chore: clean away unused views/tests related to the Allowlisted model (#7027)
This commit is contained in:
Robert Sparks
GitHub
parent
014adb8259
commit
ae01f6fb92
|
|
@ -226,29 +226,8 @@ class IetfAuthTests(TestCase):
|
||||||
|
|
||||||
self.assertTrue(self.username_in_htpasswd_file(email))
|
self.assertTrue(self.username_in_htpasswd_file(email))
|
||||||
|
|
||||||
def test_create_allowlisted_account(self):
|
|
||||||
email = "new-account@example.com"
|
# This also tests new account creation.
|
||||||
|
|
||||||
# add allowlist entry
|
|
||||||
r = self.client.post(urlreverse(ietf.ietfauth.views.login), {"username":"secretary", "password":"secretary+password"})
|
|
||||||
self.assertEqual(r.status_code, 302)
|
|
||||||
self.assertEqual(urlsplit(r["Location"])[2], urlreverse(ietf.ietfauth.views.profile))
|
|
||||||
|
|
||||||
r = self.client.get(urlreverse(ietf.ietfauth.views.add_account_allowlist))
|
|
||||||
self.assertEqual(r.status_code, 200)
|
|
||||||
self.assertContains(r, "Add an allowlist entry")
|
|
||||||
|
|
||||||
r = self.client.post(urlreverse(ietf.ietfauth.views.add_account_allowlist), {"email": email})
|
|
||||||
self.assertEqual(r.status_code, 200)
|
|
||||||
self.assertContains(r, "Allowlist entry creation successful")
|
|
||||||
|
|
||||||
# log out
|
|
||||||
r = self.client.post(urlreverse('django.contrib.auth.views.logout'), {})
|
|
||||||
self.assertEqual(r.status_code, 200)
|
|
||||||
|
|
||||||
# register and verify allowlisted email
|
|
||||||
self.register_and_verify(email)
|
|
||||||
|
|
||||||
def test_create_existing_account(self):
|
def test_create_existing_account(self):
|
||||||
# create account once
|
# create account once
|
||||||
email = "new-account@example.com"
|
email = "new-account@example.com"
|
||||||
|
|
|
||||||
|
|
@ -24,5 +24,4 @@ urlpatterns = [
|
||||||
url(r'^review/$', views.review_overview),
|
url(r'^review/$', views.review_overview),
|
||||||
url(r'^testemail/$', views.test_email),
|
url(r'^testemail/$', views.test_email),
|
||||||
url(r'^username/$', views.change_username),
|
url(r'^username/$', views.change_username),
|
||||||
url(r'^allowlist/add/?$', views.add_account_allowlist),
|
|
||||||
]
|
]
|
||||||
|
|
|
||||||
|
|
@ -63,11 +63,10 @@ import debug # pyflakes:ignore
|
||||||
|
|
||||||
from ietf.group.models import Role, Group
|
from ietf.group.models import Role, Group
|
||||||
from ietf.ietfauth.forms import ( RegistrationForm, PasswordForm, ResetPasswordForm, TestEmailForm,
|
from ietf.ietfauth.forms import ( RegistrationForm, PasswordForm, ResetPasswordForm, TestEmailForm,
|
||||||
AllowlistForm, ChangePasswordForm, get_person_form, RoleEmailForm,
|
ChangePasswordForm, get_person_form, RoleEmailForm,
|
||||||
NewEmailForm, ChangeUsernameForm, PersonPasswordForm)
|
NewEmailForm, ChangeUsernameForm, PersonPasswordForm)
|
||||||
from ietf.ietfauth.htpasswd import update_htpasswd_file
|
from ietf.ietfauth.htpasswd import update_htpasswd_file
|
||||||
from ietf.ietfauth.utils import role_required, has_role
|
from ietf.ietfauth.utils import has_role
|
||||||
from ietf.mailinglists.models import Allowlisted
|
|
||||||
from ietf.name.models import ExtResourceName
|
from ietf.name.models import ExtResourceName
|
||||||
from ietf.nomcom.models import NomCom
|
from ietf.nomcom.models import NomCom
|
||||||
from ietf.person.models import Person, Email, Alias, PersonalApiKey, PERSON_API_KEY_VALUES
|
from ietf.person.models import Person, Email, Alias, PersonalApiKey, PERSON_API_KEY_VALUES
|
||||||
|
|
@ -600,23 +599,7 @@ def test_email(request):
|
||||||
|
|
||||||
return r
|
return r
|
||||||
|
|
||||||
@role_required('Secretariat')
|
|
||||||
def add_account_allowlist(request):
|
|
||||||
success = False
|
|
||||||
if request.method == 'POST':
|
|
||||||
form = AllowlistForm(request.POST)
|
|
||||||
if form.is_valid():
|
|
||||||
email = form.cleaned_data['email']
|
|
||||||
entry = Allowlisted(email=email, by=request.user.person)
|
|
||||||
entry.save()
|
|
||||||
success = True
|
|
||||||
else:
|
|
||||||
form = AllowlistForm()
|
|
||||||
|
|
||||||
return render(request, 'ietfauth/allowlist_form.html', {
|
|
||||||
'form': form,
|
|
||||||
'success': success,
|
|
||||||
})
|
|
||||||
|
|
||||||
class AddReviewWishForm(forms.Form):
|
class AddReviewWishForm(forms.Form):
|
||||||
doc = SearchableDocumentField(label="Document", doc_type="draft")
|
doc = SearchableDocumentField(label="Document", doc_type="draft")
|
||||||
|
|
|
||||||
|
|
@ -21,6 +21,8 @@ class NonWgMailingList(models.Model):
|
||||||
def info_url(self):
|
def info_url(self):
|
||||||
return settings.MAILING_LIST_INFO_URL % {'list_addr': self.name }
|
return settings.MAILING_LIST_INFO_URL % {'list_addr': self.name }
|
||||||
|
|
||||||
|
# Allowlisted is unused, but is not being dropped until its human-curated content
|
||||||
|
# is archived outside this database.
|
||||||
class Allowlisted(models.Model):
|
class Allowlisted(models.Model):
|
||||||
time = models.DateTimeField(auto_now_add=True)
|
time = models.DateTimeField(auto_now_add=True)
|
||||||
email = models.CharField("Email address", max_length=64, validators=[validate_email])
|
email = models.CharField("Email address", max_length=64, validators=[validate_email])
|
||||||
|
|
|
||||||
|
|
@ -186,12 +186,6 @@
|
||||||
Sync discrepancies
|
Sync discrepancies
|
||||||
</a>
|
</a>
|
||||||
</li>
|
</li>
|
||||||
<li>
|
|
||||||
<a class="dropdown-item {% if flavor != 'top' %} text-wrap{% endif %}"
|
|
||||||
href="{% url 'ietf.ietfauth.views.add_account_allowlist' %}">
|
|
||||||
Account allowlist
|
|
||||||
</a>
|
|
||||||
</li>
|
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if user|has_role:"IANA" %}
|
{% if user|has_role:"IANA" %}
|
||||||
{% if flavor == "top" %}
|
{% if flavor == "top" %}
|
||||||
|
|
|
||||||
|
|
@ -1,78 +0,0 @@
|
||||||
{% extends "base.html" %}
|
|
||||||
{# Copyright The IETF Trust 2016, All Rights Reserved #}
|
|
||||||
{% load origin %}
|
|
||||||
{% load django_bootstrap5 %}
|
|
||||||
{% block title %}Set up test email address{% endblock %}
|
|
||||||
{% block content %}
|
|
||||||
{% origin %}
|
|
||||||
{% if success %}
|
|
||||||
<h1>Allowlist entry creation successful</h1>
|
|
||||||
<p>
|
|
||||||
Please ask the requestor to try the
|
|
||||||
<a href="{% url 'ietf.ietfauth.views.create_account' %}">account creation form</a>
|
|
||||||
again, with the allowlisted email address.
|
|
||||||
</p>
|
|
||||||
{% else %}
|
|
||||||
<h1>Add an allowlist entry for account creation.</h1>
|
|
||||||
<p>
|
|
||||||
When an email request comes in for assistance with account creation
|
|
||||||
because the automated account creation has failed, you can add the
|
|
||||||
address to an account creation allowlist here.
|
|
||||||
</p>
|
|
||||||
<p>
|
|
||||||
Before you do so, please complete the following 3 verification steps:
|
|
||||||
</p>
|
|
||||||
<ol class="d-grid gap-3">
|
|
||||||
<li>
|
|
||||||
Has the person provided relevant information in his request, or has he simply
|
|
||||||
copied the text from the account creation failure message? All genuine (non-spam)
|
|
||||||
account creation requests seen between 2009 and 2016 for tools.ietf.org have
|
|
||||||
contained a reasonable request message, rather than just copy-pasting the account
|
|
||||||
creation failure message. If there's no proper request message, step 2 below can
|
|
||||||
be performed to make sure the request is bogus, but if that also fails, no further
|
|
||||||
effort should be needed.
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
Google for the person's name within the ietf.org site: "Jane Doe site:ietf.org". If
|
|
||||||
found, and the email address matches an address used in Internet-Drafts or discussions,
|
|
||||||
things are fine, and it's OK to add the address to the allowlist using this form,
|
|
||||||
and ask the person to please try the
|
|
||||||
<a href="{% url 'ietf.ietfauth.views.create_account' %}">account creation form</a>
|
|
||||||
again.
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
<p>
|
|
||||||
If google finds no trace of the person being an ietf participant, he or she could
|
|
||||||
still be somebody who is just getting involved in IETF work. A datatracker account
|
|
||||||
is probably not necessary, (no account is necessary to 'join' a WG -- the right thing
|
|
||||||
in that case is to join the right mailing list, and the person could be told so) --
|
|
||||||
but in case this is a legitimate request, please email the person and ask:
|
|
||||||
<i>
|
|
||||||
"Which wgs do you require a password for?"
|
|
||||||
</i>
|
|
||||||
</p>
|
|
||||||
<p>
|
|
||||||
This is a bit of a trick question, because it is very unlikely that somebody who
|
|
||||||
isn't involved in IETF work will give a reasonable response, while almost any answer
|
|
||||||
from somebody who is doing IETF work will show that they have some clue.
|
|
||||||
</p>
|
|
||||||
<p>
|
|
||||||
Please note the exact wording. Do <b><i>not</i></b> ask about "working groups" --
|
|
||||||
that will make it easier for people to google for IETF working groups. Ask the
|
|
||||||
question as given above, with lowercase "wgs".
|
|
||||||
</p>
|
|
||||||
<p>
|
|
||||||
If the answer to this question shows clue, then add the address to the allowlist
|
|
||||||
using this form, and ask the person to please try the
|
|
||||||
<a href="{% url 'ietf.ietfauth.views.create_account' %}">account creation form</a>
|
|
||||||
again.
|
|
||||||
</p>
|
|
||||||
</li>
|
|
||||||
</ol>
|
|
||||||
<form method="post">
|
|
||||||
{% csrf_token %}
|
|
||||||
{% bootstrap_form form %}
|
|
||||||
<button class="btn btn-primary" type="submit">Add address to account creation allowlist</button>
|
|
||||||
</form>
|
|
||||||
{% endif %}
|
|
||||||
{% endblock %}
|
|
||||||
Loading…
Reference in a new issue