creating configuration setting to mantain backwards compatibility

37f7aaa3 · Eduardo Matos · 183ca8fb · 37f7aaa3 · 37f7aaa3
Commit 37f7aaa3 authored Nov 22, 2014 by Eduardo Matos
--- a/password_reset/forms.py
+++ b/password_reset/forms.py
@@ -45,7 +45,12 @@ class PasswordRecoveryForm(forms.Form):
        cleaner = getattr(self, 'get_user_by_%s' % self.label_key)
        self.cleaned_data['user'] = user = cleaner(username)

-        if hasattr(user, 'is_active') and not user.is_active:
+        from django.conf import settings
+        recovery_only_active_users = getattr(settings,\
+            'RECOVER_ONLY_ACTIVE_USERS', False)
+
+        if recovery_only_active_users and \
+           hasattr(user, 'is_active') and not user.is_active:
            raise forms.ValidationError(_("Sorry, this user is inactive and "
                                          "his password can't be recovered."))


--- a/password_reset/tests/tests.py
+++ b/password_reset/tests/tests.py
@@ -6,6 +6,7 @@ from django.test import TestCase
 from django.test.utils import override_settings
 from django.utils import timezone
 from django.utils.unittest import SkipTest
+from django.conf import settings

 from ..forms import PasswordRecoveryForm, PasswordResetForm
 from ..utils import get_user_model
@@ -93,7 +94,7 @@ class FormTests(TestCase):
        }, case_sensitive=False)
        self.assertTrue(form.is_valid())

-    def test_error_if_user_is_inactive(self):
+    def test_raise_error_if_user_is_inactive_and_settings_doesnt_allow_inactive_password_recovery(self):
        user = create_user()

        if hasattr(user, 'is_active'):
@@ -101,12 +102,20 @@ class FormTests(TestCase):
            user.save()

            form = PasswordRecoveryForm(data={'username_or_email': user.email})
+            self.assertTrue(form.is_valid(), 'Password from inactive should be recovered')

+            settings.RECOVER_ONLY_ACTIVE_USERS = True
+
+            form = PasswordRecoveryForm(data={'username_or_email': user.email})
            self.assertFalse(form.is_valid(), 'Password from inactive user should not be recovered')

            self.assertItemsEqual(form.errors['username_or_email'],
                [u"Sorry, this user is inactive and his password can't be recovered."])

+            # tear down settings
+            del settings.RECOVER_ONLY_ACTIVE_USERS
+
+
    def test_form_custom_search(self):
        # Searching only for email does some extra validation
        form = PasswordRecoveryForm(data={