From 286e4314f5d27e4ee0333976e14df1221fcb41a2 Mon Sep 17 00:00:00 2001
From: David Taylor <david@taylorhq.com>
Date: Wed, 10 May 2017 15:39:13 +0100
Subject: [PATCH] Require users to have nottinghamtec.co.uk address before
 allowing them to send messages to clients

---
 PyRIGS/decorators.py                              | 14 ++++++++++++++
 RIGS/rigboard.py                                  |  9 +++++++--
 .../RIGS/eventauthorisation_request_error.html    | 15 +++++++++++++++
 RIGS/test_functional.py                           | 12 +++++++++++-
 4 files changed, 47 insertions(+), 3 deletions(-)
 create mode 100644 RIGS/templates/RIGS/eventauthorisation_request_error.html

diff --git a/PyRIGS/decorators.py b/PyRIGS/decorators.py
index 055901ca..f1023faf 100644
--- a/PyRIGS/decorators.py
+++ b/PyRIGS/decorators.py
@@ -79,3 +79,17 @@ def api_key_required(function):
             return error_resp
         return function(request, *args, **kwargs)
     return wrap
+
+
+def nottinghamtec_address_required(function):
+    """
+    Checks that the current user has an email address ending @nottinghamtec.co.uk
+    """
+    def wrap(request, *args, **kwargs):
+        # Fail if current user's email address isn't @nottinghamtec.co.uk
+        if not request.user.email.endswith('@nottinghamtec.co.uk'):
+            error_resp = render_to_response('RIGS/eventauthorisation_request_error.html', context_instance=RequestContext(request))
+            return error_resp
+
+        return function(request, *args, **kwargs)
+    return wrap
diff --git a/RIGS/rigboard.py b/RIGS/rigboard.py
index 49fea2cb..80c3c4b8 100644
--- a/RIGS/rigboard.py
+++ b/RIGS/rigboard.py
@@ -16,12 +16,14 @@ from django.http import HttpResponse
 from django.core.exceptions import SuspiciousOperation
 from django.db.models import Q
 from django.contrib import messages
+from django.utils.decorators import method_decorator
 from z3c.rml import rml2pdf
 from PyPDF2 import PdfFileMerger, PdfFileReader
 import simplejson
 import premailer
 
 from RIGS import models, forms
+from PyRIGS import decorators
 import datetime
 import re
 import copy
@@ -289,12 +291,15 @@ class EventAuthorise(generic.UpdateView):
                 "This URL is invalid. Please ask your TEC contact for a new URL")
         return super(EventAuthorise, self).dispatch(request, *args, **kwargs)
 
-
 class EventAuthorisationRequest(generic.FormView, generic.detail.SingleObjectMixin):
     model = models.Event
     form_class = forms.EventAuthorisationRequestForm
     template_name = 'RIGS/eventauthorisation_request.html'
 
+    @method_decorator(decorators.nottinghamtec_address_required)
+    def dispatch(self, *args, **kwargs):
+        return super(EventAuthorisationRequest, self).dispatch(*args, **kwargs)
+
     @property
     def object(self):
         return self.get_object()
@@ -334,7 +339,7 @@ class EventAuthorisationRequest(generic.FormView, generic.detail.SingleObjectMix
             "N%05d | %s - Event Authorisation Request" % (self.object.pk, self.object.name),
             get_template("RIGS/eventauthorisation_client_request.txt").render(context),
             to=[email],
-            reply_to=[settings.AUTHORISATION_NOTIFICATION_ADDRESS],
+            reply_to=[self.request.user.email],
         )
         css = staticfiles_storage.path('css/email.css')
         html = premailer.Premailer(get_template("RIGS/eventauthorisation_client_request.html").render(context),
diff --git a/RIGS/templates/RIGS/eventauthorisation_request_error.html b/RIGS/templates/RIGS/eventauthorisation_request_error.html
new file mode 100644
index 00000000..b366622d
--- /dev/null
+++ b/RIGS/templates/RIGS/eventauthorisation_request_error.html
@@ -0,0 +1,15 @@
+{% extends request.is_ajax|yesno:'base_ajax.html,base.html' %}
+{% load widget_tweaks %}
+
+{% block title %}NottinghamTEC Email Address Required{% endblock %}
+
+{% block content %}
+    <div class="row">
+        <div class="col-sm-12">
+            <div class="alert alert-warning">
+                <h1>An error occured.</h1>
+                <p>Your RIGS account must have an @nottinghamtec.co.uk email address before you can send emails to clients.</p>
+            </div>
+        </div>
+    </div>
+{% endblock %}
diff --git a/RIGS/test_functional.py b/RIGS/test_functional.py
index bbee077c..96d074ca 100644
--- a/RIGS/test_functional.py
+++ b/RIGS/test_functional.py
@@ -1054,7 +1054,7 @@ class TECEventAuthorisationTest(TestCase):
             first_name='Test',
             last_name='TEC User',
             username='eventauthtest',
-            email='teccie@functional.test',
+            email='teccie@nottinghamtec.co.uk',
             is_superuser=True  # lazily grant all permissions
         )[0]
         cls.profile.set_password('eventauthtest123')
@@ -1073,6 +1073,16 @@ class TECEventAuthorisationTest(TestCase):
         )
         self.url = reverse('event_authorise_request', kwargs={'pk': self.event.pk})
 
+    def test_email_check(self):
+        self.profile.email = 'teccie@someotherdomain.com'
+        self.profile.save()
+
+        self.assertTrue(self.client.login(username=self.profile.username, password='eventauthtest123'))
+        
+        response = self.client.post(self.url)
+
+        self.assertContains(response, 'must have an @nottinghamtec.co.uk email address')
+
     def test_request_send(self):
         self.assertTrue(self.client.login(username=self.profile.username, password='eventauthtest123'))
         response = self.client.post(self.url)