Move domain validation from a form field validator to a data cleaning check.

We need to be able to let a user through if they are trying to sign up for a completely open realm like CUSTOMER3. (imported from commit 1e33ab0ce94545f217739d501e9227dfb48e1123)
2025-11-03 21:43:21 +00:00 · 2013-08-07 11:59:45 -04:00
parent 99b2a90440
commit d6c87f35e2
2 changed files with 32 additions and 12 deletions
--- a/zerver/forms.py
+++ b/zerver/forms.py
@@ -6,7 +6,8 @@ from django.utils.safestring import mark_safe
 from django.contrib.auth.forms import SetPasswordForm

 from zproject import settings
-from zerver.models import Realm, get_user_profile_by_email, UserProfile
+from zerver.models import Realm, get_user_profile_by_email, UserProfile, \
+    completely_open
 from zerver.lib.actions import do_change_password

 def is_inactive(value):
@@ -19,10 +20,7 @@ def is_inactive(value):
 SIGNUP_STRING = '<a href="https://zulip.com/signup">Sign up</a> to find out when Zulip is ready for you.'

 def has_valid_realm(value):
-    try:
-        Realm.objects.get(domain=value.split("@")[-1])
-    except Realm.DoesNotExist:
-        raise ValidationError(mark_safe(u'Registration is not currently available for your domain. ' + SIGNUP_STRING))
+    return Realm.objects.filter(domain=value.split("@")[-1]).exists()

 def isnt_mit(value):
    if "@mit.edu" in value:
@@ -38,14 +36,29 @@ class ToSForm(forms.Form):
    terms = forms.BooleanField(required=True)

 class HomepageForm(forms.Form):
-    # This form is sort of important, because it determines whether users
-    # can register for our product. Be careful when modifying the validators.
+    # This form is important because it determines whether users can
+    # register for our product. Be careful when modifying the
+    # validators.
    if settings.ALLOW_REGISTER:
        email = forms.EmailField()
    else:
-        validators = [has_valid_realm, isnt_mit, is_inactive]
+        validators = [isnt_mit, is_inactive]
        email = forms.EmailField(validators=validators)

+    def __init__(self, *args, **kwargs):
+        self.domain = kwargs.get("domain")
+        if kwargs.has_key("domain"):
+            del kwargs["domain"]
+        super(HomepageForm, self).__init__(*args, **kwargs)
+
+    def clean_email(self):
+        data = self.cleaned_data['email']
+        if completely_open(self.domain) or has_valid_realm(data):
+            return data
+        raise ValidationError(mark_safe(
+                u'Registration is not currently available for your domain. ' \
+                    + SIGNUP_STRING))
+
 class LoggingSetPasswordForm(SetPasswordForm):
    def save(self, commit=True):
        do_change_password(self.user, self.cleaned_data['new_password1'],
--- a/zerver/views.py
+++ b/zerver/views.py
@@ -412,6 +412,13 @@ def json_invite_users(request, user_profile, invitee_emails=REQ):
    else:
        return json_success()

+def create_homepage_form(request, user_info=None):
+    if user_info:
+        return HomepageForm(user_info, domain=request.session.get("domain"))
+    # An empty fields dict is not treated the same way as not
+    # providing it.
+    return HomepageForm(domain=request.session.get("domain"))
+
 def handle_openid_errors(request, issue, openid_response=None):
    if issue == "Unknown user":
        if openid_response is not None and openid_response.status == openid_SUCCESS:
@@ -420,7 +427,7 @@ def handle_openid_errors(request, issue, openid_response=None):
            full_name = " ".join((
                    ax_response.get('http://axschema.org/namePerson/first')[0],
                    ax_response.get('http://axschema.org/namePerson/last')[0]))
-            form = HomepageForm({'email': google_email})
+            form = create_homepage_form(request, user_info={'email': google_email})
            request.verified_email = None
            if form.is_valid():
                # Construct a PreregistrationUser object and send the user over to
@@ -482,7 +489,7 @@ def logout_then_login(request, **kwargs):

 def create_preregistration_user(email, request):
    domain = request.session.get("domain")
-    if domain and not completely_open(domain):
+    if not completely_open(domain):
        domain = None
    prereg_user = PreregistrationUser(email=email, realm=get_realm(domain))
    prereg_user.save()
@@ -505,7 +512,7 @@ def accounts_home_with_domain(request, domain):

 def accounts_home(request):
    if request.method == 'POST':
-        form = HomepageForm(request.POST)
+        form = create_homepage_form(request, user_info=request.POST)
        if form.is_valid():
            email = form.cleaned_data['email']
            prereg_user = create_preregistration_user(email, request)
@@ -518,7 +525,7 @@ def accounts_home(request):
        except ValidationError:
            return HttpResponseRedirect(reverse('django.contrib.auth.views.login') + '?email=' + urllib.quote_plus(email))
    else:
-        form = HomepageForm()
+        form = create_homepage_form(request)
    return render_to_response('zerver/accounts_home.html',
                              {'form': form, 'current_url': request.get_full_path},
                              context_instance=RequestContext(request))