From: Sofia Papagiannaki <papagian@gmail.com>
Date: Fri, 18 May 2012 09:38:44 +0000 (+0300)
Subject: Configurable enable email change mechanism
X-Git-Tag: astakos/v0.6.0~7^2~14
X-Git-Url: https://code.grnet.gr/git/astakos/commitdiff_plain/e2447828a52b10c5101beb080ecab1bff4fad2ff

Configurable enable email change mechanism

Refs: #2415
---

diff --git a/snf-astakos-app/README b/snf-astakos-app/README
index 996f8ce..3e02efa 100644
--- a/snf-astakos-app/README
+++ b/snf-astakos-app/README
@@ -40,16 +40,16 @@ Settings
 
 Configure in ``settings.py`` or a ``.conf`` file in ``/etc/synnefo`` if using snf-webproject.
 
-=================================   =============================================================================   ===========================================================================================
+=================================== =============================================================================   ===========================================================================================
 Name                                Default value                                                                   Description
-=================================   =============================================================================   ===========================================================================================
+=================================== =============================================================================   ===========================================================================================
 ASTAKOS_AUTH_TOKEN_DURATION         one month                                                                       Expiration time of newly created auth tokens
 ASTAKOS_DEFAULT_USER_LEVEL          4                                                                               Default (not-invited) user level
 ASTAKOS_INVITATIONS_PER_LEVEL       {0:100, 1:2, 2:0, 3:0, 4:0}                                                     Number of user invitations per user level
 ASTAKOS_DEFAULT_FROM_EMAIL          GRNET Cloud <no-reply\@grnet.gr>                                                ``from`` parameter passed in ``django.core.mail.send_mail``
 ASTAKOS_DEFAULT_CONTACT_EMAIL       support\@cloud.grnet.gr                                                         Contact email
 ASTAKOS_DEFAULT_ADMIN_EMAIL         support\@cloud.grnet.gr                                                         Administrator email to receive user creation notifications (if None disables notifications)
-ASTAKOS_IM_MODULES                  ['local', 'shibboleth']                                              Signup modules
+ASTAKOS_IM_MODULES                  ['local', 'shibboleth']                                                         Signup modules
 ASTAKOS_FORCE_PROFILE_UPDATE        True                                                                            Force user profile verification
 ASTAKOS_INVITATIONS_ENABLED         True                                                                            Enable invitations
 ASTAKOS_COOKIE_NAME                 _pithos2_a                                                                      ``Key`` parameter passed in ``django.http.HttpResponse.set_cookie``
@@ -76,12 +76,14 @@ ASTAKOS_RE_USER_EMAIL_PATTERNS      []
 
 ASTAKOS_LOGIN_MESSAGES              {}                                                                              Notification messages to display on login page header
                                                                                                                     e.g. {'warning': 'Warning message (can contain html)'}
-ASTAKOS_PROFILE_EXTRA_LINKS         {}                                                                               messages to display as extra actions in account forms
+ASTAKOS_PROFILE_EXTRA_LINKS         {}                                                                              Messages to display as extra actions in account forms
                                                                                                                     e.g. {'https://cms.okeanos.grnet.gr/': 'Back to ~okeanos'}
-ASTAKOS_RATELIMIT_RETRIES_ALLOWED   3                                                                               Number of unsuccessful login requests allowed for a specific account.
+ASTAKOS_RATELIMIT_RETRIES_ALLOWED   3                                                                               Number of unsuccessful login requests per minute allowed for a specific account.
                                                                                                                     When this number exceeds and ASTAKOS_RECAPTCHA_ENABLED is set the user has to solve a
                                                                                                                     captcha challenge.
-=================================   =============================================================================   ===========================================================================================
+ASTAKOS_EMAILCHANGE_ENABLED         False                                                                           Enable email change mechanism
+ASTAKOS_EMAILCHANGE_ACTIVATION_DAYS 10                                                                              Number of days that email change requests remain active
+=================================== =============================================================================   ===========================================================================================
 
 Administrator functions
 -----------------------
diff --git a/snf-astakos-app/astakos/im/api.py b/snf-astakos-app/astakos/im/api.py
index a688648..d47b8f3 100644
--- a/snf-astakos-app/astakos/im/api.py
+++ b/snf-astakos-app/astakos/im/api.py
@@ -47,7 +47,8 @@ from django.core.urlresolvers import reverse
 
 from astakos.im.faults import BadRequest, Unauthorized, InternalServerError, Fault
 from astakos.im.models import AstakosUser
-from astakos.im.settings import CLOUD_SERVICES, INVITATIONS_ENABLED, COOKIE_NAME
+from astakos.im.settings import CLOUD_SERVICES, INVITATIONS_ENABLED, COOKIE_NAME, \
+EMAILCHANGE_ENABLED
 from astakos.im.util import epoch
 
 logger = logging.getLogger(__name__)
@@ -198,8 +199,9 @@ def get_menu(request, with_extra_links=False, with_signout=True):
             if user.has_usable_password():
                 l.append({ 'url': absolute(reverse('password_change')),
                           'name': "Change password" })
-            l.append({'url':absolute(reverse('email_change')),
-                      'name': "Change email"})
+            if EMAILCHANGE_ENABLED:
+                l.append({'url':absolute(reverse('email_change')),
+                          'name': "Change email"})
             if INVITATIONS_ENABLED:
                 l.append({ 'url': absolute(reverse('astakos.im.views.invite')),
                           'name': "Invitations" })
diff --git a/snf-astakos-app/astakos/im/settings.py b/snf-astakos-app/astakos/im/settings.py
index a364264..4adfa3e 100644
--- a/snf-astakos-app/astakos/im/settings.py
+++ b/snf-astakos-app/astakos/im/settings.py
@@ -83,5 +83,8 @@ PROFILE_EXTRA_LINKS = getattr(settings, 'ASTAKOS_PROFILE_EXTRA_LINKS', {})
 # The number of unsuccessful login requests per minute allowed for a specific email
 RATELIMIT_RETRIES_ALLOWED = getattr(settings, 'ASTAKOS_RATELIMIT_RETRIES_ALLOWED', 3)
 
-# # Set the expiration time of email change requests
+# If False the email change mechanism is disabled
+EMAILCHANGE_ENABLED = getattr(settings, 'ASTAKOS_EMAILCHANGE_ENABLED', False)
+
+# Set the expiration time (in days) of email change requests
 EMAILCHANGE_ACTIVATION_DAYS = getattr(settings, 'ASTAKOS_EMAILCHANGE_ACTIVATION_DAYS', 10)
diff --git a/snf-astakos-app/astakos/im/urls.py b/snf-astakos-app/astakos/im/urls.py
index b0f1a2c..5317574 100644
--- a/snf-astakos-app/astakos/im/urls.py
+++ b/snf-astakos-app/astakos/im/urls.py
@@ -35,7 +35,7 @@ from django.conf.urls.defaults import patterns, include, url
 from django.contrib.auth.views import password_change
 
 from astakos.im.forms import ExtendedPasswordResetForm, LoginForm
-from astakos.im.settings import IM_MODULES, INVITATIONS_ENABLED
+from astakos.im.settings import IM_MODULES, INVITATIONS_ENABLED, EMAILCHANGE_ENABLED
 from astakos.im.views import signed_terms_required
 
 urlpatterns = patterns('astakos.im.views',
@@ -49,11 +49,15 @@ urlpatterns = patterns('astakos.im.views',
     url(r'^approval_terms/?$', 'approval_terms', {}, name='latest_terms'),
     url(r'^approval_terms/(?P<term_id>\d+)/?$', 'approval_terms'),
     url(r'^password/?$', 'change_password', {}, name='password_change'),
-    url(r'^email_change/?$', 'change_email', {}, name='email_change'),
-    url(r'^email_change/confirm/(?P<activation_key>\w+)/', 'change_email', {},
-        name='email_change_confirm')
 )
 
+if EMAILCHANGE_ENABLED:
+    urlpatterns += patterns('astakos.im.views',
+        url(r'^email_change/?$', 'change_email', {}, name='email_change'),
+        url(r'^email_change/confirm/(?P<activation_key>\w+)/', 'change_email', {},
+            name='email_change_confirm')
+)
+    
 urlpatterns += patterns('astakos.im.target',
     url(r'^login/redirect/?$', 'redirect.login')
 )