Functionality added and all tests working.

Update correct use of permissions form.
2026-05-05 16:38:59 -04:00 · 2016-03-23 10:46:31 +00:00
parent 0435015211
commit f3689cc113
8 changed files with 115 additions and 8 deletions
--- a/app/init.py
+++ b/app/init.py
@@ -200,6 +200,12 @@ def register_errorhandlers(application):
    def handle_no_permissions(error):
        return _error_response(401)

+    @application.errorhandler(500)
+    def handle_exception(error):
+        if current_app.config.get('DEBUG', None):
+            raise error
+        return _error_response(500)
+
    @application.errorhandler(Exception)
    def handle_bad_request(error):
        # We want the Flask in browser stacktrace
--- a/app/main/views/manage_users.py
+++ b/app/main/views/manage_users.py
@@ -5,7 +5,8 @@ from flask import (
    render_template,
    redirect,
    url_for,
-    flash
+    flash,
+    abort
 )

 from flask_login import (
@@ -13,6 +14,7 @@ from flask_login import (
    current_user
 )

+from notifications_python_client import HTTPError
 from app.main import main
 from app.main.forms import (
    InviteUserForm,
@@ -20,6 +22,7 @@ from app.main.forms import (
 )
 from app.main.dao.services_dao import get_service_by_id
 from app import user_api_client
+from app import service_api_client
 from app import invite_api_client
 from app.utils import user_has_permissions

@@ -106,6 +109,45 @@ def edit_user_permissions(service_id, user_id):
    )


+@main.route("/services/<service_id>/users/<user_id>/delete", methods=['GET', 'POST'])
+@login_required
+@user_has_permissions('manage_users', admin_override=True)
+def remove_user_from_service(service_id, user_id):
+    user = user_api_client.get_user(user_id)
+    service = get_service_by_id(service_id)
+    # Need to make the email address read only, or a disabled field?
+    # Do it through the template or the form class?
+    form = PermissionsForm(**{
+        role: user.has_permissions(permissions=permissions) for role, permissions in roles.items()
+        })
+
+    if request.method == 'POST':
+        try:
+            service_api_client.remove_user_from_service(service_id, user_id)
+        except HTTPError as e:
+            msg = "You cannot remove the only user for a service"
+            if e.status_code == 400 and msg in e.message:
+                flash(msg, 'info')
+                return redirect(url_for(
+                    '.manage_users',
+                    service_id=service_id))
+            else:
+                abort(500, e)
+
+        return redirect(url_for(
+            '.manage_users',
+            service_id=service_id
+        ))
+
+    flash('Are you sure you want to remove {}?'.format(user.name), 'remove')
+    return render_template(
+        'views/edit-user-permissions.html',
+        user=user,
+        form=form,
+        service_id=service_id
+    )
+
+
@main.route("/services/<service_id>/cancel-invited-user/<invited_user_id>", methods=['GET'])
@user_has_permissions('manage_users', admin_override=True)
 def cancel_invited_user(service_id, invited_user_id):
--- a/app/notify_client/api_client.py
+++ b/app/notify_client/api_client.py
@@ -70,6 +70,15 @@ class ServiceAPIClient(NotificationsAPIClient):
        endpoint = "/service/{0}".format(service_id)
        return self.post(endpoint, data)

+    def remove_user_from_service(self, service_id, user_id):
+        """
+        Remove a user from a service
+        """
+        endpoint = '/service/{service_id}/users/{user_id}'.format(
+            service_id=service_id,
+            user_id=user_id)
+        return self.delete(endpoint)
+
    def create_service_template(self, name, type_, content, service_id, subject=None):
        """
        Create a service template.
--- a/app/templates/flash_messages.html
+++ b/app/templates/flash_messages.html
@@ -5,7 +5,7 @@
      {{ banner(
        message,
        'default' if ((category == 'default') or (category == 'default_with_tick')) else 'dangerous',
-        delete_button="Yes, delete" if 'delete' == category else None,
+        delete_button="Yes, {}".format(category) if category in ['delete', 'remove'] else None,
        with_tick=True if category == 'default_with_tick' else False
      )}}
    {% endfor %}
--- a/app/templates/views/edit-user-permissions.html
+++ b/app/templates/views/edit-user-permissions.html
@@ -21,11 +21,11 @@ Manage users – GOV.UK Notify

      {% include 'views/manage-users/permissions.html' %}

-      {{ page_footer(
-        'Save',
-        back_link=url_for('.manage_users', service_id=service_id),
-        back_link_text='Cancel'
-      ) }}
+        {{ page_footer(
+          'Save',
+          delete_link=url_for('.remove_user_from_service', service_id=service_id, user_id=user.id) if user or None,
+          delete_link_text='Remove user from service'
+        ) }}

    </form>
  </div>
--- a/app/templates/views/manage-users.html
+++ b/app/templates/views/manage-users.html
@@ -45,7 +45,7 @@ Manage users – GOV.UK Notify
    {% call field(align='right') %}
      {% if current_user.has_permissions(['manage_users']) %}
        {% if current_user.id != item.id %}
-          <a href="{{ url_for('.edit_user_permissions', service_id=service_id, user_id=item.id)}}">Edit permission</a>
+          <a href="{{ url_for('.edit_user_permissions', service_id=service_id, user_id=item.id)}}">Edit</a>
        {% endif %}
      {% endif %}
    {% endcall %}