Launchpad itself

Merge lp:~salgado/launchpad/bug-547054 into lp:launchpad/db-devel

bug-547054
Merge into db-devel

Proposed by Guilherme Salgado on 2010-03-30

Status:

Merged

Merged at revision:

not available

Proposed branch:

lp:~salgado/launchpad/bug-547054

Merge into:

lp:launchpad/db-devel

Diff against target:

116 lines (+49/-11)

2 files modified

lib/canonical/launchpad/webapp/login.py (+20/-7)
lib/canonical/launchpad/webapp/tests/test_login.py (+29/-4)

To merge this branch:

bzr merge lp:~salgado/launchpad/bug-547054

High

Fix Released

Link a bug report

Reviewer	Review Type	Date Requested	Status
Francis J. Lacoste (community)	release-critical		Approve on 2010-03-30
Brad Crittenden (community)	code	2010-03-30	Approve on 2010-03-30
Deryck Hodge	release-critical	2010-03-30	Pending
Review via email: mp+22460@code.launchpad.net

Description of the change

Do not render the login-error page when the user is already logged in.
Instead, redirect to the starting_url defined in the OpenID response and
add a notification message to the response.

--
Guilherme Salgado <email address hidden>

Revision history for this message

Brad Crittenden (bac) on 2010-03-30:

review: Approve (code)

Revision history for this message

Francis J. Lacoste (flacoste) on 2010-03-30:

review: Approve (release-critical)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Celso Providelo

Colin Watson

Guilherme Salgado

Launchpad code reviewers from Canonical

Mantavya Gajjar (Open ERP)

Stuart Bishop

William Grant

to status/vote changes:

Tomi Karjalainen

 === modified file 'lib/canonical/launchpad/webapp/login.py'
 --- lib/canonical/launchpad/webapp/login.py	2010-03-18 15:21:03 +0000
 +++ lib/canonical/launchpad/webapp/login.py	2010-03-30 15:23:29 +0000
@@ -284,7 +284,6 @@
      def render(self):
          if self.openid_response.status == SUCCESS:
              identifier = self.openid_response.identity_url.split('/')[-1]
--            account_set = getUtility(IAccountSet)
              should_update_last_write = False
              # Force the use of the master database to make sure a lagged slave
              # doesn't fool us into creating a Person/Account when one already
@@ -311,15 +310,23 @@
                  # the master DB and thus see the changes we've just made.
                  session_data = ISession(self.request)['lp.dbpolicy']
                  session_data['last_write'] = datetime.utcnow()
--            target = self.request.form.get('starting_url')
--            if target is None:
--                target = self.getApplicationURL()
--            self.request.response.redirect(target, temporary_if_possible=True)
++            self._redirect()
              # No need to return anything as we redirect above.
              retval = None
          else:
--            retval = OpenIDLoginErrorView(
--                self.context, self.request, self.openid_response)()
++            if self.account is not None:
++                # The authentication failed (or was canceled), but the user is
++                # already logged in, so we just add a notification message and
++                # redirect.
++                self.request.response.addNoticeNotification(
++                    _(u'Your authentication failed but you were already '
++                       'logged into Launchpad.'))
++                self._redirect()
++                # No need to return anything as we redirect above.
++                retval = None
++            else:
++                retval = OpenIDLoginErrorView(
++                    self.context, self.request, self.openid_response)()
          # The consumer.complete() call above will create entries in
          # OpenIDConsumerNonce to prevent replay attacks, but since this will
@@ -329,6 +336,12 @@
          return retval
++    def _redirect(self):
++        target = self.request.form.get('starting_url')
++        if target is None:
++            target = self.getApplicationURL()
++        self.request.response.redirect(target, temporary_if_possible=True)
++
  class OpenIDLoginErrorView(LaunchpadView):
 === modified file 'lib/canonical/launchpad/webapp/tests/test_login.py'
 --- lib/canonical/launchpad/webapp/tests/test_login.py	2010-03-04 14:03:34 +0000
 +++ lib/canonical/launchpad/webapp/tests/test_login.py	2010-03-30 15:23:29 +0000
@@ -107,13 +107,16 @@
      layer = DatabaseFunctionalLayer
      def _createViewWithResponse(
--            self, account, response_status=SUCCESS, response_msg=''):
++            self, account, response_status=SUCCESS, response_msg='',
++            view_class=StubbedOpenIDCallbackView):
          openid_response = FakeOpenIDResponse(
              ITestOpenIDPersistentIdentity(account).openid_identity_url,
              status=response_status, message=response_msg)
--        return self._createAndRenderView(openid_response)
++        return self._createAndRenderView(
++            openid_response, view_class=view_class)
--    def _createAndRenderView(self, response):
++    def _createAndRenderView(self, response,
++                             view_class=StubbedOpenIDCallbackView):
          request = LaunchpadTestRequest(
              form={'starting_url': 'http://launchpad.dev/after-login'},
              environ={'PATH_INFO': '/'})
@@ -122,7 +125,7 @@
          # setup a newInteraction() using our request.
          logout()
          newInteraction(request)
--        view = StubbedOpenIDCallbackView(object(), request)
++        view = view_class(object(), request)
          view.initialize()
          view.openid_response = response
          # Monkey-patch getByOpenIDIdentifier() to make sure the view uses the
@@ -235,6 +238,28 @@
          main_content = extract_text(find_main_content(html))
          self.assertIn('Your login was unsuccessful', main_content)
++    def test_negative_openid_assertion_when_user_already_logged_in(self):
++        # The OpenID provider responded with a negative assertion, but the
++        # user already has a valid cookie, so we add a notification message to
++        # the response and redirect to the starting_url specified in the
++        # OpenID response.
++        test_account = self.factory.makeAccount('Test account')
++        class StubbedOpenIDCallbackViewLoggedIn(StubbedOpenIDCallbackView):
++            account = test_account
++        view, html = self._createViewWithResponse(
++            test_account, response_status=FAILURE,
++            response_msg='Server denied check_authentication',
++            view_class=StubbedOpenIDCallbackViewLoggedIn)
++        self.assertFalse(view.login_called)
++        response = view.request.response
++        self.assertEquals(httplib.TEMPORARY_REDIRECT, response.getStatus())
++        self.assertEquals(view.request.form['starting_url'],
++                          response.getHeader('Location'))
++        notification_msg = view.request.response.notifications[0].message
++        expected_msg = ('Your authentication failed but you were already '
++                        'logged into Launchpad')
++        self.assertIn(expected_msg, notification_msg)
++
      def test_IAccountSet_getByOpenIDIdentifier_monkey_patched(self):
          with IAccountSet_getByOpenIDIdentifier_monkey_patched():
              self.assertRaises(

Launchpad itself

Merge lp:~salgado/launchpad/bug-547054 into lp:launchpad/db-devel

Commit message

Description of the change

Preview Diff

Subscribers