Skip to content

Commit

Permalink
Merge pull request #3642 from open-formulieren/fix/3613-resume-form-l…
Browse files Browse the repository at this point in the history 
…ogin

[#3613] Fix resuming submission when form does not require login
  • Loading branch information
@SilviaAmAm
SilviaAmAm authored Dec 1, 2023
2 parents ea22ca1 + f0fec46 commit 14a50bc
Show file tree
Hide file tree
Showing 2 changed files with 40 additions and 3 deletions.
36 changes: 36 additions & 0 deletions src/openforms/submissions/tests/test_resume_form_view.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@
class SubmissionResumeViewTests(FrontendRedirectMixin, TestCase):
def test_good_token_and_submission_redirect_and_add_submission_to_session(self):
submission = SubmissionFactory.from_components(
form__formstep__form_definition__login_required=False,
completed=True,
components_list=[
{
Expand Down Expand Up @@ -420,3 +421,38 @@ def test_resume_creates_valid_url(self):
},
fetch_redirect_response=False,
)

@tag("gh-3613")
def test_redirects_to_auth_if_form_does_not_require_login_but_user_logged_in_the_first_time(
self,
):
submission = SubmissionFactory.create(
form__generate_minimal_setup=True,
form__formstep__form_definition__login_required=False,
auth_info__plugin="digid",
auth_info__value="some-hashed-value",
)
SubmissionStepFactory.create(
submission=submission,
form_step=submission.form.formstep_set.first(),
data={"foo": "bar"},
)

endpoint = reverse(
"submissions:resume",
kwargs={
"token": submission_resume_token_generator.make_token(submission),
"submission_uuid": submission.uuid,
},
)
expected_redirect_url = furl(
f"http://testserver/auth/{submission.form.slug}/digid/start"
)
expected_redirect_url.args["next"] = f"http://testserver{endpoint}"

response = self.client.get(endpoint)

self.assertRedirects(
response, expected_redirect_url.url, fetch_redirect_response=False
)
self.assertNotIn(SUBMISSIONS_SESSION_KEY, self.client.session)
7 changes: 4 additions & 3 deletions src/openforms/submissions/views.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -145,16 +145,17 @@ def get_redirect_url(

# TODO: remove code duplication

# No login required, skip authentication
if not submission.form.login_required:
# No login required. If the user did NOT log in when initially starting the submission (that they are now
# resuming) skip authentication.
if not submission.form.login_required and not submission.is_authenticated:
submission = self.custom_submission_modifications(submission)
add_submmission_to_session(submission, self.request.session)
submission_resumed.send(
sender=self.__class__, instance=submission, request=self.request
)
return self.get_form_resume_url(submission)

# Login IS required. Check if the user has already logged in.
# Check if the user has already logged in.
# This is done by checking if the authentication details are in the session and
# if they match those in the saved submission.
if FORM_AUTH_SESSION_KEY in self.request.session:
Expand Down

0 comments on commit 14a50bc

Please sign in to comment.