diff --git a/ietf/doc/tests.py b/ietf/doc/tests.py index 3629417ce..f3c0c231a 100644 --- a/ietf/doc/tests.py +++ b/ietf/doc/tests.py @@ -508,13 +508,14 @@ expand-draft-ietf-ames-test.all@virtual.ietf.org ames-author@example.ames, ames os.unlink(self.doc_alias_file.name) def testAliases(self): - url = urlreverse('ietf.doc.views_doc.email_aliases', kwargs=dict()) - r = self.client.get(url) - self.assertTrue(all([x in r.content for x in ['mars-test@','mars-test.authors@','mars-test.chairs@']])) - self.assertTrue(all([x in r.content for x in ['ames-test@','ames-test.authors@','ames-test.chairs@']])) - url = urlreverse('ietf.doc.views_doc.email_aliases', kwargs=dict(name="draft-ietf-mars-test")) r = self.client.get(url) self.assertTrue(all([x in r.content for x in ['mars-test@','mars-test.authors@','mars-test.chairs@']])) self.assertFalse(any([x in r.content for x in ['ames-test@','ames-test.authors@','ames-test.chairs@']])) + url = urlreverse('ietf.doc.views_doc.email_aliases', kwargs=dict()) + login_testing_unauthorized(self, "plain", url) + r = self.client.get(url) + self.assertTrue(all([x in r.content for x in ['mars-test@','mars-test.authors@','mars-test.chairs@']])) + self.assertTrue(all([x in r.content for x in ['ames-test@','ames-test.authors@','ames-test.chairs@']])) + diff --git a/ietf/doc/views_doc.py b/ietf/doc/views_doc.py index f07946eb6..bcda17826 100644 --- a/ietf/doc/views_doc.py +++ b/ietf/doc/views_doc.py @@ -963,6 +963,10 @@ def email_aliases(request,name=''): if name: pattern = re.compile('^expand-(%s)(\..*?)?@.*? +(.*)$'%name) else: + # require login for the overview page, but not for the + # document-specific pages handled above + if not request.user.is_authenticated(): + return redirect('%s?next=%s' % (settings.LOGIN_URL, request.path)) pattern = re.compile('^expand-(.*?)(\..*?)?@.*? +(.*)$') aliases = [] with open(settings.DRAFT_VIRTUAL_PATH,"r") as virtual_file: diff --git a/ietf/group/info.py b/ietf/group/info.py index a029e603d..85e73eead 100644 --- a/ietf/group/info.py +++ b/ietf/group/info.py @@ -38,7 +38,7 @@ import re from tempfile import mkstemp from collections import OrderedDict -from django.shortcuts import render +from django.shortcuts import render, redirect from django.template.loader import render_to_string from django.http import HttpResponse, Http404, HttpResponseRedirect from django.conf import settings @@ -629,6 +629,10 @@ def email_aliases(request, acronym=None, group_type=None): if acronym: pattern = re.compile('expand-(%s)(-\w+)@.*? +(.*)$'%acronym) else: + # require login for the overview page, but not for the group-specific + # pages handled above + if not request.user.is_authenticated(): + return redirect('%s?next=%s' % (settings.LOGIN_URL, request.path)) pattern = re.compile('expand-(.*?)(-\w+)@.*? +(.*)$') aliases = [] diff --git a/ietf/group/tests_info.py b/ietf/group/tests_info.py index e12a00406..687050cfb 100644 --- a/ietf/group/tests_info.py +++ b/ietf/group/tests_info.py @@ -976,15 +976,16 @@ expand-ames-chairs@virtual.ietf.org mars_chair@ietf os.unlink(self.group_alias_file.name) def testNothing(self): - url = urlreverse('ietf.group.info.email_aliases', kwargs=dict()) - r = self.client.get(url) - self.assertTrue(all([x in r.content for x in ['mars-ads@','mars-chairs@','ames-ads@','ames-chairs@']])) - url = urlreverse('ietf.group.info.email_aliases', kwargs=dict(acronym="mars")) r = self.client.get(url) self.assertTrue(all([x in r.content for x in ['mars-ads@','mars-chairs@']])) self.assertFalse(any([x in r.content for x in ['ames-ads@','ames-chairs@']])) + url = urlreverse('ietf.group.info.email_aliases', kwargs=dict()) + login_testing_unauthorized(self, "plain", url) + r = self.client.get(url) + self.assertTrue(all([x in r.content for x in ['mars-ads@','mars-chairs@','ames-ads@','ames-chairs@']])) + url = urlreverse('ietf.group.info.email_aliases', kwargs=dict(group_type="wg")) r = self.client.get(url) self.assertTrue('mars-ads@' in r.content)