Loading lib/galaxy/managers/users.py +1 −1 Original line number Diff line number Diff line Loading @@ -580,7 +580,7 @@ class UserManager(base.ModelManager, deletable.PurgableManagerMixin): def get_reset_token(self, trans, email): reset_user = get_user_by_email(trans.sa_session, email, self.app.model.User) if not reset_user and email != email.lower(): if not reset_user: reset_user = self._get_user_by_email_case_insensitive(trans.sa_session, email) if reset_user and not reset_user.deleted: prt = self.app.model.PasswordResetToken(reset_user) Loading lib/galaxy/security/validate_user_input.py +1 −0 Original line number Diff line number Diff line Loading @@ -85,6 +85,7 @@ def validate_email(trans, email, user=None, check_dup=True, allow_empty=False, v Validates the email format. Checks whether the domain is blocklisted in the disposable domains configuration. Checks whether the email address is banned. Optionally checks if email exists. """ if (user and user.email == email) or (email == "" and allow_empty): return "" Loading test/unit/webapps/test_login.py +13 −2 Original line number Diff line number Diff line Loading @@ -11,11 +11,11 @@ from galaxy.security.passwords import check_password from galaxy.util.unittest import TestCase from galaxy.webapps.galaxy.controllers.user import User admin_email = "admin@admin.admin" admin_email = "admin@example.org" admin_users = admin_email default_password = "123456" changed_password = "654321" user2_data = dict(email="user2@user2.user2", username="user2", password=default_password) user2_data = dict(email="User2@example.org", username="user2", password=default_password) class TestLoginController(TestCase): Loading Loading @@ -84,3 +84,14 @@ class TestLoginController(TestCase): controller.login(self.trans, payload={"login": user2.username, "password": default_password}) ) assert response["message"] == "Success." def test_get_reset_token(self): def _check_reset_token(email): reset_user, prt = self.user_manager.get_reset_token(self.trans, email) assert user2 == reset_user assert prt.user == user2 user2 = self.user_manager.create(**user2_data) _check_reset_token(user2_data["email"]) _check_reset_token(user2_data["email"].lower()) _check_reset_token(user2_data["email"].upper()) Loading
lib/galaxy/managers/users.py +1 −1 Original line number Diff line number Diff line Loading @@ -580,7 +580,7 @@ class UserManager(base.ModelManager, deletable.PurgableManagerMixin): def get_reset_token(self, trans, email): reset_user = get_user_by_email(trans.sa_session, email, self.app.model.User) if not reset_user and email != email.lower(): if not reset_user: reset_user = self._get_user_by_email_case_insensitive(trans.sa_session, email) if reset_user and not reset_user.deleted: prt = self.app.model.PasswordResetToken(reset_user) Loading
lib/galaxy/security/validate_user_input.py +1 −0 Original line number Diff line number Diff line Loading @@ -85,6 +85,7 @@ def validate_email(trans, email, user=None, check_dup=True, allow_empty=False, v Validates the email format. Checks whether the domain is blocklisted in the disposable domains configuration. Checks whether the email address is banned. Optionally checks if email exists. """ if (user and user.email == email) or (email == "" and allow_empty): return "" Loading
test/unit/webapps/test_login.py +13 −2 Original line number Diff line number Diff line Loading @@ -11,11 +11,11 @@ from galaxy.security.passwords import check_password from galaxy.util.unittest import TestCase from galaxy.webapps.galaxy.controllers.user import User admin_email = "admin@admin.admin" admin_email = "admin@example.org" admin_users = admin_email default_password = "123456" changed_password = "654321" user2_data = dict(email="user2@user2.user2", username="user2", password=default_password) user2_data = dict(email="User2@example.org", username="user2", password=default_password) class TestLoginController(TestCase): Loading Loading @@ -84,3 +84,14 @@ class TestLoginController(TestCase): controller.login(self.trans, payload={"login": user2.username, "password": default_password}) ) assert response["message"] == "Success." def test_get_reset_token(self): def _check_reset_token(email): reset_user, prt = self.user_manager.get_reset_token(self.trans, email) assert user2 == reset_user assert prt.user == user2 user2 = self.user_manager.create(**user2_data) _check_reset_token(user2_data["email"]) _check_reset_token(user2_data["email"].lower()) _check_reset_token(user2_data["email"].upper())
