- new endpoint to check the token for an org invitation.

- new endpoint to add user to organisation
- new endpoint to return users for an organisation

app/organisation/accept_organisation_invite.py

@@ -0,0 +1,32 @@
+from flask import Blueprint, jsonify, current_app
+from itsdangerous import SignatureExpired
+from notifications_utils.url_safe_token import check_token
+
+from app.dao.organisation_dao import dao_get_invited_organisation_user
+from app.errors import register_errors, InvalidRequest
+
+accept_organisation_invite_blueprint = Blueprint(
+    'accept_organisation_invite', __name__,
+    url_prefix='/organisation-invitation')
+
+register_errors(accept_organisation_invite_blueprint)
+
+
+@accept_organisation_invite_blueprint.route("/<token>", methods=['GET'])
+def accept_organisation_invitation(token):
+    max_age_seconds = 60 * 60 * 24 * current_app.config['INVITATION_EXPIRATION_DAYS']
+
+    try:
+        invited_user_id = check_token(token,
+                                      current_app.config['SECRET_KEY'],
+                                      current_app.config['DANGEROUS_SALT'],
+                                      max_age_seconds)
+    except SignatureExpired:
+        errors = {'invitation':
+                  ['Your invitation to GOV.UK Notify has expired. '
+                   'Please ask the person that invited you to send you another one']}
+        raise InvalidRequest(errors, status_code=400)
+    invited_user = dao_get_invited_organisation_user(invited_user_id)
+
+    return jsonify(data=invited_user.serialize()), 200
+

app/organisation/invite_rest.py

@@ -73,7 +73,7 @@ def get_invited_org_users_by_organisation(organisation_id):
 
 
 @organisation_invite_blueprint.route('/<invited_org_user_id>', methods=['POST'])
-def update_invite_status(organisation_id, invited_org_user_id):
+def update_org_invite_status(organisation_id, invited_org_user_id):
     fetched = get_invited_org_user(organisation_id=organisation_id, invited_org_user_id=invited_org_user_id)
 
     data = request.get_json()
@@ -81,6 +81,7 @@ def update_invite_status(organisation_id, invited_org_user_id):
 
     fetched.status = data['status']
     save_invited_org_user(fetched)
+
     return jsonify(data=fetched.serialize()), 200
 
 

app/organisation/organisation_schema.py

@@ -1,3 +1,4 @@
+from app.models import INVITED_USER_STATUS_TYPES
 from app.schema_validation.definitions import uuid
 
 post_create_organisation_schema = {
@@ -51,7 +52,7 @@ post_update_invited_org_user_status_schema = {
     "description": "POST update organisation invite schema",
     "type": "object",
     "properties": {
-        "status": {"type": "string"}
+        "status": {"enum": INVITED_USER_STATUS_TYPES}
     },
     "required": ["status"]
 }

app/organisation/rest.py

@@ -8,6 +8,8 @@ from app.dao.organisation_dao import (
     dao_get_organisation_services,
     dao_update_organisation,
     dao_add_service_to_organisation,
+    dao_get_users_for_organisation,
+    dao_add_user_to_organisation
 )
 from app.dao.services_dao import dao_fetch_service_by_id
 from app.errors import register_errors, InvalidRequest
@@ -18,6 +20,7 @@ from app.organisation.organisation_schema import (
     post_link_service_to_organisation_schema,
 )
 from app.schema_validation import validate
+from app.schemas import user_schema
 
 organisation_blueprint = Blueprint('organisation', __name__)
 register_errors(organisation_blueprint)
@@ -90,3 +93,18 @@ def get_organisation_services(organisation_id):
     services = dao_get_organisation_services(organisation_id)
     sorted_services = sorted(services, key=lambda s: (-s.active, s.name))
     return jsonify([s.serialize_for_org_dashboard() for s in sorted_services])
+
+
+@organisation_blueprint.route('/<uuid:organisation_id>/users/<uuid:user_id>', methods=['POST'])
+def add_user_to_organisation(organisation_id, user_id):
+    current_app.logger.info("ADDING new user")
+    new_org_user = dao_add_user_to_organisation(organisation_id, user_id)
+    return jsonify(data=user_schema.dump(new_org_user).data), 200
+
+
+@organisation_blueprint.route('/<uuid:organisation_id>/users', methods=['GET'])
+def get_organisation_users(organisation_id):
+    org_users = dao_get_users_for_organisation(organisation_id)
+
+    result = user_schema.dump(org_users, many=True)
+    return jsonify(data=result.data)