Send confirmation email #4335
Send confirmation email #4335
Conversation
chadwhitacre
force-pushed
the
project/claim-packages
branch
2 times, most recently
from
bdd20ac
to
9ea1b0c
Compare
|
Rebased, was f3e657f. |
chadwhitacre
force-pushed
the
project/claim-packages-send
branch
4 times, most recently
from
53a7f29
to
91dcc5a
Compare
|
Gosh, this would be easier to implement if we kept it to two steps:
But that makes it harder for users. |
|
The natural thing for a user is to claim the package and add the email in one fell swoop. |
|
Our email infrastructure is pretty squishy. I started really getting into it yesterday, and I'm trying to decide how deep to go. |
chadwhitacre
force-pushed
the
project/claim-packages
branch
from
9ea1b0c
to
4ac1d86
Compare
chadwhitacre
force-pushed
the
project/claim-packages-send
branch
from
a9f9dfe
to
a487ef5
Compare
|
Rebased. |
Went pretty deep! 😁 |
chadwhitacre
force-pushed
the
project/claim-packages-send
branch
from
a487ef5
to
ba41e6d
Compare
chadwhitacre
force-pushed
the
project/claim-packages
branch
from
4ac1d86
to
11a436f
Compare
|
Alright, what the heck am I doing here? |
|
What's the end result here? What behavior? /me reviews ticket and parent ... |
|
|
|
(I updated the ticket description with requirements.) |
|
Blorg. Right. Gotta think through adding email vs. mailing before adding. Current infrastructure assumes ... wait, does it? Assume we're only ever sending to |
|
Ah ... is the |
|
Existing |
|
We can mostly use the existing |
chadwhitacre
force-pushed
the
project/claim-packages-send
branch
from
ba41e6d
to
b81cb7d
Compare
You can't raise it with a 200. The class works in concert with error.spt.
- use LocalizedErrorResponse to deduplicate error messages - don't include email address in error message to reduce spoofing surface
Only available with the new `start-verification` action.
|
Rebased, was de1a0a3. |
chadwhitacre
force-pushed
the
project/claim-packages-send
branch
from
de1a0a3
to
01c837f
Compare
|
LGTM...off to the second reviewr |
gratipay/models/participant/email.py
Outdated
| and returns ``None``. | ||
| """ | ||
| if not packages: | ||
| return |
There was a problem hiding this comment.
Is this a normal condition? If not, consider logging or throwing an exception. Seems odd to start a package claim on an empty list of packages.
There was a problem hiding this comment.
Done in 2c2a3a5. 👍
gratipay/models/participant/email.py
Outdated
| """ | ||
| if not packages: | ||
| return | ||
| VALUES, values = [], [] |
There was a problem hiding this comment.
Is this Gratipay convention, to use CAPS for format strings? Normally I'd expect that to be a constant.
There was a problem hiding this comment.
I had named it VALUES to harmonize with VALUES in the SQL statement, but I see your point. Addressed in 2c2a3a5.
gratipay/models/participant/email.py
Outdated
| for p in packages: | ||
| VALUES.append('(%s, %s)') | ||
| values += [nonce, p.id] | ||
| VALUES = ', '.join(VALUES) |
There was a problem hiding this comment.
It seems tricky to switch types of a variable from line to line. Maybe that's the Java coder in me though. ;-)
There was a problem hiding this comment.
Addressed in 2c2a3a5. For large inputs the ', '.join idiom is more performant than string concatenation due to Python implementation details, but our inputs here are not large (order of magnitude 100 packages max to be claimed at once).
There was a problem hiding this comment.
FWIW, I didn't have a problem with .join(), it was just my internal type checker twitching at VALUES starting as a list of strings and then getting reassigned to a string.
There was a problem hiding this comment.
P.S. @kaguillera thinks this is the Java coder in you. 😛
tests/py/test_email.py
Outdated
| headers = {b'HTTP_ACCEPT_LANGUAGE': b'en'} | ||
| return f('/~alice/emails/modify.json', data, auth_as=user, **headers) | ||
|
|
||
| # Hack to work around Aspen test client limitations. |
There was a problem hiding this comment.
Comment verbosified in 136591a.
| ('<b><a href="https://gratipay.com/~{0}/">{0}</a></b>'|safe).format(username)) }} | ||
| {% if new_email_verified %} | ||
| {{ ngettext( "We've received a request to connect the {package_name} npm package to the " | ||
| "{username} account on Gratipay. Sound familiar?" |
There was a problem hiding this comment.
What if it doesn't sound familiar?
What if it does, for that matter? I don't really know what I would do if I received an email like this.
Am I supposed to click the package name?
There was a problem hiding this comment.
Down on line 32 there's a "Yes, proceed!" button. Here's what it looks like:
There was a problem hiding this comment.
Ah, woops - didn't see that! Thanks!
gratipay/models/participant/email.py
Outdated
| VALUES.append('(%s, %s)') | ||
| values += [nonce, p.id] | ||
| VALUES = ', '.join(VALUES) | ||
| c.run('INSERT INTO claims (nonce, package_id) VALUES ' + VALUES, values) |
There was a problem hiding this comment.
I'm generally unfamiliar with the Gratipay DB environment. Does anything exist to clean up claims that lay around for a long time?
There was a problem hiding this comment.
No! Reticketed as #4408.
Should fix upstream some day. :/
gratipay/models/participant/email.py
Outdated
| for p in packages: | ||
| VALUES.append('(%s, %s)') | ||
| extra_sql += ' (%s, %s)' |
There was a problem hiding this comment.
Looks like maybe this isn't going to be delimited by commas anymore?
" (%s, %s) (%s, %s) (%s, %s)"
Maybe that's OK for Postgres though?
There was a problem hiding this comment.
Good point. The few tests I ran passed. Lessee here ...
There was a problem hiding this comment.
Yay CI! :-)
def execute(self, query, vars=None):
self.Record = None
> return super(NamedTupleCursor, self).execute(query, vars)
E ProgrammingError: syntax error at or near "("
E LINE 1: ...LUES ('208503b2-9283-4bc8-ab51-6ed60c28c9a3', 30) ('208503b2...
E
https://travis-ci.org/gratipay/gratipay.com/builds/221772022#L2879-L2884
Fixing ...
There was a problem hiding this comment.
You okay with 9926985?
|
With gratipay/inside.gratipay.com#1038 (comment) you should be cleared to merge, @dowski. Got a green button? |
|
Woo-hoo! 💃 |
Part of #4305.
Requirements
(7) and (8) from the workflow:
Todo
make sure we don't allow connecting the same package to two accountsthat happens on
finish-claim, notstart-claimstart_email_verificationto take packagesadd_emailto take packagesclaimswhen nonce is updated out from under it?modify.json.sptw/ tests—should call into PythonLazyResponseshould notify others listed as maintainers?no, too much for nowshould be able to start a verification for a different package w/ same email and have it not clobber the first (added? in addition?)Send confirmation email #4335 (comment)