Open crazyscientist opened 1 year ago
It seems to be a design choice, that users, which are not authenticated via a 3rd party service (e.g. Google, GitHub, ..., i.e. users with password stored in the DB (see #371)), are not allowed to participate in open-registration elections.
This is prohibited by the function _check_eligibility
in helios/views.py
Problem
If the option "Anyone can vote" is chosen for an election, nobody can cast a vote.
Steps to reproduce
AUTH_ENABLED_SYSTEMS
andAUTH_DEFAULT_SYSTEM
to "password"At the final step of the vote casting process the voter is asked for their "voter ID" and password.
However, the responsible view only tries to match the provided credentials against the voter list, which was not created, because its an open election.