mirror of
https://github.com/GSA/notifications-admin.git
synced 2026-07-13 01:44:08 -04:00
Make sure caseworking users clear their invite
There was a bug where caseworking users skipped the part of the invite flow where their invite was cleared from the session. This caused a 500 if they later tried to create another service. This commit makes sure that both types of user have the invite cleared from the session after accepting it.
This commit is contained in:
@@ -62,13 +62,13 @@ def old_service_dashboard(service_id):
|
||||
@user_has_permissions('view_activity', 'send_messages')
|
||||
def service_dashboard(service_id):
|
||||
|
||||
if not current_user.has_permissions('view_activity'):
|
||||
return redirect(url_for('main.choose_template', service_id=service_id))
|
||||
|
||||
if session.get('invited_user'):
|
||||
session.pop('invited_user', None)
|
||||
session['service_id'] = service_id
|
||||
|
||||
if not current_user.has_permissions('view_activity'):
|
||||
return redirect(url_for('main.choose_template', service_id=service_id))
|
||||
|
||||
return render_template(
|
||||
'views/dashboard/dashboard.html',
|
||||
updates_url=url_for(".service_dashboard_updates", service_id=service_id),
|
||||
|
||||
@@ -3,12 +3,11 @@ import functools
|
||||
import pytest
|
||||
from flask import url_for
|
||||
|
||||
from tests.conftest import client_request as client_request_factory
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def get_service_settings_page(
|
||||
logged_in_platform_admin_client,
|
||||
client_request,
|
||||
platform_admin_user,
|
||||
service_one,
|
||||
mock_get_inbound_number_for_service,
|
||||
mock_get_letter_email_branding,
|
||||
@@ -18,8 +17,8 @@ def get_service_settings_page(
|
||||
no_letter_contact_blocks,
|
||||
single_sms_sender,
|
||||
):
|
||||
platform_admin_request = client_request_factory(logged_in_platform_admin_client)
|
||||
return functools.partial(platform_admin_request.get, 'main.service_settings', service_id=service_one['id'])
|
||||
client_request.login(platform_admin_user)
|
||||
return functools.partial(client_request.get, 'main.service_settings', service_id=service_one['id'])
|
||||
|
||||
|
||||
@pytest.mark.parametrize('service_fields, endpoint, kwargs, text', [
|
||||
|
||||
@@ -1,11 +1,17 @@
|
||||
from unittest.mock import ANY, Mock
|
||||
|
||||
import pytest
|
||||
from bs4 import BeautifulSoup
|
||||
from flask import url_for
|
||||
from notifications_python_client.errors import HTTPError
|
||||
|
||||
import app
|
||||
from app.notify_client.models import InvitedUser
|
||||
from tests.conftest import (
|
||||
SERVICE_ONE_ID,
|
||||
active_caseworking_user,
|
||||
active_user_with_permissions,
|
||||
)
|
||||
from tests.conftest import mock_check_invite_token as mock_check_token_invite
|
||||
from tests.conftest import normalize_spaces
|
||||
from tests.conftest import sample_invite as create_sample_invite
|
||||
@@ -82,6 +88,81 @@ def test_if_existing_user_accepts_twice_they_redirect_to_sign_in(
|
||||
)
|
||||
|
||||
|
||||
def test_invite_goes_in_session(
|
||||
client_request,
|
||||
mocker,
|
||||
sample_invite,
|
||||
mock_get_service,
|
||||
api_user_active,
|
||||
mock_check_invite_token,
|
||||
mock_get_user_by_email,
|
||||
mock_get_users_by_service,
|
||||
mock_add_user_to_service,
|
||||
mock_accept_invite,
|
||||
):
|
||||
invite = InvitedUser(**sample_invite)
|
||||
invite.email_address = 'test@user.gov.uk'
|
||||
mocker.patch('app.invite_api_client.check_token', return_value=invite)
|
||||
|
||||
client_request.get(
|
||||
'main.accept_invite',
|
||||
token='thisisnotarealtoken',
|
||||
_expected_status=302,
|
||||
_expected_redirect=url_for(
|
||||
'main.service_dashboard',
|
||||
service_id=SERVICE_ONE_ID,
|
||||
_external=True,
|
||||
),
|
||||
_follow_redirects=False,
|
||||
)
|
||||
|
||||
with client_request.session_transaction() as session:
|
||||
assert session['invited_user']['email_address'] == invite.email_address
|
||||
|
||||
|
||||
@pytest.mark.parametrize('user, landing_page_title', [
|
||||
(active_user_with_permissions, 'Dashboard'),
|
||||
(active_caseworking_user, 'Choose a template'),
|
||||
])
|
||||
def test_accepting_invite_removes_invite_from_session(
|
||||
client_request,
|
||||
mocker,
|
||||
sample_invite,
|
||||
mock_get_service,
|
||||
service_one,
|
||||
mock_check_invite_token,
|
||||
mock_get_user_by_email,
|
||||
mock_get_users_by_service,
|
||||
mock_add_user_to_service,
|
||||
mock_accept_invite,
|
||||
mock_get_service_templates,
|
||||
mock_get_template_statistics,
|
||||
mock_get_jobs,
|
||||
mock_get_service_statistics,
|
||||
mock_get_usage,
|
||||
mock_get_inbound_sms_summary,
|
||||
fake_uuid,
|
||||
user,
|
||||
landing_page_title,
|
||||
):
|
||||
invite = InvitedUser(**sample_invite)
|
||||
user = user(fake_uuid)
|
||||
invite.email_address = user.email_address
|
||||
|
||||
mocker.patch('app.invite_api_client.check_token', return_value=invite)
|
||||
client_request.login(user)
|
||||
|
||||
page = client_request.get(
|
||||
'main.accept_invite',
|
||||
token='thisisnotarealtoken',
|
||||
_follow_redirects=True,
|
||||
)
|
||||
assert page.h1.string == landing_page_title
|
||||
|
||||
with client_request.session_transaction() as session:
|
||||
assert 'invited_user' not in session
|
||||
|
||||
|
||||
def test_existing_user_of_service_get_redirected_to_signin(
|
||||
client,
|
||||
mocker,
|
||||
|
||||
@@ -2597,7 +2597,13 @@ def os_environ():
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def client_request(logged_in_client):
|
||||
def client_request(
|
||||
logged_in_client,
|
||||
active_user_with_permissions,
|
||||
mocker,
|
||||
service_one,
|
||||
fake_uuid,
|
||||
):
|
||||
class ClientRequest:
|
||||
|
||||
@staticmethod
|
||||
@@ -2606,6 +2612,9 @@ def client_request(logged_in_client):
|
||||
with logged_in_client.session_transaction() as session:
|
||||
yield session
|
||||
|
||||
def login(user, service=service_one):
|
||||
logged_in_client.login(user, mocker, service)
|
||||
|
||||
@staticmethod
|
||||
def get(
|
||||
endpoint,
|
||||
|
||||
Reference in New Issue
Block a user