There endpoint to check the token of an invitation for services and organisations have been merged.

This PR deletes the old endpoints.

app/__init__.py

@@ -109,7 +109,6 @@ def register_blueprint(application):
     from app.billing.rest import billing_blueprint
     from app.organisation.rest import organisation_blueprint
     from app.organisation.invite_rest import organisation_invite_blueprint
-    from app.organisation.accept_organisation_invite import accept_organisation_invite_blueprint
 
     service_blueprint.before_request(requires_admin_auth)
     application.register_blueprint(service_blueprint, url_prefix='/service')
@@ -186,9 +185,6 @@ def register_blueprint(application):
     organisation_invite_blueprint.before_request(requires_admin_auth)
     application.register_blueprint(organisation_invite_blueprint)
 
-    accept_organisation_invite_blueprint.before_request(requires_admin_auth)
-    application.register_blueprint(accept_organisation_invite_blueprint)
-
 
 def register_v2_blueprints(application):
     from app.v2.inbound_sms.get_inbound_sms import v2_inbound_sms_blueprint as get_inbound_sms

app/accept_invite/rest.py

@@ -23,30 +23,6 @@ accept_invite = Blueprint('accept_invite', __name__)
 register_errors(accept_invite)
 
 
-@accept_invite.route('/<token>', methods=['GET'])
-def get_invited_user_by_token(token):
-    """
-    This method is now deprecated,
-    in favor of a single accept_invite endpoint for both service and organisation invitations
-    """
-    max_age_seconds = 60 * 60 * 24 * current_app.config['INVITATION_EXPIRATION_DAYS']
-
-    try:
-        invited_user_id = check_token(token,
-                                      current_app.config['SECRET_KEY'],
-                                      current_app.config['DANGEROUS_SALT'],
-                                      max_age_seconds)
-    except SignatureExpired:
-        errors = {'invitation':
-                  ['Your invitation to GOV.UK Notify has expired. '
-                   'Please ask the person that invited you to send you another one']}
-        raise InvalidRequest(errors, status_code=400)
-
-    invited_user = get_invited_user_by_id(invited_user_id)
-
-    return jsonify(data=invited_user_schema.dump(invited_user).data), 200
-
-
 @accept_invite.route('/<invitation_type>/<token>', methods=['GET'])
 def validate_invitation_token(invitation_type, token):
 

app/organisation/accept_organisation_invite.py

@@ -1,30 +0,0 @@
-from flask import Blueprint, jsonify, current_app
-from itsdangerous import SignatureExpired
-from notifications_utils.url_safe_token import check_token
-
-from app.dao.organisation_dao import dao_get_invited_organisation_user
-from app.errors import register_errors, InvalidRequest
-
-accept_organisation_invite_blueprint = Blueprint(
-    'accept_organisation_invite', __name__,
-    url_prefix='/organisation-invitation')
-
-register_errors(accept_organisation_invite_blueprint)
-
-
-@accept_organisation_invite_blueprint.route("/<token>", methods=['GET'])
-def accept_organisation_invitation(token):
-    max_age_seconds = 60 * 60 * 24 * current_app.config['INVITATION_EXPIRATION_DAYS']
-
-    try:
-        invited_user_id = check_token(token,
-                                      current_app.config['SECRET_KEY'],
-                                      current_app.config['DANGEROUS_SALT'],
-                                      max_age_seconds)
-    except SignatureExpired:
-        errors = {'invitation': ['Your invitation to GOV.UK Notify has expired. '
-                                 'Please ask the person that invited you to send you another one']}
-        raise InvalidRequest(errors, status_code=400)
-    invited_user = dao_get_invited_organisation_user(invited_user_id)
-
-    return jsonify(data=invited_user.serialize()), 200

tests/app/accept_invite/test_accept_invite_rest.py

@@ -7,58 +7,6 @@ from notifications_utils.url_safe_token import generate_token
 from tests import create_authorization_header
 
 
-def test_accept_invite_for_expired_token_returns_400(notify_api, sample_invited_user):
-    with notify_api.test_request_context():
-        with notify_api.test_client() as client:
-            with freeze_time('2016-01-01T12:00:00'):
-                token = generate_token(str(sample_invited_user.id), notify_api.config['SECRET_KEY'],
-                                       notify_api.config['DANGEROUS_SALT'])
-        url = '/invite/{}'.format(token)
-        auth_header = create_authorization_header()
-        response = client.get(url, headers=[('Content-Type', 'application/json'), auth_header])
-
-        assert response.status_code == 400
-        json_resp = json.loads(response.get_data(as_text=True))
-        assert json_resp['result'] == 'error'
-        assert json_resp['message'] == {'invitation': [
-            'Your invitation to GOV.UK Notify has expired. '
-            'Please ask the person that invited you to send you another one']}
-
-
-def test_accept_invite_returns_200_when_token_valid(notify_api, sample_invited_user):
-    with notify_api.test_request_context():
-        with notify_api.test_client() as client:
-            token = generate_token(str(sample_invited_user.id), notify_api.config['SECRET_KEY'],
-                                   notify_api.config['DANGEROUS_SALT'])
-            url = '/invite/{}'.format(token)
-            auth_header = create_authorization_header()
-            response = client.get(url, headers=[('Content-Type', 'application/json'), auth_header])
-
-            assert response.status_code == 200
-            json_resp = json.loads(response.get_data(as_text=True))
-            assert json_resp['data']['id'] == str(sample_invited_user.id)
-            assert json_resp['data']['email_address'] == sample_invited_user.email_address
-            assert json_resp['data']['from_user'] == str(sample_invited_user.user_id)
-            assert json_resp['data']['service'] == str(sample_invited_user.service_id)
-            assert json_resp['data']['status'] == sample_invited_user.status
-            assert json_resp['data']['permissions'] == sample_invited_user.permissions
-
-
-def test_accept_invite_returns_400_when_invited_user_does_not_exist(notify_api):
-    with notify_api.test_request_context():
-        with notify_api.test_client() as client:
-            token = generate_token(str(uuid.uuid4()), notify_api.config['SECRET_KEY'],
-                                   notify_api.config['DANGEROUS_SALT'])
-            url = '/invite/{}'.format(token)
-            auth_header = create_authorization_header()
-            response = client.get(url, headers=[('Content-Type', 'application/json'), auth_header])
-
-            assert response.status_code == 404
-            json_resp = json.loads(response.get_data(as_text=True))
-            assert json_resp['result'] == 'error'
-            assert json_resp['message'] == 'No result found'
-
-
 @pytest.mark.parametrize('invitation_type', ['service', 'organisation'])
 def test_validate_invitation_token_for_expired_token_returns_400(client, invitation_type):
         with freeze_time('2016-01-01T12:00:00'):

tests/app/organisation/test_accept_organisation_invite.py

@@ -1,17 +0,0 @@
-import json
-
-from flask import current_app
-from notifications_utils.url_safe_token import generate_token
-
-from tests import create_authorization_header
-
-
-def test_accept_organisation_invitation(client, sample_invited_org_user):
-    token = generate_token(str(sample_invited_org_user.id), current_app.config['SECRET_KEY'],
-                           current_app.config['DANGEROUS_SALT'])
-    url = '/organisation-invitation/{}'.format(token)
-    auth_header = create_authorization_header()
-    response = client.get(url, headers=[('Content-Type', 'application/json'), auth_header])
-    assert response.status_code == 200
-    json_resp = json.loads(response.get_data(as_text=True))
-    assert json_resp['data'] == sample_invited_org_user.serialize()