def register_from_org_invite():
invited_org_user = InvitedOrgUser.from_session()
if not invited_org_user:
abort(404)
form = RegisterUserFromOrgInviteForm(invited_org_user, )
form.auth_type.data = 'sms_auth'
if form.validate_on_submit():
if (form.organisation.data != invited_org_user.organisation
or form.email_address.data != invited_org_user.email_address):
abort(400)
_do_registration(form,
send_email=False,
send_sms=True,
organisation_id=invited_org_user.organisation)
invited_org_user.accept_invite()
return redirect(url_for('main.verify'))
return render_template('views/register-from-org-invite.html',
invited_org_user=invited_org_user,
form=form)
def accept_org_invite(token):
invited_org_user = InvitedOrgUser.from_token(token)
if not current_user.is_anonymous and current_user.email_address.lower() != invited_org_user.email_address.lower():
message = Markup(
_(
"You’re signed in as %(email)s. This invite is for another email address. "
+ "<a href=%(href)s>Sign out</a> and click the link again to accept this invite.",
email=current_user.email_address,
href=url_for("main.sign_out", _external=True),
)
)
flash(message=message)
abort(403)
if invited_org_user.status == "cancelled":
organisation = Organisation.from_id(invited_org_user.organisation)
return render_template(
"views/cancelled-invitation.html",
from_user=invited_org_user.invited_by.name,
organisation_name=organisation.name,
)
if invited_org_user.status == "accepted":
session.pop("invited_org_user", None)
return redirect(url_for("main.organisation_dashboard", org_id=invited_org_user.organisation))
session["invited_org_user"] = invited_org_user.serialize()
existing_user = User.from_email_address_or_none(invited_org_user.email_address)
organisation_users = OrganisationUsers(invited_org_user.organisation)
if existing_user:
invited_org_user.accept_invite()
if existing_user not in organisation_users:
existing_user.add_to_organisation(organisation_id=invited_org_user.organisation)
return redirect(url_for("main.organisation_dashboard", org_id=invited_org_user.organisation))
else:
return redirect(url_for("main.register_from_org_invite"))
def test_invite_org_user_errors_when_same_email_as_inviter(
client_request,
mocker,
mock_get_organisation,
sample_org_invite,
):
new_org_user_data = {
'email_address': '*****@*****.**',
}
mock_invite_org_user = mocker.patch(
'app.org_invite_api_client.create_invite',
return_value=InvitedOrgUser(**sample_org_invite))
page = client_request.post('.invite_org_user',
org_id=ORGANISATION_ID,
_data=new_org_user_data,
_follow_redirects=True)
assert mock_invite_org_user.called is False
assert normalize_spaces(page.select_one(
'.error-message').text) == 'You can’t send an invitation to yourself'
def test_verified_org_user_redirects_to_dashboard(
client,
sample_org_invite,
mock_check_verify_code,
mock_get_user,
mock_activate_user,
mock_login,
):
invited_org_user = InvitedOrgUser(sample_org_invite).serialize()
with client.session_transaction() as session:
session['expiry_date'] = str(datetime.utcnow() + timedelta(hours=1))
session['user_details'] = {"email": invited_org_user['email_address'], "id": invited_org_user['id']}
session['organisation_id'] = invited_org_user['organisation']
response = client.post(url_for('main.verify'), data={'sms_code': '12345'})
assert response.status_code == 302
assert response.location == url_for(
'main.organisation_dashboard',
org_id=invited_org_user['organisation'],
_external=True
)
def accept_org_invite(token):
invited_org_user = InvitedOrgUser.from_token(token)
if not current_user.is_anonymous and current_user.email_address.lower() != invited_org_user.email_address.lower():
message = Markup("""
You’re signed in as {}.
This invite is for another email address.
<a href={}>Sign out</a> and click the link again to accept this invite.
""".format(
current_user.email_address,
url_for("main.sign_out", _external=True)))
flash(message=message)
abort(403)
if invited_org_user.status == 'cancelled':
organisation = Organisation.from_id(invited_org_user.organisation)
return render_template('views/cancelled-invitation.html',
from_user=invited_org_user.invited_by.name,
organisation_name=organisation.name)
if invited_org_user.status == 'accepted':
session.pop('invited_org_user', None)
return redirect(url_for('main.organisation_dashboard', org_id=invited_org_user.organisation))
session['invited_org_user'] = invited_org_user.serialize()
existing_user = User.from_email_address_or_none(invited_org_user.email_address)
organisation_users = OrganisationUsers(invited_org_user.organisation)
if existing_user:
invited_org_user.accept_invite()
if existing_user not in organisation_users:
existing_user.add_to_organisation(organisation_id=invited_org_user.organisation)
return redirect(url_for('main.organisation_dashboard', org_id=invited_org_user.organisation))
else:
return redirect(url_for('main.register_from_org_invite'))
def test_invited_org_user_from_session_returns_none_if_nothing_present(
client, mocker):
mocker.patch.dict('app.models.user.session', values={}, clear=True)
assert InvitedOrgUser.from_session() is None
def _get_invited_org_users(self, invites):
invited_users = []
for invite in invites:
invited_user = InvitedOrgUser(**invite)
invited_users.append(invited_user)
return invited_users
def check_token(self, token):
resp = self.get(url='/invite/organisation/{}'.format(token))
return InvitedOrgUser(**resp['data'])
