views: fix bug introduced in EmailChangeVerifyView by 16afddc6b9 (fixes #20186)

Ref #19712
2017-11-21 11:20:12 +01:00 · 2017-11-21 11:20:12 +01:00 · 39c8cbb989
parent 95add8fba7
commit 39c8cbb989
3 changed files with 18 additions and 15 deletions
--- a/src/authentic2/views.py
+++ b/src/authentic2/views.py
@ -19,6 +19,7 @@ from django.contrib.auth import SESSION_KEY
 from django import http, shortcuts
 from django.core import mail, signing
 from django.core.urlresolvers import reverse
+from django.core.exceptions import ValidationError
 from django.contrib import messages
 from django.utils.translation import ugettext as _
 from django.utils.http import urlencode, same_origin
@ -210,6 +211,7 @@ class EmailChangeView(cbv.TemplateNamesMixin, FormView):
 email_change = decorators.setting_enabled('A2_PROFILE_CAN_CHANGE_EMAIL')(
    login_required(EmailChangeView.as_view()))

+
 class EmailChangeVerifyView(TemplateView):
    def get(self, request, *args, **kwargs):
        if 'token' in request.GET:
@ -227,7 +229,7 @@ class EmailChangeVerifyView(TemplateView):
                    non_unique = User.objects.filter(email=email, ou=user.ou).exclude(
                        pk=user_pk).exists()
                if non_unique:
-                    raise forms.ValidationError(_('This email is already used by another account.'))
+                    raise ValidationError(_('This email is already used by another account.'))
                old_email = user.email
                user.email = email
                user.save()
@ -249,7 +251,7 @@ class EmailChangeVerifyView(TemplateView):
            except User.DoesNotExist:
                messages.error(request, _('your request for changing your email is for '
                    'an unknown user, try again'))
-            except forms.ValidationError as e:
+            except ValidationError as e:
                messages.error(request, e.message)
            else:
                return shortcuts.redirect('account_management')
--- a/tests/test_change_email.py
+++ b/tests/test_change_email.py
@ -47,3 +47,17 @@ def test_change_email_ou_email_is_unique(app, simple_user, user_ou1, user_ou2, m
    link = utils.get_link_from_mail(email)
    # email change is impossible as email is already taken in the same ou
    assert 'password/reset' in link
+
+
+def test_change_email_is_unique_after_first_view(app, settings, simple_user, user_ou1, mailoutbox):
+    settings.A2_EMAIL_IS_UNIQUE = True
+    new_email = 'wtf@example.net'
+    email = change_email(app, simple_user, new_email, mailoutbox)
+    link = utils.get_link_from_mail(email)
+    # user_ou1 take the new email in the meantime
+    user_ou1.email = new_email
+    user_ou1.save()
+    # email change is impossible as email is already taken
+    link = utils.get_link_from_mail(email)
+    response = app.get(link).follow()
+    assert 'is already used by another account' in response.content
--- a/tests/test_views.py
+++ b/tests/test_views.py
@ -2,7 +2,6 @@ from utils import login
 import pytest

 from django.core.urlresolvers import reverse
-from django.core import mail

 from authentic2.custom_user.models import User

@ -15,18 +14,6 @@ def test_profile(app, simple_user):
    assert simple_user.last_name in page


-def test_email_change(app, simple_user):
-    page = login(app, simple_user, path=reverse('email-change'))
-    page = page.form.submit('cancel').follow()
-
-    page = app.get(reverse('email-change'))
-    page.form.set('email', 'john.doe2@example.net')
-    page.form.set('password', simple_user.username)
-    page = page.form.submit('Validate').follow()
-    assert len(mail.outbox) == 1
-    assert 'for 2 hours.' in mail.outbox[0].body
-
-
 def test_password_change(app, simple_user):
    page = login(app, simple_user, path=reverse('auth_password_change'))
    page = page.form.submit('cancel').follow()