Commit f15c3ea7 authored by Kostas Papadimitriou's avatar Kostas Papadimitriou
Browse files

astakos: Existing third party identifier handling in signup

remove both existing third party authentication and unverified user entries
when the third party identifier gets used.
parent e71c95c0
......@@ -245,7 +245,10 @@ class AuthProvider(object):
self.module, identifier=self.identifier)
if pending:
pending._instance.delete()
user = pending._instance.user
logger.info("Removing existing unverified user (%r)",
user.log_display)
user.delete()
create_params = {
'module': self.module,
......
......@@ -121,14 +121,36 @@ class ShibbolethTests(TestCase):
existing_user.delete()
# and finally a valid signup
post_data['email'] = 'kpap@synnefo.org'
post_data['email'] = 'kpap-takeover@synnefo.org'
r = client.post(signup_url, post_data, follow=True)
self.assertContains(r, messages.VERIFICATION_SENT)
# takeover of the uverified the shibboleth identifier
client = ShibbolethClient()
client.set_tokens(mail="kpap@synnefo.org", remote_user="kpapeppn",
eppn="kpapeppn",
cn="Kostas Papadimitriou",
ep_affiliation="Test Affiliation")
r = client.get(ui_url('login/shibboleth?'), follow=True,
**{'HTTP_SHIB_CUSTOM_IDP_KEY': 'test'})
# a new pending user created, previous one was deleted
self.assertEqual(PendingThirdPartyUser.objects.count(), 1)
pending_user = PendingThirdPartyUser.objects.get(
third_party_identifier="kpapeppn")
identifier = pending_user.third_party_identifier
token = pending_user.token
post_data = {'third_party_identifier': identifier,
'third_party_token': token}
post_data['email'] = 'kpap@synnefo.org'
r = client.post(signup_url, post_data)
self.assertEqual(PendingThirdPartyUser.objects.count(), 0)
# previously unverified user associated with kpapeppn gets deleted
user_qs = AstakosUser.objects.filter(email="kpap-takeover@synnefo.org")
self.assertEqual(user_qs.count(), 0)
# entires commited as expected
self.assertEqual(AstakosUser.objects.count(), 1)
self.assertEqual(AstakosUserAuthProvider.objects.count(), 1)
self.assertEqual(PendingThirdPartyUser.objects.count(), 0)
user = AstakosUser.objects.get()
provider = user.get_auth_provider("shibboleth")
......@@ -143,11 +165,33 @@ class ShibbolethTests(TestCase):
self.assertEqual(provider.info['name'], u'Kostas Papadimitriou')
self.assertTrue('headers' in provider.info)
# login (not activated yet)
# login (not verified yet)
client.set_tokens(mail="kpap@synnefo.org", remote_user="kpapeppn",
cn="Kostas Papadimitriou")
r = client.get(ui_url("login/shibboleth?"), follow=True)
self.assertContains(r, 'A pending registration exists for')
self.assertNotContains(r, 'pending moderation')
self.assertEqual(PendingThirdPartyUser.objects.count(), 1)
tmp_third_party = PendingThirdPartyUser.objects.get()
# user gets verified
u = AstakosUser.objects.get(username="kpap@synnefo.org")
backend = activation_backends.get_backend()
activation_result = backend.verify_user(u, u.verification_code)
client.set_tokens(mail="kpap@synnefo.org", remote_user="kpapeppn",
cn="Kostas Papadimitriou")
r = client.get(ui_url("login/shibboleth?"), follow=True)
self.assertContains(r, 'is pending moderation')
self.assertNotContains(r, 'A pending registration exists for')
self.assertContains(r, 'pending moderation')
# temporary signup process continues. meanwhile the user have verified
# her account. The signup process should fail
tp = tmp_third_party
post_data = {'third_party_identifier': tp.third_party_identifier,
'email': 'unsed-email@synnefo.org',
'third_party_token': tp.token}
r = client.post(signup_url, post_data)
self.assertEqual(r.status_code, 404)
# admin activates the user
u = AstakosUser.objects.get(username="kpap@synnefo.org")
......@@ -158,6 +202,7 @@ class ShibbolethTests(TestCase):
backend.send_result_notifications(activation_result, u)
self.assertEqual(u.is_active, True)
# we see our profile
r = client.get(ui_url("login/shibboleth?"), follow=True)
self.assertRedirects(r, ui_url('landing'))
......
......@@ -435,14 +435,17 @@ def signup(request, template_name='im/signup.html', on_success='index',
unverified = get_unverified(pending.provider,
identifier=pending.third_party_identifier)
get_verified = AstakosUserAuthProvider.objects.verified
verified = get_verified(pending.provider,
identifier=pending.third_party_identifier)
if verified:
# an existing verified user already exists for the third party
# identifier
pending.delete()
raise Http404
if unverified and request.method == 'GET':
messages.warning(request, unverified.get_pending_registration_msg)
if unverified.user.moderated:
messages.warning(request,
unverified.get_pending_resend_activation_msg)
else:
messages.warning(request,
unverified.get_pending_moderation_msg)
# prepare activation backend based on current request
if not activation_backend:
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment