diff --git a/app/main/forms.py b/app/main/forms.py index 9200521cd..e56216c2b 100644 --- a/app/main/forms.py +++ b/app/main/forms.py @@ -256,13 +256,7 @@ class RegisterUserFromOrgInviteForm(StripWhitespaceForm): auth_type = HiddenField('auth_type', validators=[DataRequired()]) -class PermissionsForm(StripWhitespaceForm): - - def process(self, *args, **kwargs): - super().process(*args, **kwargs) - # view_activity is a default role to be added to all users. - self.view_activity.data = True - +class AbstractPermissionsForm(StripWhitespaceForm): view_activity = HiddenField("View activity") send_messages = BooleanField("Send messages from existing templates") manage_templates = BooleanField("Add and edit templates") @@ -278,11 +272,19 @@ class PermissionsForm(StripWhitespaceForm): ) -class InviteUserForm(PermissionsForm): +class AdminPermissionsForm(AbstractPermissionsForm): + + def process(self, *args, **kwargs): + super().process(*args, **kwargs) + # view_activity is a default role to be added to all users. + self.view_activity.data = True + + +class AbstractInviteUserForm(StripWhitespaceForm): email_address = email_address(gov_user=False) def __init__(self, invalid_email_address, *args, **kwargs): - super(InviteUserForm, self).__init__(*args, **kwargs) + super().__init__(*args, **kwargs) self.invalid_email_address = invalid_email_address.lower() def validate_email_address(self, field): @@ -290,6 +292,10 @@ class InviteUserForm(PermissionsForm): raise ValidationError("You can’t send an invitation to yourself") +class AdminInviteUserForm(AbstractInviteUserForm, AdminPermissionsForm): + pass + + class InviteOrgUserForm(StripWhitespaceForm): email_address = email_address(gov_user=False) diff --git a/app/main/views/manage_users.py b/app/main/views/manage_users.py index 5f4b8640a..57b2ae055 100644 --- a/app/main/views/manage_users.py +++ b/app/main/views/manage_users.py @@ -9,7 +9,11 @@ from app import ( user_api_client, ) from app.main import main -from app.main.forms import InviteUserForm, PermissionsForm, SearchUsersForm +from app.main.forms import ( + AdminInviteUserForm, + AdminPermissionsForm, + SearchUsersForm, +) from app.notify_client.models import roles from app.utils import user_has_permissions @@ -40,7 +44,7 @@ def manage_users(service_id): @user_has_permissions('manage_service') def invite_user(service_id): - form = InviteUserForm( + form = AdminInviteUserForm( invalid_email_address=current_user.email_address ) @@ -79,7 +83,7 @@ def edit_user_permissions(service_id, user_id): user = user_api_client.get_user(user_id) user_has_no_mobile_number = user.mobile_number is None - form = PermissionsForm( + form = AdminPermissionsForm( **{role: user.has_permission_for_service(service_id, role) for role in roles.keys()}, login_authentication=user.auth_type ) @@ -108,7 +112,7 @@ def remove_user_from_service(service_id, user_id): user = user_api_client.get_user(user_id) # Need to make the email address read only, or a disabled field? # Do it through the template or the form class? - form = PermissionsForm(**{ + form = AdminPermissionsForm(**{ role: user.has_permission_for_service(service_id, role) for role in roles.keys() })