From 84a7e7706c8b1239f8fd52c604afbb10c776ac04 Mon Sep 17 00:00:00 2001 From: Aaron Williamson Date: Sat, 1 Oct 2011 19:49:56 -0400 Subject: [PATCH 1/6] Display and error and redirect to login page if unauthenticated user tries to access resend_verification. --- mediagoblin/auth/views.py | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py index b6f38fec..d91a1f25 100644 --- a/mediagoblin/auth/views.py +++ b/mediagoblin/auth/views.py @@ -21,7 +21,7 @@ from webob import exc from mediagoblin import messages from mediagoblin import mg_globals -from mediagoblin.util import render_to_response, redirect, render_404 +from mediagoblin.util import render_to_response, redirect, render_404, setup_user_in_request from mediagoblin.util import pass_to_ugettext as _ from mediagoblin.db.util import ObjectId, InvalidId from mediagoblin.auth import lib as auth_lib @@ -195,9 +195,18 @@ def resend_activation(request): Resend the activation email. """ + + if not request.GET.has_key('userid') or not request.GET.has_key('token'): + messages.add_message( + request, + messages.ERROR, + _('You must be logged in so we know who to send the email to!')) + + return redirect(request, "/auth/login") + request.user[u'verification_key'] = unicode(uuid.uuid4()) request.user.save() - + email_debug_message(request) send_verification_email(request.user, request) From f1360855319612a9af3c03ae4ca04fef6660f6b0 Mon Sep 17 00:00:00 2001 From: Aaron Williamson Date: Sat, 1 Oct 2011 19:52:12 -0400 Subject: [PATCH 2/6] Regenerated English .po file to include new string. --- .../i18n/en/LC_MESSAGES/mediagoblin.po | 20 +++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/mediagoblin/i18n/en/LC_MESSAGES/mediagoblin.po b/mediagoblin/i18n/en/LC_MESSAGES/mediagoblin.po index 16a235a2..3c176a14 100644 --- a/mediagoblin/i18n/en/LC_MESSAGES/mediagoblin.po +++ b/mediagoblin/i18n/en/LC_MESSAGES/mediagoblin.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PROJECT VERSION\n" "Report-Msgid-Bugs-To: EMAIL@ADDRESS\n" -"POT-Creation-Date: 2011-09-25 20:26-0500\n" +"POT-Creation-Date: 2011-10-01 19:51-0400\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -41,33 +41,37 @@ msgstr "" msgid "Email address" msgstr "" -#: mediagoblin/auth/views.py:42 +#: mediagoblin/auth/views.py:55 msgid "Sorry, registration is disabled on this instance." msgstr "" -#: mediagoblin/auth/views.py:60 +#: mediagoblin/auth/views.py:73 msgid "Sorry, a user with that name already exists." msgstr "" -#: mediagoblin/auth/views.py:64 +#: mediagoblin/auth/views.py:77 msgid "Sorry, that email address has already been taken." msgstr "" -#: mediagoblin/auth/views.py:165 +#: mediagoblin/auth/views.py:179 msgid "" "Your email address has been verified. You may now login, edit your " "profile, and submit images!" msgstr "" -#: mediagoblin/auth/views.py:171 +#: mediagoblin/auth/views.py:185 msgid "The verification key or user id is incorrect" msgstr "" -#: mediagoblin/auth/views.py:192 +#: mediagoblin/auth/views.py:203 +msgid "You must be logged in so we know who to send the email to!" +msgstr "" + +#: mediagoblin/auth/views.py:216 msgid "Resent your verification email." msgstr "" -#: mediagoblin/auth/views.py:228 +#: mediagoblin/auth/views.py:257 msgid "" "Could not send password recovery email as your username is inactive or " "your account's email address has not been verified." From 3b74ce94ff90e0bd5b214891becb62a6fc503434 Mon Sep 17 00:00:00 2001 From: Aaron Williamson Date: Mon, 3 Oct 2011 19:59:28 -0400 Subject: [PATCH 3/6] Check request.user to determine if user is logged in. --- mediagoblin/auth/views.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py index d91a1f25..fdc5aec8 100644 --- a/mediagoblin/auth/views.py +++ b/mediagoblin/auth/views.py @@ -196,7 +196,7 @@ def resend_activation(request): Resend the activation email. """ - if not request.GET.has_key('userid') or not request.GET.has_key('token'): + if request.user is None: messages.add_message( request, messages.ERROR, From 7903a14f986b5bf37a45d5ec3b156c21a1cada72 Mon Sep 17 00:00:00 2001 From: Aaron Williamson Date: Mon, 3 Oct 2011 20:25:11 -0400 Subject: [PATCH 4/6] Make sure user isn't already verified before resending verification. --- mediagoblin/auth/views.py | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py index 798fae25..dc4c540b 100644 --- a/mediagoblin/auth/views.py +++ b/mediagoblin/auth/views.py @@ -196,6 +196,14 @@ def resend_activation(request): Resend the activation email. """ + if request.user["email_verified"]: + messages.add_message( + request, + messages.ERROR, + _("You've already verified your email address!")) + + return redirect(request, "mediagoblin.user_pages.user_home", user=request.user['username']) + if request.user is None: messages.add_message( request, From 2fe6991660cd1a20f9117b0cdc88431085eb7490 Mon Sep 17 00:00:00 2001 From: Aaron Williamson Date: Mon, 3 Oct 2011 20:28:48 -0400 Subject: [PATCH 5/6] Reverse order of sanity checks: check email_verified after making sure there's a user in the request. --- mediagoblin/auth/views.py | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py index dc4c540b..d8c441ef 100644 --- a/mediagoblin/auth/views.py +++ b/mediagoblin/auth/views.py @@ -196,14 +196,6 @@ def resend_activation(request): Resend the activation email. """ - if request.user["email_verified"]: - messages.add_message( - request, - messages.ERROR, - _("You've already verified your email address!")) - - return redirect(request, "mediagoblin.user_pages.user_home", user=request.user['username']) - if request.user is None: messages.add_message( request, @@ -212,6 +204,14 @@ def resend_activation(request): return redirect(request, "/auth/login") + if request.user["email_verified"]: + messages.add_message( + request, + messages.ERROR, + _("You've already verified your email address!")) + + return redirect(request, "mediagoblin.user_pages.user_home", user=request.user['username']) + request.user[u'verification_key'] = unicode(uuid.uuid4()) request.user.save() From 2a8c1b058b43cfcdeb06f711bbf44af9432af410 Mon Sep 17 00:00:00 2001 From: Aaron Williamson Date: Mon, 3 Oct 2011 21:07:16 -0400 Subject: [PATCH 6/6] Update english translation file. --- .../i18n/en/LC_MESSAGES/mediagoblin.po | 60 ++++++++++--------- 1 file changed, 32 insertions(+), 28 deletions(-) diff --git a/mediagoblin/i18n/en/LC_MESSAGES/mediagoblin.po b/mediagoblin/i18n/en/LC_MESSAGES/mediagoblin.po index 3c176a14..ce62e582 100644 --- a/mediagoblin/i18n/en/LC_MESSAGES/mediagoblin.po +++ b/mediagoblin/i18n/en/LC_MESSAGES/mediagoblin.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PROJECT VERSION\n" "Report-Msgid-Bugs-To: EMAIL@ADDRESS\n" -"POT-Creation-Date: 2011-10-01 19:51-0400\n" +"POT-Creation-Date: 2011-10-03 21:06-0400\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -67,53 +67,57 @@ msgstr "" msgid "You must be logged in so we know who to send the email to!" msgstr "" -#: mediagoblin/auth/views.py:216 +#: mediagoblin/auth/views.py:211 +msgid "You've already verified your email address!" +msgstr "" + +#: mediagoblin/auth/views.py:224 msgid "Resent your verification email." msgstr "" -#: mediagoblin/auth/views.py:257 +#: mediagoblin/auth/views.py:265 msgid "" "Could not send password recovery email as your username is inactive or " "your account's email address has not been verified." msgstr "" -#: mediagoblin/edit/forms.py:26 mediagoblin/submit/forms.py:27 +#: mediagoblin/edit/forms.py:24 mediagoblin/submit/forms.py:27 msgid "Title" msgstr "" -#: mediagoblin/edit/forms.py:30 mediagoblin/submit/forms.py:32 +#: mediagoblin/edit/forms.py:28 mediagoblin/submit/forms.py:32 msgid "Tags" msgstr "" -#: mediagoblin/edit/forms.py:33 +#: mediagoblin/edit/forms.py:31 msgid "Slug" msgstr "" -#: mediagoblin/edit/forms.py:34 +#: mediagoblin/edit/forms.py:32 msgid "The slug can't be empty" msgstr "" -#: mediagoblin/edit/forms.py:35 +#: mediagoblin/edit/forms.py:33 msgid "The title part of this media's URL. You usually don't need to change this." msgstr "" -#: mediagoblin/edit/forms.py:42 +#: mediagoblin/edit/forms.py:40 msgid "Bio" msgstr "" -#: mediagoblin/edit/forms.py:45 +#: mediagoblin/edit/forms.py:43 msgid "Website" msgstr "" -#: mediagoblin/edit/views.py:63 +#: mediagoblin/edit/views.py:64 msgid "An entry with that slug already exists for this user." msgstr "" -#: mediagoblin/edit/views.py:84 +#: mediagoblin/edit/views.py:85 msgid "You are editing another user's media. Proceed with caution." msgstr "" -#: mediagoblin/edit/views.py:154 +#: mediagoblin/edit/views.py:155 msgid "You are editing a user's profile. Proceed with caution." msgstr "" @@ -129,15 +133,15 @@ msgstr "" msgid "Description of this work" msgstr "" -#: mediagoblin/submit/views.py:47 +#: mediagoblin/submit/views.py:46 msgid "You must provide a file." msgstr "" -#: mediagoblin/submit/views.py:50 +#: mediagoblin/submit/views.py:49 msgid "The file doesn't seem to be an image!" msgstr "" -#: mediagoblin/submit/views.py:122 +#: mediagoblin/submit/views.py:121 msgid "Woohoo! Submitted!" msgstr "" @@ -176,8 +180,8 @@ msgid "verify your email!" msgstr "" #: mediagoblin/templates/mediagoblin/base.html:73 -#: mediagoblin/templates/mediagoblin/auth/login.html:26 -#: mediagoblin/templates/mediagoblin/auth/login.html:34 +#: mediagoblin/templates/mediagoblin/auth/login.html:27 +#: mediagoblin/templates/mediagoblin/auth/login.html:35 msgid "Log in" msgstr "" @@ -249,11 +253,11 @@ msgstr "" msgid "Most recent media" msgstr "" -#: mediagoblin/templates/mediagoblin/auth/change_fp.html:27 +#: mediagoblin/templates/mediagoblin/auth/change_fp.html:29 msgid "Enter your new password" msgstr "" -#: mediagoblin/templates/mediagoblin/auth/forgot_password.html:27 +#: mediagoblin/templates/mediagoblin/auth/forgot_password.html:29 msgid "Enter your username or email" msgstr "" @@ -279,23 +283,23 @@ msgid "" "a happy goblin!" msgstr "" -#: mediagoblin/templates/mediagoblin/auth/login.html:29 +#: mediagoblin/templates/mediagoblin/auth/login.html:30 msgid "Logging in failed!" msgstr "" -#: mediagoblin/templates/mediagoblin/auth/login.html:42 +#: mediagoblin/templates/mediagoblin/auth/login.html:43 msgid "Don't have an account yet?" msgstr "" -#: mediagoblin/templates/mediagoblin/auth/login.html:45 +#: mediagoblin/templates/mediagoblin/auth/login.html:46 msgid "Create one here!" msgstr "" -#: mediagoblin/templates/mediagoblin/auth/login.html:48 +#: mediagoblin/templates/mediagoblin/auth/login.html:49 msgid "Forgot your password?" msgstr "" -#: mediagoblin/templates/mediagoblin/auth/login.html:51 +#: mediagoblin/templates/mediagoblin/auth/login.html:52 msgid "Change it!" msgstr "" @@ -303,7 +307,7 @@ msgstr "" msgid "Create an account!" msgstr "" -#: mediagoblin/templates/mediagoblin/auth/register.html:30 +#: mediagoblin/templates/mediagoblin/auth/register.html:31 msgid "Create" msgstr "" @@ -346,7 +350,7 @@ msgstr "" msgid "Submit yer media" msgstr "" -#: mediagoblin/templates/mediagoblin/submit/start.html:29 +#: mediagoblin/templates/mediagoblin/submit/start.html:30 msgid "Submit" msgstr "" @@ -484,7 +488,7 @@ msgstr "" msgid "I am sure I want to delete this" msgstr "" -#: mediagoblin/user_pages/views.py:175 +#: mediagoblin/user_pages/views.py:176 msgid "You are about to delete another user's media. Proceed with caution." msgstr ""