def test_invitation_check(self, request_factory, org): token = create_invitation_token(TEST_USER_DATA['email'], org) request = request_factory.get(reverse('coreuser-invite-check'), {'token': token}) response = CoreUserViewSet.as_view({'get': 'invite_check'})(request) assert response.status_code == 200 assert response.data['email'] == TEST_USER_DATA['email'] assert response.data['organization']['organization_uuid'] == org.organization_uuid
def test_email_mismatch_token_invalidation(self, request_factory, org_admin): data = TEST_USER_DATA.copy() token = create_invitation_token("*****@*****.**", org_admin.organization) data['invitation_token'] = token request = request_factory.post(reverse('coreuser-list'), data) response = CoreUserViewSet.as_view({'post': 'create'})(request) assert response.status_code == 400
def test_reused_token_invalidation(self, request_factory, org_admin): data = TEST_USER_DATA.copy() registered_user = factories.CoreUser.create(is_active=False, email=data['email'], username='******') token = create_invitation_token(data['email'], org_admin.organization) data['invitation_token'] = token request = request_factory.post(reverse('coreuser-list'), data) response = CoreUserViewSet.as_view({'post': 'create'})(request) assert response.status_code == 400
def test_prevent_token_reuse(self, request_factory, org): token = create_invitation_token(TEST_USER_DATA['email'], org) registered_user = factories.CoreUser.create( is_active=False, email=TEST_USER_DATA['email'], username='******') request = request_factory.get(reverse('coreuser-invite-check'), {'token': token}) response = CoreUserViewSet.as_view({'get': 'invite_check'})(request) assert response.status_code == 401
def test_registration_of_invited_org_user(self, request_factory, org_admin): data = TEST_USER_DATA.copy() token = create_invitation_token(data['email'], org_admin.organization) data['invitation_token'] = token request = request_factory.post(reverse('coreuser-list'), data) response = CoreUserViewSet.as_view({'post': 'create'})(request) assert response.status_code == 201 user = CoreUser.objects.get(username=TEST_USER_DATA['username']) assert user.email == TEST_USER_DATA['email'] assert user.first_name == TEST_USER_DATA['first_name'] assert user.last_name == TEST_USER_DATA['last_name'] assert user.organization.name == TEST_USER_DATA['organization_name'] assert user.is_active # check this user is NOT org admin assert not user.is_org_admin
def perform_invite(self, serializer): reg_location = urljoin(settings.FRONTEND_URL, settings.REGISTRATION_URL_PATH) reg_location = reg_location + '?token={}' email_addresses = serializer.validated_data.get('emails') user = self.request.user organization = user.organization registered_emails = CoreUser.objects.filter( email__in=email_addresses).values_list('email', flat=True) links = [] for email_address in email_addresses: if email_address not in registered_emails: # create or update an invitation token = create_invitation_token(email_address, organization) # build the invitation link invitation_link = self.request.build_absolute_uri( reg_location.format(token)) links.append(invitation_link) # create the used context for the E-mail templates context = { 'invitation_link': invitation_link, 'org_admin_name': user.name if hasattr(user, 'coreuser') else '', 'organization_name': organization.name if organization else '' } subject = 'Application Access' # TODO we need to make this dynamic template_name = 'email/coreuser/invitation.txt' html_template_name = 'email/coreuser/invitation.html' send_email(email_address, subject, context, template_name, html_template_name) return links