Reset the required setting of the author_email widget each time.

Otherwise, the email field might get set to required when an anonymous user visits, and then remain required when an authenticated user visits, making it impossible for an authenticated user to fill in the form without validation error. Or when in the control panel the field is set as not required anymore, that change would have no effect until the instance was restarted.
2016-06-09 19:26:06 +02:00 · 2016-06-09 19:26:06 +02:00 · 6952923b1e
parent 4ecc7f0519
commit 6952923b1e
3 changed files with 78 additions and 1 deletions
--- a/CHANGES.rst
+++ b/CHANGES.rst
@ -14,7 +14,13 @@ New features:

 Bug fixes:

- *add item here*
+- Reset the required setting of the author_email widget each time.
+  Otherwise, the email field might get set to required when an
+  anonymous user visits, and then remain required when an
+  authenticated user visits, making it impossible for an authenticated
+  user to fill in the form without validation error.  Or when in the
+  control panel the field is set as not required anymore, that change
+  would have no effect until the instance was restarted.  [maurits]


 2.4.14 (2016-06-06)
--- a/plone/app/discussion/browser/comments.py
+++ b/plone/app/discussion/browser/comments.py
@ -87,6 +87,20 @@ class CommentForm(extensible.ExtensibleForm, form.Form):
        self.widgets['in_reply_to'].mode = interfaces.HIDDEN_MODE
        self.widgets['text'].addClass('autoresize')
        self.widgets['user_notification'].label = _(u'')
+        # Reset widget field settings to their defaults, which may be changed
+        # further on.  Otherwise, the email field might get set to required
+        # when an anonymous user visits, and then remain required when an
+        # authenticated user visits, making it impossible for an authenticated
+        # user to fill in the form without validation error.  Or when in the
+        # control panel the field is set as not required anymore, that change
+        # would have no effect until the instance was restarted.  Note that the
+        # widget is new each time, but the field is the same item in memory as
+        # the previous time.
+        self.widgets['author_email'].field.required = False
+        # The widget is new, but its 'required' setting is based on the
+        # previous value on the field, so we need to reset it here.  Changing
+        # the field in updateFields does not help.
+        self.widgets['author_email'].required = False

        # Rename the id of the text widgets because there can be css-id
        # clashes with the text field of documents when using and overlay
--- a/plone/app/discussion/tests/functional_test_comments.txt
+++ b/plone/app/discussion/tests/functional_test_comments.txt
@ -479,3 +479,60 @@ Make sure the edit was successful.

    >>> 'Lorem ipsum' in browser.contents
    True
+
+
+Require anonymous email
+-----------------------
+
+Edit the control panel.
+
+    >>> browser.open(portal_url + '/logout')
+    >>> browser.open(portal_url + '/login_form')
+    >>> browser.getControl(name='__ac_name').value = 'admin'
+    >>> browser.getControl(name='__ac_password').value = 'secret'
+    >>> browser.getControl(name='submit').click()
+    >>> browser.open(portal_url+'/@@discussion-controlpanel')
+    >>> browser.getControl(name='form.widgets.anonymous_email_enabled:list').value = [True]
+    >>> browser.getControl(name='form.buttons.save').click()
+    >>> browser.open(portal_url + '/logout')
+
+Post an anonymous comment without setting the email.
+
+    >>> unprivileged_browser.open(urldoc1)
+    >>> unprivileged_browser.getControl(name='form.widgets.text').value = "This is an anonymous comment without email"
+    >>> unprivileged_browser.getControl(name='form.buttons.comment').click()
+    >>> 'Required input is missing' in unprivileged_browser.contents
+    True
+
+Try again.
+
+    >>> unprivileged_browser.getControl(name='form.widgets.text').value = "This is an anonymous comment with email"
+    >>> unprivileged_browser.getControl(name='form.widgets.author_email').value = "email@example.org"
+    >>> unprivileged_browser.getControl(name='form.buttons.comment').click()
+    >>> 'Required input missing' in unprivileged_browser.contents
+    False
+    >>> 'Your comment awaits moderator approval' in unprivileged_browser.contents
+    True
+
+Posting as member should still work.  Especially it should not
+complain about missing input for an invisible author_email field.
+Login as user 'jim'.
+
+    >>> browser_member.open(portal_url + '/login_form')
+    >>> browser_member.getControl(name='__ac_name').value = 'jim'
+    >>> browser_member.getControl(name='__ac_password').value = 'secret'
+    >>> browser_member.getControl(name='submit').click()
+
+Post a comment as user jim.
+
+    >>> browser_member.open(urldoc1)
+    >>> browser_member.getControl(name='form.widgets.text').value = "Use the ZODB, Luke!"
+    >>> submit = browser_member.getControl(name='form.buttons.comment')
+    >>> submit.click()
+
+Check if there are no validation errors.
+
+    >>> 'Required input missing' in browser_member.contents
+    False
+    >>> 'Your comment awaits moderator approval' in browser_member.contents
+    True