made sure one can cast a vote as a password voter even if one is not …

…logged in as FB/Twitter/etc
cassius3m-programer · Mar 10, 2011 · f3cb878 · f3cb878
1 parent 388c869
commit f3cb878
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 1 deletion.
diff --git a/helios/tests.py b/helios/tests.py
@@ -451,6 +451,12 @@ def test_do_complete_election(self):
         username = re.search('voter ID: (.*)', email_message.body).group(1)
         password = re.search('password: (.*)', email_message.body).group(1)
 
+        # now log out as administrator
+        session = self.client.session
+        del session['user']
+        session.save()
+        self.assertEquals(self.client.session.has_key('user'), False)
+
         # vote by preparing a ballot via the server-side encryption
         response = self.client.post("/helios/elections/%s/encrypt-ballot" % election_id, {
                 'answers_json': utils.to_json([[1]])})
@@ -492,6 +498,11 @@ def test_do_complete_election(self):
         response = self.client.get("/helios/elections/%s/cast_done" % election_id)
         assert not self.client.session.has_key('CURRENT_VOTER')
 
+        # log back in as administrator
+        session = self.client.session
+        session['user'] = {'type': self.user.user_type, 'user_id': self.user.user_id}
+        session.save()
+
         # encrypted tally
         response = self.client.post("/helios/elections/%s/compute_tally" % election_id, {
                 "csrf_token" : self.client.session['csrf_token']                

diff --git a/helios/views.py b/helios/views.py
@@ -613,7 +613,7 @@ def one_election_cast_confirm(request, election):
 
     # if user is not logged in
     # bring back to the confirmation page to let him know
-    if not user or not voter:
+    if not voter:
       return HttpResponseRedirect(reverse(one_election_cast_confirm, args=[election.uuid]))
 
     # don't store the vote in the voter's data structure until verification