Merge pull request #452 from open-craft/user-api-email-update

User api email update

lms/djangoapps/api_manager/users/tests.py

@@ -418,6 +418,40 @@ class UsersApiTests(ModuleStoreTestCase):
         self.assertEqual(response.data['is_active'], False)
         self.assertIsNotNone(response.data['created'])
 
+    def test_user_detail_invalid_email(self):
+        test_uri = '{}/{}'.format(self.users_base_uri, self.user.id)
+        data = {
+            'email': 'fail'
+        }
+        response = self.do_post(test_uri, data)
+        self.assertEqual(response.status_code, 400)
+        self.assertIn('Invalid email address', response.content)
+
+    def test_user_detail_duplicate_email(self):
+        user2 = UserFactory()
+        test_uri = '{}/{}'.format(self.users_base_uri, self.user.id)
+        test_uri2 = '{}/{}'.format(self.users_base_uri, user2.id)
+        data = {
+            'email': self.test_email
+        }
+        response = self.do_post(test_uri, data)
+        self.assertEqual(response.status_code, 200)
+        response = self.do_post(test_uri2, data)
+        self.assertEqual(response.status_code, 400)
+        self.assertIn('A user with that email address already exists.', response.content)
+
+    def test_user_detail_email_updated(self):
+        test_uri = '{}/{}'.format(self.users_base_uri, self.user.id)
+        new_email = 'test@example.com'
+        data = {
+            'email': new_email
+        }
+        self.assertNotEqual(self.user.email, new_email)
+        response = self.do_post(test_uri, data)
+        self.assertEqual(response.status_code, 200)
+        self.user = User.objects.get(id=self.user.id)
+        self.assertEqual(self.user.email, new_email)
+
     def test_user_detail_post_duplicate_username(self):
         """
         Create two users, then pass the same first username in request in order to update username of second user.
@@ -1435,6 +1469,8 @@ class UsersApiTests(ModuleStoreTestCase):
             response.data['level_of_education'], data["level_of_education"])
         self.assertEqual(
             str(response.data['year_of_birth']), data["year_of_birth"])
+        # This one's technically on the user model itself, but can be updated.
+        self.assertEqual(response.data['email'], data['email'])
 
     def test_user_organizations_list(self):
         user_id = self.user.id

lms/djangoapps/api_manager/users/views.py

@@ -469,6 +469,25 @@ class UsersDetail(SecureAPIView):
         if is_staff is not None:
             existing_user.is_staff = is_staff
             response_data['is_staff'] = existing_user.is_staff
+        email = request.DATA.get('email')
+        if email is not None:
+            email_fail = False
+            try:
+                validate_email(email)
+            except ValidationError:
+                email_fail = True
+                response_data['message'] = _('Invalid email address {}.').format(repr(email))
+            if email != existing_user.email:
+                try:
+                    # Email addresses need to be unique in the LMS, though Django doesn't enforce it directly.
+                    User.objects.get(email=email)
+                    email_fail = True
+                    response_data['message'] = _('A user with that email address already exists.')
+                except ObjectDoesNotExist:
+                    pass
+            if email_fail:
+                return Response(response_data, status=status.HTTP_400_BAD_REQUEST)
+            existing_user.email = email
         existing_user.save()
 
         username = request.DATA.get('username', None)