This commit is contained in:
Andrew Shumway
2024-04-25 15:27:31 -06:00
6 changed files with 47 additions and 71 deletions

View File

@@ -1,9 +1,12 @@
import base64
import json
import uuid
from datetime import datetime, timedelta
from flask import (
abort,
current_app,
flash,
redirect,
render_template,
request,
@@ -22,8 +25,9 @@ from app.main.forms import (
)
from app.main.views import sign_in
from app.main.views.verify import activate_user
from app.models.service import Service
from app.models.user import InvitedOrgUser, InvitedUser, User
from app.utils import hide_from_search_engines
from app.utils import hide_from_search_engines, hilite
@main.route("/register", methods=["GET", "POST"])
@@ -150,7 +154,26 @@ def set_up_your_profile():
if code and state:
access_token = sign_in._get_access_token(code, state)
user_email, user_uuid = sign_in._get_user_email_and_uuid(access_token)
redirect_url = request.args.get("next")
invite_data = state.encode("utf8")
invite_data = base64.b64decode(invite_data)
invite_data = json.loads(invite_data)
invited_service = Service.from_id(invite_data["service_id"])
invited_user_id = invite_data["invited_user_id"]
invited_user = InvitedUser.by_id(invited_user_id)
if user_email.lower() != invited_user.email_address.lower():
flash("You cannot accept an invite for another person.")
session.pop("invited_user_id", None)
abort(403)
else:
invited_user.accept_invite()
current_app.logger.debug(
hilite(
f"INVITED USER {invited_user.email_address} to service {invited_service.name}"
)
)
current_app.logger.debug(hilite("ACCEPTED INVITE"))
elif login_gov_error:
current_app.logger.error(f"login.gov error: {login_gov_error}")
@@ -174,5 +197,16 @@ def set_up_your_profile():
# activate the user
user = user_api_client.get_user_by_uuid_or_email(user_uuid, user_email)
activate_user(user["id"])
return redirect(url_for("main.show_accounts_or_dashboard", next=redirect_url))
usr = User.from_id(user["id"])
usr.add_to_service(
invited_service.id,
invite_data["permissions"],
invite_data["folder_permissions"],
invite_data["from_user_id"],
)
current_app.logger.debug(
hilite(f"Added user {usr.email_address} to service {invited_service.name}")
)
return redirect(url_for("main.show_accounts_or_dashboard"))
return render_template("views/set-up-your-profile.html", form=form)

View File

@@ -220,7 +220,6 @@ def sign_in():
if url is not None:
url = url.replace("NONCE", token)
url = url.replace("STATE", token)
return render_template(
"views/signin.html",
form=form,

View File

@@ -8,7 +8,6 @@ from app import user_api_client
from app.main import main
from app.main.forms import TwoFactorForm
from app.models.user import User
from app.notify_client import service_api_client
from app.utils.login import redirect_to_sign_in
@@ -66,35 +65,6 @@ def verify_email(token):
def activate_user(user_id):
user = User.from_id(user_id)
# This is the login.gov path
try:
login_gov_invite_data = service_api_client.retrieve_service_invite_data(
f"service-invite-{user.email_address}"
)
except BaseException: # noqa
# We will hit an exception if we can't find invite data,
# but that will be the normal sign in use case
login_gov_invite_data = None
if login_gov_invite_data:
login_gov_invite_data = json.loads(login_gov_invite_data)
service_id = login_gov_invite_data["service_id"]
user_id = user_id
permissions = login_gov_invite_data["permissions"]
folder_permissions = login_gov_invite_data["folder_permissions"]
# Actually call the back end and add the user to the service
try:
user_api_client.add_user_to_service(
service_id, user_id, permissions, folder_permissions
)
except BaseException as be: # noqa
# TODO if the user is already part of service we should ignore
current_app.logger.warning(f"Exception adding user to service {be}")
activated_user = user.activate()
activated_user.login()
return redirect(url_for("main.service_dashboard", service_id=service_id))
# TODO add org invites back in the new way
# organization_id = redis_client.raw_get(
# f"organization-invite-{user.email_address}"
@@ -111,15 +81,3 @@ def activate_user(user_id):
activated_user.login()
return redirect(url_for("main.add_service", first="first"))
def _add_invited_user_to_service(invitation):
user = User.from_id(session["user_id"])
service_id = invitation.service
user.add_to_service(
service_id,
invitation.permissions,
invitation.folder_permissions,
invitation.from_user.id,
)
return service_id

1
poetry.lock generated
View File

@@ -1517,6 +1517,7 @@ files = [
{file = "msgpack-1.0.8-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:5fbb160554e319f7b22ecf530a80a3ff496d38e8e07ae763b9e82fadfe96f273"},
{file = "msgpack-1.0.8-cp39-cp39-win32.whl", hash = "sha256:f9af38a89b6a5c04b7d18c492c8ccf2aee7048aff1ce8437c4683bb5a1df893d"},
{file = "msgpack-1.0.8-cp39-cp39-win_amd64.whl", hash = "sha256:ed59dd52075f8fc91da6053b12e8c89e37aa043f8986efd89e61fae69dc1b011"},
{file = "msgpack-1.0.8-py3-none-any.whl", hash = "sha256:24f727df1e20b9876fa6e95f840a2a2651e34c0ad147676356f4bf5fbb0206ca"},
{file = "msgpack-1.0.8.tar.gz", hash = "sha256:95c02b0e27e706e48d0e5426d1710ca78e0f0628d6e89d5b5a5b91a5f12274f3"},
]

View File

@@ -42,10 +42,6 @@ def test_should_redirect_to_add_service_when_sms_code_is_correct(
mock_create_event,
fake_uuid,
):
mocker.patch(
"app.main.views.verify.service_api_client.retrieve_service_invite_data",
return_value={},
)
api_user_active["current_session_id"] = str(uuid.UUID(int=1))
mocker.patch("app.user_api_client.get_user", return_value=api_user_active)
@@ -81,10 +77,6 @@ def test_should_activate_user_after_verify(
mock_create_event,
mock_activate_user,
):
mocker.patch(
"app.main.views.verify.service_api_client.retrieve_service_invite_data",
return_value={},
)
client_request.logout()
mocker.patch("app.user_api_client.get_user", return_value=api_user_pending)
with client_request.session_transaction() as session:
@@ -156,10 +148,6 @@ def test_verify_email_doesnt_verify_sms_if_user_on_email_auth(
mock_activate_user,
fake_uuid,
):
mocker.patch(
"app.main.views.verify.service_api_client.retrieve_service_invite_data",
return_value={},
)
pending_user_with_email_auth = create_user(
auth_type="email_auth", state="pending", id=fake_uuid
)
@@ -250,10 +238,6 @@ def test_activate_user_redirects_to_service_dashboard_if_user_already_belongs_to
mock_get_service,
mock_get_invited_user_by_id,
):
mocker.patch(
"app.main.views.verify.service_api_client.retrieve_service_invite_data",
return_value={},
)
mocker.patch(
"app.user_api_client.add_user_to_service",
side_effect=HTTPError(

View File

@@ -117,19 +117,17 @@ def test_invite_team_member_to_service(authenticated_page):
# Check permission labels are on page
for permission in permissions:
expect(
page.get_by_label(permission)
).to_be_visible
expect(page.get_by_label(permission)).to_be_visible
# There is an issue with checking the send messages box due to possible duplicate
# "Send messages" appearing on the page.
# Put checkboxes into checked state.
checkbox_list = [
'See dashboard',
'Add and edit templates',
'Manage settings, team and usage',
'Manage API integration',
]
"See dashboard",
"Add and edit templates",
"Manage settings, team and usage",
"Manage API integration",
]
for checkbox in checkbox_list:
page.check(f"text={checkbox}", force=True)
@@ -138,7 +136,9 @@ def test_invite_team_member_to_service(authenticated_page):
expect(permission_box_activity).to_be_checked()
# Check for send invitation email button
send_invite_email_button = page.get_by_role("button", name=re.compile("Send invitation email"))
send_invite_email_button = page.get_by_role(
"button", name=re.compile("Send invitation email")
)
expect(send_invite_email_button).to_be_visible()
# send_invite_email_button.click()
# Check to make sure that we've arrived at the next page.