working implementation of revoke invitation

atst/models/workspace_role.py

@@ -51,7 +51,9 @@ class WorkspaceRole(Base, mixins.TimestampsMixin, mixins.AuditableMixin):
         if self.status == Status.ACTIVE:
             return "Active"
         elif self.latest_invitation:
-            if self.latest_invitation.is_rejected_expired:
+            if self.latest_invitation.is_revoked:
+                return "Revoked"
+            elif self.latest_invitation.is_rejected_expired:
                 return "Invite expired"
             elif self.latest_invitation.is_rejected_wrong_user:
                 return "Error on invite"

atst/routes/workspaces.py

@@ -375,8 +375,6 @@ def revoke_invitation(workspace_id, token):
         Permissions.ASSIGN_AND_UNASSIGN_ATAT_ROLE,
         "revoke member invitation",
     )
-    invite = Invitations.revoke(token)
+    Invitations.revoke(token)
 
-    return redirect(
+    return redirect(url_for("workspaces.workspace_members", workspace_id=workspace.id))
-        url_for("workspaces.show_workspace", workspace_id=workspace.id)
-    )

templates/components/confirmation_button.html

@@ -1,9 +1,10 @@
-{% macro ConfirmationButton(btn_text, action, confirm_msg="Are you sure?", confirm_btn="Confirm", cancel_btn="Cancel") -%}
+{% macro ConfirmationButton(btn_text, action, csrf_token, confirm_msg="Are you sure?", confirm_btn="Confirm", cancel_btn="Cancel") -%}
   <v-popover placement='top-start'>
     <template slot="popover">
       <p>{{ confirm_msg }}</p>
       <div class='action-group'>
         <form method="POST" action="{{ action }}">
+          {{ csrf_token }}
           <button class='usa-button usa-button-primary' type='submit'>
             {{ confirm_btn }}
           </button>
@@ -13,6 +14,6 @@
         </button>
       </div>
     </template>
-    <button class="tooltip-target">{{ btn_text }}</button>
+    <button class="tooltip-target" type="button">{{ btn_text }}</button>
   </v-popover>
 {%- endmacro %}

templates/workspaces/members/edit.html

@@ -5,6 +5,7 @@
 {% from "components/selector.html" import Selector %}
 {% from "components/options_input.html" import OptionsInput %}
 {% from "components/alert.html" import Alert %}
+{% from "components/confirmation_button.html" import ConfirmationButton %}
 
 {% block content %}
 
@@ -38,6 +39,13 @@
       {% if editable %}
         <a href='{{ url_for("users.user") }}' class='icon-link'>edit account details</a>
       {% endif %}
+      {% if member.latest_invitation.is_pending %}
+        {{ ConfirmationButton(
+              "Revoke Invitation",
+              url_for("workspaces.revoke_invitation", workspace_id=workspace.id, token=member.latest_invitation.token),
+              form.csrf_token
+           ) }}
+      {% endif %}
     </div>
   </div>
 

tests/routes/test_workspaces.py

@@ -435,7 +435,13 @@ def test_revoke_invitation(client, user_session):
         expiration_time=datetime.datetime.now() - datetime.timedelta(seconds=1),
     )
     user_session(workspace.owner)
-    response = client.post(url_for("workspaces.revoke_invitation", workspace_id=workspace.id, token=invite.token))
+    response = client.post(
+        url_for(
+            "workspaces.revoke_invitation",
+            workspace_id=workspace.id,
+            token=invite.token,
+        )
+    )
 
     assert response.status_code == 302
     assert invite.is_revoked