From ac5e6a9b8ad432d8bfc0cf6e8ff462ae7be7a8f7 Mon Sep 17 00:00:00 2001 From: Rishi Gupta Date: Fri, 7 Jul 2017 02:14:12 -0700 Subject: [PATCH] confirmation/views: Remove buggy behavior for expired confirmation links. Previously, an expired preregistrationuser link would still be passed on to /accounts/register (via the confirm_preregistrationuser.html template), just with the PreregistrationUser.status not set to 1. But accounts_register never checks prereg_user.status, and hence processes the user as if the link had been confirmed. With this commit, expired confirmation links never get past the confirmation code. --- confirmation/views.py | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/confirmation/views.py b/confirmation/views.py index 9795f1dfdd..f013e28e99 100644 --- a/confirmation/views.py +++ b/confirmation/views.py @@ -13,7 +13,7 @@ from django.http import HttpRequest, HttpResponse from confirmation.models import Confirmation from zerver.models import PreregistrationUser -from typing import Any +from typing import Any, Dict # This is currently only used for confirming PreregistrationUser. # Do not add other confirmation paths here. @@ -21,16 +21,7 @@ def confirm(request, confirmation_key): # type: (HttpRequest, str) -> HttpResponse confirmation_key = confirmation_key.lower() obj = Confirmation.objects.confirm(confirmation_key) - confirmed = True - if not obj: - # confirmation failed - confirmed = False - try: - # try to get the object we was supposed to confirm - obj = Confirmation.objects.get(confirmation_key=confirmation_key) - except Confirmation.DoesNotExist: - pass - ctx = {'confirmed': confirmed} # type: Dict[str, Any] + ctx = {'confirmed': False} # type: Dict[str, Any] templates = [ 'confirmation/confirm.html', ]