diff --git a/CHANGELOG.md b/CHANGELOG.md index d8ce9c5a..1108b714 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,12 @@ # Changelog All notable changes to this project will be documented in this file. +## Unreleased + +### Improvements +- Add the EMAIL_USE_VERIFICATION configuration setting (#232) + + ## 1.6.0 - 2019-04-01 ### Improvements diff --git a/README.md b/README.md index f8522998..9c25cd96 100644 --- a/README.md +++ b/README.md @@ -106,6 +106,7 @@ Configurations settings loaded from environment variables: | EMAIL_HOST_USER | `""` *(empty string)* | EMAIL_HOST_PASSWORD | `""` *(empty string)* | EMAIL_USE_TLS | `"True"` +| EMAIL_USE_VERIFICATION | `"True"` | SITE_ROOT | `"http://localhost:8000"` | SITE_NAME | `"Mychecks"` | MASTER_BADGE_LABEL | `"Mychecks"` @@ -158,6 +159,11 @@ can send pings). If you close new user registration, you can still selectively invite users to your team account. +`EMAIL_USE_VERIFICATION` enables/disables the sending of a verification +link when an email address is added to the list of notification methods. +Set it to `False` if you are setting up a private healthchecks instance where +you trust your users and want to avoid the extra verification step. + ## Database Configuration diff --git a/hc/front/tests/test_add_email.py b/hc/front/tests/test_add_email.py index 7b8e1350..b3bc891d 100644 --- a/hc/front/tests/test_add_email.py +++ b/hc/front/tests/test_add_email.py @@ -1,8 +1,11 @@ +from django.core import mail +from django.test.utils import override_settings + from hc.api.models import Channel from hc.test import BaseTestCase -class AddPdTestCase(BaseTestCase): +class AddEmailTestCase(BaseTestCase): url = "/integrations/add_email/" def test_instructions_work(self): @@ -23,6 +26,12 @@ class AddPdTestCase(BaseTestCase): self.assertFalse(c.email_verified) self.assertEqual(c.project, self.project) + # Email should have been sent + self.assertEqual(len(mail.outbox), 1) + + email = mail.outbox[0] + self.assertTrue(email.subject.startswith("Verify email address on")) + def test_team_access_works(self): form = {"value": "bob@example.org"} @@ -48,3 +57,19 @@ class AddPdTestCase(BaseTestCase): c = Channel.objects.get() self.assertEqual(c.value, "alice@example.org") + + @override_settings(EMAIL_USE_VERIFICATION=False) + def test_it_auto_verifies_email(self): + form = {"value": "alice@example.org"} + + self.client.login(username="alice@example.org", password="password") + r = self.client.post(self.url, form) + self.assertRedirects(r, "/integrations/") + + c = Channel.objects.get() + self.assertEqual(c.kind, "email") + self.assertEqual(c.value, "alice@example.org") + self.assertTrue(c.email_verified) + + # Email should *not* have been sent + self.assertEqual(len(mail.outbox), 0) diff --git a/hc/front/views.py b/hc/front/views.py index 7fe3edfe..f41bb324 100644 --- a/hc/front/views.py +++ b/hc/front/views.py @@ -646,7 +646,15 @@ def add_email(request): channel.save() channel.assign_all_checks() - channel.send_verify_link() + + if settings.EMAIL_USE_VERIFICATION: + channel.send_verify_link() + else: + # In self-hosted setting, administator has the option to + # disable the email verification step. + channel.email_verified = True + channel.save() + return redirect("hc-channels") else: form = AddEmailForm() diff --git a/hc/settings.py b/hc/settings.py index daf97404..9cd77c64 100644 --- a/hc/settings.py +++ b/hc/settings.py @@ -166,6 +166,7 @@ EMAIL_PORT = envint("EMAIL_PORT", "587") EMAIL_HOST_USER = os.getenv("EMAIL_HOST_USER", "") EMAIL_HOST_PASSWORD = os.getenv("EMAIL_HOST_PASSWORD", "") EMAIL_USE_TLS = envbool("EMAIL_USE_TLS", "True") +EMAIL_USE_VERIFICATION = envbool("EMAIL_USE_VERIFICATION", "True") # Slack integration SLACK_CLIENT_ID = os.getenv("SLACK_CLIENT_ID")