chore: clean away unused views/tests related to the Allowlisted model (#7027)
This commit is contained in:
Robert Sparks
GitHub
parent
014adb8259
commit
ae01f6fb92
|
|
@ -226,29 +226,8 @@ class IetfAuthTests(TestCase):
|
|||
|
||||
self.assertTrue(self.username_in_htpasswd_file(email))
|
||||
|
||||
def test_create_allowlisted_account(self):
|
||||
email = "new-account@example.com"
|
||||
|
||||
# add allowlist entry
|
||||
r = self.client.post(urlreverse(ietf.ietfauth.views.login), {"username":"secretary", "password":"secretary+password"})
|
||||
self.assertEqual(r.status_code, 302)
|
||||
self.assertEqual(urlsplit(r["Location"])[2], urlreverse(ietf.ietfauth.views.profile))
|
||||
|
||||
r = self.client.get(urlreverse(ietf.ietfauth.views.add_account_allowlist))
|
||||
self.assertEqual(r.status_code, 200)
|
||||
self.assertContains(r, "Add an allowlist entry")
|
||||
|
||||
r = self.client.post(urlreverse(ietf.ietfauth.views.add_account_allowlist), {"email": email})
|
||||
self.assertEqual(r.status_code, 200)
|
||||
self.assertContains(r, "Allowlist entry creation successful")
|
||||
|
||||
# log out
|
||||
r = self.client.post(urlreverse('django.contrib.auth.views.logout'), {})
|
||||
self.assertEqual(r.status_code, 200)
|
||||
|
||||
# register and verify allowlisted email
|
||||
self.register_and_verify(email)
|
||||
|
||||
|
||||
# This also tests new account creation.
|
||||
def test_create_existing_account(self):
|
||||
# create account once
|
||||
email = "new-account@example.com"
|
||||
|
|
|
|||
|
|
@ -24,5 +24,4 @@ urlpatterns = [
|
|||
url(r'^review/$', views.review_overview),
|
||||
url(r'^testemail/$', views.test_email),
|
||||
url(r'^username/$', views.change_username),
|
||||
url(r'^allowlist/add/?$', views.add_account_allowlist),
|
||||
]
|
||||
|
|
|
|||
|
|
@ -63,11 +63,10 @@ import debug # pyflakes:ignore
|
|||
|
||||
from ietf.group.models import Role, Group
|
||||
from ietf.ietfauth.forms import ( RegistrationForm, PasswordForm, ResetPasswordForm, TestEmailForm,
|
||||
AllowlistForm, ChangePasswordForm, get_person_form, RoleEmailForm,
|
||||
ChangePasswordForm, get_person_form, RoleEmailForm,
|
||||
NewEmailForm, ChangeUsernameForm, PersonPasswordForm)
|
||||
from ietf.ietfauth.htpasswd import update_htpasswd_file
|
||||
from ietf.ietfauth.utils import role_required, has_role
|
||||
from ietf.mailinglists.models import Allowlisted
|
||||
from ietf.ietfauth.utils import has_role
|
||||
from ietf.name.models import ExtResourceName
|
||||
from ietf.nomcom.models import NomCom
|
||||
from ietf.person.models import Person, Email, Alias, PersonalApiKey, PERSON_API_KEY_VALUES
|
||||
|
|
@ -600,23 +599,7 @@ def test_email(request):
|
|||
|
||||
return r
|
||||
|
||||
@role_required('Secretariat')
|
||||
def add_account_allowlist(request):
|
||||
success = False
|
||||
if request.method == 'POST':
|
||||
form = AllowlistForm(request.POST)
|
||||
if form.is_valid():
|
||||
email = form.cleaned_data['email']
|
||||
entry = Allowlisted(email=email, by=request.user.person)
|
||||
entry.save()
|
||||
success = True
|
||||
else:
|
||||
form = AllowlistForm()
|
||||
|
||||
return render(request, 'ietfauth/allowlist_form.html', {
|
||||
'form': form,
|
||||
'success': success,
|
||||
})
|
||||
|
||||
class AddReviewWishForm(forms.Form):
|
||||
doc = SearchableDocumentField(label="Document", doc_type="draft")
|
||||
|
|
|
|||
|
|
@ -21,6 +21,8 @@ class NonWgMailingList(models.Model):
|
|||
def info_url(self):
|
||||
return settings.MAILING_LIST_INFO_URL % {'list_addr': self.name }
|
||||
|
||||
# Allowlisted is unused, but is not being dropped until its human-curated content
|
||||
# is archived outside this database.
|
||||
class Allowlisted(models.Model):
|
||||
time = models.DateTimeField(auto_now_add=True)
|
||||
email = models.CharField("Email address", max_length=64, validators=[validate_email])
|
||||
|
|
|
|||
|
|
@ -186,12 +186,6 @@
|
|||
Sync discrepancies
|
||||
</a>
|
||||
</li>
|
||||
<li>
|
||||
<a class="dropdown-item {% if flavor != 'top' %} text-wrap{% endif %}"
|
||||
href="{% url 'ietf.ietfauth.views.add_account_allowlist' %}">
|
||||
Account allowlist
|
||||
</a>
|
||||
</li>
|
||||
{% endif %}
|
||||
{% if user|has_role:"IANA" %}
|
||||
{% if flavor == "top" %}
|
||||
|
|
|
|||
|
|
@ -1,78 +0,0 @@
|
|||
{% extends "base.html" %}
|
||||
{# Copyright The IETF Trust 2016, All Rights Reserved #}
|
||||
{% load origin %}
|
||||
{% load django_bootstrap5 %}
|
||||
{% block title %}Set up test email address{% endblock %}
|
||||
{% block content %}
|
||||
{% origin %}
|
||||
{% if success %}
|
||||
<h1>Allowlist entry creation successful</h1>
|
||||
<p>
|
||||
Please ask the requestor to try the
|
||||
<a href="{% url 'ietf.ietfauth.views.create_account' %}">account creation form</a>
|
||||
again, with the allowlisted email address.
|
||||
</p>
|
||||
{% else %}
|
||||
<h1>Add an allowlist entry for account creation.</h1>
|
||||
<p>
|
||||
When an email request comes in for assistance with account creation
|
||||
because the automated account creation has failed, you can add the
|
||||
address to an account creation allowlist here.
|
||||
</p>
|
||||
<p>
|
||||
Before you do so, please complete the following 3 verification steps:
|
||||
</p>
|
||||
<ol class="d-grid gap-3">
|
||||
<li>
|
||||
Has the person provided relevant information in his request, or has he simply
|
||||
copied the text from the account creation failure message? All genuine (non-spam)
|
||||
account creation requests seen between 2009 and 2016 for tools.ietf.org have
|
||||
contained a reasonable request message, rather than just copy-pasting the account
|
||||
creation failure message. If there's no proper request message, step 2 below can
|
||||
be performed to make sure the request is bogus, but if that also fails, no further
|
||||
effort should be needed.
|
||||
</li>
|
||||
<li>
|
||||
Google for the person's name within the ietf.org site: "Jane Doe site:ietf.org". If
|
||||
found, and the email address matches an address used in Internet-Drafts or discussions,
|
||||
things are fine, and it's OK to add the address to the allowlist using this form,
|
||||
and ask the person to please try the
|
||||
<a href="{% url 'ietf.ietfauth.views.create_account' %}">account creation form</a>
|
||||
again.
|
||||
</li>
|
||||
<li>
|
||||
<p>
|
||||
If google finds no trace of the person being an ietf participant, he or she could
|
||||
still be somebody who is just getting involved in IETF work. A datatracker account
|
||||
is probably not necessary, (no account is necessary to 'join' a WG -- the right thing
|
||||
in that case is to join the right mailing list, and the person could be told so) --
|
||||
but in case this is a legitimate request, please email the person and ask:
|
||||
<i>
|
||||
"Which wgs do you require a password for?"
|
||||
</i>
|
||||
</p>
|
||||
<p>
|
||||
This is a bit of a trick question, because it is very unlikely that somebody who
|
||||
isn't involved in IETF work will give a reasonable response, while almost any answer
|
||||
from somebody who is doing IETF work will show that they have some clue.
|
||||
</p>
|
||||
<p>
|
||||
Please note the exact wording. Do <b><i>not</i></b> ask about "working groups" --
|
||||
that will make it easier for people to google for IETF working groups. Ask the
|
||||
question as given above, with lowercase "wgs".
|
||||
</p>
|
||||
<p>
|
||||
If the answer to this question shows clue, then add the address to the allowlist
|
||||
using this form, and ask the person to please try the
|
||||
<a href="{% url 'ietf.ietfauth.views.create_account' %}">account creation form</a>
|
||||
again.
|
||||
</p>
|
||||
</li>
|
||||
</ol>
|
||||
<form method="post">
|
||||
{% csrf_token %}
|
||||
{% bootstrap_form form %}
|
||||
<button class="btn btn-primary" type="submit">Add address to account creation allowlist</button>
|
||||
</form>
|
||||
{% endif %}
|
||||
{% endblock %}
|
||||
Loading…
Reference in a new issue