def test_gets_teams_objects(self):
context = {"organization": self.organization, "allowed_roles": [roles.get("member")]}
data = {"email": "eric@localhost", "role": "member", "teams": [self.team.slug]}
serializer = OrganizationMemberSerializer(context=context, data=data)
assert serializer.is_valid()
assert serializer.validated_data["teams"][0] == self.team
def post(self, request, organization):
serializer = OrganizationMemberSerializer(
data={
"email": request.data.get("userName"),
"role": roles.get(organization.default_role).id,
},
context={
"organization": organization,
"allowed_roles": [roles.get(organization.default_role)],
"allow_existing_invite_request": True,
},
)
if not serializer.is_valid():
if "email" in serializer.errors and any(
("is already a member" in error)
for error in serializer.errors["email"]):
# we include conflict logic in the serializer, check to see if that was
# our error and if so, return a 409 so the scim IDP knows how to handle
raise ConflictError(detail=SCIM_409_USER_EXISTS)
return Response(serializer.errors, status=400)
result = serializer.validated_data
with transaction.atomic():
member = OrganizationMember(
organization=organization,
email=result["email"],
role=result["role"],
inviter=request.user,
)
# TODO: are invite tokens needed for SAML orgs?
if settings.SENTRY_ENABLE_INVITES:
member.token = member.generate_token()
member.save()
self.create_audit_entry(
request=request,
organization_id=organization.id,
target_object=member.id,
data=member.get_audit_log_data(),
event=AuditLogEntryEvent.MEMBER_INVITE if
settings.SENTRY_ENABLE_INVITES else AuditLogEntryEvent.MEMBER_ADD,
)
if settings.SENTRY_ENABLE_INVITES and result.get("sendInvite"):
member.send_invite_email()
member_invited.send_robust(
member=member,
user=request.user,
sender=self,
referrer=request.data.get("referrer"),
)
context = serialize(
member,
serializer=_scim_member_serializer_with_expansion(organization),
)
return Response(context, status=201)
def test_invalid_role(self):
context = {"organization": self.organization, "allowed_roles": [roles.get("member")]}
data = {"email": "eric@localhost", "role": "owner", "teams": []}
serializer = OrganizationMemberSerializer(context=context, data=data)
assert not serializer.is_valid()
assert serializer.errors == {"role": ["You do not have permission to invite that role."]}
def test_invalid_team_invites(self):
context = {"organization": self.organization, "allowed_roles": [roles.get("member")]}
data = {"email": "eric@localhost", "role": "member", "teams": ["faketeam"]}
serializer = OrganizationMemberSerializer(context=context, data=data)
assert not serializer.is_valid()
assert serializer.errors == {"teams": ["Invalid teams"]}
def test_invalid_email(self):
context = {"organization": self.organization, "allowed_roles": [roles.get("member")]}
data = {"email": self.user.email, "role": "member", "teams": []}
serializer = OrganizationMemberSerializer(context=context, data=data)
assert not serializer.is_valid()
assert serializer.errors == {
"email": ["The user %s is already a member" % (self.user.email,)]
}
