fix invites for service and organization

2026-02-06 11:23:48 -05:00 · 2024-03-22 11:08:49 -07:00
parent 04eaec6dd6
commit 8362c6b975
1 changed files with 26 additions and 1 deletions
--- a/app/main/views/verify.py
+++ b/app/main/views/verify.py
@@ -5,6 +5,7 @@ from itsdangerous import SignatureExpired
 from notifications_utils.url_safe_token import check_token

 from app import user_api_client
+from app.extensions import redis_client
 from app.main import main
 from app.main.forms import TwoFactorForm
 from app.models.user import InvitedOrgUser, InvitedUser, User
@@ -64,20 +65,44 @@ def verify_email(token):

 def activate_user(user_id):
    user = User.from_id(user_id)
-    # the user will have a new current_session_id set by the API - store it in the cookie for future requests
+
+    # This is the login.gov path
+    login_gov_invite_data = redis_client.get(f"service-invite-{user.email_address}")
+    if login_gov_invite_data:
+        login_gov_invite_data = json.loads(login_gov_invite_data.decode("utf8"))
+
+    # This is the deprecated path for organization invites where we get id from session
    session["current_session_id"] = user.current_session_id
    organization_id = session.get("organization_id")
+
    activated_user = user.activate()
    activated_user.login()

+    # TODO when login.gov is mandatory, get rid of the if clause, it is deprecated.
    invited_user = InvitedUser.from_session()
    if invited_user:
        service_id = _add_invited_user_to_service(invited_user)
        return redirect(url_for("main.service_dashboard", service_id=service_id))
+    elif login_gov_invite_data:
+        service_id = login_gov_invite_data["service_id"]

+        user.add_to_service(
+            service_id,
+            login_gov_invite_data["permissions"],
+            login_gov_invite_data["folder_permissions"],
+            login_gov_invite_data["from_user_id"],
+        )
+        return redirect(url_for("main.service_dashboard", service_id=service_id))
+
+    # TODO when login.gov is mandatory, git rid of the if clause, it is deprecated.
    invited_org_user = InvitedOrgUser.from_session()
    if invited_org_user:
        user_api_client.add_user_to_organization(invited_org_user.organization, user_id)
+    elif redis_client.get(f"organization-invite-{user.email_address}"):
+        organization_id = redis_client.get(f"organization-invite-{user.email_address}")
+        user_api_client.add_user_to_organization(
+            organization_id.decode("utf8"), user_id
+        )

    if organization_id:
        return redirect(url_for("main.organization_dashboard", org_id=organization_id))