def put(self, request, organization, member_id): try: om = self._get_member(request, organization, member_id) except OrganizationMember.DoesNotExist: raise ResourceDoesNotExist serializer = OrganizationMemberSerializer(data=request.DATA, partial=True) if not serializer.is_valid(): return Response(status=400) try: auth_provider = AuthProvider.objects.get(organization=organization) auth_provider = auth_provider.get_provider() except AuthProvider.DoesNotExist: auth_provider = None result = serializer.object # XXX(dcramer): if/when this expands beyond reinvite we need to check # access level if result.get('reinvite'): if om.is_pending: om.send_invite_email() elif auth_provider and not getattr(om.flags, 'sso:linked'): om.send_sso_link_email(request.user, auth_provider) else: # TODO(dcramer): proper error message return Response({'detail': ERR_UNINVITABLE}, status=400) if auth_provider: sso_enabled.send(organization=organization, sender=request.user) return Response(status=204)
def put(self, request, organization, member_id): try: om = self._get_member(request, organization, member_id) except OrganizationMember.DoesNotExist: raise ResourceDoesNotExist serializer = OrganizationMemberSerializer(data=request.DATA, partial=True) if not serializer.is_valid(): return Response(status=400) has_sso = AuthProvider.objects.filter( organization=organization, ).exists() result = serializer.object # XXX(dcramer): if/when this expands beyond reinvite we need to check # access level if result.get('reinvite'): if om.is_pending: om.send_invite_email() elif has_sso and not getattr(om.flags, 'sso:linked'): om.send_sso_link_email() else: # TODO(dcramer): proper error message return Response({'detail': ERR_UNINVITABLE}, status=400) if has_sso: sso_enabled.send(organization=organization, sender=request.user) return Response(status=204)
def test_sso(self): sso_enabled.send(organization=self.organization, user=self.user, provider='google', sender=type(self.organization)) feature_complete = FeatureAdoption.objects.get_by_slug( organization=self.organization, slug="sso") assert feature_complete
def test_sso(self): sso_enabled.send( organization=self.organization, user=self.user, provider='google', sender=type( self.organization)) feature_complete = FeatureAdoption.objects.get_by_slug( organization=self.organization, slug="sso" ) assert feature_complete
def put(self, request, organization, member_id): try: om = self._get_member(request, organization, member_id) except OrganizationMember.DoesNotExist: raise ResourceDoesNotExist serializer = OrganizationMemberSerializer(data=request.DATA, partial=True) if not serializer.is_valid(): return Response(status=400) try: auth_provider = AuthProvider.objects.get(organization=organization) auth_provider = auth_provider.get_provider() except AuthProvider.DoesNotExist: auth_provider = None allowed_roles = None result = serializer.object # XXX(dcramer): if/when this expands beyond reinvite we need to check # access level if result.get('reinvite'): if om.is_pending: if result.get('regenerate'): if request.access.has_scope('member:admin'): om.update(token=om.generate_token()) else: return Response({'detail': ERR_INSUFFICIENT_SCOPE}, status=400) om.send_invite_email() elif auth_provider and not getattr(om.flags, 'sso:linked'): om.send_sso_link_email(request.user, auth_provider) else: # TODO(dcramer): proper error message return Response({'detail': ERR_UNINVITABLE}, status=400) if auth_provider: sso_enabled.send(organization=organization, sender=request.user) if result.get('teams'): # dupe code from member_index # ensure listed teams are real teams teams = list( Team.objects.filter( organization=organization, status=TeamStatus.VISIBLE, slug__in=result['teams'], )) if len(set(result['teams'])) != len(teams): return Response({'teams': 'Invalid team'}, status=400) with transaction.atomic(): # teams may be empty OrganizationMemberTeam.objects.filter( organizationmember=om).delete() OrganizationMemberTeam.objects.bulk_create([ OrganizationMemberTeam(team=team, organizationmember=om) for team in teams ]) if result.get('role'): _, allowed_roles = get_allowed_roles(request, organization) if not result['role'] in {r.id for r in allowed_roles}: return Response( { 'role': 'You do not have permission to invite that role.' }, status=403) om.update(role=result['role']) context = self._serialize_member(om, request, allowed_roles) return Response(context)
def put(self, request, organization, member_id): try: om = self._get_member(request, organization, member_id) except OrganizationMember.DoesNotExist: raise ResourceDoesNotExist serializer = OrganizationMemberSerializer( data=request.DATA, partial=True) if not serializer.is_valid(): return Response(status=400) try: auth_provider = AuthProvider.objects.get(organization=organization) auth_provider = auth_provider.get_provider() except AuthProvider.DoesNotExist: auth_provider = None allowed_roles = None result = serializer.object # XXX(dcramer): if/when this expands beyond reinvite we need to check # access level if result.get('reinvite'): if om.is_pending: if result.get('regenerate'): if request.access.has_scope('member:admin'): om.update(token=om.generate_token()) else: return Response({'detail': ERR_INSUFFICIENT_SCOPE}, status=400) om.send_invite_email() elif auth_provider and not getattr(om.flags, 'sso:linked'): om.send_sso_link_email(request.user, auth_provider) else: # TODO(dcramer): proper error message return Response({'detail': ERR_UNINVITABLE}, status=400) if auth_provider: sso_enabled.send(organization=organization, sender=request.user) if result.get('teams'): # dupe code from member_index # ensure listed teams are real teams teams = list(Team.objects.filter( organization=organization, status=TeamStatus.VISIBLE, slug__in=result['teams'], )) if len(set(result['teams'])) != len(teams): return Response({'teams': 'Invalid team'}, status=400) with transaction.atomic(): # teams may be empty OrganizationMemberTeam.objects.filter( organizationmember=om).delete() OrganizationMemberTeam.objects.bulk_create( [ OrganizationMemberTeam( team=team, organizationmember=om) for team in teams ] ) if result.get('role'): _, allowed_roles = get_allowed_roles(request, organization) if not result['role'] in {r.id for r in allowed_roles}: return Response( {'role': 'You do not have permission to invite that role.'}, status=403) om.update(role=result['role']) context = self._serialize_member(om, request, allowed_roles) return Response(context)