mirror of
https://github.com/GSA/notifications-admin.git
synced 2026-07-18 13:39:57 -04:00
Merge pull request #1011 from alphagov/update-user-profile
Update user profile
This commit is contained in:
@@ -47,8 +47,8 @@ def user_profile_name():
|
||||
form = ChangeNameForm(new_name=current_user.name)
|
||||
|
||||
if form.validate_on_submit():
|
||||
current_user.name = form.new_name.data
|
||||
user_api_client.update_user(current_user)
|
||||
user_api_client.update_user_attribute(current_user.id,
|
||||
name=form.new_name.data)
|
||||
return redirect(url_for('.user_profile'))
|
||||
|
||||
return render_template(
|
||||
@@ -107,7 +107,6 @@ def user_profile_email_authenticate():
|
||||
@main.route("/user-profile/email/confirm/<token>", methods=['GET'])
|
||||
@login_required
|
||||
def user_profile_email_confirm(token):
|
||||
|
||||
token_data = check_token(token,
|
||||
current_app.config['SECRET_KEY'],
|
||||
current_app.config['DANGEROUS_SALT'],
|
||||
@@ -115,9 +114,8 @@ def user_profile_email_confirm(token):
|
||||
token_data = json.loads(token_data)
|
||||
user_id = token_data['user_id']
|
||||
new_email = token_data['email']
|
||||
user = user_api_client.get_user(user_id)
|
||||
user.email_address = new_email
|
||||
user_api_client.update_user(user)
|
||||
user_api_client.update_user_attribute(user_id,
|
||||
email_address=new_email)
|
||||
session.pop(NEW_EMAIL, None)
|
||||
|
||||
return redirect(url_for('.user_profile'))
|
||||
@@ -179,10 +177,11 @@ def user_profile_mobile_number_confirm():
|
||||
form = ConfirmMobileNumberForm(_check_code)
|
||||
|
||||
if form.validate_on_submit():
|
||||
current_user.mobile_number = session[NEW_MOBILE]
|
||||
mobile_number = session[NEW_MOBILE]
|
||||
del session[NEW_MOBILE]
|
||||
del session[NEW_MOBILE_PASSWORD_CONFIRMED]
|
||||
user_api_client.update_user(current_user)
|
||||
user_api_client.update_user_attribute(current_user.id,
|
||||
mobile_number=mobile_number)
|
||||
return redirect(url_for('.user_profile'))
|
||||
|
||||
return render_template(
|
||||
|
||||
@@ -3,6 +3,12 @@ from notifications_python_client.errors import HTTPError
|
||||
|
||||
from app.notify_client.models import User
|
||||
|
||||
ALLOWED_ATTRIBUTES = {
|
||||
'name',
|
||||
'email_address',
|
||||
'mobile_number'
|
||||
}
|
||||
|
||||
|
||||
class UserApiClient(BaseAPIClient):
|
||||
def __init__(self):
|
||||
@@ -53,6 +59,19 @@ class UserApiClient(BaseAPIClient):
|
||||
user_data = self.put(url, data=data)
|
||||
return User(user_data['data'], max_failed_login_count=self.max_failed_login_count)
|
||||
|
||||
def update_user_attribute(self, user_id, **kwargs):
|
||||
data = dict(kwargs)
|
||||
disallowed_attributes = set(data.keys()) - ALLOWED_ATTRIBUTES
|
||||
if disallowed_attributes:
|
||||
raise TypeError('Not allowed to update user attributes: {}'.format(
|
||||
", ".join(disallowed_attributes)
|
||||
))
|
||||
|
||||
data = dict(**kwargs)
|
||||
url = "/user/{}".format(user_id)
|
||||
user_data = self.post(url, data=data)
|
||||
return User(user_data['data'], max_failed_login_count=self.max_failed_login_count)
|
||||
|
||||
def verify_password(self, user_id, password):
|
||||
try:
|
||||
url = "/user/{}/verify/password".format(user_id)
|
||||
|
||||
@@ -32,8 +32,8 @@ def test_should_show_name_page(app_,
|
||||
def test_should_redirect_after_name_change(app_,
|
||||
api_user_active,
|
||||
mock_login,
|
||||
mock_update_user,
|
||||
mock_get_user):
|
||||
mock_get_user,
|
||||
mock_update_user_attribute):
|
||||
with app_.test_request_context():
|
||||
with app_.test_client() as client:
|
||||
client.login(api_user_active)
|
||||
@@ -46,7 +46,7 @@ def test_should_redirect_after_name_change(app_,
|
||||
assert response.location == url_for(
|
||||
'main.user_profile', _external=True)
|
||||
api_user_active.name = new_name
|
||||
assert mock_update_user.called
|
||||
assert mock_update_user_attribute.called
|
||||
|
||||
|
||||
def test_should_show_email_page(app_,
|
||||
@@ -116,7 +116,8 @@ def test_should_render_change_email_continue_after_authenticate_email(app_,
|
||||
|
||||
def test_should_redirect_to_user_profile_when_user_confirms_email_link(app_,
|
||||
api_user_active,
|
||||
mock_login
|
||||
mock_login,
|
||||
mock_update_user_attribute
|
||||
):
|
||||
with app_.test_request_context():
|
||||
with app_.test_client() as client:
|
||||
@@ -218,6 +219,7 @@ def test_should_redirect_after_mobile_number_confirm(app_,
|
||||
api_user_active,
|
||||
mock_login,
|
||||
mock_get_user,
|
||||
mock_update_user_attribute,
|
||||
mock_check_verify_code):
|
||||
with app_.test_request_context():
|
||||
with app_.test_client() as client:
|
||||
|
||||
@@ -1,3 +1,5 @@
|
||||
import pytest
|
||||
|
||||
from app.notify_client.user_api_client import UserApiClient
|
||||
|
||||
|
||||
@@ -13,3 +15,10 @@ def test_client_uses_correct_find_by_email(mocker, api_user_active):
|
||||
client.get_user_by_email(api_user_active.email_address)
|
||||
|
||||
mock_get.assert_called_once_with(expected_url, params=expected_params)
|
||||
|
||||
|
||||
def test_client_only_updates_allowed_attributes(mocker):
|
||||
mocker.patch('app.notify_client.current_user', id='1')
|
||||
with pytest.raises(TypeError) as error:
|
||||
UserApiClient().update_user_attribute('user_id', id='1')
|
||||
assert str(error.value) == 'Not allowed to update user attributes: id'
|
||||
|
||||
@@ -753,13 +753,21 @@ def mock_verify_password(mocker):
|
||||
|
||||
|
||||
@pytest.fixture(scope='function')
|
||||
def mock_update_user(mocker):
|
||||
def _update(user):
|
||||
return user
|
||||
def mock_update_user(mocker, api_user_active):
|
||||
def _update(user_id, **kwargs):
|
||||
return api_user_active
|
||||
|
||||
return mocker.patch('app.user_api_client.update_user', side_effect=_update)
|
||||
|
||||
|
||||
@pytest.fixture(scope='function')
|
||||
def mock_update_user_attribute(mocker, api_user_active):
|
||||
def _update(user_id, **kwargs):
|
||||
return api_user_active
|
||||
|
||||
return mocker.patch('app.user_api_client.update_user_attribute', side_effect=_update)
|
||||
|
||||
|
||||
@pytest.fixture(scope='function')
|
||||
def mock_is_email_unique(mocker):
|
||||
return mocker.patch('app.user_api_client.is_email_unique', return_value=True)
|
||||
|
||||
Reference in New Issue
Block a user