def put(self, request: Request, organization: Organization,
external_user: ExternalActor) -> Response:
"""
Update an External User
`````````````
:pparam string organization_slug: the slug of the organization the
user belongs to.
:pparam int user_id: the User id.
:pparam string external_user_id: id of external_user object
:param string external_id: the associated user ID for this provider
:param string external_name: the Github/Gitlab user name.
:param string provider: enum("github","gitlab")
:auth: required
"""
self.assert_has_feature(request, organization)
serializer = ExternalUserSerializer(
instance=external_user,
data=request.data,
context={"organization": organization},
partial=True,
)
if serializer.is_valid():
updated_external_user = serializer.save()
return Response(serialize(updated_external_user, request.user),
status=status.HTTP_200_OK)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request: Request, organization: Organization) -> Response:
"""
Create an External User
`````````````
:pparam string organization_slug: the slug of the organization the
user belongs to.
:param required string provider: enum("github", "gitlab", "slack")
:param required string external_name: the associated username for this provider.
:param required int user_id: the User ID in Sentry.
:param string external_id: the associated user ID for this provider
:auth: required
"""
self.assert_has_feature(request, organization)
serializer = ExternalUserSerializer(
data=request.data, context={"organization": organization})
if not serializer.is_valid():
return Response(serializer.errors,
status=status.HTTP_400_BAD_REQUEST)
external_user, created = serializer.save()
status_code = status.HTTP_201_CREATED if created else status.HTTP_200_OK
return Response(serialize(external_user, request.user, key="user"),
status=status_code)
def test_strict_external_user_name(self):
# Ensure user names must start with @
external_actor_user_data = {
"provider": get_provider_name(ExternalProviders.GITHUB.value),
"externalName": "raz",
"integrationId": self.integration.id,
"userId": self.user.id,
}
serializer = ExternalUserSerializer(
data=external_actor_user_data,
context={"organization": self.organization},
)
assert serializer.is_valid() is False
assert "externalName" in serializer.errors
# Ensure longer user names are limited in length
external_actor_user_data["externalName"] = "@" + ("razputin_aquato" *
20)
serializer = ExternalUserSerializer(
data=external_actor_user_data,
context={"organization": self.organization},
)
assert serializer.is_valid() is False
assert "externalName" in serializer.errors
# Ensure proper user names are valid
external_actor_user_data["externalName"] = "@raz"
serializer = ExternalUserSerializer(
data=external_actor_user_data,
context={"organization": self.organization},
)
assert serializer.is_valid() is True
def test_avoid_strict_external_name(self):
# Strict rules should only run for strict providers
provider = get_provider_name(ExternalProviders.SLACK.value)
assert provider not in STRICT_NAME_PROVIDERS
external_actor_user_data = {
"provider": get_provider_name(ExternalProviders.SLACK.value),
"externalName": "ford-cruller",
"integrationId": self.integration.id,
"userId": self.user.id,
}
serializer = ExternalUserSerializer(
data=external_actor_user_data,
context={"organization": self.organization},
)
assert serializer.is_valid() is True