Fix site notifications generated by send_product_alerts.
Notification subjects have a max length of 255 characters, which can easily be exceeded by long product names. Change the alert logic to provide a short notification subject and put the longer content in the notification body.
This patch also modifies the notification utils to make it obvious that the positional argument is a notification subject, not a body.
Don't allow multiple unconfirmed product alerts for anonymous users.
This is to prevent the possibility of spamming a user by generating lots of alert confirmation emails for product alerts.
Also allow unconfirmed alerts to be cancelled - we send a cancellation link in the confirmation email, so we should let users cancel an alert if they don't want to confirm it.
Fixes #2401.
We only needed it because Django 1.4 shipped with a pretty old version
of six. Support for that has been removed, and Django 1.5 ships with six
1.6.1, which is more current than we required.
This nicely avoids an issue with django-extra-views pinning a six
version which caused the sandbox build to fail:
https://travis-ci.org/tangentlabs/django-oscar/jobs/32223978#L971
Ignore capitalisation of local part of email address
Most email servers don't respect capitalisation, and many users don't
know about it. So Oscar now does what the rest of the world does, and
ignores the capitalisation when looking up an email address.
Fixes #1179.
The new version has been extended to allow the success URLs and messages
to be easily customised.
We also now redirect staff members to the dashboard when they first
login.
Disentangle Django's test client from Oscar's custom webtest class
Before this change, it was conflating WebTest functionality with the
Django test client. This change removes the Django test client
functionality (namely, the login function which was being automatically
called).
A shed-load of tests are adjusted to work with this change.
This almost completes the work for #826 - only a couple more references
to the Django client are left in the test codebase.
Previously, the 'key' kwarg was not respected and all products would get
added to the first wishlist.
Thanks to @DanielChu for reporting, and supplying a fix.
Fixes #1216
During the registration and in dashboard, the new password is required
to have min 6 characters and not be in common passwords. Those rules are
not enforced when changing password in the account section or resetting
password.
Extract password validators into core validators as they are used by
multiple apps. `password_validators` now contains all validators applied
to passwords: DRY principle.
Changed auth tests to have a proper password for password reset.
Previously, the test suite ran with a custom user model for Django >=
1.5, but it didn't subclass Oscar's AbstractUser. This commit adjusts
the custom user model to subclass Oscar's so we can test functionality
within the custom user class.
This does require a change to the way tests authenticate as we don't
actually use the username field.
This was a code change introduced in the refactoring, but does not make
any sense. Luckily, it also caused the tests to fail, so I'm happy to
revert it.
This allows updating code in both places, if necessary. Getting Django
1.5 support would be painful otherwise. This also removes the circular
dependency of django-oscar-testsupport on Oscar.
The requirements were merged. The imports were updated
accordingly. Unused imports in the touched files were removed. No
further changes.
* Emailbackend: Updated to use REQUIRED_FIELDS
* Demo and sandbox site now use compat.AUTH_USER_MODEL as well
* Added example custom user that gets tested for Django >= 1.5
Include 'back to search results' link on product detail page
This change introduces a templatetag which assigns context for adding a
'back to search results' link to a product detail page. This can be
useful for certain types of user (who don't use the back button) and
want to get back to their, possibly complicated, set of search filters.
Fixes #456
The AccountSummaryView was trying to do too much and included random
bits from the other views. It has been changed to a simple
RedirectView. The redirect target can now be set with
OSCAR_ACCOUNTS_REDIRECT_URL and defaults to the newly-introduced
ProfileView. This leaves the UX unchanged apart from the fact that
was used to be scripted tabs is now separate views.
There was a lot of template duplication between the separate views. I
have introduced a PageTitleMixin and used this to significantly reduce
redundancy (e.g. hundreds of lines). This also led to removing a few
slight inconsistencies regarding headings, breadcrumbs etc.
The new templates have been categorised in subfolders.
Apart from the new ProfileView, I've had to introduce a simple
ProductAlertListView. I've also upgraded the ProductAlertCancelView to
be useful for both canceling from emails etc. as before, but also from
the ProductAlertListView.
Tests: Check new password works after changing it.
The profile test can_change_password checked if the password change
form can be submitted succesfully, but did not verify that Django's
authentication system accepts the new password.
Adjust email auth backend to allow emails to contain capitals
Before it was lower-casing everything first which prevented users being
able to login if their email address contained capitals. We now only
lower case the host part as this is case-insensitive.
Fixes #505
Send warning emails when a user's email or password is changed
A basic security measure to ensure a user is aware if his/her account
gets compromised. The email contains a link to the password reset form
which allows a new password to be set.
Fixes #436
Samir Shah
Samir Shah
Alexander Gaevsky
Michael van Tellingen
Maik Hoepfel
David Winterbottom
Izidor Matušov
benvand
Xavier Ordoquy
Michael van Tellingen
chenull
Skirmantas Jurgaitis
Sebastian Vetter