def test_client_converts_admin_permissions_to_db_permissions_on_add_to_service(
app_, mocker):
mock_post = mocker.patch(
'app.notify_client.user_api_client.UserApiClient.post',
return_value={'data': {}})
user_api_client.add_user_to_service(
'service_id',
'user_id',
permissions={'send_messages', 'view_activity'},
folder_permissions=[])
assert sorted(mock_post.call_args[1]['data']['permissions'],
key=lambda x: x['permission']) == sorted(
[
{
'permission': 'send_texts'
},
{
'permission': 'send_emails'
},
{
'permission': 'send_letters'
},
{
'permission': 'view_activity'
},
],
key=lambda x: x['permission'])
def test_client_converts_admin_permissions_to_db_permissions_on_add_to_service(
app_, mocker):
mock_post = mocker.patch(
"app.notify_client.user_api_client.UserApiClient.post",
return_value={"data": {}},
)
user_api_client.add_user_to_service(
"service_id",
"user_id",
permissions={"send_messages", "view_activity"},
folder_permissions=[],
)
assert sorted(mock_post.call_args[1]["data"]["permissions"],
key=lambda x: x["permission"]) == sorted(
[
{
"permission": "send_texts"
},
{
"permission": "send_emails"
},
{
"permission": "send_letters"
},
{
"permission": "view_activity"
},
],
key=lambda x: x["permission"],
)
def _add_invited_user_to_service(invited_user):
invitation = InvitedUser(**invited_user)
user = user_api_client.get_user(session['user_id'])
service_id = invited_user['service']
user_api_client.add_user_to_service(service_id, user.id,
invitation.permissions,
invitation.folder_permissions)
return service_id
def _add_invited_user_to_service(invited_user):
invitation = InvitedUser(**invited_user)
# if invited user add to service and redirect to dashboard
user = user_api_client.get_user(session['user_id'])
service_id = invited_user['service']
user_api_client.add_user_to_service(service_id, user.id, invitation.permissions)
invite_api_client.accept_invite(service_id, invitation.id)
return service_id
def _add_invited_user_to_service(invited_user):
invitation = InvitedUser(invited_user)
user = User.from_id(session["user_id"])
service_id = invited_user["service"]
user_api_client.add_user_to_service(service_id, user.id,
invitation.permissions,
invitation.folder_permissions)
return service_id
def _add_invited_user_to_service(invited_user):
invitation = InvitedUser(**invited_user)
# if invited user add to service and redirect to dashboard
user = user_api_client.get_user(session['user_id'])
service_id = invited_user['service']
user_api_client.add_user_to_service(service_id, user.id,
invitation.permissions)
invite_api_client.accept_invite(service_id, invitation.id)
return service_id
def accept_invite(token):
invited_user = invite_api_client.check_token(token)
if not current_user.is_anonymous and current_user.email_address != invited_user.email_address:
message = Markup("""
You’re signed in as {}.
This invite is for another email address.
<a href={}>Sign out</a> and click the link again to accept this invite.
""".format(current_user.email_address,
url_for("main.sign_out", _external=True)))
flash(message=message)
abort(403)
if invited_user.status == 'cancelled':
from_user = user_api_client.get_user(invited_user.from_user)
service = service_api_client.get_service(invited_user.service)['data']
return render_template('views/cancelled-invitation.html',
from_user=from_user.name,
service_name=service['name'])
if invited_user.status == 'accepted':
session.pop('invited_user', None)
return redirect(
url_for('main.service_dashboard', service_id=invited_user.service))
session['invited_user'] = invited_user.serialize()
existing_user = user_api_client.get_user_by_email_or_none(
invited_user.email_address)
service_users = user_api_client.get_users_for_service(invited_user.service)
if existing_user:
invite_api_client.accept_invite(invited_user.service, invited_user.id)
if existing_user in service_users:
return redirect(
url_for('main.service_dashboard',
service_id=invited_user.service))
else:
user_api_client.add_user_to_service(invited_user.service,
existing_user.id,
invited_user.permissions)
return redirect(
url_for('main.service_dashboard',
service_id=invited_user.service))
else:
return redirect(url_for('main.register_from_invite'))
def add_service():
invited_user = session.get('invited_user')
if invited_user:
invitation = InvitedUser(**invited_user)
# if invited user add to service and redirect to dashboard
user = user_api_client.get_user(session['user_id'])
service_id = invited_user['service']
user_api_client.add_user_to_service(service_id, user.id,
invitation.permissions)
invite_api_client.accept_invite(service_id, invitation.id)
return redirect(
url_for('main.service_dashboard', service_id=service_id))
form = AddServiceForm(service_api_client.find_all_service_email_from)
heading = 'Which service do you want to set up notifications for?'
if form.validate_on_submit():
email_from = email_safe(form.name.data)
service_id = service_api_client.create_service(
service_name=form.name.data,
active=False,
message_limit=current_app.config['DEFAULT_SERVICE_LIMIT'],
restricted=True,
user_id=session['user_id'],
email_from=email_from)
session['service_id'] = service_id
if (len(
service_api_client.get_services({
'user_id': session['user_id']
}).get('data', [])) > 1):
return redirect(
url_for('main.service_dashboard', service_id=service_id))
example_sms_template = service_api_client.create_service_template(
'Example text message template', 'sms',
'Hey ((name)), I’m trying out Notify. Today is ((day of week)) and my favourite colour is ((colour)).',
service_id)
return redirect(
url_for('main.send_test',
service_id=service_id,
template_id=example_sms_template['data']['id'],
help=1))
else:
return render_template('views/add-service.html',
form=form,
heading=heading)
def add_service():
invited_user = session.get('invited_user')
if invited_user:
invitation = InvitedUser(**invited_user)
# if invited user add to service and redirect to dashboard
user = user_api_client.get_user(session['user_id'])
service_id = invited_user['service']
user_api_client.add_user_to_service(service_id, user.id, invitation.permissions)
invite_api_client.accept_invite(service_id, invitation.id)
return redirect(url_for('main.service_dashboard', service_id=service_id))
form = AddServiceForm(service_api_client.find_all_service_email_from)
heading = 'Which service do you want to set up notifications for?'
if form.validate_on_submit():
email_from = email_safe(form.name.data)
service_id = service_api_client.create_service(service_name=form.name.data,
active=False,
message_limit=current_app.config['DEFAULT_SERVICE_LIMIT'],
restricted=True,
user_id=session['user_id'],
email_from=email_from)
session['service_id'] = service_id
if (len(service_api_client.get_services({'user_id': session['user_id']}).get('data', [])) > 1):
return redirect(url_for('main.service_dashboard', service_id=service_id))
example_sms_template = service_api_client.create_service_template(
'Example text message template',
'sms',
'Hey ((name)), I’m trying out Notify. Today is ((day of week)) and my favourite colour is ((colour)).',
service_id
)
return redirect(url_for(
'main.send_test',
service_id=service_id,
template_id=example_sms_template['data']['id'],
help=1
))
else:
return render_template(
'views/add-service.html',
form=form,
heading=heading
)
def accept_invite(token):
invited_user = invite_api_client.check_token(token)
if not current_user.is_anonymous and current_user.email_address != invited_user.email_address:
message = Markup("""
You’re signed in as {}.
This invite is for another email address.
<a href={}>Sign out</a> and click the link again to accept this invite.
""".format(
current_user.email_address,
url_for("main.sign_out", _external=True)))
flash(message=message)
abort(403)
if invited_user.status == 'cancelled':
from_user = user_api_client.get_user(invited_user.from_user)
service = service_api_client.get_service(invited_user.service)['data']
return render_template('views/cancelled-invitation.html',
from_user=from_user.name,
service_name=service['name'])
if invited_user.status == 'accepted':
session.pop('invited_user', None)
return redirect(url_for('main.service_dashboard', service_id=invited_user.service))
session['invited_user'] = invited_user.serialize()
existing_user = user_api_client.get_user_by_email_or_none(invited_user.email_address)
service_users = user_api_client.get_users_for_service(invited_user.service)
if existing_user:
invite_api_client.accept_invite(invited_user.service, invited_user.id)
if existing_user in service_users:
return redirect(url_for('main.service_dashboard', service_id=invited_user.service))
else:
user_api_client.add_user_to_service(invited_user.service,
existing_user.id,
invited_user.permissions)
return redirect(url_for('main.service_dashboard', service_id=invited_user.service))
else:
return redirect(url_for('main.register_from_invite'))
def test_add_user_to_service_calls_correct_endpoint_and_deletes_keys_from_cache(mocker):
mock_redis_delete = mocker.patch('app.extensions.RedisClient.delete')
service_id = uuid.uuid4()
user_id = uuid.uuid4()
folder_id = uuid.uuid4()
expected_url = '/service/{}/users/{}'.format(service_id, user_id)
data = {'permissions': [], 'folder_permissions': [folder_id]}
mock_post = mocker.patch('app.notify_client.user_api_client.UserApiClient.post')
user_api_client.add_user_to_service(service_id, user_id, [], [folder_id])
mock_post.assert_called_once_with(expected_url, data=data)
assert mock_redis_delete.call_args_list == [
call('user-{user_id}'.format(user_id=user_id)),
call('service-{service_id}-template-folders'.format(service_id=service_id)),
call('service-{service_id}'.format(service_id=service_id)),
]
def accept_invite(token):
try:
invited_user = invite_api_client.check_token(token)
except HTTPError as e:
if e.status_code == 400 and 'invitation' in e.message:
flash(e.message['invitation'])
return redirect(url_for('main.sign_in'))
else:
raise e
if not current_user.is_anonymous and current_user.email_address.lower(
) != invited_user.email_address.lower():
message = Markup("""
You’re signed in as {}.
This invite is for another email address.
<a href={}>Sign out</a> and click the link again to accept this invite.
""".format(current_user.email_address,
url_for("main.sign_out", _external=True)))
flash(message=message)
abort(403)
if invited_user.status == 'cancelled':
from_user = user_api_client.get_user(invited_user.from_user)
service = service_api_client.get_service(invited_user.service)['data']
return render_template('views/cancelled-invitation.html',
from_user=from_user.name,
service_name=service['name'])
if invited_user.status == 'accepted':
session.pop('invited_user', None)
return redirect(
url_for('main.service_dashboard', service_id=invited_user.service))
session['invited_user'] = invited_user.serialize()
existing_user = user_api_client.get_user_by_email_or_none(
invited_user.email_address)
service_users = user_api_client.get_users_for_service(invited_user.service)
if existing_user:
invite_api_client.accept_invite(invited_user.service, invited_user.id)
if existing_user in service_users:
return redirect(
url_for('main.service_dashboard',
service_id=invited_user.service))
else:
service = service_api_client.get_service(
invited_user.service)['data']
# if the service you're being added to can modify auth type, then check if this is relevant
if 'email_auth' in service['permissions'] and (
# they have a phone number, we want them to start using it. if they dont have a mobile we just
# ignore that option of the invite
(existing_user.mobile_number
and invited_user.auth_type == 'sms_auth') or
# we want them to start sending emails. it's always valid, so lets always update
invited_user.auth_type == 'email_auth'):
user_api_client.update_user_attribute(
existing_user.id, auth_type=invited_user.auth_type)
user_api_client.add_user_to_service(invited_user.service,
existing_user.id,
invited_user.permissions)
return redirect(
url_for('main.service_dashboard',
service_id=invited_user.service))
else:
return redirect(url_for('main.register_from_invite'))
def accept_invite(token):
try:
check_token(token, current_app.config['SECRET_KEY'],
current_app.config['DANGEROUS_SALT'],
current_app.config['INVITATION_EXPIRY_SECONDS'])
except SignatureExpired:
errors = [
'Your invitation to GOV.UK Notify has expired. '
'Please ask the person that invited you to send you another one'
]
return render_template("error/400.html", message=errors), 400
invited_user = invite_api_client.check_token(token)
if not current_user.is_anonymous and current_user.email_address.lower(
) != invited_user.email_address.lower():
message = Markup("""
You’re signed in as {}.
This invite is for another email address.
<a href={}>Sign out</a> and click the link again to accept this invite.
""".format(current_user.email_address,
url_for("main.sign_out", _external=True)))
flash(message=message)
abort(403)
if invited_user.status == 'cancelled':
from_user = user_api_client.get_user(invited_user.from_user)
service = service_api_client.get_service(invited_user.service)['data']
return render_template('views/cancelled-invitation.html',
from_user=from_user.name,
service_name=service['name'])
if invited_user.status == 'accepted':
session.pop('invited_user', None)
return redirect(
url_for('main.service_dashboard', service_id=invited_user.service))
session['invited_user'] = invited_user.serialize()
existing_user = user_api_client.get_user_by_email_or_none(
invited_user.email_address)
service_users = user_api_client.get_users_for_service(invited_user.service)
if existing_user:
invite_api_client.accept_invite(invited_user.service, invited_user.id)
if existing_user in service_users:
return redirect(
url_for('main.service_dashboard',
service_id=invited_user.service))
else:
service = service_api_client.get_service(
invited_user.service)['data']
# if the service you're being added to can modify auth type, then check if this is relevant
if 'email_auth' in service['permissions'] and (
# they have a phone number, we want them to start using it. if they dont have a mobile we just
# ignore that option of the invite
(existing_user.mobile_number
and invited_user.auth_type == 'sms_auth') or
# we want them to start sending emails. it's always valid, so lets always update
invited_user.auth_type == 'email_auth'):
user_api_client.update_user_attribute(
existing_user.id, auth_type=invited_user.auth_type)
user_api_client.add_user_to_service(invited_user.service,
existing_user.id,
invited_user.permissions)
return redirect(
url_for('main.service_dashboard',
service_id=invited_user.service))
else:
return redirect(url_for('main.register_from_invite'))
