From 0c4f98a89b7a8e7f19a19b4d5dc115e1130af1f5 Mon Sep 17 00:00:00 2001
From: Adam Palay <adam@edx.org>
Date: Mon, 29 Sep 2014 15:47:30 -0400
Subject: [PATCH] update password reset template (TNL-503)

---
 .../student/tests/test_reset_password.py      | 26 +++++++++++++++++++
 .../registration/password_reset_email.html    |  2 +-
 2 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/common/djangoapps/student/tests/test_reset_password.py b/common/djangoapps/student/tests/test_reset_password.py
index d0f35bc9c7..6c60c65c23 100644
--- a/common/djangoapps/student/tests/test_reset_password.py
+++ b/common/djangoapps/student/tests/test_reset_password.py
@@ -16,12 +16,14 @@ from django.utils.http import int_to_base36
 
 from mock import Mock, patch
 from textwrap import dedent
+import ddt
 
 from student.views import password_reset, password_reset_confirm_wrapper
 from student.tests.factories import UserFactory
 from student.tests.test_email import mock_render_to_string
 
 
+@ddt.ddt
 class ResetPasswordTests(TestCase):
     """ Tests that clicking reset password sends email, and doesn't activate the user
     """
@@ -121,6 +123,30 @@ class ResetPasswordTests(TestCase):
         self.assertFalse(self.user.is_active)
         re.search(r'password_reset_confirm/(?P<uidb36>[0-9A-Za-z]+)-(?P<token>.+)/', msg).groupdict()
 
+    @unittest.skipIf(
+        settings.FEATURES.get('DISABLE_RESET_EMAIL_TEST', False),
+        dedent("""
+            Skipping Test because CMS has not provided necessary templates for password reset.
+            If LMS tests print this message, that needs to be fixed.
+        """)
+    )
+    @patch('django.core.mail.send_mail')
+    @ddt.data((False, 'http://'), (True, 'https://'))
+    @ddt.unpack
+    def test_reset_password_email_https(self, is_secure, protocol, send_email):
+        """
+        Tests that the right url protocol is included in the reset password link
+        """
+        req = self.request_factory.post(
+            '/password_reset/', {'email': self.user.email}
+        )
+        req.is_secure = Mock(return_value=is_secure)
+        resp = password_reset(req)
+        _, msg, _, _ = send_email.call_args[0]
+        expected_msg = "Please go to the following page and choose a new password:\n\n" + protocol
+
+        self.assertIn(expected_msg, msg)
+
     @patch('student.views.password_reset_confirm')
     def test_reset_password_bad_token(self, reset_confirm):
         """Tests bad token and uidb36 in password reset"""
diff --git a/lms/templates/registration/password_reset_email.html b/lms/templates/registration/password_reset_email.html
index e7bbc6cf35..1952fa1bd6 100644
--- a/lms/templates/registration/password_reset_email.html
+++ b/lms/templates/registration/password_reset_email.html
@@ -3,7 +3,7 @@
 
 {% trans "Please go to the following page and choose a new password:" %}
 {% block reset_link %}
-http{% if is_secure %}s{% endif %}://{{domain}}{% url 'student.views.password_reset_confirm_wrapper' uidb36=uid token=token %}
+{{ protocol }}://{{domain}}{% url 'student.views.password_reset_confirm_wrapper' uidb36=uid token=token %}
 {% endblock %}
 
 {% trans "If you didn't request this change, you can disregard this email - we have not yet reset your password." %}