Launchpad itself

Merge ~cjwatson/launchpad:prevent-manual-activation into launchpad:master

Proposed by Colin Watson on 2022-09-15

Status:	Merged
Approved by:	Colin Watson on 2022-09-15
Approved revision:	14872e224ea36ab62ba7d773c00dbe2560262bd4
Merge reported by:	Otto Co-Pilot
Merged at revision:	not available
Proposed branch:	~cjwatson/launchpad:prevent-manual-activation
Merge into:	launchpad:master
Diff against target:	60 lines (+31/-0) 2 files modified lib/lp/registry/browser/person.py (+17/-0) lib/lp/registry/browser/tests/person-admin-views.rst (+14/-0)
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
Jürgen Gmach		2022-09-15	Approve on 2022-09-15
Review via email: mp+429959@code.launchpad.net

Commit message

Prevent activating accounts from +reviewaccount

Description of the change

This is otherwise a tempting mistake to make when dealing with account issues.

Revision history for this message

Jürgen Gmach (jugmac00) on 2022-09-15:

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Canonical Launchpad Engineering

Christina A Reitbauer

Colin Watson

Edson_g2020_ubuntuone Gomes

Jordan

Kevin bush

Maximiliano Bertacchini

noômen

to status/vote changes:

asimbol83

 diff --git a/lib/lp/registry/browser/person.py b/lib/lp/registry/browser/person.py
 index be5908b..8145cc0 100644
 --- a/lib/lp/registry/browser/person.py
 +++ b/lib/lp/registry/browser/person.py
@@ -1391,6 +1391,23 @@ class PersonAccountAdministerView(LaunchpadFormView):
          """See `LaunchpadEditFormView`."""
          return canonical_url(self.person)
++    def validate(self, data):
++        """See `LaunchpadFormView`."""
++        new_status = data.get("status")
++        if (
++            new_status != self.context.status
++            and new_status == AccountStatus.ACTIVE
++        ):
++            # This typically breaks, as it bypasses the code in
++            # `PersonSet.getOrCreateByOpenIDIdentifier` that sets the user's
++            # preferred email address.  Activating an account should only be
++            # done by the user themselves logging in from a Deactivated,
++            # Unactivated, or Placeholder account status.
++            self.setFieldError(
++                "status",
++                "Only the user themselves can activate their account.",
++            )
++
      @action("Change", name="change")
      def change_action(self, action, data):
          """Update the IAccount."""
 diff --git a/lib/lp/registry/browser/tests/person-admin-views.rst b/lib/lp/registry/browser/tests/person-admin-views.rst
 index e711afb..4a2e30a 100644
 --- a/lib/lp/registry/browser/tests/person-admin-views.rst
 +++ b/lib/lp/registry/browser/tests/person-admin-views.rst
@@ -160,6 +160,7 @@ user must log in to restore the email addresses using the reactivate step.
      >>> view = create_initialized_view(user, "+reviewaccount", form=form)
      >>> print(view.errors)
      []
++    >>> transaction.commit()
      >>> user.account_status
      <DBItem AccountStatus.DEACTIVATED, ...>
      >>> user.account_status_history
@@ -169,6 +170,19 @@ user must log in to restore the email addresses using the reactivate step.
      None
++An admin cannot manually activate an account.  The user must do that
++themselves by logging in.
++
++    >>> form = {
++    ...     "field.status": "ACTIVE",
++    ...     "field.comment": "Manually reactivating.",
++    ...     "field.actions.change": "Change",
++    ... }
++    >>> view = create_initialized_view(user, "+reviewaccount", form=form)
++    >>> print(view.errors)
++    ['Only the user themselves can activate their account.']
++
++
  An admin can mark an account as belonging to a user who has died.
      >>> form = {