search

plone / volto

React-based frontend for the Plone Content Management System
https://demo.plone.org/
MIT License
456 stars 613 forks source link

WIP: Self registration tests #6198

Open JeffersonBledsoe opened 2 months ago

netlify[bot] commented 2 months ago

Deploy Preview for plone-components canceled.

Name Link
Latest commit 238fb56b8e04bb6e2a5a54fe66a075828447714a
Latest deploy log https://app.netlify.com/sites/plone-components/deploys/66a2fb66c99b7e000883318b
JeffersonBledsoe commented 2 months ago

@davisagli I'm trying to add a test to reflect the changes in https://github.com/plone/volto/pull/5935, but I'm getting the following error from the backend:

{
  "error": {
    "errors": [
      {
        "field": "sendPasswordReset",
        "message": "Property 'Send a confirmation mail with a link to set the password' is not allowed."
      }
    ],
    "message": "Error in fields. Property 'Send a confirmation mail with a link to set the password' is not allowed.",
    "type": "WrongParameterError"
  }
}

This is with the following request:

POST http://127.0.0.1:55001/plone/++api++/@users {"fullname":"Placeholder name","email":"test@example.com","sendPasswordReset":true}. Toggling Let users select their own passwords doesn't help. Any suggestions as to why this might be failing?

davisagli commented 2 months ago

@JeffersonBledsoe Currently sendPasswordReset is only allowed in the REST API if the current user has permission to manage users. (https://github.com/plone/plone.restapi/blob/main/src/plone/restapi/services/users/add.py#L75)

I don't see a reason to restrict it in that way. It should be possible to request a password reset email regardless of whether the user is being added by an admin or self-registering. I'd accept a PR to plone.restapi to make that change.