paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-11-06 15:03:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

auth: Modify filter_usable_emails to only exclude noreply github emails.

Browse Source 
Instead of having to filter `@noreply.github.com` emails in
`get_unverified_emails`, it's good to make `filter_usable_emails`
just filter `@noreply.github.com` and handle verified/unverified
part in their respective functions because of `@noreply.github.com`
exception being a fiddly special-case detail.
Also renamed `filter_usable_emails` to `get_usable_email_objects`
as a line that gets all associated github emails is removed in
`get_verified_emails` and `get_unverified_emails` and added to
`filter_usable_emails`. The name `filter_usable_emails` suggests
that it just filters given emails, whereas here it's getting all
associated email objects and returning usable emails.
This commit is contained in:
Dinesh
2020-04-03 23:31:03 +05:30
committed by Tim Abbott
parent 5c1fe776c3
commit a3329f288c
1 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
zproject/backends.py
View File

@@ -1380,16 +1380,18 @@ class GitHubAuthBackend(SocialAuthMixin, GithubOAuth2):
return emails return emails
def get_unverified_emails(self, *args: Any, **kwargs: Any) -> List[str]: def get_unverified_emails(self, *args: Any, **kwargs: Any) -> List[str]:
emails = self.get_all_associated_email_objects(*args, **kwargs)
return [ return [
email_obj['email'] for email_obj in emails email_obj['email'] for email_obj in self.get_usable_email_objects(*args, **kwargs)
if not email_obj.get('verified') and not email_obj["email"].endswith("noreply.github.com") if not email_obj.get('verified')
] ]
def get_verified_emails(self, *args: Any, **kwargs: Any) -> List[str]: def get_verified_emails(self, *args: Any, **kwargs: Any) -> List[str]:
emails = self.get_all_associated_email_objects(*args, **kwargs) # We only let users login using email addresses that are
# verified by GitHub, because the whole point is for the user
# to demonstrate that they control the target email address.
verified_emails: List[str] = [] verified_emails: List[str] = []
for email_obj in self.filter_usable_emails(emails): for email_obj in [obj for obj in self.get_usable_email_objects(*args, **kwargs)
if obj.get('verified')]:
# social_associate_user_helper assumes that the first email in # social_associate_user_helper assumes that the first email in
# verified_emails is primary. # verified_emails is primary.
if email_obj.get("primary"): if email_obj.get("primary"):
@@ -1399,17 +1401,15 @@ class GitHubAuthBackend(SocialAuthMixin, GithubOAuth2):
return verified_emails return verified_emails
def filter_usable_emails(self, emails: List[Dict[str, Any]]) -> List[Dict[str, Any]]: def get_usable_email_objects(self, *args: Any, **kwargs: Any) -> List[Dict[str, Any]]:
# We only let users login using email addresses that are # We disallow the
# verified by GitHub, because the whole point is for the user
# to demonstrate that they control the target email address.
# We also disallow the
# @noreply.github.com/@users.noreply.github.com email # @noreply.github.com/@users.noreply.github.com email
# addresses, because structurally, we only want to allow email # addresses, because structurally, we only want to allow email
# addresses that can receive emails, and those cannot. # addresses that can receive emails, and those cannot.
email_objs = self.get_all_associated_email_objects(*args, **kwargs)
return [ return [
email for email in emails email for email in email_objs
if email.get('verified') and not email["email"].endswith("noreply.github.com") if not email["email"].endswith("noreply.github.com")
] ]
def user_data(self, access_token: str, *args: Any, **kwargs: Any) -> Dict[str, str]: def user_data(self, access_token: str, *args: Any, **kwargs: Any) -> Dict[str, str]: