diff --git a/scipost_django/profiles/forms.py b/scipost_django/profiles/forms.py
index b3af602d1b93fd1ca1e55868d792b04f8b1db896..23d4886d20c3c21deb2a3491f17eeaf6dc22aff1 100644
--- a/scipost_django/profiles/forms.py
+++ b/scipost_django/profiles/forms.py
@@ -297,15 +297,9 @@ class AddProfileEmailForm(forms.ModelForm):
"""Mark the email as still_valid but not primary."""
self.instance.profile = self.profile
-
- if self.request:
- is_editing_self = self.request.user.contributor.profile == self.profile
- is_ed_admin = self.request.user.contributor.is_ed_admin
- self.instance.verified = is_editing_self or is_ed_admin
-
self.instance.still_valid = True
self.instance.primary = False
- self.instance.added_by = self.request.user.contributor
+ self.instance.added_by = self.request.user.contributor if self.request else None
return super().save()
diff --git a/scipost_django/profiles/models.py b/scipost_django/profiles/models.py
index 3b0e380e1b5e1b9dbc225312b5d2c4e81c581e74..afb16646f1970eb5a89efa4f02613e01d5e8eaa4 100644
--- a/scipost_django/profiles/models.py
+++ b/scipost_django/profiles/models.py
@@ -231,6 +231,9 @@ class ProfileEmail(models.Model):
)
primary = models.BooleanField(default=False)
+ if TYPE_CHECKING:
+ objects: models.Manager["ProfileEmail"]
+
class Meta:
unique_together = ["profile", "email"]
ordering = ["-primary", "-still_valid", "email"]
@@ -261,6 +264,14 @@ class ProfileEmail(models.Model):
kwargs={"email_id": self.id, "token": self.verification_token},
)
+ def set_primary(self):
+ """
+ Sets this email as the primary email for the Profile, unsetting others.
+ """
+ self.profile.emails.update(primary=False)
+ self.primary = True
+ self.save()
+
def get_profiles(slug):
"""
diff --git a/scipost_django/scipost/forms.py b/scipost_django/scipost/forms.py
index 68c1f527ebaf0658e8c4ea2aa739ffea17c78b99..bb0097e774b87b228074d6ca409b98fdc773dc87 100644
--- a/scipost_django/scipost/forms.py
+++ b/scipost_django/scipost/forms.py
@@ -360,21 +360,44 @@ class UpdateUserDataForm(forms.ModelForm):
self.fields["last_name"].widget.attrs["readonly"] = True
def clean_email(self):
- if email := self.cleaned_data.get("email"):
- other_users = User.objects.filter(email=email).exclude(pk=self.instance.pk)
- if other_users.exists():
- self.add_error(
- "email",
- "This email is already in use by another user. "
- "If it belongs to you and you have forgotten your credentials, "
- "use the email in place of your username and/or reset your password.",
- )
- # other_profiles = Profile.objects.filter(emails__email=email).exclude(
- # user=self.instance
- # )
- # if other_profiles.exists():
+ # Guard against empty email address
+ if not (email := self.cleaned_data.get("email")):
+ raise ValidationError("The email address cannot be empty.")
+
+ other_users = User.objects.filter(email=email).exclude(pk=self.instance.pk)
+ if other_users.exists():
+ raise ValidationError(
+ "This email is already in use by another user. "
+ "If it belongs to you and you have forgotten your credentials, "
+ "use the email in place of your username and/or reset your password.",
+ )
+
+ profile_email, created = ProfileEmail.objects.get_or_create(
+ email=email, profile=self.instance.contributor.profile
+ )
+
+ # If just created, it needs to be verified
+ if created:
+ profile_email.send_verification_email()
+ raise ValidationError(
+ "This email is not yet verified. Please check your inbox for a verification email."
+ )
+ # Existing, but of another User
+ elif profile_email.profile.contributor != self.instance.contributor:
+ raise ValidationError(
+ "This email is already declared as belonging to another person. "
+ "Please contact tech support.",
+ )
+ # Existing, of this User, but not verified
+ elif not profile_email.verified:
+ profile_email.send_verification_email()
+ raise ValidationError(
+ "This email is not yet verified. Please check your inbox for a verification email."
+ )
- return email or self.instance.email
+ # Existing, of this User, and verified
+ profile_email.set_primary()
+ return email
def clean_last_name(self):
"""Make sure the `last_name` cannot be saved via this form."""