validator(API31),
str(anne.user_id.int))
def test_subscriber_validator_hex_uuid(self):
# Convert from an existing user id to a UUID.
anne = getUtility(IUserManager).make_user('*****@*****.**')
uuid = subscriber_validator(API31)(anne.user_id.hex)
self.assertEqual(anne.user_id, uuid)
def on_post(self, request, response):
"""Create a new member."""
try:
validator = Validator(list_id=str,
subscriber=subscriber_validator(self.api),
display_name=str,
delivery_mode=enum_validator(DeliveryMode),
role=enum_validator(MemberRole),
pre_verified=as_boolean,
pre_confirmed=as_boolean,
pre_approved=as_boolean,
_optional=('delivery_mode', 'display_name',
'role', 'pre_verified',
'pre_confirmed', 'pre_approved'))
arguments = validator(request)
except ValueError as error:
bad_request(response, str(error))
return
# Dig the mailing list out of the arguments.
list_id = arguments.pop('list_id')
mlist = getUtility(IListManager).get_by_list_id(list_id)
if mlist is None:
bad_request(response, b'No such list')
return
# Figure out what kind of subscriber is being registered. Either it's
# a user via their preferred email address or it's an explicit address.
# If it's a UUID, then it must be associated with an existing user.
subscriber = arguments.pop('subscriber')
user_manager = getUtility(IUserManager)
# We use the display name if there is one.
display_name = arguments.pop('display_name', '')
if isinstance(subscriber, UUID):
user = user_manager.get_user_by_id(subscriber)
if user is None:
bad_request(response, b'No such user')
return
subscriber = user
else:
# This must be an email address. See if there's an existing
# address object associated with this email.
address = user_manager.get_address(subscriber)
if address is None:
# Create a new address, which of course will not be validated.
address = user_manager.create_address(subscriber, display_name)
subscriber = address
# What role are we subscribing? Regular members go through the
# subscription policy workflow while owners, moderators, and
# nonmembers go through the legacy API for now.
role = arguments.pop('role', MemberRole.member)
if role is MemberRole.member:
# Get the pre_ flags for the subscription workflow.
pre_verified = arguments.pop('pre_verified', False)
pre_confirmed = arguments.pop('pre_confirmed', False)
pre_approved = arguments.pop('pre_approved', False)
# Now we can run the registration process until either the
# subscriber is subscribed, or the workflow is paused for
# verification, confirmation, or approval.
registrar = ISubscriptionManager(mlist)
try:
token, token_owner, member = registrar.register(
subscriber,
pre_verified=pre_verified,
pre_confirmed=pre_confirmed,
pre_approved=pre_approved)
except AlreadySubscribedError:
conflict(response, b'Member already subscribed')
return
except MissingPreferredAddressError:
bad_request(response, b'User has no preferred address')
return
except MembershipIsBannedError:
bad_request(response, b'Membership is banned')
return
except SubscriptionPendingError:
conflict(response, b'Subscription request already pending')
return
if token is None:
assert token_owner is TokenOwner.no_one, token_owner
# The subscription completed. Let's get the resulting member
# and return the location to the new member. Member ids are
# UUIDs and need to be converted to URLs because JSON doesn't
# directly support UUIDs.
member_id = self.api.from_uuid(member.member_id)
location = self.api.path_to('members/{}'.format(member_id))
created(response, location)
return
# The member could not be directly subscribed because there are
# some out-of-band steps that need to be completed. E.g. the user
# must confirm their subscription or the moderator must approve
# it. In this case, an HTTP 202 Accepted is exactly the code that
# we should use, and we'll return both the confirmation token and
# the "token owner" so the client knows who should confirm it.
assert token is not None, token
assert token_owner is not TokenOwner.no_one, token_owner
assert member is None, member
content = dict(token=token, token_owner=token_owner.name)
accepted(response, etag(content))
return
# 2015-04-15 BAW: We're subscribing some role other than a regular
# member. Use the legacy API for this for now.
assert role in (MemberRole.owner, MemberRole.moderator,
MemberRole.nonmember)
# 2015-04-15 BAW: We're limited to using an email address with this
# legacy API, so if the subscriber is a user, the user must have a
# preferred address, which we'll use, even though it will subscribe
# the explicit address. It is an error if the user does not have a
# preferred address.
#
# If the subscriber is an address object, just use that.
if IUser.providedBy(subscriber):
if subscriber.preferred_address is None:
bad_request(response, b'User without preferred address')
return
email = subscriber.preferred_address.email
else:
assert IAddress.providedBy(subscriber)
email = subscriber.email
delivery_mode = arguments.pop('delivery_mode', DeliveryMode.regular)
record = RequestRecord(email, display_name, delivery_mode)
try:
member = add_member(mlist, record, role)
except MembershipIsBannedError:
bad_request(response, b'Membership is banned')
return
except AlreadySubscribedError:
bad_request(
response,
'{} is already an {} of {}'.format(email, role.name,
mlist.fqdn_listname))
return
# The subscription completed. Let's get the resulting member
# and return the location to the new member. Member ids are
# UUIDs and need to be converted to URLs because JSON doesn't
# directly support UUIDs.
member_id = self.api.from_uuid(member.member_id)
location = self.api.path_to('members/{}'.format(member_id))
created(response, location)
def test_subscriber_validator_email_address_API31(self):
self.assertEqual(
subscriber_validator(API31)('*****@*****.**'),
'*****@*****.**')
def test_subscriber_validator_bad_int_hex(self):
# In API 3.1, UUIDs are hexes.
self.assertRaises(ValueError, subscriber_validator(API31),
'not-a-thing')
