def register_from_org_invite(): invited_org_user = InvitedOrgUser.from_session() if not invited_org_user: abort(404) form = RegisterUserFromOrgInviteForm(invited_org_user, ) form.auth_type.data = 'sms_auth' if form.validate_on_submit(): if (form.organisation.data != invited_org_user.organisation or form.email_address.data != invited_org_user.email_address): abort(400) _do_registration(form, send_email=False, send_sms=True, organisation_id=invited_org_user.organisation) invited_org_user.accept_invite() return redirect(url_for('main.verify')) return render_template('views/register-from-org-invite.html', invited_org_user=invited_org_user, form=form)
def accept_org_invite(token): invited_org_user = InvitedOrgUser.from_token(token) if not current_user.is_anonymous and current_user.email_address.lower() != invited_org_user.email_address.lower(): message = Markup( _( "You’re signed in as %(email)s. This invite is for another email address. " + "<a href=%(href)s>Sign out</a> and click the link again to accept this invite.", email=current_user.email_address, href=url_for("main.sign_out", _external=True), ) ) flash(message=message) abort(403) if invited_org_user.status == "cancelled": organisation = Organisation.from_id(invited_org_user.organisation) return render_template( "views/cancelled-invitation.html", from_user=invited_org_user.invited_by.name, organisation_name=organisation.name, ) if invited_org_user.status == "accepted": session.pop("invited_org_user", None) return redirect(url_for("main.organisation_dashboard", org_id=invited_org_user.organisation)) session["invited_org_user"] = invited_org_user.serialize() existing_user = User.from_email_address_or_none(invited_org_user.email_address) organisation_users = OrganisationUsers(invited_org_user.organisation) if existing_user: invited_org_user.accept_invite() if existing_user not in organisation_users: existing_user.add_to_organisation(organisation_id=invited_org_user.organisation) return redirect(url_for("main.organisation_dashboard", org_id=invited_org_user.organisation)) else: return redirect(url_for("main.register_from_org_invite"))
def test_invite_org_user_errors_when_same_email_as_inviter( client_request, mocker, mock_get_organisation, sample_org_invite, ): new_org_user_data = { 'email_address': '*****@*****.**', } mock_invite_org_user = mocker.patch( 'app.org_invite_api_client.create_invite', return_value=InvitedOrgUser(**sample_org_invite)) page = client_request.post('.invite_org_user', org_id=ORGANISATION_ID, _data=new_org_user_data, _follow_redirects=True) assert mock_invite_org_user.called is False assert normalize_spaces(page.select_one( '.error-message').text) == 'You can’t send an invitation to yourself'
def test_verified_org_user_redirects_to_dashboard( client, sample_org_invite, mock_check_verify_code, mock_get_user, mock_activate_user, mock_login, ): invited_org_user = InvitedOrgUser(sample_org_invite).serialize() with client.session_transaction() as session: session['expiry_date'] = str(datetime.utcnow() + timedelta(hours=1)) session['user_details'] = {"email": invited_org_user['email_address'], "id": invited_org_user['id']} session['organisation_id'] = invited_org_user['organisation'] response = client.post(url_for('main.verify'), data={'sms_code': '12345'}) assert response.status_code == 302 assert response.location == url_for( 'main.organisation_dashboard', org_id=invited_org_user['organisation'], _external=True )
def accept_org_invite(token): invited_org_user = InvitedOrgUser.from_token(token) if not current_user.is_anonymous and current_user.email_address.lower() != invited_org_user.email_address.lower(): message = Markup(""" You’re signed in as {}. This invite is for another email address. <a href={}>Sign out</a> and click the link again to accept this invite. """.format( current_user.email_address, url_for("main.sign_out", _external=True))) flash(message=message) abort(403) if invited_org_user.status == 'cancelled': organisation = Organisation.from_id(invited_org_user.organisation) return render_template('views/cancelled-invitation.html', from_user=invited_org_user.invited_by.name, organisation_name=organisation.name) if invited_org_user.status == 'accepted': session.pop('invited_org_user', None) return redirect(url_for('main.organisation_dashboard', org_id=invited_org_user.organisation)) session['invited_org_user'] = invited_org_user.serialize() existing_user = User.from_email_address_or_none(invited_org_user.email_address) organisation_users = OrganisationUsers(invited_org_user.organisation) if existing_user: invited_org_user.accept_invite() if existing_user not in organisation_users: existing_user.add_to_organisation(organisation_id=invited_org_user.organisation) return redirect(url_for('main.organisation_dashboard', org_id=invited_org_user.organisation)) else: return redirect(url_for('main.register_from_org_invite'))
def test_invited_org_user_from_session_returns_none_if_nothing_present( client, mocker): mocker.patch.dict('app.models.user.session', values={}, clear=True) assert InvitedOrgUser.from_session() is None
def _get_invited_org_users(self, invites): invited_users = [] for invite in invites: invited_user = InvitedOrgUser(**invite) invited_users.append(invited_user) return invited_users
def check_token(self, token): resp = self.get(url='/invite/organisation/{}'.format(token)) return InvitedOrgUser(**resp['data'])