made sure one can cast a vote as a password voter even if one is not logged in as FB/Twitter/etc

helios/tests.py

@@ -451,6 +451,12 @@ class ElectionBlackboxTests(TestCase):
         username = re.search('voter ID: (.*)', email_message.body).group(1)
         password = re.search('password: (.*)', email_message.body).group(1)
 
+        # now log out as administrator
+        session = self.client.session
+        del session['user']
+        session.save()
+        self.assertEquals(self.client.session.has_key('user'), False)
+
         # vote by preparing a ballot via the server-side encryption
         response = self.client.post("/helios/elections/%s/encrypt-ballot" % election_id, {
                 'answers_json': utils.to_json([[1]])})
@@ -492,6 +498,11 @@ class ElectionBlackboxTests(TestCase):
         response = self.client.get("/helios/elections/%s/cast_done" % election_id)
         assert not self.client.session.has_key('CURRENT_VOTER')
 
+        # log back in as administrator
+        session = self.client.session
+        session['user'] = {'type': self.user.user_type, 'user_id': self.user.user_id}
+        session.save()
+
         # encrypted tally
         response = self.client.post("/helios/elections/%s/compute_tally" % election_id, {
                 "csrf_token" : self.client.session['csrf_token']                

helios/views.py

@@ -613,7 +613,7 @@ def one_election_cast_confirm(request, election):
             
     # if user is not logged in
     # bring back to the confirmation page to let him know
-    if not user or not voter:
+    if not voter:
       return HttpResponseRedirect(reverse(one_election_cast_confirm, args=[election.uuid]))
     
     # don't store the vote in the voter's data structure until verification