def post(): """Post a new user using the request body who has a proper invitation.""" try: request_json = request.get_json() invitation_token = request.headers.get('invitation_token', None) invitation = InvitationService.validate_token( invitation_token).as_dict() valid_format, errors = schema_utils.validate( request_json, 'anonymous_user') if not valid_format: return { 'message': schema_utils.serialize(errors) }, http_status.HTTP_400_BAD_REQUEST membership_details = { 'email': invitation['recipient_email'], 'membershipType': invitation['membership'][0]['membership_type'], 'update_password_on_login': False } membership_details.update(request_json) user = UserService.create_user_and_add_membership( [membership_details], invitation['membership'][0]['org']['id'], single_mode=True) user_dict = user['users'][0] if user_dict['http_status'] != http_status.HTTP_201_CREATED: response, status = { 'code': user_dict['http_status'], 'message': user_dict['error'] }, user_dict['http_status'] else: InvitationService.accept_invitation(invitation['id'], None, None, False) response, status = user, http_status.HTTP_201_CREATED except BusinessException as exception: response, status = { 'code': exception.code, 'message': exception.message }, exception.status_code return response, status
def put(invitation_token): """Check whether the passed token is valid and add user, role and org from invitation to membership.""" token = g.jwt_oidc_token_info origin = request.environ.get('HTTP_ORIGIN', 'localhost') try: user = UserService.find_by_jwt_token(token) if user is None: response, status = {'message': 'Not authorized to perform this action'}, \ http_status.HTTP_401_UNAUTHORIZED else: invitation_id = InvitationService.validate_token( invitation_token) response, status = InvitationService.accept_invitation(invitation_id, user, origin).as_dict(), \ http_status.HTTP_200_OK # noqa:E127 except BusinessException as exception: response, status = { 'code': exception.code, 'message': exception.message }, exception.status_code return response, status
def test_validate_token_exception(session): # pylint:disable=unused-argument """Validate the invitation token with exception.""" with pytest.raises(BusinessException) as exception: InvitationService.validate_token(None) assert exception.value.code == Error.EXPIRED_INVITATION.name