Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature: Added an account disabled page #3391

Open
wants to merge 14 commits into
base: main
Choose a base branch
from
Open

Feature: Added an account disabled page #3391

wants to merge 14 commits into from
+65 −0

Conversation

RafaelJohn9
Copy link
Contributor

this PR addresses issue #3153

@codecov-commenter
Copy link

codecov-commenter commented Oct 1, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 85.71429% with 5 lines in your changes missing coverage. Please review.

Project coverage is 79.00%. Comparing base (638ae4f) to head (08710a2).
Report is 3 commits behind head on main.

Additional details and impacted files

@RafaelJohn9 RafaelJohn9 marked this pull request as draft October 4, 2024 04:35
@RafaelJohn9 RafaelJohn9 marked this pull request as ready for review October 13, 2024 19:15
@RafaelJohn9 RafaelJohn9 marked this pull request as draft October 28, 2024 03:42
@mathjazz
Copy link
Collaborator

mathjazz commented Jan 6, 2025

Hi @RafaelJohn9, is this ready for review? Could you please rebase it? Do you mind if I do it?

@RafaelJohn9
Copy link
Contributor Author

uhmm yea sure @mathjazz , you can take on the issue 🤝 , sorry for the delay

@RafaelJohn9
Copy link
Contributor Author

RafaelJohn9 commented Jan 20, 2025
edited
Loading

hey @mathjazz, on second thoughts, lemme complete this 🤝

@RafaelJohn9
Feature: Added account disabled page
d76b3f9 
Signed-off-by: RafaelJohn9 <rafaeljohb@gmail.com>
@RafaelJohn9 RafaelJohn9 force-pushed the feat_account_disable_page branch from 0ebd442 to d76b3f9 Compare January 20, 2025 11:21
@RafaelJohn9 RafaelJohn9 marked this pull request as ready for review January 20, 2025 11:22
@RafaelJohn9
Fix: Moved AccountDisabledMiddleware at the bottom in base.py\n\nTry …
3ac7caa 
…to see if the reason its not being activated arrives from its possition in the middlewares\n

Signed-off-by: RafaelJohn9 <rafaeljohb@gmail.com>
@RafaelJohn9
Fix: Updated test file on accountdisabledmiddleware
3ef5bd3 
Signed-off-by: RafaelJohn9 <rafaeljohb@gmail.com>
@RafaelJohn9
Copy link
Contributor Author

hey @mathjazz , well I've configured everything correctly, issue arises in the AuthenticationMiddleware, it's weird how is_authenticated=true and is_active=false doesn't pass this middleware

@RafaelJohn9
Copy link
Contributor Author

RafaelJohn9 commented Jan 20, 2025
edited
Loading

Looking for a way to by pass this 🤝

@RafaelJohn9
Fix: Account disabled page
4feaf25 
Signed-off-by: RafaelJohn9 <rafaeljohb@gmail.com>
@RafaelJohn9
Copy link
Contributor Author

oops, well is_authenticated=False && is_active=False works so yeah 😄

@RafaelJohn9
Fix: test failing workflow
84ce15c 
Signed-off-by: RafaelJohn9 <rafaeljohb@gmail.com>
@RafaelJohn9
Update: temp commented the accountdisabled test
88316bd 
Signed-off-by: RafaelJohn9 <rafaeljohb@gmail.com>
@RafaelJohn9
Fix: Only checks if user is active
ac0fcc1 
Signed-off-by: RafaelJohn9 <rafaeljohb@gmail.com>
@RafaelJohn9
Update: updated the account disabled middleware
b153657 
Signed-off-by: RafaelJohn9 <rafaeljohb@gmail.com>
@RafaelJohn9
Update: Fix: Account disabled middleware
bddfb0f 
Signed-off-by: RafaelJohn9 <rafaeljohb@gmail.com>
@RafaelJohn9
Update: Changed position of the middleware
4ce40e6 
Signed-off-by: RafaelJohn9 <rafaeljohb@gmail.com>
@RafaelJohn9
Fix: account disabled middleware
919d0fd 
Signed-off-by: RafaelJohn9 <rafaeljohb@gmail.com>
@RafaelJohn9
Update: Uncommented the account disabled test
08710a2 
Signed-off-by: RafaelJohn9 <rafaeljohb@gmail.com>
mathjazz
mathjazz reviewed Jan 23, 2025
View reviewed changes
Copy link
Collaborator

@mathjazz mathjazz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the patch! Left some comments inline.

pontoon/settings/base.py Outdated Show resolved Hide resolved
pontoon/settings/base.py Outdated Show resolved Hide resolved
pontoon/base/templates/account_disabled.html Outdated Show resolved Hide resolved
pontoon/base/templates/account_disabled.html Outdated Show resolved Hide resolved
pontoon/base/middleware.py Outdated Show resolved Hide resolved
pontoon/base/middleware.py Outdated
Comment on lines 175 to 188
# For non-authenticated users, check the session manually
user_id = request.session.get("_auth_user_id")
if user_id:
try:
user = User.objects.get(pk=user_id)
if not user.is_active:
return render(
request,
"account_disabled.html",
{"DEFAULT_FROM_EMAIL": settings.DEFAULT_FROM_EMAIL},
status=403,
)
except User.DoesNotExist:
pass # If the user ID is invalid, ignore it
Copy link
Collaborator

@mathjazz mathjazz Jan 23, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What exactly does this code do? If the user is not authenticated, we shouldn't do anything.

Copy link
Contributor Author

@RafaelJohn9 RafaelJohn9 Jan 23, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mathjazz , I was having trouble running the code without this patch, mainly when the user is not active and wishes to login, it does not pass through the AuthMiddleware,

did some digging and found that one of the requirements for a user to be authenticated is that the user must be active

I tried checking if both is_active and is_authenticated is false, however, this sort of thing affects AnonymousUser's meaning they can't browse any pages if you aren't authenticated.

So I updated the patch to have two parts just in case:

  • User is_authenticated and not active
  • User is not active but is an existing user in the database

the path highlighted presents the second part of the patch,

@RafaelJohn9
Fix: Nits && Logical Errors in mozilla#3391
3b8d978 
Signed-off-by: RafaelJohn9 <rafaeljohb@gmail.com>
@RafaelJohn9 RafaelJohn9 requested a review from mathjazz January 26, 2025 15:35
@flodolo
Copy link
Collaborator

flodolo commented Jan 27, 2025

The back-end test failure should be unrelated. You will need to rebase once the test is fixed.

@RafaelJohn9
Copy link
Contributor Author

The back-end test failure should be unrelated. You will need to rebase once the test is fixed.

okay 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mathjazz mathjazz Awaiting requested review from mathjazz

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@RafaelJohn9 @codecov-commenter @mathjazz @flodolo