Delegate Account Creation #631
Conversation
|
Does anyone have some ideas for good unit tests on this? I have a few but I want to be confident that the accounts work as intended. |
| @@ -18,8 +18,7 @@ var DelegateSelect = React.createClass({ | |||
| return ( | |||
| <select | |||
| onChange={this.props.onChange} | |||
| value={this.props.selectedDelegateID} | |||
| disabled> | |||
There was a problem hiding this comment.
Could you remind me why this was disabled in the first place?
huxley/api/serializers/delegate.py
Outdated
| first_name=names[0], last_name=names[-1], | ||
| email=instance.email) | ||
| user.set_password(password) | ||
| user.save() |
There was a problem hiding this comment.
We're hitting the DB twice here: once when we call create, and once when we callsave. We should only do it once (right here). Instead of using the manager's create method, you should be able to just construct a User object. If there's a particular reason we're saving twice, feel free to ignore.
There was a problem hiding this comment.
Good catch; I'll fix this.
huxley/api/serializers/delegate.py
Outdated
| email=instance.email) | ||
| user.set_password(password) | ||
| user.save() | ||
| send_mail('A new account has been created for {0}!\n'.format(instance.name), |
There was a problem hiding this comment.
We should really use templates for emails. We have #109 open for that, if you wanna assign that to a new developer.
There was a problem hiding this comment.
I'll find someone this weekend to work on it
huxley/api/serializers/delegate.py
Outdated
| password = BaseUserManager().make_random_password(10) | ||
| user = User.objects.create(delegate=instance, username=username,\ | ||
| user_type=User.TYPE_DELEGATE,\ | ||
| last_login=datetime.now(), |
There was a problem hiding this comment.
Is this a field we added? If it's default Django, wouldn't this be set by default?
There was a problem hiding this comment.
It's something we set when creating accounts for advisors; I wasn't sure of the motivation there so I figured it wouldn't hurt to include it here as well.
huxley/api/serializers/delegate.py
Outdated
| user.save() | ||
| send_mail('A new account has been created for {0}!\n'.format(instance.name), | ||
| 'Username: {0}\n'.format(username) \ | ||
| + 'Password: {0}\n'.format(password) \ |
There was a problem hiding this comment.
Yikes, plaintext passwords. But, since delegates aren't creating their own accounts, I don't see an immediate way around this, other than forcing them to change their password the first time they log in.
There was a problem hiding this comment.
I agree it isn't great, but the accounts themselves contain nothing sensitive and we need an efficient way to distribute the passwords.
m-j-mcdonald
force-pushed
the
delegate_account_creation
branch
from
4de59db to
2bd63b0
Compare
The final part of #614. In addition to account creation, this makes the delegate's email a required field (so that the delegate can receive an email with account login information).