def create_invitation(invitation_info: Dict, user, token_info: Dict,
invitation_origin):
"""Create a new invitation."""
# Ensure that the current user is OWNER or ADMIN on each org being invited to
context_path = CONFIG.AUTH_WEB_TOKEN_CONFIRM_PATH
for membership in invitation_info['membership']:
org_id = membership['orgId']
if invitation_info.get(
'type') == InvitationType.DIRECTOR_SEARCH.value:
check_auth(token_info, org_id=org_id, equals_role=STAFF_ADMIN)
else:
check_auth(token_info,
org_id=org_id,
one_of_roles=(OWNER, ADMIN))
# TODO doesnt work when invited to multiple teams.. Re-work the logic when multiple teams introduced
org_name = OrgModel.find_by_org_id(
invitation_info['membership'][0]['orgId']).name
invitation = InvitationModel.create_from_dict(invitation_info,
user.identifier)
confirmation_token = Invitation.generate_confirmation_token(
invitation.id, invitation.type)
invitation.token = confirmation_token
invitation.save()
Invitation.send_invitation(
invitation, org_name, user.as_dict(),
'{}/{}'.format(invitation_origin, context_path))
return Invitation(invitation)
def create_invitation(invitation_info: Dict, user, token_info: Dict, invitation_origin):
"""Create a new invitation."""
# Ensure that the current user is ADMIN or COORDINATOR on each org being invited to
context_path = CONFIG.AUTH_WEB_TOKEN_CONFIRM_PATH
org_id = invitation_info['membership'][0]['orgId']
# get the org and check the access_type
org = OrgModel.find_by_org_id(org_id)
if not org:
raise BusinessException(Error.DATA_NOT_FOUND, None)
check_auth(token_info, org_id=org_id, one_of_roles=(ADMIN, COORDINATOR, STAFF))
org_name = org.name
invitation_type = InvitationType.DIRECTOR_SEARCH.value if org.access_type == AccessType.ANONYMOUS.value \
else InvitationType.STANDARD.value
if org.access_type == AccessType.ANONYMOUS.value: # anonymous account never get bceid or bcsc choices
mandatory_login_source = LoginSource.BCROS.value
else:
default_login_option_based_on_accesstype = LoginSource.BCSC.value if \
org.access_type == AccessType.REGULAR.value else LoginSource.BCEID.value
role = invitation_info['membership'][0]['membershipType']
account_login_options = AccountLoginOptionsModel.find_active_by_org_id(org.id)
mandatory_login_source = LoginSource.BCSC.value if \
role == ADMIN else getattr(account_login_options, 'login_source',
default_login_option_based_on_accesstype)
invitation = InvitationModel.create_from_dict(invitation_info, user.identifier, invitation_type)
confirmation_token = Invitation.generate_confirmation_token(invitation.id, invitation.type)
invitation.token = confirmation_token
invitation.login_source = mandatory_login_source
invitation.save()
Invitation.send_invitation(invitation, org_name, user.as_dict(),
'{}/{}'.format(invitation_origin, context_path), mandatory_login_source)
return Invitation(invitation)
def create_invitation(invitation_info: Dict, user, token_info: Dict,
invitation_origin):
"""Create a new invitation."""
# Ensure that the current user is OWNER or ADMIN on each org being invited to
context_path = CONFIG.AUTH_WEB_TOKEN_CONFIRM_PATH
org_id = invitation_info['membership'][0]['orgId']
# get the org and check the access_type
org = OrgModel.find_by_org_id(org_id)
if not org:
raise BusinessException(Error.DATA_NOT_FOUND, None)
if org.access_type == AccessType.ANONYMOUS.value:
check_auth(token_info, org_id=org_id, equals_role=STAFF_ADMIN)
elif org.access_type == AccessType.BCSC.value:
check_auth(token_info, org_id=org_id, one_of_roles=(OWNER, ADMIN))
org_name = org.name
invitation_type = InvitationType.DIRECTOR_SEARCH.value if org.access_type == AccessType.ANONYMOUS.value \
else InvitationType.STANDARD.value
invitation = InvitationModel.create_from_dict(invitation_info,
user.identifier,
invitation_type)
confirmation_token = Invitation.generate_confirmation_token(
invitation.id, invitation.type)
invitation.token = confirmation_token
invitation.save()
Invitation.send_invitation(
invitation, org_name, user.as_dict(),
'{}/{}'.format(invitation_origin, context_path))
return Invitation(invitation)
def test_create_from_dict_no_schema(session): # pylint:disable=unused-argument
"""Assert that an Entity can not be created without schema."""
user = User(username='******',
keycloak_guid='1b20db59-19a0-4727-affe-c6f64309fd04')
session.add(user)
session.commit()
result_invitation = InvitationModel.create_from_dict(
None, user.id, 'STANDARD')
assert result_invitation is None
def test_send_invitation_exception(session, notify_mock, keycloak_mock): # pylint:disable=unused-argument
"""Send an existing invitation with exception."""
user = factory_user_model(TestUserInfo.user_test)
user_dictionary = User(user).as_dict()
org = OrgService.create_org(TestOrgInfo.org1, user_id=user.id)
org_dictionary = org.as_dict()
invitation_info = factory_invitation(org_dictionary['id'])
invitation = InvitationModel.create_from_dict(invitation_info, user.id, 'STANDARD')
with patch.object(notification, 'send_email', return_value=False):
with pytest.raises(BusinessException) as exception:
InvitationService.send_invitation(invitation, org_dictionary['name'], user_dictionary, '', '')
assert exception.value.code == Error.FAILED_INVITATION.name
def create_invitation(invitation_info: Dict, user, # pylint: disable=too-many-locals
token_info: Dict, invitation_origin):
"""Create a new invitation."""
# Ensure that the current user is ADMIN or COORDINATOR on each org being invited to
context_path = CONFIG.AUTH_WEB_TOKEN_CONFIRM_PATH
org_id = invitation_info['membership'][0]['orgId']
# get the org and check the access_type
org: OrgModel = OrgModel.find_by_org_id(org_id)
if not org:
raise BusinessException(Error.DATA_NOT_FOUND, None)
check_auth(token_info, org_id=org_id, one_of_roles=(ADMIN, COORDINATOR, STAFF))
org_name = org.name
invitation_type = Invitation._get_inv_type(org)
if org.access_type == AccessType.ANONYMOUS.value: # anonymous account never get bceid or bcsc choices
mandatory_login_source = LoginSource.BCROS.value
elif org.access_type == AccessType.GOVM.value:
mandatory_login_source = LoginSource.STAFF.value
else:
default_login_option_based_on_accesstype = LoginSource.BCSC.value if \
org.access_type == AccessType.REGULAR.value else LoginSource.BCEID.value
role = invitation_info['membership'][0]['membershipType']
account_login_options = AccountLoginOptionsModel.find_active_by_org_id(org.id)
mandatory_login_source = LoginSource.BCSC.value if \
role == ADMIN else getattr(account_login_options, 'login_source',
default_login_option_based_on_accesstype)
invitation = InvitationModel.create_from_dict(invitation_info, user.identifier, invitation_type)
confirmation_token = Invitation.generate_confirmation_token(invitation.id, invitation.type)
invitation.token = confirmation_token
invitation.login_source = mandatory_login_source
invitation.save()
Invitation.send_invitation(invitation, org_name, user.as_dict(),
'{}/{}'.format(invitation_origin, context_path), mandatory_login_source,
org_status=org.status_code)
# notify admin if staff adds team members
is_staff_access = token_info and 'staff' in token_info.get('realm_access', {}).get('roles', None)
if is_staff_access and invitation_type == InvitationType.STANDARD.value:
publish_to_mailer('teamMemberInvited', org_id)
return Invitation(invitation)
def test_create_from_dict(session): # pylint:disable=unused-argument
"""Assert that an Entity can be created from schema."""
user = User(username='******',
roles='{edit, uma_authorization, staff}',
keycloak_guid='1b20db59-19a0-4727-affe-c6f64309fd04')
session.add(user)
session.commit()
org_type = OrgTypeModel(code='TEST', desc='Test')
session.add(org_type)
session.commit()
org_status = OrgStatusModel(code='TEST', desc='Test')
session.add(org_status)
session.commit()
preferred_payment = PaymentTypeModel(code='TEST', desc='Test')
session.add(preferred_payment)
session.commit()
org = OrgModel()
org.name = 'Test Org'
org.org_type = org_type
org.org_status = org_status
org.preferred_payment = preferred_payment
org.save()
invitation_info = {
'recipientEmail': '*****@*****.**',
'membership': [{
'membershipType': 'USER',
'orgId': org.id
}]
}
result_invitation = InvitationModel.create_from_dict(
invitation_info, user.id, 'STANDARD')
assert result_invitation.id is not None
def create_invitation(invitation_info: Dict, user, invitation_origin,
**kwargs): # pylint: disable=too-many-locals
"""Create a new invitation."""
user_from_context: UserContext = kwargs['user_context']
# Ensure that the current user is ADMIN or COORDINATOR on each org being invited to
context_path = CONFIG.AUTH_WEB_TOKEN_CONFIRM_PATH
org_id = invitation_info['membership'][0]['orgId']
# get the org and check the access_type
org: OrgModel = OrgModel.find_by_org_id(org_id)
if not org:
raise BusinessException(Error.DATA_NOT_FOUND, None)
check_auth(org_id=org_id, one_of_roles=(ADMIN, COORDINATOR, STAFF))
org_name = org.name
invitation_type = Invitation._get_inv_type(org)
if org.access_type == AccessType.ANONYMOUS.value: # anonymous account never get bceid or bcsc choices
mandatory_login_source = LoginSource.BCROS.value
elif org.access_type == AccessType.GOVM.value:
mandatory_login_source = LoginSource.STAFF.value
else:
default_login_option_based_on_accesstype = LoginSource.BCSC.value if \
org.access_type == AccessType.REGULAR.value else LoginSource.BCEID.value
role = invitation_info['membership'][0]['membershipType']
account_login_options = AccountLoginOptionsModel.find_active_by_org_id(
org.id)
mandatory_login_source = LoginSource.BCSC.value if \
role == ADMIN else getattr(account_login_options, 'login_source',
default_login_option_based_on_accesstype)
invitation = InvitationModel.create_from_dict(invitation_info,
user.identifier,
invitation_type)
confirmation_token = Invitation.generate_confirmation_token(
invitation.id, invitation.type)
invitation.token = confirmation_token
invitation.login_source = mandatory_login_source
invitation.save()
Invitation.send_invitation(invitation,
org_name,
org.id,
user.as_dict(),
'{}/{}'.format(invitation_origin,
context_path),
mandatory_login_source,
org_status=org.status_code)
# notify admin if staff adds team members
if user_from_context.is_staff(
) and invitation_type == InvitationType.STANDARD.value:
try:
current_app.logger.debug(
'<send_team_member_invitation_notification')
publish_to_mailer(notification_type='teamMemberInvited',
org_id=org_id)
current_app.logger.debug(
'send_team_member_invitation_notification>')
except Exception as e: # noqa=B901
current_app.logger.error(
'<send_team_member_invitation_notification failed')
raise BusinessException(Error.FAILED_NOTIFICATION, None) from e
return Invitation(invitation)
