def test_invitation_check(self, request_factory, org):
token = create_invitation_token(TEST_USER_DATA['email'], org)
request = request_factory.get(reverse('coreuser-invite-check'), {'token': token})
response = CoreUserViewSet.as_view({'get': 'invite_check'})(request)
assert response.status_code == 200
assert response.data['email'] == TEST_USER_DATA['email']
assert response.data['organization']['organization_uuid'] == org.organization_uuid
def test_email_mismatch_token_invalidation(self, request_factory, org_admin):
data = TEST_USER_DATA.copy()
token = create_invitation_token("*****@*****.**", org_admin.organization)
data['invitation_token'] = token
request = request_factory.post(reverse('coreuser-list'), data)
response = CoreUserViewSet.as_view({'post': 'create'})(request)
assert response.status_code == 400
def test_reused_token_invalidation(self, request_factory, org_admin):
data = TEST_USER_DATA.copy()
registered_user = factories.CoreUser.create(is_active=False, email=data['email'], username='******')
token = create_invitation_token(data['email'], org_admin.organization)
data['invitation_token'] = token
request = request_factory.post(reverse('coreuser-list'), data)
response = CoreUserViewSet.as_view({'post': 'create'})(request)
assert response.status_code == 400
def test_prevent_token_reuse(self, request_factory, org):
token = create_invitation_token(TEST_USER_DATA['email'], org)
registered_user = factories.CoreUser.create(
is_active=False,
email=TEST_USER_DATA['email'],
username='******')
request = request_factory.get(reverse('coreuser-invite-check'),
{'token': token})
response = CoreUserViewSet.as_view({'get': 'invite_check'})(request)
assert response.status_code == 401
def test_registration_of_invited_org_user(self, request_factory, org_admin):
data = TEST_USER_DATA.copy()
token = create_invitation_token(data['email'], org_admin.organization)
data['invitation_token'] = token
request = request_factory.post(reverse('coreuser-list'), data)
response = CoreUserViewSet.as_view({'post': 'create'})(request)
assert response.status_code == 201
user = CoreUser.objects.get(username=TEST_USER_DATA['username'])
assert user.email == TEST_USER_DATA['email']
assert user.first_name == TEST_USER_DATA['first_name']
assert user.last_name == TEST_USER_DATA['last_name']
assert user.organization.name == TEST_USER_DATA['organization_name']
assert user.is_active
# check this user is NOT org admin
assert not user.is_org_admin
def perform_invite(self, serializer):
reg_location = urljoin(settings.FRONTEND_URL,
settings.REGISTRATION_URL_PATH)
reg_location = reg_location + '?token={}'
email_addresses = serializer.validated_data.get('emails')
user = self.request.user
organization = user.organization
registered_emails = CoreUser.objects.filter(
email__in=email_addresses).values_list('email', flat=True)
links = []
for email_address in email_addresses:
if email_address not in registered_emails:
# create or update an invitation
token = create_invitation_token(email_address, organization)
# build the invitation link
invitation_link = self.request.build_absolute_uri(
reg_location.format(token))
links.append(invitation_link)
# create the used context for the E-mail templates
context = {
'invitation_link': invitation_link,
'org_admin_name':
user.name if hasattr(user, 'coreuser') else '',
'organization_name':
organization.name if organization else ''
}
subject = 'Application Access' # TODO we need to make this dynamic
template_name = 'email/coreuser/invitation.txt'
html_template_name = 'email/coreuser/invitation.html'
send_email(email_address, subject, context, template_name,
html_template_name)
return links
