def post(): """Post a new user using the request body who has a proper invitation.""" try: request_json = request.get_json() invitation_token = request.headers.get('invitation_token', None) invitation = InvitationService.validate_token(invitation_token).as_dict() valid_format, errors = schema_utils.validate(request_json, 'anonymous_user') if not valid_format: return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST membership_details = { 'email': invitation['recipientEmail'], 'membershipType': invitation['membership'][0]['membershipType'], 'update_password_on_login': False } membership_details.update(request_json) user = UserService.create_user_and_add_membership([membership_details], invitation['membership'][0]['org']['id'], single_mode=True) user_dict = user['users'][0] if user_dict['http_status'] != http_status.HTTP_201_CREATED: response, status = {'code': user_dict['http_status'], 'message': user_dict['error']}, user_dict[ 'http_status'] else: InvitationService.accept_invitation(invitation['id'], None, None, False) response, status = user, http_status.HTTP_201_CREATED except BusinessException as exception: response, status = {'code': exception.code, 'message': exception.message}, exception.status_code return response, status
def test_accept_invitation(session, auth_mock, keycloak_mock, monkeypatch): # pylint:disable=unused-argument """Accept the invitation and add membership from the invitation to the org.""" with patch.object(InvitationService, 'send_invitation', return_value=None): with patch.object(auth, 'check_auth', return_value=True): with patch.object(InvitationService, 'notify_admin', return_value=None): user_with_token = TestUserInfo.user_test user_with_token[ 'keycloak_guid'] = TestJwtClaims.public_user_role['sub'] user = factory_user_model(user_with_token) patch_token_info({'sub': user.keycloak_guid}, monkeypatch) org = OrgService.create_org(TestOrgInfo.org1, user_id=user.id) org_dictionary = org.as_dict() invitation_info = factory_invitation(org_dictionary['id']) user_with_token_invitee = TestUserInfo.user1 user_with_token_invitee[ 'keycloak_guid'] = TestJwtClaims.edit_role_2['sub'] user_invitee = factory_user_model(user_with_token_invitee) new_invitation = InvitationService.create_invitation( invitation_info, User(user_invitee), '') new_invitation_dict = new_invitation.as_dict() InvitationService.accept_invitation(new_invitation_dict['id'], User(user_invitee), '') patch_token_info(TestJwtClaims.public_user_role, monkeypatch) members = MembershipService.get_members_for_org( org_dictionary['id'], 'PENDING_APPROVAL') assert members assert len(members) == 1
def test_accept_invitation_for_govm(session, auth_mock, keycloak_mock): # pylint:disable=unused-argument """Accept the invitation and add membership from the invitation to the org.""" with patch.object(InvitationService, 'send_invitation', return_value=None): with patch.object(auth, 'check_auth', return_value=True): with patch.object(InvitationService, 'notify_admin', return_value=None): user_with_token = TestUserInfo.user_staff_admin user_with_token[ 'keycloak_guid'] = TestJwtClaims.public_user_role['sub'] user = factory_user_model(user_with_token) org = OrgService.create_org( TestOrgInfo.org_govm, user_id=user.id, token_info=TestJwtClaims.staff_admin_role) org_dictionary = org.as_dict() invitation_info = factory_invitation(org_dictionary['id']) user_with_token_invitee = TestUserInfo.user1 user_with_token_invitee[ 'keycloak_guid'] = TestJwtClaims.edit_role_2['sub'] user_invitee = factory_user_model(user_with_token_invitee) new_invitation = InvitationService.create_invitation( invitation_info, User(user_invitee), {}, '') new_invitation_dict = new_invitation.as_dict() InvitationService.accept_invitation(new_invitation_dict['id'], User(user_invitee), '') members = MembershipService.get_members_for_org( org_dictionary['id'], 'ACTIVE', token_info=TestJwtClaims.staff_admin_role) assert members assert len(members) == 1, 'user gets active membership'
def test_accept_invitation_exceptions(session, auth_mock, keycloak_mock): # pylint:disable=unused-argument """Accept the invitation and add membership from the invitation to the org.""" with patch.object(InvitationService, 'send_invitation', return_value=None): with patch.object(auth, 'check_auth', return_value=True): with patch.object(InvitationService, 'notify_admin', return_value=None): user = factory_user_model(TestUserInfo.user_test) org = OrgService.create_org(TestOrgInfo.org1, user_id=user.id) org_dictionary = org.as_dict() invitation_info = factory_invitation(org_dictionary['id']) user_invitee = factory_user_model(TestUserInfo.user1) with pytest.raises(BusinessException) as exception: InvitationService.accept_invitation(None, User(user_invitee), '') assert exception.value.code == Error.DATA_NOT_FOUND.name new_invitation = InvitationService.create_invitation(invitation_info, User(user_invitee), {}, '') new_invitation_dict = new_invitation.as_dict() InvitationService.accept_invitation(new_invitation_dict['id'], User(user_invitee), '') with pytest.raises(BusinessException) as exception: InvitationService.accept_invitation(new_invitation_dict['id'], User(user_invitee), '') assert exception.value.code == Error.ACTIONED_INVITATION.name with pytest.raises(BusinessException) as exception: expired_invitation: InvitationModel = InvitationModel \ .find_invitation_by_id(new_invitation_dict['id']) expired_invitation.invitation_status = InvitationStatusModel.get_status_by_code('EXPIRED') expired_invitation.save() InvitationService.accept_invitation(expired_invitation.id, User(user_invitee), '') assert exception.value.code == Error.EXPIRED_INVITATION.name
def test_validate_token_accepted(session, auth_mock, keycloak_mock): # pylint:disable=unused-argument """Validate invalid invitation token.""" with patch.object(InvitationService, 'send_invitation', return_value=None): user = factory_user_model(TestUserInfo.user_test) org = OrgService.create_org(TestOrgInfo.org1, user_id=user.id) org_dictionary = org.as_dict() user_invitee = factory_user_model(TestUserInfo.user1) invitation_info = factory_invitation(org_dictionary['id']) new_invitation = InvitationService.create_invitation(invitation_info, User(user_invitee), {}, '').as_dict() confirmation_token = InvitationService.generate_confirmation_token(new_invitation['id']) InvitationService.accept_invitation(new_invitation['id'], User(user_invitee), '') with pytest.raises(BusinessException) as exception: InvitationService.validate_token(confirmation_token) assert exception.value.code == Error.ACTIONED_INVITATION.name
def test_accept_invitation_for_govm(session, auth_mock, keycloak_mock, monkeypatch): # pylint:disable=unused-argument """Accept the invitation and add membership from the invitation to the org.""" with patch.object(InvitationService, 'send_invitation', return_value=None): with patch.object(auth, 'check_auth', return_value=True): with patch.object(InvitationService, 'notify_admin', return_value=None): user_with_token = TestUserInfo.user_staff_admin user_with_token[ 'keycloak_guid'] = TestJwtClaims.public_user_role['sub'] user = factory_user_model(user_with_token) patch_token_info(TestJwtClaims.staff_admin_role, monkeypatch) org = OrgService.create_org(TestOrgInfo.org_govm, user_id=user.id) org_dictionary = org.as_dict() invitation_info = factory_invitation(org_dictionary['id']) user_with_token_invitee = TestUserInfo.user1 user_with_token_invitee[ 'keycloak_guid'] = TestJwtClaims.edit_role_2['sub'] user_invitee = factory_user_model(user_with_token_invitee) new_invitation = InvitationService.create_invitation( invitation_info, User(user_invitee), '') new_invitation_dict = new_invitation.as_dict() with patch.object(ActivityLogPublisher, 'publish_activity', return_value=None) as mock_alp: InvitationService.accept_invitation( new_invitation_dict['id'], User(user_invitee), '') mock_alp.assert_called_with( Activity( action=ActivityAction.APPROVE_TEAM_MEMBER.value, org_id=ANY, name=ANY, id=ANY, value=ANY)) members = MembershipService.get_members_for_org( org_dictionary['id'], 'ACTIVE') assert members assert len(members) == 1, 'user gets active membership'
def test_accept_invitation(session, auth_mock): # pylint:disable=unused-argument """Accept the invitation and add membership from the invitation to the org.""" with patch.object(InvitationService, 'send_invitation', return_value=None): with patch.object(auth, 'check_auth', return_value=True): with patch.object(InvitationService, 'notify_admin', return_value=None): user = factory_user_model(TestUserInfo.user_test) org = OrgService.create_org(TestOrgInfo.org1, user_id=user.id) org_dictionary = org.as_dict() invitation_info = factory_invitation(org_dictionary['id']) new_invitation = InvitationService.create_invitation( invitation_info, User(user), {}, '') new_invitation_dict = new_invitation.as_dict() InvitationService.accept_invitation(new_invitation_dict['id'], User(user), '') org_dict = OrgService.find_by_org_id( org_dictionary['id'], allowed_roles={'basic'}).as_dict() assert len( org_dict['members'] ) == 2 # Member count will be 2 only if the invite accept is successful.
def put(invitation_token): """Check whether the passed token is valid and add user, role and org from invitation to membership.""" origin = request.environ.get('HTTP_ORIGIN', 'localhost') try: user = UserService.find_by_jwt_token() if user is None: response, status = {'message': 'Not authorized to perform this action'}, \ http_status.HTTP_401_UNAUTHORIZED else: invitation_id = InvitationService.validate_token(invitation_token).as_dict().get('id') response, status = InvitationService.accept_invitation(invitation_id, user, origin).as_dict(), \ http_status.HTTP_200_OK # noqa:E127 except BusinessException as exception: response, status = {'code': exception.code, 'message': exception.message}, exception.status_code return response, status