示例#1
0
    def post(self, request, organization):
        variant = experiments.get(org=organization,
                                  experiment_name="ImprovedInvitesExperiment")
        if variant not in ("all", "join_request"):
            return Response(status=403)

        if organization.get_option("sentry:join_requests") is False:
            return Response(
                {"detail": "Your organization does not allow join requests."},
                status=403)

        # users can already join organizations with SSO enabled without an invite
        # so they should join that way and not through a request to the admins
        if AuthProvider.objects.filter(organization=organization).exists():
            return Response(status=403)

        ip_address = request.META["REMOTE_ADDR"]

        if ratelimiter.is_limited(
                u"org-join-request:ip:{}".format(ip_address),
                limit=5,
                window=86400,  # 5 per day, 60 x 60 x 24
        ):
            return Response({"detail": "Rate limit exceeded."}, status=429)

        serializer = JoinRequestSerializer(data=request.data)

        if not serializer.is_valid():
            return Response(serializer.errors, status=400)

        result = serializer.validated_data
        email = result["email"]

        member = create_organization_join_request(organization, email,
                                                  ip_address)

        if member:
            send_invite_request_notification_email.delay(member.id)
            join_request_created.send_robust(sender=self, member=member)

        return Response(status=204)
示例#2
0
    def post(self, request: Request, organization) -> Response:
        if organization.get_option("sentry:join_requests") is False:
            return Response(
                {"detail": "Your organization does not allow join requests."},
                status=403)

        # users can already join organizations with SSO enabled without an invite
        # so they should join that way and not through a request to the admins
        if AuthProvider.objects.filter(organization=organization).exists():
            return Response(status=403)

        ip_address = request.META["REMOTE_ADDR"]

        if ratelimiter.is_limited(
                f"org-join-request:ip:{ip_address}",
                limit=5,
                window=86400,  # 5 per day, 60 x 60 x 24
        ):
            return Response({"detail": "Rate limit exceeded."}, status=429)

        serializer = JoinRequestSerializer(data=request.data)

        if not serializer.is_valid():
            return Response(serializer.errors, status=400)

        result = serializer.validated_data
        email = result["email"]

        member = create_organization_join_request(organization, email,
                                                  ip_address)

        if member:
            async_send_notification(JoinRequestNotification, member,
                                    request.user)
            # legacy analytics
            join_request_created.send_robust(sender=self, member=member)

        return Response(status=204)