From f999b9d859856604233b752a1cf08282e382e5e2 Mon Sep 17 00:00:00 2001
From: Kevin LaBranche <klabran@hotmail.com>
Date: Mon, 17 Jan 2011 16:14:05 -0700
Subject: [PATCH] Fix for http://orchard.codeplex.com/workitem/17054.  Email
 address is not validated for a registered user. Added code to the
 AccountController's ValidateRegistration to fix.  Also added two unit tests
 and went ahead and added the data annotation's to the UserCreateViewModel and
 the UserEditViewModel as well since if we are accepting email addresses they
 might as well be valid (well-formed). :-)

--HG--
branch : 1.x
---
 .../Controllers/AccountControllerTests.cs     | 35 +++++++++++++++++++
 .../Controllers/AccountController.cs          |  8 +++++
 .../ViewModels/UserCreateViewModel.cs         |  1 +
 .../ViewModels/UserEditViewModel.cs           |  1 +
 4 files changed, 45 insertions(+)

diff --git a/src/Orchard.Tests.Modules/Users/Controllers/AccountControllerTests.cs b/src/Orchard.Tests.Modules/Users/Controllers/AccountControllerTests.cs
index 62d644d1d..944525a21 100644
--- a/src/Orchard.Tests.Modules/Users/Controllers/AccountControllerTests.cs
+++ b/src/Orchard.Tests.Modules/Users/Controllers/AccountControllerTests.cs
@@ -152,6 +152,41 @@ namespace Orchard.Tests.Modules.Users.Controllers {
             Assert.That(result, Is.TypeOf<ViewResult>());
         }
 
+        [Test]
+        public void UsersShouldNotBeAbleToRegisterIfInvalidEmail()
+        {
+
+            var registrationSettings = _container.Resolve<IWorkContextAccessor>().GetContext().CurrentSite.As<RegistrationSettingsPart>();
+            registrationSettings.UsersCanRegister = true;
+            registrationSettings.UsersAreModerated = false;
+            registrationSettings.UsersMustValidateEmail = false;
+
+            _session.Flush();
+
+            _controller.ModelState.Clear();
+            var result = _controller.Register("bar", "notanemailaddress", "66554321", "66554321");
+ 
+            Assert.That(((ViewResult)result).ViewData.ModelState.Count == 1,"Invalid email address.");
+        }
+
+        [Test]
+        public void UsersShouldBeAbleToRegisterIfValidEmail()
+        {
+
+            var registrationSettings = _container.Resolve<IWorkContextAccessor>().GetContext().CurrentSite.As<RegistrationSettingsPart>();
+            registrationSettings.UsersCanRegister = true;
+            registrationSettings.UsersAreModerated = false;
+            registrationSettings.UsersMustValidateEmail = false;
+
+            _session.Flush();
+
+            _controller.ModelState.Clear();
+            var result = _controller.Register("bar", "t@t.com", "password", "password");
+
+            Assert.That(result, Is.TypeOf<RedirectResult>());
+            Assert.That(((RedirectResult)result).Url, Is.EqualTo("~/"));
+        }
+
         [Test]
         public void RegisteredUserShouldBeRedirectedToHomePage() {
 
diff --git a/src/Orchard.Web/Modules/Orchard.Users/Controllers/AccountController.cs b/src/Orchard.Web/Modules/Orchard.Users/Controllers/AccountController.cs
index 7da36e3f0..b135cc68d 100644
--- a/src/Orchard.Web/Modules/Orchard.Users/Controllers/AccountController.cs
+++ b/src/Orchard.Web/Modules/Orchard.Users/Controllers/AccountController.cs
@@ -1,4 +1,5 @@
 using System;
+using System.Text.RegularExpressions; 
 using System.Diagnostics.CodeAnalysis;
 using Orchard.Localization;
 using System.Security.Principal;
@@ -317,6 +318,8 @@ namespace Orchard.Users.Controllers {
         private bool ValidateRegistration(string userName, string email, string password, string confirmPassword) {
             bool validate = true;
 
+            Regex isValidEmail = new Regex("^[a-z0-9_\\+-]+(\\.[a-z0-9_\\+-]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*\\.([a-z]{2,4})$");
+
             if (String.IsNullOrEmpty(userName)) {
                 ModelState.AddModelError("username", T("You must specify a username."));
                 validate = false;
@@ -326,6 +329,11 @@ namespace Orchard.Users.Controllers {
                 validate = false;
             }
 
+            if (!isValidEmail.IsMatch(email)) {
+                ModelState.AddModelError("email", T("You must specify a valid email address."));
+                validate = false;
+            }
+
             if (!validate)
                 return false;
 
diff --git a/src/Orchard.Web/Modules/Orchard.Users/ViewModels/UserCreateViewModel.cs b/src/Orchard.Web/Modules/Orchard.Users/ViewModels/UserCreateViewModel.cs
index d7d640774..a333c1047 100644
--- a/src/Orchard.Web/Modules/Orchard.Users/ViewModels/UserCreateViewModel.cs
+++ b/src/Orchard.Web/Modules/Orchard.Users/ViewModels/UserCreateViewModel.cs
@@ -7,6 +7,7 @@ namespace Orchard.Users.ViewModels {
         public string UserName { get; set; }
 
         [Required, DataType(DataType.EmailAddress)]
+        [RegularExpression("^[a-z0-9_\\+-]+(\\.[a-z0-9_\\+-]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*\\.([a-z]{2,4})$")]
         public string Email { get; set; }
 
         [Required, DataType(DataType.Password)]
diff --git a/src/Orchard.Web/Modules/Orchard.Users/ViewModels/UserEditViewModel.cs b/src/Orchard.Web/Modules/Orchard.Users/ViewModels/UserEditViewModel.cs
index 991ad0cee..5dd9aa8f4 100644
--- a/src/Orchard.Web/Modules/Orchard.Users/ViewModels/UserEditViewModel.cs
+++ b/src/Orchard.Web/Modules/Orchard.Users/ViewModels/UserEditViewModel.cs
@@ -11,6 +11,7 @@ namespace Orchard.Users.ViewModels {
         }
 
         [Required]
+        [RegularExpression("^[a-z0-9_\\+-]+(\\.[a-z0-9_\\+-]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*\\.([a-z]{2,4})$")]
         public string Email {
             get { return User.As<UserPart>().Record.Email; }
             set { User.As<UserPart>().Record.Email = value; }