diff --git a/app/main/views/dashboard.py b/app/main/views/dashboard.py index 7c3173b26..b4906b17a 100644 --- a/app/main/views/dashboard.py +++ b/app/main/views/dashboard.py @@ -62,13 +62,13 @@ def old_service_dashboard(service_id): @user_has_permissions('view_activity', 'send_messages') def service_dashboard(service_id): - if not current_user.has_permissions('view_activity'): - return redirect(url_for('main.choose_template', service_id=service_id)) - if session.get('invited_user'): session.pop('invited_user', None) session['service_id'] = service_id + if not current_user.has_permissions('view_activity'): + return redirect(url_for('main.choose_template', service_id=service_id)) + return render_template( 'views/dashboard/dashboard.html', updates_url=url_for(".service_dashboard_updates", service_id=service_id), diff --git a/tests/app/main/views/service_settings/test_service_setting_permissions.py b/tests/app/main/views/service_settings/test_service_setting_permissions.py index 0e81131da..28a47751e 100644 --- a/tests/app/main/views/service_settings/test_service_setting_permissions.py +++ b/tests/app/main/views/service_settings/test_service_setting_permissions.py @@ -3,12 +3,11 @@ import functools import pytest from flask import url_for -from tests.conftest import client_request as client_request_factory - @pytest.fixture def get_service_settings_page( - logged_in_platform_admin_client, + client_request, + platform_admin_user, service_one, mock_get_inbound_number_for_service, mock_get_letter_email_branding, @@ -18,8 +17,8 @@ def get_service_settings_page( no_letter_contact_blocks, single_sms_sender, ): - platform_admin_request = client_request_factory(logged_in_platform_admin_client) - return functools.partial(platform_admin_request.get, 'main.service_settings', service_id=service_one['id']) + client_request.login(platform_admin_user) + return functools.partial(client_request.get, 'main.service_settings', service_id=service_one['id']) @pytest.mark.parametrize('service_fields, endpoint, kwargs, text', [ diff --git a/tests/app/main/views/test_accept_invite.py b/tests/app/main/views/test_accept_invite.py index 718b00d05..f8686f9d0 100644 --- a/tests/app/main/views/test_accept_invite.py +++ b/tests/app/main/views/test_accept_invite.py @@ -1,11 +1,17 @@ from unittest.mock import ANY, Mock +import pytest from bs4 import BeautifulSoup from flask import url_for from notifications_python_client.errors import HTTPError import app from app.notify_client.models import InvitedUser +from tests.conftest import ( + SERVICE_ONE_ID, + active_caseworking_user, + active_user_with_permissions, +) from tests.conftest import mock_check_invite_token as mock_check_token_invite from tests.conftest import normalize_spaces from tests.conftest import sample_invite as create_sample_invite @@ -82,6 +88,81 @@ def test_if_existing_user_accepts_twice_they_redirect_to_sign_in( ) +def test_invite_goes_in_session( + client_request, + mocker, + sample_invite, + mock_get_service, + api_user_active, + mock_check_invite_token, + mock_get_user_by_email, + mock_get_users_by_service, + mock_add_user_to_service, + mock_accept_invite, +): + invite = InvitedUser(**sample_invite) + invite.email_address = 'test@user.gov.uk' + mocker.patch('app.invite_api_client.check_token', return_value=invite) + + client_request.get( + 'main.accept_invite', + token='thisisnotarealtoken', + _expected_status=302, + _expected_redirect=url_for( + 'main.service_dashboard', + service_id=SERVICE_ONE_ID, + _external=True, + ), + _follow_redirects=False, + ) + + with client_request.session_transaction() as session: + assert session['invited_user']['email_address'] == invite.email_address + + +@pytest.mark.parametrize('user, landing_page_title', [ + (active_user_with_permissions, 'Dashboard'), + (active_caseworking_user, 'Choose a template'), +]) +def test_accepting_invite_removes_invite_from_session( + client_request, + mocker, + sample_invite, + mock_get_service, + service_one, + mock_check_invite_token, + mock_get_user_by_email, + mock_get_users_by_service, + mock_add_user_to_service, + mock_accept_invite, + mock_get_service_templates, + mock_get_template_statistics, + mock_get_jobs, + mock_get_service_statistics, + mock_get_usage, + mock_get_inbound_sms_summary, + fake_uuid, + user, + landing_page_title, +): + invite = InvitedUser(**sample_invite) + user = user(fake_uuid) + invite.email_address = user.email_address + + mocker.patch('app.invite_api_client.check_token', return_value=invite) + client_request.login(user) + + page = client_request.get( + 'main.accept_invite', + token='thisisnotarealtoken', + _follow_redirects=True, + ) + assert page.h1.string == landing_page_title + + with client_request.session_transaction() as session: + assert 'invited_user' not in session + + def test_existing_user_of_service_get_redirected_to_signin( client, mocker, diff --git a/tests/conftest.py b/tests/conftest.py index 3b9b41a4a..19b3c2686 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -2597,7 +2597,13 @@ def os_environ(): @pytest.fixture -def client_request(logged_in_client): +def client_request( + logged_in_client, + active_user_with_permissions, + mocker, + service_one, + fake_uuid, +): class ClientRequest: @staticmethod @@ -2606,6 +2612,9 @@ def client_request(logged_in_client): with logged_in_client.session_transaction() as session: yield session + def login(user, service=service_one): + logged_in_client.login(user, mocker, service) + @staticmethod def get( endpoint,