app/accept_invite/rest.py

from flask import (
    Blueprint,
    jsonify,
    current_app
)

from itsdangerous import SignatureExpired, BadData

from notifications_utils.url_safe_token import check_token

from app.dao.invited_user_dao import get_invited_user_by_id
from app.dao.organisation_dao import dao_get_invited_organisation_user

from app.errors import (
    register_errors,
    InvalidRequest
)

from app.schemas import invited_user_schema


accept_invite = Blueprint('accept_invite', __name__)
register_errors(accept_invite)


@accept_invite.route('/<invitation_type>/<token>', methods=['GET'])
def validate_invitation_token(invitation_type, token):

    max_age_seconds = 60 * 60 * 24 * current_app.config['INVITATION_EXPIRATION_DAYS']

    try:
        invited_user_id = check_token(token,
                                      current_app.config['SECRET_KEY'],
                                      current_app.config['DANGEROUS_SALT'],
                                      max_age_seconds)
    except SignatureExpired:
        errors = {'invitation':
                  ['Your invitation to GOV.UK Notify has expired. '
                   'Please ask the person that invited you to send you another one']}
        raise InvalidRequest(errors, status_code=400)
    except BadData:
        errors = {'invitation': 'Something’s wrong with this link. Make sure you’ve copied the whole thing.'}
        raise InvalidRequest(errors, status_code=400)

    if invitation_type == 'service':
        invited_user = get_invited_user_by_id(invited_user_id)
        return jsonify(data=invited_user_schema.dump(invited_user).data), 200
    elif invitation_type == 'organisation':
        invited_user = dao_get_invited_organisation_user(invited_user_id)
        return jsonify(data=invited_user.serialize()), 200
    else:
        raise InvalidRequest("Unrecognised invitation type: {}".format(invitation_type))
-												[WIP] Start of api for accepting invite.

											
										
										
											2016-02-29 17:38:02 +00:00
+								from flask import (
 								    Blueprint,
 								    jsonify,
 								    current_app
 								)
-												handle malformed invite tokens

											
										
										
											2018-03-08 13:14:56 +00:00
+								from itsdangerous import SignatureExpired, BadData
-												[WIP] Start of api for accepting invite.

											
										
										
											2016-02-29 17:38:02 +00:00
-												Working placeholders in subject with upgraded notifications-utils.

Fix test.

											
										
										
											2016-04-13 15:31:08 +01:00
+								from notifications_utils.url_safe_token import check_token
-												[WIP] Start of api for accepting invite.

											
										
										
											2016-02-29 17:38:02 +00:00
 								from app.dao.invited_user_dao import get_invited_user_by_id
-												Added a new endpoint that can be used for organisation or service invitations.
The other two invitation endpoints will be removed once the admin app is updated.

											
										
										
											2018-02-23 14:15:39 +00:00
+								from app.dao.organisation_dao import dao_get_invited_organisation_user
-												[WIP] Start of api for accepting invite.

											
										
										
											2016-02-29 17:38:02 +00:00
-												Change endpoint responses where there are marshalling, unmarshalling
or param errors to raise invalid data exception. That will cause
those responses to be handled in by errors.py, which will log
the errors.

Set most of schemas to strict mode so that marshmallow will raise
exception rather than checking for errors in return tuple from load.

Added handler to errors.py for marshmallow validation errors.

											
										
										
											2016-06-14 15:07:23 +01:00
+								from app.errors import (
 								    register_errors,
 								    InvalidRequest
 								)
-												[WIP] Start of api for accepting invite.

											
										
										
											2016-02-29 17:38:02 +00:00
+								from app.schemas import invited_user_schema
 								accept_invite = Blueprint('accept_invite', __name__)
 								register_errors(accept_invite)
-												Added a new endpoint that can be used for organisation or service invitations.
The other two invitation endpoints will be removed once the admin app is updated.

											
										
										
											2018-02-23 14:15:39 +00:00
+								@accept_invite.route('/<invitation_type>/<token>', methods=['GET'])
 								def validate_invitation_token(invitation_type, token):
 								    max_age_seconds = 60 * 60 * 24 * current_app.config['INVITATION_EXPIRATION_DAYS']
 								    try:
 								        invited_user_id = check_token(token,
 								                                      current_app.config['SECRET_KEY'],
 								                                      current_app.config['DANGEROUS_SALT'],
 								                                      max_age_seconds)
 								    except SignatureExpired:
 								        errors = {'invitation':
 								                  ['Your invitation to GOV.UK Notify has expired. '
 								                   'Please ask the person that invited you to send you another one']}
 								        raise InvalidRequest(errors, status_code=400)
-												handle malformed invite tokens

											
										
										
											2018-03-08 13:14:56 +00:00
+								    except BadData:
 								        errors = {'invitation': 'Something’s wrong with this link. Make sure you’ve copied the whole thing.'}
 								        raise InvalidRequest(errors, status_code=400)
-												Added a new endpoint that can be used for organisation or service invitations.
The other two invitation endpoints will be removed once the admin app is updated.

											
										
										
											2018-02-23 14:15:39 +00:00
 								    if invitation_type == 'service':
 								        invited_user = get_invited_user_by_id(invited_user_id)
 								        return jsonify(data=invited_user_schema.dump(invited_user).data), 200
 								    elif invitation_type == 'organisation':
 								        invited_user = dao_get_invited_organisation_user(invited_user_id)
 								        return jsonify(data=invited_user.serialize()), 200
 								    else:
 								        raise InvalidRequest("Unrecognised invitation type: {}".format(invitation_type))