From 813e1c3351a2b031ed0f7319d9bdee7cf411b617 Mon Sep 17 00:00:00 2001 From: Adam Shimali Date: Mon, 6 Jun 2016 11:57:20 +0100 Subject: [PATCH] Expand permissions to all possible values on admin before posting to api. This makes template work for both existing and invited users. API will no longer need to convert from what ui presents as permissions --- app/main/views/manage_users.py | 15 ++++++++------- app/notify_client/user_api_client.py | 3 ++- tests/app/main/views/test_manage_users.py | 6 ++++-- 3 files changed, 14 insertions(+), 10 deletions(-) diff --git a/app/main/views/manage_users.py b/app/main/views/manage_users.py index 7f2e1e2fc..e4a805859 100644 --- a/app/main/views/manage_users.py +++ b/app/main/views/manage_users.py @@ -1,5 +1,4 @@ from itertools import chain -from collections import OrderedDict from flask import ( request, render_template, @@ -35,14 +34,14 @@ roles = { @login_required @user_has_permissions('view_activity', admin_override=True) def manage_users(service_id): + users = user_api_client.get_users_for_service(service_id=service_id) + invited_users = [invite for invite in invite_api_client.get_invites_for_service(service_id=service_id) + if invite.status != 'accepted'] return render_template( 'views/manage-users.html', - users=user_api_client.get_users_for_service(service_id=service_id), + users=users, current_user=current_user, - invited_users=[ - invite for invite in invite_api_client.get_invites_for_service(service_id=service_id) - if invite.status != 'accepted' - ] + invited_users=invited_users ) @@ -58,8 +57,10 @@ def invite_user(service_id): # view_activity is a default role to be added to all users. # All users will have at minimum view_activity to allow users to see notifications, # templates, team members but no update privileges - selected_permissions = [role for role in sorted(roles.keys()) if request.form.get(role) == 'y'] + selected_permissions = [permissions for role, permissions in roles.items() if request.form.get(role) == 'y'] + selected_permissions = list(chain.from_iterable(selected_permissions)) selected_permissions.append('view_activity') + selected_permissions.sort() permissions = ','.join(selected_permissions) invited_user = invite_api_client.create_invite( current_user.id, diff --git a/app/notify_client/user_api_client.py b/app/notify_client/user_api_client.py index 9293e18bd..ac9e99c22 100644 --- a/app/notify_client/user_api_client.py +++ b/app/notify_client/user_api_client.py @@ -99,7 +99,8 @@ class UserApiClient(BaseAPIClient): def add_user_to_service(self, service_id, user_id, permissions): endpoint = '/service/{}/users/{}'.format(service_id, user_id) - resp = self.post(endpoint, data={'permissions': permissions}) + data = [{'permission': x} for x in permissions] + resp = self.post(endpoint, data=data) return User(resp['data'], max_failed_login_count=self.max_failed_login_count) def set_user_permissions(self, user_id, service_id, permissions): diff --git a/tests/app/main/views/test_manage_users.py b/tests/app/main/views/test_manage_users.py index 860f303e3..e090d443d 100644 --- a/tests/app/main/views/test_manage_users.py +++ b/tests/app/main/views/test_manage_users.py @@ -160,11 +160,13 @@ def test_invite_user( assert page.h1.string.strip() == 'Team members' flash_banner = page.find('div', class_='banner-default-with-tick').string.strip() assert flash_banner == 'Invite sent to test@example.gov.uk' - excpected_permissions = 'manage_api_keys,manage_service,send_messages,view_activity' + + expected_permissions = 'manage_api_keys,manage_settings,manage_templates,manage_users,send_emails,send_letters,send_texts,view_activity' # noqa + app.invite_api_client.create_invite.assert_called_once_with(sample_invite['from_user'], sample_invite['service'], email_address, - excpected_permissions) + expected_permissions) def test_cancel_invited_user_cancels_user_invitations(app_,