def test_suspend_org(session): # pylint:disable=unused-argument """Assert that an Org can be updated.""" org = factory_org_service() user = factory_user_model_with_contact() token_info = TestJwtClaims.get_test_user(sub=user.keycloak_guid, source=LoginSource.BCEID.value) updated_org = OrgService.change_org_status(org._model.id, OrgStatus.SUSPENDED.value, token_info=token_info) assert updated_org.as_dict()['status_code'] == OrgStatus.SUSPENDED.value updated_org = OrgService.change_org_status(org._model.id, OrgStatus.ACTIVE.value, token_info=token_info) assert updated_org.as_dict()['status_code'] == OrgStatus.ACTIVE.value
def test_suspend_org(session, monkeypatch): # pylint:disable=unused-argument """Assert that an Org can be updated.""" org = factory_org_service() user = factory_user_model_with_contact() token_info = TestJwtClaims.get_test_user(sub=user.keycloak_guid, source=LoginSource.BCEID.value) patch_token_info(token_info, monkeypatch) updated_org = OrgService.change_org_status( org._model.id, OrgStatus.SUSPENDED.value, SuspensionReasonCode.OWNER_CHANGE.name) assert updated_org.as_dict()['status_code'] == OrgStatus.SUSPENDED.value assert updated_org.as_dict( )['suspension_reason_code'] == SuspensionReasonCode.OWNER_CHANGE.name updated_org = OrgService.change_org_status( org._model.id, OrgStatus.ACTIVE.value, SuspensionReasonCode.DISPUTE.name) assert updated_org.as_dict()['status_code'] == OrgStatus.ACTIVE.value
def patch(org_id): """Patch an account.""" request_json = request.get_json() token = g.jwt_oidc_token_info # For now allowed is to put the status code, which will be done by bcol_staff_admin. # If this patch is going to be used by other other roles, then add proper security check try: status_code = request_json.get('statusCode', None) suspension_reason_code = request_json.get('suspensionReasonCode', None) if status_code in (OrgStatusEnum.SUSPENDED.value, OrgStatusEnum.ACTIVE.value): if not _JWT.validate_roles([Role.STAFF_SUSPEND_ACCOUNTS.value ]): return {'message': 'Not authorized to perform this action'}, \ http_status.HTTP_401_UNAUTHORIZED response, status = OrgService.change_org_status( org_id=org_id, status_code=status_code, token_info=token, suspension_reason_code=suspension_reason_code).as_dict( ), http_status.HTTP_200_OK else: is_approved: bool = request_json.get( 'statusCode', None) == AffidavitStatus.APPROVED.value origin = request.environ.get('HTTP_ORIGIN', 'localhost') response, status = OrgService.approve_or_reject( org_id=org_id, is_approved=is_approved, token_info=token, origin_url=origin).as_dict(), http_status.HTTP_200_OK except BusinessException as exception: response, status = { 'code': exception.code, 'message': exception.message }, exception.status_code return response, status