/create_account: use proper HTTP status codes

Use status code 400 when there is a validation error in creating an account.

/create_account: use proper HTTP status codes
Use status code 400 when there is a validation error in creating an account.
751669cb · David Baumgold · 7b4ea225 · 751669cb · 751669cb · 751669cb
Commit 751669cb authored Jan 30, 2014 by David Baumgold
7 changed files
--- a/cms/djangoapps/contentstore/tests/tests.py
+++ b/cms/djangoapps/contentstore/tests/tests.py
@@ -111,7 +111,7 @@ class AuthTestCase(ContentStoreTestCase):
    def test_create_account_errors(self):
        # No post data -- should fail
        resp = self.client.post('/create_account', {})
-        self.assertEqual(resp.status_code, 200)
+        self.assertEqual(resp.status_code, 400)
        data = parse_json(resp)
        self.assertEqual(data['success'], False)

--- a/cms/templates/signup.html
+++ b/cms/templates/signup.html
@@ -107,31 +107,25 @@ require(["jquery", "jquery.cookie"], function($) {
    $("label").removeClass("is-focused");
  });
-  // form validation
-  function postJSON(url, data, callback) {
-    $.ajax({type:'POST',
-      url: url,
-      dataType: 'json',
-      data: data,
-      success: callback,
-      headers : {'X-CSRFToken': $.cookie('csrftoken')}
-    });
-  }
  $('form#register_form').submit(function(e) {
    e.preventDefault();
    var submit_data = $('#register_form').serialize();
-    postJSON('/create_account',
+    $.ajax({
-      submit_data,
+      url: '/create_account',
-      function(json) {
+      type: 'POST',
-        if(json.success) {
+      dataType: 'json',
-          location.href = "${'/course'}";
+      data: submit_data,
-        } else {
+      headers: {'X-CSRFToken': $.cookie('csrftoken')},
-          $('#register_error').html(json.value).stop().addClass('is-shown');
+      success: function(json) {
-        }
+        location.href = "/course";
-      }
+      },
-    );
+      error: function(jqXHR, textStatus, errorThrown) {
+        json = $.parseJSON(jqXHR.responseText);
+        $('#register_error').html(json.value).stop().addClass('is-shown');
+      },
+      notifyOnError: false
+    });
  });
 });
  </script>

--- a/common/djangoapps/student/views.py
+++ b/common/djangoapps/student/views.py
@@ -897,13 +897,13 @@ def create_account(request, post_override=None):
        if a not in post_vars:
            js['value'] = _("Error (401 {field}). E-mail us.").format(field=a)
            js['field'] = a
-            return HttpResponse(json.dumps(js))
+            return JsonResponse(js, status=400)
    if extra_fields.get('honor_code', 'required') == 'required' and \
            post_vars.get('honor_code', 'false') != u'true':
        js['value'] = _("To enroll, you must follow the honor code.").format(field=a)
        js['field'] = 'honor_code'
-        return HttpResponse(json.dumps(js))
+        return JsonResponse(js, status=400)
    # Can't have terms of service for certain SHIB users, like at Stanford
    tos_required = (
@@ -919,7 +919,7 @@ def create_account(request, post_override=None):
        if post_vars.get('terms_of_service', 'false') != u'true':
            js['value'] = _("You must accept the terms of service.").format(field=a)
            js['field'] = 'terms_of_service'
-            return HttpResponse(json.dumps(js))
+            return JsonResponse(js, status=400)
    # Confirm appropriate fields are there.
    # TODO: Check e-mail format is correct.
@@ -957,21 +957,21 @@ def create_account(request, post_override=None):
            }
            js['value'] = error_str[field_name]
            js['field'] = field_name
-            return HttpResponse(json.dumps(js))
+            return JsonResponse(js, status=400)
    try:
        validate_email(post_vars['email'])
    except ValidationError:
        js['value'] = _("Valid e-mail is required.").format(field=a)
        js['field'] = 'email'
-        return HttpResponse(json.dumps(js))
+        return JsonResponse(js, status=400)
    try:
        validate_slug(post_vars['username'])
    except ValidationError:
        js['value'] = _("Username should only consist of A-Z and 0-9, with no spaces.").format(field=a)
        js['field'] = 'username'
-        return HttpResponse(json.dumps(js))
+        return JsonResponse(js, status=400)
    # Ok, looks like everything is legit.  Create the account.
    ret = _do_create_account(post_vars)
@@ -1007,7 +1007,10 @@ def create_account(request, post_override=None):
        except:
            log.warning('Unable to send activation email to user', exc_info=True)
            js['value'] = _('Could not send activation e-mail.')
-            return HttpResponse(json.dumps(js))
+            # What is the correct status code to use here? I think it's 500, because
+            # the problem is on the server's end -- but also, the account was created.
+            # Seems like the core part of the request was successful.
+            return JsonResponse(js, status=500)
    # Immediately after a user creates an account, we log them in. They are only
    # logged in until they close the browser. They can't log in again until they click
@@ -1034,14 +1037,12 @@ def create_account(request, post_override=None):
            login_user.save()
            AUDIT_LOG.info(u"Login activated on extauth account - {0} ({1})".format(login_user.username, login_user.email))
-    redirect_url = try_change_enrollment(request)
    dog_stats_api.increment("common.student.account_created")
-    response_params = {'success': True,
+    response = JsonResponse({
-                       'redirect_url': redirect_url}
+        'success': True,
+        'redirect_url': try_change_enrollment(request),
-    response = HttpResponse(json.dumps(response_params))
+    })
    # set the login cookie for the edx marketing site
    # we want this cookie to be accessed via javascript

--- a/lms/djangoapps/courseware/tests/test_registration_extra_vars.py
+++ b/lms/djangoapps/courseware/tests/test_registration_extra_vars.py
--- a/lms/templates/register-shib.html
+++ b/lms/templates/register-shib.html
@@ -51,15 +51,17 @@
      });
      $('#register-form').on('ajax:success', function(event, json, xhr) {
-        if(json.success) {
+        var url = json.redirect_url || "${reverse('dashboard')}";
-          location.href="${reverse('dashboard')}";
+        location.href = url;
-       } else {
+      });
-         toggleSubmitButton(true);
-         $('.status.message.submission-error').addClass('is-shown').focus();
+      $('#register-form').on('ajax:error', function(event, jqXHR, textStatus) {
-         $('.status.message.submission-error .message-copy').html(json.value).stop().css("display", "block");
+        toggleSubmitButton(true);
-         $(".field-error").removeClass('field-error');
+        json = $.parseJSON(jqXHR.responseText);
-         $("[data-field='"+json.field+"']").addClass('field-error')
+        $('.status.message.submission-error').addClass('is-shown').focus();
-       }
+        $('.status.message.submission-error .message-copy').html(json.value).stop().css("display", "block");
+        $(".field-error").removeClass('field-error');
+        $("[data-field='"+json.field+"']").addClass('field-error')
      });
    })(this);

--- a/lms/templates/register.html
+++ b/lms/templates/register.html
@@ -53,20 +53,17 @@
      });
      $('#register-form').on('ajax:success', function(event, json, xhr) {
-        if(json.success) {
+        var url = json.redirect_url || "${reverse('dashboard')}";
-          if(json.redirect_url){
+        location.href = url;
-            location.href=json.redirect_url;
+      });
-          }
-          else {
+      $('#register-form').on('ajax:error', function(event, jqXHR, textStatus) {
-            location.href="${reverse('dashboard')}";
+        toggleSubmitButton(true);
-          }
+        json = $.parseJSON(jqXHR.responseText);
-       } else {
+        $('.status.message.submission-error').addClass('is-shown').focus();
-         toggleSubmitButton(true);
+        $('.status.message.submission-error .message-copy').html(json.value).stop().css("display", "block");
-         $('.status.message.submission-error').addClass('is-shown').focus();
+        $(".field-error").removeClass('field-error');
-         $('.status.message.submission-error .message-copy').html(json.value).stop().css("display", "block");
+        $("[data-field='"+json.field+"']").addClass('field-error')
-         $(".field-error").removeClass('field-error');
-         $("[data-field='"+json.field+"']").addClass('field-error')
-       }
      });
    })(this);

--- a/lms/templates/signup_modal.html
+++ b/lms/templates/signup_modal.html
@@ -152,13 +152,13 @@
 <script type="text/javascript">
  (function() {
   $(document).delegate('#register_form', 'ajax:success', function(data, json, xhr) {
-     if(json.success) {
+     location.href="${reverse('dashboard')}";
-       location.href="${reverse('dashboard')}";
+    });
-     } else {
+   $(document).delegate('#register_form', 'ajax:error', function(event, jqXHR, textStatus) {
-       $(".field-error").removeClass('field-error');
+     json = $.parseJSON(jqXHR.responseText);
-       $('#register_error').html(json.value).stop().css("display", "block");
+     $(".field-error").removeClass('field-error');
-       $("[data-field='"+json.field+"']").addClass('field-error')
+     $('#register_error').html(json.value).stop().css("display", "block");
-     }
+     $("[data-field='"+json.field+"']").addClass('field-error')
    });
   // removing close link's default behavior