from flask import ( redirect, url_for, session, flash, render_template, abort ) from markupsafe import Markup from app.main import main from app import ( invite_api_client, user_api_client, service_api_client ) from flask_login import current_user @main.route("/invitation/") def accept_invite(token): invited_user = invite_api_client.check_token(token) if not current_user.is_anonymous and current_user.email_address != invited_user.email_address: message = Markup(""" You’re signed in as {}. This invite is for another email address. Sign out and click the link again to accept this invite. """.format( current_user.email_address, url_for("main.sign_out", _external=True))) flash(message=message) abort(403) if invited_user.status == 'cancelled': from_user = user_api_client.get_user(invited_user.from_user) service = service_api_client.get_service(invited_user.service)['data'] return render_template('views/cancelled-invitation.html', from_user=from_user.name, service_name=service['name']) if invited_user.status == 'accepted': session.pop('invited_user', None) return redirect(url_for('main.service_dashboard', service_id=invited_user.service)) session['invited_user'] = invited_user.serialize() existing_user = user_api_client.get_user_by_email_or_none(invited_user.email_address) service_users = user_api_client.get_users_for_service(invited_user.service) if existing_user: invite_api_client.accept_invite(invited_user.service, invited_user.id) if existing_user in service_users: return redirect(url_for('main.service_dashboard', service_id=invited_user.service)) else: user_api_client.add_user_to_service(invited_user.service, existing_user.id, invited_user.permissions) return redirect(url_for('main.service_dashboard', service_id=invited_user.service)) else: return redirect(url_for('main.register_from_invite'))