Merge pull request #129 from alphagov/add-user-with-permissions

[WIP] Changed add user to service to take list
2026-02-02 17:31:14 -05:00 · 2016-03-04 15:52:58 +00:00
parent 065e81697b f945253596
commit fa87f9c7b3
2 changed files with 9 additions and 46 deletions
--- a/app/service/rest.py
+++ b/app/service/rest.py
@@ -177,10 +177,8 @@ def add_user_to_service(service_id, user_id):
                       message='User id: {} already part of service id: {}'.format(user_id, service_id)), 400

    dao_add_user_to_service(service, user)
-    invited_user, errors = invited_user_schema.load(request.get_json())
-    if errors:
-        return jsonify(result="error", message=errors), 404
-    _process_permissions(user, service, invited_user.get_permissions())
+    permissions = request.get_json()['permissions']
+    _process_permissions(user, service, permissions)

    data, errors = service_schema.dump(service)
    return jsonify(data=data), 201
--- a/tests/app/service/test_rest.py
+++ b/tests/app/service/test_rest.py
@@ -493,12 +493,7 @@ def test_add_existing_user_to_another_service_with_all_permissions(notify_api,
            # they must exist in db first
            save_model_user(user_to_add)

-            data = {
-                'service': str(sample_service.id),
-                'email_address': 'invited@digital.cabinet-office.gov.uk',
-                'from_user': sample_user.id,
-                'permissions': 'send_messages,manage_service,manage_api_keys'
-            }
+            data = {'permissions': ['send_messages', 'manage_service', 'manage_api_keys']}

            auth_header = create_authorization_header(
                path='/service/{}/users/{}'.format(sample_service.id, user_to_add.id),
@@ -562,12 +557,7 @@ def test_add_existing_user_to_another_service_with_send_permissions(notify_api,
            )
            save_model_user(user_to_add)

-            data = {
-                'service': str(sample_service.id),
-                'email_address': 'invited@digital.cabinet-office.gov.uk',
-                'from_user': sample_user.id,
-                'permissions': 'send_messages'
-            }
+            data = {'permissions': ['send_messages']}
            auth_header = create_authorization_header(
                path='/service/{}/users/{}'.format(sample_service.id, user_to_add.id),
                request_body=json.dumps(data),
@@ -615,12 +605,7 @@ def test_add_existing_user_to_another_service_with_manage_permissions(notify_api
            )
            save_model_user(user_to_add)

-            data = {
-                'service': str(sample_service.id),
-                'email_address': 'invited@digital.cabinet-office.gov.uk',
-                'from_user': sample_user.id,
-                'permissions': 'manage_service'
-            }
+            data = {'permissions': ['manage_service']}
            auth_header = create_authorization_header(
                path='/service/{}/users/{}'.format(sample_service.id, user_to_add.id),
                request_body=json.dumps(data),
@@ -668,12 +653,7 @@ def test_add_existing_user_to_another_service_with_manage_api_keys(notify_api,
            )
            save_model_user(user_to_add)

-            data = {
-                'service': str(sample_service.id),
-                'email_address': 'invited@digital.cabinet-office.gov.uk',
-                'from_user': sample_user.id,
-                'permissions': 'manage_api_keys'
-            }
+            data = {'permissions': ['manage_api_keys']}
            auth_header = create_authorization_header(
                path='/service/{}/users/{}'.format(sample_service.id, user_to_add.id),
                request_body=json.dumps(data),
@@ -721,12 +701,7 @@ def test_add_existing_user_to_non_existing_service_returns404(notify_api,

            incorrect_id = uuid.uuid4()

-            data = {
-                'service': str(incorrect_id),
-                'email_address': 'invited@digital.cabinet-office.gov.uk',
-                'from_user': sample_user.id,
-                'permissions': 'send_messages'
-            }
+            data = {'permissions': ['send_messages', 'manage_service', 'manage_api_keys']}
            auth_header = create_authorization_header(
                path='/service/{}/users/{}'.format(incorrect_id, user_to_add.id),
                request_body=json.dumps(data),
@@ -753,12 +728,7 @@ def test_add_existing_user_of_service_to_service_returns400(notify_api, notify_d

            existing_user_id = sample_service.users[0].id

-            data = {
-                'service': str(sample_service.id),
-                'email_address': 'invited@digital.cabinet-office.gov.uk',
-                'from_user': 'doesnotmatter',
-                'permissions': 'send_messages'
-            }
+            data = {'permissions': ['send_messages', 'manage_service', 'manage_api_keys']}
            auth_header = create_authorization_header(
                path='/service/{}/users/{}'.format(sample_service.id, existing_user_id),
                request_body=json.dumps(data),
@@ -785,12 +755,7 @@ def test_add_unknown_user_to_service_returns404(notify_api, notify_db, notify_db

            incorrect_id = 9876

-            data = {
-                'service': str(sample_service.id),
-                'email_address': 'invited@digital.cabinet-office.gov.uk',
-                'from_user': incorrect_id,
-                'permissions': 'send_messages'
-            }
+            data = {'permissions': ['send_messages', 'manage_service', 'manage_api_keys']}
            auth_header = create_authorization_header(
                path='/service/{}/users/{}'.format(sample_service.id, incorrect_id),
                request_body=json.dumps(data),