diff --git a/src/postorius/auth/utils.py b/src/postorius/auth/utils.py index b502e79..d2b7a8d 100644 --- a/src/postorius/auth/utils.py +++ b/src/postorius/auth/utils.py @@ -20,17 +20,16 @@ Authentication and authorization-related utilities. """ +from allauth.account.models import EmailAddress from django.utils import six -from postorius.utils import set_other_emails from postorius.models import List def user_is_in_list_roster(user, mailing_list, roster): if not user.is_authenticated(): return False - if not hasattr(user, 'other_emails'): - set_other_emails(user) - addresses = set([user.email]) | set(user.other_emails) + addresses = set(EmailAddress.objects.filter( + user=user, verified=True).values_list("email", flat=True)) if addresses & set(getattr(mailing_list, roster)): return True # At least one address is in the roster return False diff --git a/src/postorius/middleware.py b/src/postorius/middleware.py index be44670..d55b79e 100644 --- a/src/postorius/middleware.py +++ b/src/postorius/middleware.py @@ -23,9 +23,6 @@ class PostoriusMiddleware(object): - def process_request(self, request): - utils.set_other_emails(request.user) - def process_exception(self, request, exception): if isinstance(exception, MailmanApiError): return utils.render_api_error(request) diff --git a/src/postorius/views/generic.py b/src/postorius/views/generic.py index 1ceda01..148048a 100644 --- a/src/postorius/views/generic.py +++ b/src/postorius/views/generic.py @@ -52,7 +52,6 @@ if 'list_id' in kwargs: self.mailing_list = self._get_list(kwargs['list_id'], int(kwargs.get('page', 1))) - utils.set_other_emails(request.user) set_user_access_props(request.user, self.mailing_list) # set the template if 'template' in kwargs: diff --git a/src/postorius/views/list.py b/src/postorius/views/list.py index 37932e2..f995f26 100644 --- a/src/postorius/views/list.py +++ b/src/postorius/views/list.py @@ -20,8 +20,8 @@ import email.utils import logging +from allauth.account.models import EmailAddress from django.http import HttpResponse, HttpResponseNotAllowed, Http404 - from django.contrib import messages from django.contrib.auth.decorators import login_required from django.core.urlresolvers import reverse @@ -203,7 +203,9 @@ 'userSubscribed': False, 'subscribed_address': None} if request.user.is_authenticated(): - user_emails = [request.user.email] + request.user.other_emails + user_emails = EmailAddress.objects.filter( + user=request.user, verified=True).order_by( + "email").values_list("email", flat=True) for address in user_emails: try: self.mailing_list.get_member(address) @@ -226,7 +228,9 @@ @method_decorator(login_required) def post(self, request, list_id): try: - user_emails = [request.user.email] + request.user.other_emails + user_emails = EmailAddress.objects.filter( + user=request.user, verified=True).order_by( + "email").values_list("email", flat=True) form = ListSubscribe(user_emails, request.POST) # Find the currently subscribed email old_email = None @@ -272,8 +276,10 @@ redirects to the `list_summary` view. """ try: - user_addresses = [request.user.email] + request.user.other_emails - form = ListSubscribe(user_addresses, request.POST) + user_emails = EmailAddress.objects.filter( + user=request.user, verified=True).order_by( + "email").values_list("email", flat=True) + form = ListSubscribe(user_emails, request.POST) if form.is_valid(): email = request.POST.get('email') response = self.mailing_list.subscribe( @@ -721,10 +727,10 @@ if len(roster) == 1: messages.error(request, _('Removing the last owner is impossible')) return redirect('list_members', the_list.list_id, role) - # the user may not have a other_emails property if it's a superuser - user_addresses = set([request.user.email]) | \ - set(getattr(request.user, 'other_emails', [])) - if address in user_addresses: + user_emails = EmailAddress.objects.filter( + user=request.user, verified=True).order_by( + "email").values_list("email", flat=True) + if address in user_emails: # The user is removing themselves, redirect to the list info page # because they won't have access to the members page anyway. redirect_on_success = redirect('list_summary', the_list.list_id) diff --git a/src/postorius/views/user.py b/src/postorius/views/user.py index 28c71d5..d6d2bd2 100644 --- a/src/postorius/views/user.py +++ b/src/postorius/views/user.py @@ -19,6 +19,7 @@ import logging +from allauth.account.models import EmailAddress from django.forms import formset_factory from django.contrib import messages from django.contrib.auth.decorators import login_required @@ -143,7 +144,6 @@ @login_required def user_list_options(request, list_id): - utils.set_other_emails(request.user) mlist = List.objects.get_or_404(fqdn_listname=list_id) mm_user = MailmanUser.objects.get(address=request.user.email) subscription = None @@ -170,7 +170,9 @@ messages.error(request, _('Something went wrong.')) else: form = UserPreferences(initial=subscription.preferences) - user_emails = [request.user.email] + request.user.other_emails + user_emails = EmailAddress.objects.filter( + user=request.user, verified=True).order_by( + "email").values_list("email", flat=True) subscription_form = ChangeSubscriptionForm( user_emails, initial={'email': subscription.email}) return render(request, 'postorius/user/list_options.html', @@ -230,7 +232,6 @@ @login_required def user_subscriptions(request): """Shows the subscriptions of a user.""" - utils.set_other_emails(request.user) try: mm_user = MailmanUser.objects.get_or_create_from_django(request.user) except MailmanApiError: