mirror of
https://github.com/GSA/notifications-admin.git
synced 2026-07-16 11:20:12 -04:00
Merge branch 'main' of https://github.com/GSA/notifications-admin
This commit is contained in:
@@ -1,9 +1,12 @@
|
||||
import base64
|
||||
import json
|
||||
import uuid
|
||||
from datetime import datetime, timedelta
|
||||
|
||||
from flask import (
|
||||
abort,
|
||||
current_app,
|
||||
flash,
|
||||
redirect,
|
||||
render_template,
|
||||
request,
|
||||
@@ -22,8 +25,9 @@ from app.main.forms import (
|
||||
)
|
||||
from app.main.views import sign_in
|
||||
from app.main.views.verify import activate_user
|
||||
from app.models.service import Service
|
||||
from app.models.user import InvitedOrgUser, InvitedUser, User
|
||||
from app.utils import hide_from_search_engines
|
||||
from app.utils import hide_from_search_engines, hilite
|
||||
|
||||
|
||||
@main.route("/register", methods=["GET", "POST"])
|
||||
@@ -150,7 +154,26 @@ def set_up_your_profile():
|
||||
if code and state:
|
||||
access_token = sign_in._get_access_token(code, state)
|
||||
user_email, user_uuid = sign_in._get_user_email_and_uuid(access_token)
|
||||
redirect_url = request.args.get("next")
|
||||
|
||||
invite_data = state.encode("utf8")
|
||||
invite_data = base64.b64decode(invite_data)
|
||||
invite_data = json.loads(invite_data)
|
||||
invited_service = Service.from_id(invite_data["service_id"])
|
||||
invited_user_id = invite_data["invited_user_id"]
|
||||
invited_user = InvitedUser.by_id(invited_user_id)
|
||||
|
||||
if user_email.lower() != invited_user.email_address.lower():
|
||||
flash("You cannot accept an invite for another person.")
|
||||
session.pop("invited_user_id", None)
|
||||
abort(403)
|
||||
else:
|
||||
invited_user.accept_invite()
|
||||
current_app.logger.debug(
|
||||
hilite(
|
||||
f"INVITED USER {invited_user.email_address} to service {invited_service.name}"
|
||||
)
|
||||
)
|
||||
current_app.logger.debug(hilite("ACCEPTED INVITE"))
|
||||
|
||||
elif login_gov_error:
|
||||
current_app.logger.error(f"login.gov error: {login_gov_error}")
|
||||
@@ -174,5 +197,16 @@ def set_up_your_profile():
|
||||
# activate the user
|
||||
user = user_api_client.get_user_by_uuid_or_email(user_uuid, user_email)
|
||||
activate_user(user["id"])
|
||||
return redirect(url_for("main.show_accounts_or_dashboard", next=redirect_url))
|
||||
usr = User.from_id(user["id"])
|
||||
usr.add_to_service(
|
||||
invited_service.id,
|
||||
invite_data["permissions"],
|
||||
invite_data["folder_permissions"],
|
||||
invite_data["from_user_id"],
|
||||
)
|
||||
current_app.logger.debug(
|
||||
hilite(f"Added user {usr.email_address} to service {invited_service.name}")
|
||||
)
|
||||
return redirect(url_for("main.show_accounts_or_dashboard"))
|
||||
|
||||
return render_template("views/set-up-your-profile.html", form=form)
|
||||
|
||||
@@ -220,7 +220,6 @@ def sign_in():
|
||||
if url is not None:
|
||||
url = url.replace("NONCE", token)
|
||||
url = url.replace("STATE", token)
|
||||
|
||||
return render_template(
|
||||
"views/signin.html",
|
||||
form=form,
|
||||
|
||||
@@ -8,7 +8,6 @@ from app import user_api_client
|
||||
from app.main import main
|
||||
from app.main.forms import TwoFactorForm
|
||||
from app.models.user import User
|
||||
from app.notify_client import service_api_client
|
||||
from app.utils.login import redirect_to_sign_in
|
||||
|
||||
|
||||
@@ -66,35 +65,6 @@ def verify_email(token):
|
||||
def activate_user(user_id):
|
||||
user = User.from_id(user_id)
|
||||
|
||||
# This is the login.gov path
|
||||
try:
|
||||
login_gov_invite_data = service_api_client.retrieve_service_invite_data(
|
||||
f"service-invite-{user.email_address}"
|
||||
)
|
||||
except BaseException: # noqa
|
||||
# We will hit an exception if we can't find invite data,
|
||||
# but that will be the normal sign in use case
|
||||
login_gov_invite_data = None
|
||||
if login_gov_invite_data:
|
||||
login_gov_invite_data = json.loads(login_gov_invite_data)
|
||||
service_id = login_gov_invite_data["service_id"]
|
||||
user_id = user_id
|
||||
permissions = login_gov_invite_data["permissions"]
|
||||
folder_permissions = login_gov_invite_data["folder_permissions"]
|
||||
|
||||
# Actually call the back end and add the user to the service
|
||||
try:
|
||||
user_api_client.add_user_to_service(
|
||||
service_id, user_id, permissions, folder_permissions
|
||||
)
|
||||
except BaseException as be: # noqa
|
||||
# TODO if the user is already part of service we should ignore
|
||||
current_app.logger.warning(f"Exception adding user to service {be}")
|
||||
|
||||
activated_user = user.activate()
|
||||
activated_user.login()
|
||||
return redirect(url_for("main.service_dashboard", service_id=service_id))
|
||||
|
||||
# TODO add org invites back in the new way
|
||||
# organization_id = redis_client.raw_get(
|
||||
# f"organization-invite-{user.email_address}"
|
||||
@@ -111,15 +81,3 @@ def activate_user(user_id):
|
||||
activated_user.login()
|
||||
|
||||
return redirect(url_for("main.add_service", first="first"))
|
||||
|
||||
|
||||
def _add_invited_user_to_service(invitation):
|
||||
user = User.from_id(session["user_id"])
|
||||
service_id = invitation.service
|
||||
user.add_to_service(
|
||||
service_id,
|
||||
invitation.permissions,
|
||||
invitation.folder_permissions,
|
||||
invitation.from_user.id,
|
||||
)
|
||||
return service_id
|
||||
|
||||
1
poetry.lock
generated
1
poetry.lock
generated
@@ -1517,6 +1517,7 @@ files = [
|
||||
{file = "msgpack-1.0.8-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:5fbb160554e319f7b22ecf530a80a3ff496d38e8e07ae763b9e82fadfe96f273"},
|
||||
{file = "msgpack-1.0.8-cp39-cp39-win32.whl", hash = "sha256:f9af38a89b6a5c04b7d18c492c8ccf2aee7048aff1ce8437c4683bb5a1df893d"},
|
||||
{file = "msgpack-1.0.8-cp39-cp39-win_amd64.whl", hash = "sha256:ed59dd52075f8fc91da6053b12e8c89e37aa043f8986efd89e61fae69dc1b011"},
|
||||
{file = "msgpack-1.0.8-py3-none-any.whl", hash = "sha256:24f727df1e20b9876fa6e95f840a2a2651e34c0ad147676356f4bf5fbb0206ca"},
|
||||
{file = "msgpack-1.0.8.tar.gz", hash = "sha256:95c02b0e27e706e48d0e5426d1710ca78e0f0628d6e89d5b5a5b91a5f12274f3"},
|
||||
]
|
||||
|
||||
|
||||
@@ -42,10 +42,6 @@ def test_should_redirect_to_add_service_when_sms_code_is_correct(
|
||||
mock_create_event,
|
||||
fake_uuid,
|
||||
):
|
||||
mocker.patch(
|
||||
"app.main.views.verify.service_api_client.retrieve_service_invite_data",
|
||||
return_value={},
|
||||
)
|
||||
api_user_active["current_session_id"] = str(uuid.UUID(int=1))
|
||||
mocker.patch("app.user_api_client.get_user", return_value=api_user_active)
|
||||
|
||||
@@ -81,10 +77,6 @@ def test_should_activate_user_after_verify(
|
||||
mock_create_event,
|
||||
mock_activate_user,
|
||||
):
|
||||
mocker.patch(
|
||||
"app.main.views.verify.service_api_client.retrieve_service_invite_data",
|
||||
return_value={},
|
||||
)
|
||||
client_request.logout()
|
||||
mocker.patch("app.user_api_client.get_user", return_value=api_user_pending)
|
||||
with client_request.session_transaction() as session:
|
||||
@@ -156,10 +148,6 @@ def test_verify_email_doesnt_verify_sms_if_user_on_email_auth(
|
||||
mock_activate_user,
|
||||
fake_uuid,
|
||||
):
|
||||
mocker.patch(
|
||||
"app.main.views.verify.service_api_client.retrieve_service_invite_data",
|
||||
return_value={},
|
||||
)
|
||||
pending_user_with_email_auth = create_user(
|
||||
auth_type="email_auth", state="pending", id=fake_uuid
|
||||
)
|
||||
@@ -250,10 +238,6 @@ def test_activate_user_redirects_to_service_dashboard_if_user_already_belongs_to
|
||||
mock_get_service,
|
||||
mock_get_invited_user_by_id,
|
||||
):
|
||||
mocker.patch(
|
||||
"app.main.views.verify.service_api_client.retrieve_service_invite_data",
|
||||
return_value={},
|
||||
)
|
||||
mocker.patch(
|
||||
"app.user_api_client.add_user_to_service",
|
||||
side_effect=HTTPError(
|
||||
|
||||
@@ -117,19 +117,17 @@ def test_invite_team_member_to_service(authenticated_page):
|
||||
|
||||
# Check permission labels are on page
|
||||
for permission in permissions:
|
||||
expect(
|
||||
page.get_by_label(permission)
|
||||
).to_be_visible
|
||||
expect(page.get_by_label(permission)).to_be_visible
|
||||
|
||||
# There is an issue with checking the send messages box due to possible duplicate
|
||||
# "Send messages" appearing on the page.
|
||||
# Put checkboxes into checked state.
|
||||
checkbox_list = [
|
||||
'See dashboard',
|
||||
'Add and edit templates',
|
||||
'Manage settings, team and usage',
|
||||
'Manage API integration',
|
||||
]
|
||||
"See dashboard",
|
||||
"Add and edit templates",
|
||||
"Manage settings, team and usage",
|
||||
"Manage API integration",
|
||||
]
|
||||
|
||||
for checkbox in checkbox_list:
|
||||
page.check(f"text={checkbox}", force=True)
|
||||
@@ -138,7 +136,9 @@ def test_invite_team_member_to_service(authenticated_page):
|
||||
expect(permission_box_activity).to_be_checked()
|
||||
|
||||
# Check for send invitation email button
|
||||
send_invite_email_button = page.get_by_role("button", name=re.compile("Send invitation email"))
|
||||
send_invite_email_button = page.get_by_role(
|
||||
"button", name=re.compile("Send invitation email")
|
||||
)
|
||||
expect(send_invite_email_button).to_be_visible()
|
||||
# send_invite_email_button.click()
|
||||
# Check to make sure that we've arrived at the next page.
|
||||
|
||||
Reference in New Issue
Block a user