108536490: Implement User.is_active()

If the state of the user is inactive the user.is_active() returns false.
2026-02-05 02:42:26 -05:00 · 2015-11-30 16:44:59 +00:00
parent 3b27db98ff
commit edfc1d6efc
4 changed files with 38 additions and 1 deletions
--- a/app/main/views/sign_in.py
+++ b/app/main/views/sign_in.py
@@ -22,6 +22,8 @@ def process_sign_in():
        user = users_dao.get_user_by_email(form.email_address.data)
        if user.is_locked():
            return jsonify(locked_out=True), 401
+        if not user.is_active():
+            return jsonify(active_user=False), 401
        if user is None:
            return jsonify(authorization=False), 401
        if checkpw(form.password.data, user.password):
--- a/app/models.py
+++ b/app/models.py
@@ -47,7 +47,10 @@ class User(db.Model):
        return True

    def is_active(self):
-        return True
+        if self.state == 'inactive':
+            return False
+        else:
+            return True

    def is_anonymous(self):
        return False
--- a/tests/app/main/dao/test_users_dao.py
+++ b/tests/app/main/dao/test_users_dao.py
@@ -105,3 +105,17 @@ def test_user_is_locked_if_failed_login_count_is_10_or_greater(notifications_adm
    saved_user = users_dao.get_user_by_id(user.id)
    assert saved_user.failed_login_count == 10
    assert saved_user.is_locked() is True
+
+
+def test_user_is_active_is_false_if_state_is_inactive(notifications_admin, notifications_admin_db):
+    user = User(name='inactive user',
+                password='somepassword',
+                email_address='test1@get_all.gov.uk',
+                mobile_number='+441234123412',
+                created_at=datetime.now(),
+                role_id=1,
+                state='inactive')
+    users_dao.insert_user(user)
+
+    saved_user = users_dao.get_user_by_id(user.id)
+    assert saved_user.is_active() is False
--- a/tests/app/main/views/test_sign_in.py
+++ b/tests/app/main/views/test_sign_in.py
@@ -55,3 +55,21 @@ def test_should_return_locked_out_true_when_user_is_locked(notifications_admin,

    assert response.status_code == 401
    assert '"locked_out": true' in response.get_data(as_text=True)
+
+
+def test_should_return_active_user_is_false_if_user_is_inactive(notifications_admin, notifications_admin_db):
+    user = User(email_address='inactive_user@example.gov.uk',
+                password='val1dPassw0rd!',
+                mobile_number='+441234123123',
+                name='inactive user',
+                created_at=datetime.now(),
+                role_id=1,
+                state='inactive')
+    users_dao.insert_user(user)
+
+    response = notifications_admin.test_client().post('/sign-in',
+                                                      data={'email_address': 'inactive_user@example.gov.uk',
+                                                            'password': 'val1dPassw0rd!'})
+
+    assert response.status_code == 401
+    assert '"active_user": false' in response.get_data(as_text=True)