Merge pull request #418 from dod-ccpo/invited-user-#160301892

Invited user #160301892

tests/routes/test_workspaces.py

@@ -1,3 +1,4 @@
+import datetime
 from flask import url_for
 
 from tests.factories import (
@@ -15,6 +16,7 @@ from atst.models.workspace_user import WorkspaceUser
 from atst.models.workspace_role import Status as WorkspaceRoleStatus
 from atst.models.invitation import Status as InvitationStatus
 from atst.queue import queue
+from atst.domain.users import Users
 
 
 def test_user_with_permission_has_budget_report_link(client, user_session):
@@ -299,7 +301,7 @@ def test_update_member_environment_role_with_no_data(client, user_session):
     assert EnvironmentRoles.get(user.id, env1_id).role == "developer"
 
 
-def test_new_member_accepts_valid_invite(client, user_session):
+def test_existing_member_accepts_valid_invite(client, user_session):
     workspace = WorkspaceFactory.create()
     user = UserFactory.create()
     ws_role = WorkspaceRoleFactory.create(
@@ -325,7 +327,36 @@ def test_new_member_accepts_valid_invite(client, user_session):
     assert len(Workspaces.for_user(user)) == 1
 
 
-def test_new_member_accept_invalid_invite(client, user_session):
+def test_new_member_accepts_valid_invite(monkeypatch, client, user_session):
+    workspace = WorkspaceFactory.create()
+    user_info = UserFactory.dictionary()
+
+    user_session(workspace.owner)
+    client.post(
+        url_for("workspaces.create_member", workspace_id=workspace.id),
+        data={"workspace_role": "developer", **user_info},
+    )
+
+    user = Users.get_by_dod_id(user_info["dod_id"])
+    token = user.invitations[0].token
+
+    monkeypatch.setattr(
+        "atst.domain.auth.should_redirect_to_user_profile", lambda *args: False
+    )
+    user_session(user)
+    response = client.get(url_for("workspaces.accept_invitation", token=token))
+
+    # user is redirected to the workspace view
+    assert response.status_code == 302
+    assert (
+        url_for("workspaces.show_workspace", workspace_id=workspace.id)
+        in response.headers["Location"]
+    )
+    # the user has access to the workspace
+    assert len(Workspaces.for_user(user)) == 1
+
+
+def test_member_accepts_invalid_invite(client, user_session):
     workspace = WorkspaceFactory.create()
     user = UserFactory.create()
     ws_role = WorkspaceRoleFactory.create(
@@ -355,3 +386,35 @@ def test_user_who_has_not_accepted_workspace_invite_cannot_view(client, user_ses
     user_session(user)
     response = client.get("/workspaces/{}/projects".format(workspace.id))
     assert response.status_code == 404
+
+
+def test_user_accepts_invite_with_wrong_dod_id(client, user_session):
+    workspace = WorkspaceFactory.create()
+    user = UserFactory.create()
+    different_user = UserFactory.create()
+    ws_role = WorkspaceRoleFactory.create(
+        user=user, workspace=workspace, status=WorkspaceRoleStatus.PENDING
+    )
+    invite = InvitationFactory.create(user_id=user.id, workspace_role_id=ws_role.id)
+    user_session(different_user)
+    response = client.get(url_for("workspaces.accept_invitation", token=invite.token))
+
+    assert response.status_code == 404
+
+
+def test_user_accepts_expired_invite(client, user_session):
+    workspace = WorkspaceFactory.create()
+    user = UserFactory.create()
+    ws_role = WorkspaceRoleFactory.create(
+        user=user, workspace=workspace, status=WorkspaceRoleStatus.PENDING
+    )
+    invite = InvitationFactory.create(
+        user_id=user.id,
+        workspace_role_id=ws_role.id,
+        status=InvitationStatus.REJECTED,
+        expiration_time=datetime.datetime.now() - datetime.timedelta(seconds=1),
+    )
+    user_session(user)
+    response = client.get(url_for("workspaces.accept_invitation", token=invite.token))
+
+    assert response.status_code == 404