Sanitized email on register forms

renzon · renzon · commit 5147aaf358d4 · 2020-02-21T10:24:23.000-03:00
Missing existing email sanitizing part of #1694
diff --git a/pythonpro/conftest.py b/pythonpro/conftest.py
@@ -20,6 +20,8 @@ def client_with_user(client, django_user_model, logged_user):
 @pytest.fixture
 def logged_user(django_user_model):
     logged_user = mommy.make(django_user_model)
+    logged_user.email = logged_user.email.lower()
+    logged_user.save()
     return logged_user
 
 
diff --git a/pythonpro/core/forms.py b/pythonpro/core/forms.py
@@ -9,7 +9,15 @@
 from pythonpro.core.models import User
 
 
-class UserEmailForm(ModelForm):
+class NormalizeEmailMixin:
+    def _normalize_email(self):
+        self.data = dict(self.data.items())
+        email = self.data.get('email')
+        if email is not None:
+            self.data['email'] = email.lower()
+
+
+class UserEmailForm(ModelForm, NormalizeEmailMixin):
     current_password = CharField(label=_("Password"), strip=False, required=True)
 
     class Meta:
@@ -19,6 +27,7 @@ class Meta:
     def __init__(self, *args, **kwargs):
         self.user = kwargs.pop('user')
         super().__init__(*args, **kwargs)
+        self._normalize_email()
 
     def clean(self):
         cleaned_data = super().clean()
@@ -27,7 +36,7 @@ def clean(self):
         return cleaned_data
 
 
-class UserSignupForm(UserCreationForm):
+class UserSignupForm(UserCreationForm, NormalizeEmailMixin):
     class Meta:
         model = User
         fields = ('first_name', 'email', 'source')
@@ -44,6 +53,7 @@ def __init__(self, *args, **kwargs):
             self._set_passwords(dct)
             args = (ChainMap(query_dict, dct), *args[1:])
         super().__init__(*args, **kwargs)
+        self._normalize_email()
 
     def _set_passwords(self, data):
         if 'password1' not in data and 'password2' not in data:
diff --git a/pythonpro/core/tests/test_lead_landing_page.py b/pythonpro/core/tests/test_lead_landing_page.py
@@ -32,18 +32,56 @@ def create_lead_mock(mocker):
     return mocker.patch('pythonpro.domain.user_facade._email_marketing_facade.create_or_update_lead')
 
 
+@pytest.fixture()
+def email(fake):
+    return fake.email()
+
+
 @pytest.fixture
-def resp_lead_creation(client, db, fake: Faker, create_lead_mock):
+def resp_lead_creation(client, db, fake: Faker, create_lead_mock, email):
     return client.post(
         reverse('core:lead_form') + '?utm_source=facebook',
         data={
             'first_name': fake.name(),
-            'email': fake.email(),
+            'email': email,
         },
         secure=True
     )
 
 
+def test_email_error_subscribing_with_email_variation(resp_lead_creation, email: str, fake, client):
+    email_upercase = email.upper()
+    resp = client.post(
+        reverse('core:lead_form') + '?utm_source=facebook',
+        data={
+            'first_name': fake.name(),
+            'email': email_upercase,
+        },
+        secure=True
+    )
+
+    assert resp.status_code == 400
+
+
+@pytest.fixture
+def resp_email_upper_case(client, db, fake: Faker, create_lead_mock, email):
+    email = email.upper()
+    return client.post(
+        reverse('core:lead_form') + '?utm_source=facebook',
+        data={
+            'first_name': fake.name(),
+            'email': email,
+        },
+        secure=True
+    )
+
+
+def test_email_normalization(resp_email_upper_case, email, django_user_model):
+    email_lower = email.lower()
+    user = django_user_model.objects.first()
+    assert user.email == email_lower
+
+
 @pytest.fixture
 def resp_lead_change_pasword(resp_lead_creation, client):
     client.post(
diff --git a/pythonpro/core/tests/test_view_profile.py b/pythonpro/core/tests/test_view_profile.py
@@ -54,3 +54,25 @@ def test_edit_email_link(resp_with_user):
 
 def test_edit_password_link(resp_with_user):
     dj_assert_contains(resp_with_user, reverse('core:profile_password'))
+
+
+@pytest.fixture
+def user_with_plain_password(django_user_model):
+    plain_password = 'senha'
+    u = mommy.make(django_user_model)
+    u.set_password(plain_password)
+    u.plain_password = plain_password
+    u.save()
+    return u
+
+
+def test_email_normalization(user_with_plain_password, client, django_user_model):
+    client.force_login(user_with_plain_password)
+    email = 'ALUNO@PYTHON.PRO.BR'
+    client.post(
+        reverse('core:profile_email'),
+        {'email': email, 'current_password': user_with_plain_password.plain_password},
+        secure=True
+    )
+    saved_user = django_user_model.objects.first()
+    assert saved_user.email == email.lower()
diff --git a/pythonpro/core/views.py b/pythonpro/core/views.py
@@ -9,7 +9,7 @@
 from django_sitemaps import Sitemap
 from rolepermissions.checkers import has_role
 
-from pythonpro.core.forms import UserEmailForm, UserSignupForm, LeadForm
+from pythonpro.core.forms import LeadForm, UserEmailForm, UserSignupForm
 from pythonpro.core.models import User
 from pythonpro.domain import user_facade
 
@@ -158,6 +158,6 @@ def lead_form(request):
     try:
         user = user_facade.register_lead(first_name, email, source)
     except user_facade.UserCreationException as e:
-        return render(request, 'core/lead_form_errors.html', context={'form': e.form})
+        return render(request, 'core/lead_form_errors.html', context={'form': e.form}, status=400)
     login(request, user)
     return redirect(reverse('payments:client_landing_page_oto'))
diff --git a/pythonpro/launch/forms.py b/pythonpro/launch/forms.py
@@ -1,5 +1,19 @@
 from django import forms
+from django.forms.utils import ErrorList
 
 
 class LeadForm(forms.Form):
     email = forms.EmailField(required=True)
+
+    def __init__(self, data=None, files=None, auto_id='id_%s', prefix=None, initial=None, error_class=ErrorList,
+                 label_suffix=None, empty_permitted=False, field_order=None, use_required_attribute=None,
+                 renderer=None):
+        super().__init__(data, files, auto_id, prefix, initial, error_class, label_suffix, empty_permitted, field_order,
+                         use_required_attribute, renderer)
+        self._normalize_email()
+
+    def _normalize_email(self):
+        self.data = dict(self.data.items())
+        email = self.data.get('email')
+        if email is not None:
+            self.data['email'] = email.lower()
diff --git a/pythonpro/launch/tests/test_lead_form.py b/pythonpro/launch/tests/test_lead_form.py
@@ -6,7 +6,12 @@
 
 @pytest.fixture
 def email(fake):
-    return fake.email()
+    return fake.email().lower()
+
+
+@pytest.fixture
+def email_upper(email):
+    return email.upper()
 
 
 @pytest.fixture
@@ -19,6 +24,11 @@ def resp(client, email, create_or_update_with_no_role, cohort):
     return client.post(reverse('launch:lead_form'), {'email': email}, secure=True)
 
 
+@pytest.fixture
+def resp_email_upper(client, email_upper, create_or_update_with_no_role, cohort):
+    return client.post(reverse('launch:lead_form'), {'email': email_upper}, secure=True)
+
+
 @pytest.fixture
 def invalid_email(email):
     return f'@{email}'
@@ -34,6 +44,12 @@ def test_email_marketing_sucess_integration(resp, email, create_or_update_with_n
                                                           f'turma-{cohort.slug}-semana-do-programador')
 
 
+def test_email_normalization(resp_email_upper, email, create_or_update_with_no_role, cohort):
+    first_name = email.split('@')[0]
+    create_or_update_with_no_role.assert_called_once_with(first_name, email,
+                                                          f'turma-{cohort.slug}-semana-do-programador')
+
+
 @pytest.fixture
 def resp_with_error(client, invalid_email, create_or_update_with_no_role):
     return client.post(reverse('launch:lead_form'), {'email': invalid_email}, secure=True)
