diff --git a/confirmation/models.py b/confirmation/models.py index 338bfc93b8..4081e80261 100644 --- a/confirmation/models.py +++ b/confirmation/models.py @@ -43,10 +43,10 @@ def render_confirmation_key_error( request: HttpRequest, exception: ConfirmationKeyException ) -> HttpResponse: if exception.error_type == ConfirmationKeyException.WRONG_LENGTH: - return render(request, "confirmation/link_malformed.html") + return render(request, "confirmation/link_malformed.html", status=404) if exception.error_type == ConfirmationKeyException.EXPIRED: - return render(request, "confirmation/link_expired.html") - return render(request, "confirmation/link_does_not_exist.html") + return render(request, "confirmation/link_expired.html", status=404) + return render(request, "confirmation/link_does_not_exist.html", status=404) def generate_key() -> str: diff --git a/zerver/tests/test_email_change.py b/zerver/tests/test_email_change.py index 11b65a76ac..c36a6d7c59 100644 --- a/zerver/tests/test_email_change.py +++ b/zerver/tests/test_email_change.py @@ -35,8 +35,9 @@ class EmailChangeTestCase(ZulipTestCase): key = generate_key() url = confirmation_url(key, None, Confirmation.EMAIL_CHANGE) response = self.client_get(url) - self.assert_in_success_response( - ["Whoops. We couldn't find your confirmation link in the system."], response + self.assertEqual(response.status_code, 404) + self.assert_in_response( + "Whoops. We couldn't find your confirmation link in the system.", response ) def test_confirm_email_change_with_invalid_key(self) -> None: @@ -44,7 +45,8 @@ class EmailChangeTestCase(ZulipTestCase): key = "invalid_key" url = confirmation_url(key, None, Confirmation.EMAIL_CHANGE) response = self.client_get(url) - self.assert_in_success_response(["Whoops. The confirmation link is malformed."], response) + self.assertEqual(response.status_code, 404) + self.assert_in_response("Whoops. The confirmation link is malformed.", response) def test_confirm_email_change_when_time_exceeded(self) -> None: user_profile = self.example_user("hamlet") @@ -62,9 +64,8 @@ class EmailChangeTestCase(ZulipTestCase): url = create_confirmation_link(obj, Confirmation.EMAIL_CHANGE) response = self.client_get(url) - self.assert_in_success_response( - ["The confirmation link has expired or been deactivated."], response - ) + self.assertEqual(response.status_code, 404) + self.assert_in_response("The confirmation link has expired or been deactivated.", response) def test_confirm_email_change(self) -> None: user_profile = self.example_user("hamlet") diff --git a/zerver/tests/test_signup.py b/zerver/tests/test_signup.py index 234b1c7af8..1970d3d3d9 100644 --- a/zerver/tests/test_signup.py +++ b/zerver/tests/test_signup.py @@ -2016,8 +2016,9 @@ so we didn't send them an invitation. We did send invitations to everyone else!" email_change_key = email_change_url.split("/")[-1] url = "/accounts/do_confirm/" + email_change_key result = self.client_get(url) - self.assert_in_success_response( - ["Whoops. We couldn't find your confirmation link in the system."], result + self.assertEqual(result.status_code, 404) + self.assert_in_response( + "Whoops. We couldn't find your confirmation link in the system.", result ) def test_confirmation_expired(self) -> None: @@ -2033,8 +2034,9 @@ so we didn't send them an invitation. We did send invitations to everyone else!" target_url = "/" + url.split("/", 3)[3] result = self.client_get(target_url) - self.assert_in_success_response( - ["Whoops. The confirmation link has expired or been deactivated."], result + self.assertEqual(result.status_code, 404) + self.assert_in_response( + "Whoops. The confirmation link has expired or been deactivated.", result ) def test_send_more_than_one_invite_to_same_user(self) -> None: @@ -2724,7 +2726,7 @@ class MultiuseInviteTest(ZulipTestCase): invite_link = self.generate_multiuse_invite_link(date_sent=date_sent) result = self.client_post(invite_link, {"email": email}) - self.assertEqual(result.status_code, 200) + self.assertEqual(result.status_code, 404) self.assert_in_response("The confirmation link has expired or been deactivated.", result) def test_invalid_multiuse_link(self) -> None: @@ -2732,7 +2734,7 @@ class MultiuseInviteTest(ZulipTestCase): invite_link = "/join/invalid_key/" result = self.client_post(invite_link, {"email": email}) - self.assertEqual(result.status_code, 200) + self.assertEqual(result.status_code, 404) self.assert_in_response("Whoops. The confirmation link is malformed.", result) def test_invalid_multiuse_link_in_open_realm(self) -> None: @@ -3955,7 +3957,7 @@ class UserSignUpTest(InviteUserBase): # Now try to to register using the first confirmation url: result = self.client_get(first_confirmation_url) - self.assertEqual(result.status_code, 200) + self.assertEqual(result.status_code, 404) result = self.client_post( "/accounts/register/", { @@ -4205,7 +4207,8 @@ class UserSignUpTest(InviteUserBase): }, subdomain="zephyr", ) - self.assert_in_success_response(["We couldn't find your confirmation link"], result) + self.assertEqual(result.status_code, 404) + self.assert_in_response("We couldn't find your confirmation link", result) def test_signup_to_realm_on_manual_license_plan(self) -> None: realm = get_realm("zulip") diff --git a/zerver/views/registration.py b/zerver/views/registration.py index 0ca177054d..22ab3c13f8 100644 --- a/zerver/views/registration.py +++ b/zerver/views/registration.py @@ -110,7 +110,7 @@ def check_prereg_key_and_redirect( prereg_user = confirmation.content_object assert prereg_user is not None if prereg_user.status == confirmation_settings.STATUS_REVOKED: - return render(request, "zerver/confirmation_link_expired_error.html") + return render(request, "zerver/confirmation_link_expired_error.html", status=404) try: get_object_from_key(confirmation_key, confirmation.type, activate_object=False)