* adds setting ASKBOT_FEDERATED_LOGIN_EMAIL_EDITABLE, default is True

* passes this setting to the template context * RegistrationForm, when ASKBOT_FEDERATED_LOGIN_EMAIL_EDITABLE is False, - raises an exception when email from the session is not the same as the email from the form * askbot/jinja2/authopenid/complete.html: - shows "Email cannot be changed" message when email is not editable
ASKBOT · May 28, 2024 · 65d7c5d · 65d7c5d
1 parent 11bec93
commit 65d7c5d
Show file tree

Hide file tree

Showing 5 changed files with 56 additions and 25 deletions.
diff --git a/askbot/conf/static_settings.py b/askbot/conf/static_settings.py
@@ -43,7 +43,7 @@ class AskbotStaticSettings(AppConf):
     CAS_GET_EMAIL = None # python path to function
     CUSTOM_BADGES = None # python path to module with badges
     CUSTOM_USER_PROFILE_TAB = None # dict(NAME, SLUG, CONTEXT_GENERATOR
-                                   # the latter is path to func with 
+                                   # the latter is path to func with
                                    # variables (request, user)
     DEBUG_INCOMING_EMAIL = False
     EXTRA_SKINS_DIR = None #None or path to directory with skins
@@ -74,6 +74,7 @@ class AskbotStaticSettings(AppConf):
     SEARCH_FRONTEND_SRC_URL = None
     SEARCH_FRONTEND_CSS_URL = None
     WHITELISTED_IPS = tuple() # a tuple of whitelisted ips for moderation
+    FEDERATED_LOGIN_EMAIL_EDITABLE = True
 
     class Meta:
         prefix = 'askbot'

diff --git a/askbot/context.py b/askbot/context.py
@@ -85,6 +85,7 @@ def application_settings(request):
     my_settings['SEARCH_FRONTEND_SRC_URL'] = settings.ASKBOT_SEARCH_FRONTEND_SRC_URL
     my_settings['SEARCH_FRONTEND_CSS_URL'] = settings.ASKBOT_SEARCH_FRONTEND_CSS_URL
     my_settings['LOGOUT_REDIRECT_URL'] = url_utils.get_logout_redirect_url()
+    my_settings['FEDERATED_LOGIN_EMAIL_EDITABLE'] = settings.ASKBOT_FEDERATED_LOGIN_EMAIL_EDITABLE
 
     current_language = get_language()
 

diff --git a/askbot/deps/django_authopenid/forms.py b/askbot/deps/django_authopenid/forms.py
@@ -310,6 +310,24 @@ def __init__(self, *args, **kwargs):
             self.fields['recaptcha'] = AskbotReCaptchaField()
 
 
+    def clean_email(self):
+        email_from_form = self.fields['email'].clean(self.cleaned_data['email'].strip())
+
+        if django_settings.ASKBOT_FEDERATED_LOGIN_EMAIL_EDITABLE:
+            return email_from_form
+
+        email_from_session = self.request.session.get('email', None)
+        if email_from_session is None:
+            logging.critical('federated login email not found in the session')
+            raise forms.ValidationError(_('The email cannot be changed'))
+
+        email_from_session = email_from_session.strip()
+        if email_from_form.lower() != email_from_session.lower():
+            raise forms.ValidationError(_('The email cannot be changed'))
+
+        return email_from_form
+
+
     def clean(self):
         if askbot_settings.NEW_REGISTRATIONS_DISABLED:
             raise forms.ValidationError(askbot_settings.NEW_REGISTRATIONS_DISABLED_MESSAGE)
@@ -320,6 +338,10 @@ class PasswordRegistrationForm(RegistrationForm, SetPasswordForm):
     """Password registration form.
     Fields are inherited from the parent classes"""
 
+    def clean_email(self):
+        """Only clean the email field, as defined in the UserEmailField class"""
+        return self.fields['email'].clean(self.cleaned_data['email'])
+
 
 class ChangePasswordForm(forms.Form):
     """ change password form """

diff --git a/askbot/deps/django_authopenid/views.py b/askbot/deps/django_authopenid/views.py
@@ -83,6 +83,31 @@
     pass
 
 
+def email_is_acceptable(email):
+    email = email.strip()
+
+    is_blank = (email == '')
+    is_blank_and_ok = is_blank \
+                        and askbot_settings.BLANK_EMAIL_ALLOWED \
+                        and askbot_settings.REQUIRE_VALID_EMAIL_FOR == 'nothing'
+    if is_blank_and_ok:
+        return True
+
+    blacklisting_on = askbot_settings.BLACKLISTED_EMAIL_PATTERNS_MODE != 'disabled'
+    is_blacklisted = blacklisting_on and util.email_is_blacklisted(email)
+    is_good = not is_blacklisted
+
+    is_available = User.objects.filter(email__iexact=email).count() == 0
+
+    return is_available and is_good
+
+
+def username_is_acceptable(username):
+    if username.strip() == '':
+        return False
+    return User.objects.filter(username__iexact=username).count() == 0
+
+
 def create_authenticated_user_account(
     username=None, email=None, password=None,
     user_identifier=None, login_provider_name=None,
@@ -1097,30 +1122,6 @@ def register(request, login_provider_name=None,
 
     #1) handle "one-click registration"
     if registration_enabled and login_provider_name:
-
-        def email_is_acceptable(email):
-            email = email.strip()
-
-            is_blank = (email == '')
-            is_blank_and_ok = is_blank \
-                                and askbot_settings.BLANK_EMAIL_ALLOWED \
-                                and askbot_settings.REQUIRE_VALID_EMAIL_FOR == 'nothing'
-            if is_blank_and_ok:
-                return True
-
-            blacklisting_on = askbot_settings.BLACKLISTED_EMAIL_PATTERNS_MODE != 'disabled'
-            is_blacklisted = blacklisting_on and util.email_is_blacklisted(email)
-            is_good = not is_blacklisted
-
-            is_available = User.objects.filter(email__iexact=email).count() == 0
-
-            return is_available and is_good
-
-        def username_is_acceptable(username):
-            if username.strip() == '':
-                return False
-            return User.objects.filter(username__iexact=username).count() == 0
-
         #new style login providers support one click registration
         providers = util.get_enabled_login_providers()
         provider_data = providers.get(login_provider_name)

diff --git a/askbot/jinja2/authopenid/complete.html b/askbot/jinja2/authopenid/complete.html
@@ -69,8 +69,14 @@ <h1 class="section-title">{% trans %}Complete registration{% endtrans %}</h1>
                     {% if openid_register_form.email.errors %}
                         <p class="error">{{ openid_register_form.email.errors|join(", ") }}</p>
                     {% endif %}
+                    {% if not settings.FEDERATED_LOGIN_EMAIL_EDITABLE %}
+                        <p class="info">
+                            {% trans %}Email cannot be changed{% endtrans %}
+                        </p>
+                    {% endif %}
                     <input class="required login" id="id_email" maxlength="200"
                         name="email" type="text"
+                        {% if not settings.FEDERATED_LOGIN_EMAIL_EDITABLE %}readonly{% endif %}
                         {% if openid_register_form.email.value() %}
                             value="{{ openid_register_form.email.value()|escape }}"
                         {% endif %}