Merge pull request #418 from dod-ccpo/invited-user-#160301892
Invited user #160301892
This commit is contained in:
dandds
GitHub
@@ -2,7 +2,12 @@ import datetime
|
||||
import pytest
|
||||
import re
|
||||
|
||||
from atst.domain.invitations import Invitations, InvitationError
|
||||
from atst.domain.invitations import (
|
||||
Invitations,
|
||||
InvitationError,
|
||||
WrongUserError,
|
||||
ExpiredError,
|
||||
)
|
||||
from atst.models.invitation import Status
|
||||
|
||||
from tests.factories import (
|
||||
@@ -31,7 +36,7 @@ def test_accept_invitation():
|
||||
ws_role = WorkspaceRoleFactory.create(user=user, workspace=workspace)
|
||||
invite = Invitations.create(ws_role, workspace.owner, user)
|
||||
assert invite.is_pending
|
||||
accepted_invite = Invitations.accept(invite.token)
|
||||
accepted_invite = Invitations.accept(user, invite.token)
|
||||
assert accepted_invite.is_accepted
|
||||
|
||||
|
||||
@@ -42,8 +47,8 @@ def test_accept_expired_invitation():
|
||||
invite = InvitationFactory.create(
|
||||
user_id=user.id, expiration_time=expiration_time, status=Status.PENDING
|
||||
)
|
||||
with pytest.raises(InvitationError):
|
||||
Invitations.accept(invite.token)
|
||||
with pytest.raises(ExpiredError):
|
||||
Invitations.accept(user, invite.token)
|
||||
|
||||
assert invite.is_rejected
|
||||
|
||||
@@ -52,11 +57,39 @@ def test_accept_rejected_invite():
|
||||
user = UserFactory.create()
|
||||
invite = InvitationFactory.create(user_id=user.id, status=Status.REJECTED)
|
||||
with pytest.raises(InvitationError):
|
||||
Invitations.accept(invite.token)
|
||||
Invitations.accept(user, invite.token)
|
||||
|
||||
|
||||
def test_accept_revoked_invite():
|
||||
user = UserFactory.create()
|
||||
invite = InvitationFactory.create(user_id=user.id, status=Status.REVOKED)
|
||||
with pytest.raises(InvitationError):
|
||||
Invitations.accept(invite.token)
|
||||
Invitations.accept(user, invite.token)
|
||||
|
||||
|
||||
def test_wrong_user_accepts_invitation():
|
||||
user = UserFactory.create()
|
||||
wrong_user = UserFactory.create()
|
||||
invite = InvitationFactory.create(user_id=user.id)
|
||||
with pytest.raises(WrongUserError):
|
||||
Invitations.accept(wrong_user, invite.token)
|
||||
|
||||
|
||||
def test_user_cannot_accept_invitation_accepted_by_wrong_user():
|
||||
user = UserFactory.create()
|
||||
wrong_user = UserFactory.create()
|
||||
invite = InvitationFactory.create(user_id=user.id)
|
||||
with pytest.raises(WrongUserError):
|
||||
Invitations.accept(wrong_user, invite.token)
|
||||
with pytest.raises(InvitationError):
|
||||
Invitations.accept(user, invite.token)
|
||||
|
||||
|
||||
def test_accept_invitation_twice():
|
||||
workspace = WorkspaceFactory.create()
|
||||
user = UserFactory.create()
|
||||
ws_role = WorkspaceRoleFactory.create(user=user, workspace=workspace)
|
||||
invite = Invitations.create(ws_role, workspace.owner, user)
|
||||
Invitations.accept(user, invite.token)
|
||||
with pytest.raises(InvitationError):
|
||||
Invitations.accept(user, invite.token)
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
import datetime
|
||||
from flask import url_for
|
||||
|
||||
from tests.factories import (
|
||||
@@ -15,6 +16,7 @@ from atst.models.workspace_user import WorkspaceUser
|
||||
from atst.models.workspace_role import Status as WorkspaceRoleStatus
|
||||
from atst.models.invitation import Status as InvitationStatus
|
||||
from atst.queue import queue
|
||||
from atst.domain.users import Users
|
||||
|
||||
|
||||
def test_user_with_permission_has_budget_report_link(client, user_session):
|
||||
@@ -299,7 +301,7 @@ def test_update_member_environment_role_with_no_data(client, user_session):
|
||||
assert EnvironmentRoles.get(user.id, env1_id).role == "developer"
|
||||
|
||||
|
||||
def test_new_member_accepts_valid_invite(client, user_session):
|
||||
def test_existing_member_accepts_valid_invite(client, user_session):
|
||||
workspace = WorkspaceFactory.create()
|
||||
user = UserFactory.create()
|
||||
ws_role = WorkspaceRoleFactory.create(
|
||||
@@ -325,7 +327,36 @@ def test_new_member_accepts_valid_invite(client, user_session):
|
||||
assert len(Workspaces.for_user(user)) == 1
|
||||
|
||||
|
||||
def test_new_member_accept_invalid_invite(client, user_session):
|
||||
def test_new_member_accepts_valid_invite(monkeypatch, client, user_session):
|
||||
workspace = WorkspaceFactory.create()
|
||||
user_info = UserFactory.dictionary()
|
||||
|
||||
user_session(workspace.owner)
|
||||
client.post(
|
||||
url_for("workspaces.create_member", workspace_id=workspace.id),
|
||||
data={"workspace_role": "developer", **user_info},
|
||||
)
|
||||
|
||||
user = Users.get_by_dod_id(user_info["dod_id"])
|
||||
token = user.invitations[0].token
|
||||
|
||||
monkeypatch.setattr(
|
||||
"atst.domain.auth.should_redirect_to_user_profile", lambda *args: False
|
||||
)
|
||||
user_session(user)
|
||||
response = client.get(url_for("workspaces.accept_invitation", token=token))
|
||||
|
||||
# user is redirected to the workspace view
|
||||
assert response.status_code == 302
|
||||
assert (
|
||||
url_for("workspaces.show_workspace", workspace_id=workspace.id)
|
||||
in response.headers["Location"]
|
||||
)
|
||||
# the user has access to the workspace
|
||||
assert len(Workspaces.for_user(user)) == 1
|
||||
|
||||
|
||||
def test_member_accepts_invalid_invite(client, user_session):
|
||||
workspace = WorkspaceFactory.create()
|
||||
user = UserFactory.create()
|
||||
ws_role = WorkspaceRoleFactory.create(
|
||||
@@ -355,3 +386,35 @@ def test_user_who_has_not_accepted_workspace_invite_cannot_view(client, user_ses
|
||||
user_session(user)
|
||||
response = client.get("/workspaces/{}/projects".format(workspace.id))
|
||||
assert response.status_code == 404
|
||||
|
||||
|
||||
def test_user_accepts_invite_with_wrong_dod_id(client, user_session):
|
||||
workspace = WorkspaceFactory.create()
|
||||
user = UserFactory.create()
|
||||
different_user = UserFactory.create()
|
||||
ws_role = WorkspaceRoleFactory.create(
|
||||
user=user, workspace=workspace, status=WorkspaceRoleStatus.PENDING
|
||||
)
|
||||
invite = InvitationFactory.create(user_id=user.id, workspace_role_id=ws_role.id)
|
||||
user_session(different_user)
|
||||
response = client.get(url_for("workspaces.accept_invitation", token=invite.token))
|
||||
|
||||
assert response.status_code == 404
|
||||
|
||||
|
||||
def test_user_accepts_expired_invite(client, user_session):
|
||||
workspace = WorkspaceFactory.create()
|
||||
user = UserFactory.create()
|
||||
ws_role = WorkspaceRoleFactory.create(
|
||||
user=user, workspace=workspace, status=WorkspaceRoleStatus.PENDING
|
||||
)
|
||||
invite = InvitationFactory.create(
|
||||
user_id=user.id,
|
||||
workspace_role_id=ws_role.id,
|
||||
status=InvitationStatus.REJECTED,
|
||||
expiration_time=datetime.datetime.now() - datetime.timedelta(seconds=1),
|
||||
)
|
||||
user_session(user)
|
||||
response = client.get(url_for("workspaces.accept_invitation", token=invite.token))
|
||||
|
||||
assert response.status_code == 404
|
||||
|
||||
Reference in New Issue
Block a user