new workspace members are provisional until they log in for the first time

alembic/versions/5284ac1ac77c_add_provisional_column_to_users.py

@@ -0,0 +1,28 @@
+"""add provisional column to users
+
+Revision ID: 5284ac1ac77c
+Revises: 25bcba9b99a9
+Create Date: 2018-10-25 11:04:49.879393
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = '5284ac1ac77c'
+down_revision = '25bcba9b99a9'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.add_column('users', sa.Column('provisional', sa.Boolean(), nullable=True))
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_column('users', 'provisional')
+    # ### end Alembic commands ###

atst/domain/users.py

@@ -89,3 +89,12 @@ class Users(object):
         db.session.commit()
 
         return user
+
+    @classmethod
+    def finalize(cls, user):
+        user.provisional = False
+
+        db.session.add(user)
+        db.session.commit()
+
+        return user

atst/domain/workspaces/workspaces.py

@@ -86,6 +86,7 @@ class Workspaces(object):
             last_name=data["last_name"],
             email=data["email"],
             atat_role_name="default",
+            provisional=True,
         )
         return Workspaces.add_member(workspace, new_user, data["workspace_role"])
 

atst/models/user.py

@@ -1,4 +1,4 @@
-from sqlalchemy import String, ForeignKey, Column, Date
+from sqlalchemy import String, ForeignKey, Column, Date, Boolean
 from sqlalchemy.orm import relationship
 from sqlalchemy.dialects.postgresql import UUID
 
@@ -26,6 +26,8 @@ class User(Base, mixins.TimestampsMixin, mixins.AuditableMixin):
     designation = Column(String)
     date_latest_training = Column(Date)
 
+    provisional = Column(Boolean)
+
     @property
     def atat_permissions(self):
         return self.atat_role.permissions

atst/routes/__init__.py

@@ -101,6 +101,10 @@ def login_redirect():
     auth_context = _make_authentication_context()
     auth_context.authenticate()
     user = auth_context.get_user()
+
+    if user.provisional:
+        Users.finalize(user)
+
     session["user_id"] = user.id
 
     return redirect(redirect_after_login_url())

tests/domain/test_workspaces.py

@@ -86,6 +86,23 @@ def test_can_create_workspace_user(workspace, workspace_owner):
 
     new_member = Workspaces.create_member(workspace_owner, workspace, user_data)
     assert new_member.workspace == workspace
+    assert new_member.user.provisional
+
+
+def test_can_add_existing_user_to_workspace(workspace, workspace_owner):
+    user = UserFactory.create()
+    user_data = {
+        "first_name": "New",
+        "last_name": "User",
+        "email": "new.user@mail.com",
+        "workspace_role": "developer",
+        "dod_id": user.dod_id,
+    }
+
+    new_member = Workspaces.create_member(workspace_owner, workspace, user_data)
+    assert new_member.workspace == workspace
+    assert new_member.user.email == user.email
+    assert not new_member.user.provisional
 
 
 def test_need_permission_to_create_workspace_user(workspace, workspace_owner):

tests/test_auth.py

@@ -211,3 +211,17 @@ def test_redirected_on_login(client, monkeypatch):
     target_route = url_for("requests.requests_form_new", screen=1)
     response = _login(client, next=target_route)
     assert target_route in response.headers.get("Location")
+
+
+def test_invited_user_finalized_on_login(monkeypatch, client):
+    user = UserFactory.create(provisional=True)
+    monkeypatch.setattr(
+        "atst.domain.authnid.AuthenticationContext.authenticate", lambda *args: True
+    )
+    monkeypatch.setattr(
+        "atst.domain.authnid.AuthenticationContext.get_user", lambda *args: user
+    )
+
+    resp = _login(client)
+
+    assert not user.provisional