Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #6345 from edx/hotfix/third-party-auth-inactive-linked-fix

Browse Source 
Send the user to the login page if registering with a linked but inactiv...
This commit is contained in:
Will Daly
2014-12-22 16:46:33 -05:00
parent a7042ca31d 30549bd7ad
commit de22ccd531
2 changed files with 22 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
common/djangoapps/third_party_auth/pipeline.py
View File

@@ -536,6 +536,15 @@ def ensure_user_information(
if is_register_2 and user_unset:
return redirect(_create_redirect_url(AUTH_DISPATCH_URLS[AUTH_ENTRY_REGISTER_2], strategy))
# If the user has a linked account, but has not yet activated
# we should send them to the login page. The login page
# will tell them that they need to activate their account.
if is_register and user_inactive:
return redirect(_create_redirect_url(AUTH_DISPATCH_URLS[AUTH_ENTRY_LOGIN], strategy))
if is_register_2 and user_inactive:
return redirect(_create_redirect_url(AUTH_DISPATCH_URLS[AUTH_ENTRY_LOGIN_2], strategy))
def _create_redirect_url(url, strategy):
""" Given a URL and a Strategy, construct the appropriate redirect URL.

14
common/djangoapps/third_party_auth/tests/specs/base.py
View File

@@ -689,7 +689,19 @@ class IntegrationTest(testutil.TestCase, test.TestCase):
# social auth.
self.assert_social_auth_does_not_exist_for_user(created_user, strategy)
# We should be redirected back to the complete page, setting
# Since the user's account is not yet active, we should be redirected to /login
self.assert_redirect_to_login_looks_correct(
actions.do_complete(
request.social_strategy, social_views._do_login, request.user, None, # pylint: disable-msg=protected-access
redirect_field_name=auth.REDIRECT_FIELD_NAME
)
)
# Activate the user's account
strategy.request.user.is_active = True
strategy.request.user.save()
# Try again. This time, we should be redirected back to the complete page, setting
# the "logged in" cookie for the marketing site.
self.assert_logged_in_cookie_redirect(actions.do_complete(
request.social_strategy, social_views._do_login, request.user, None, # pylint: disable-msg=protected-access