[IMP] auth_signup: fallback to login when token is no longer valid but user exists

bzr revid: rco@openerp.com-20120928142103-3a4vbs7y3gw135qm

addons/auth_signup/controllers/main.py

@@ -40,7 +40,6 @@ class Controller(openerpweb.Controller):
         with registry.cursor() as cr:
             res_partner = registry.get('res.partner')
             user_info = res_partner.signup_retrieve_info(cr, SUPERUSER_ID, token)
-            user_info.update(db=dbname, token=token)
         return user_info
 
     @openerpweb.httprequest

addons/auth_signup/res_users.py

@@ -85,10 +85,13 @@ class res_partner(osv.Model):
                 partner.write({'signup_token': token, 'signup_expiration': expiration})
         return True
 
-    def _signup_retrieve_partner(self, cr, uid, token, raise_exception=False, context=None):
-        """ find the partner corresponding to a token, and check its validity
+    def _signup_retrieve_partner(self, cr, uid, token,
+            check_validity=False, raise_exception=False, context=None):
+        """ find the partner corresponding to a token, and possibly check its validity
+            :param token: the token to resolve
+            :param check_validity: if True, also check validity
+            :param raise_exception: if True, raise exception instead of returning False
             :return: partner (browse record) or False (if raise_exception is False)
-            :raise: when token not valid (if raise_exception is True)
         """
         partner_ids = self.search(cr, uid, [('signup_token', '=', token)], context=context)
         if not partner_ids:
@@ -96,7 +99,7 @@ class res_partner(osv.Model):
                 raise Exception("Signup token '%s' is not valid" % token)
             return False
         partner = self.browse(cr, uid, partner_ids[0], context)
-        if not partner.signup_valid:
+        if check_validity and not partner.signup_valid:
             if raise_exception:
                 raise Exception("Signup token '%s' is no longer valid" % token)
             return False
@@ -104,14 +107,23 @@ class res_partner(osv.Model):
 
     def signup_retrieve_info(self, cr, uid, token, context=None):
         """ retrieve the user info about the token
-            :return: either {'name': ..., 'login': ...} if a user exists for that token,
-                     or {'name': ..., 'email': ...} otherwise
+            :return: a dictionary with the user information:
+                - 'db': the name of the database
+                - 'token': the token, if token is valid
+                - 'name': the name of the partner, if token is valid
+                - 'login': the user login, if the user already exists
+                - 'email': the partner email, if the user does not exist
         """
         partner = self._signup_retrieve_partner(cr, uid, token, raise_exception=True, context=None)
+        res = {'db': cr.dbname}
+        if partner.signup_valid:
+            res['token'] = token
+            res['name'] = partner.name
         if partner.user_ids:
-            return {'name': partner.name, 'login': partner.user_ids[0].login}
+            res['login'] = partner.user_ids[0].login
         else:
-            return {'name': partner.name, 'email': partner.email or ''}
+            res['email'] = partner.email or ''
+        return res
 
 
 
@@ -133,7 +145,8 @@ class res_users(osv.Model):
         if token:
             # signup with a token: find the corresponding partner id
             res_partner = self.pool.get('res.partner')
-            partner = res_partner._signup_retrieve_partner(cr, uid, token, raise_exception=True, context=None)
+            partner = res_partner._signup_retrieve_partner(cr, uid, token,
+                                        check_validity=True, raise_exception=True, context=None)
             # invalidate signup token
             partner.write({'signup_token': False, 'signup_expiration': False})
             if partner.user_ids:

addons/auth_signup/static/src/js/auth_signup.js

@@ -31,20 +31,23 @@ openerp.auth_signup = function(instance) {
             return d;
         },
         on_token_loaded: function(result) {
-            // switch to signup mode
-            this.$el.addClass("oe_login_signup");
             // select the right the database
             this.selected_db = result.db;
             this.on_db_loaded({db_list: [result.db]});
-            // set the name and login of user
-            this.$("form input[name=name]").val(result.name).attr("readonly", "readonly");
-            if (result.login) {
-                this.$("form input[name=login]").val(result.login).attr("readonly", "readonly");
+            if (result.token) {
+                // switch to signup mode, set user name and login
+                this.$el.addClass("oe_login_signup");
+                this.$("form input[name=name]").val(result.name).attr("readonly", "readonly");
+                if (result.login) {
+                    this.$("form input[name=login]").val(result.login).attr("readonly", "readonly");
+                } else {
+                    this.$("form input[name=login]").val(result.email);
+                }
             } else {
-                this.$("form input[name=login]").val(result.email);
+                // remain in login mode, set login if present
+                delete this.params.token;
+                this.$("form input[name=login]").val(result.login || "");
             }
-            this.$("form input[name=password]").val("");
-            this.$("form input[name=confirm_password]").val("");
         },
         on_token_failed: function(result, ev) {
             if (ev) {