workspace users who have not accepted invite should not have permissions

2018-10-25 15:14:14 -04:00
parent 3e19c75c80
commit 5c2d466049
8 changed files with 78 additions and 64 deletions
--- a/atst/domain/workspaces/query.py
+++ b/atst/domain/workspaces/query.py
@@ -30,8 +30,8 @@ class WorkspacesQuery(Query):
        )

    @classmethod
-    def create_workspace_role(cls, user, role, workspace):
-        return WorkspaceRole(user=user, role=role, workspace=workspace)
+    def create_workspace_role(cls, user, role, workspace, **kwargs):
+        return WorkspaceRole(user=user, role=role, workspace=workspace, **kwargs)

    @classmethod
    def get_role_for_workspace_and_user(cls, workspace, user):
--- a/atst/domain/workspaces/workspaces.py
+++ b/atst/domain/workspaces/workspaces.py
@@ -13,7 +13,9 @@ class Workspaces(object):
    def create(cls, request, name=None):
        name = name or request.displayname
        workspace = WorkspacesQuery.create(request=request, name=name)
-        Workspaces._create_workspace_role(request.creator, workspace, "owner")
+        Workspaces._create_workspace_role(
+            request.creator, workspace, "owner", accepted=True
+        )
        WorkspacesQuery.add_and_commit(workspace)
        return workspace

@@ -107,9 +109,11 @@ class Workspaces(object):
        return WorkspaceUsers.update_role(member, workspace.id, role_name)

    @classmethod
-    def _create_workspace_role(cls, user, workspace, role_name):
+    def _create_workspace_role(cls, user, workspace, role_name, accepted=False):
        role = Roles.get(role_name)
-        workspace_role = WorkspacesQuery.create_workspace_role(user, role, workspace)
+        workspace_role = WorkspacesQuery.create_workspace_role(
+            user, role, workspace, accepted=accepted
+        )
        WorkspacesQuery.add_and_commit(workspace_role)
        return workspace_role

--- a/atst/models/workspace_user.py
+++ b/atst/models/workspace_user.py
@@ -12,7 +12,9 @@ class WorkspaceUser(object):
    def permissions(self):
        atat_permissions = set(self.user.atat_role.permissions)
        workspace_permissions = (
-            [] if self.workspace_role is None else self.workspace_role.role.permissions
+            []
+            if self.workspace_role is None or not self.is_accepted
+            else self.workspace_role.role.permissions
        )
        return set(workspace_permissions).union(atat_permissions)

@@ -74,8 +76,15 @@ class WorkspaceUser(object):

    def __repr__(self):
        return "<WorkspaceUser(user='{}', role='{}', workspace='{}', num_environment_roles='{}')>".format(
-            self.user_name,
-            self.role.name,
+            self.user.full_name,
+            self.role,
            self.workspace.name,
            self.num_environment_roles,
        )
+
+    @property
+    def is_accepted(self):
+        if self.workspace_role:
+            return self.workspace_role.accepted
+
+        return False
--- a/atst/routes/workspaces.py
+++ b/atst/routes/workspaces.py
@@ -341,6 +341,7 @@ def update_member(workspace_id, member_id):
@bp.route("/workspaces/invitation/<invite_id>", methods=["GET"])
 def accept_invitation(invite_id):
    invite = Invitations.accept(invite_id)
+
    Workspaces.accept_workspace_role(invite.user, invite.workspace)

    return redirect(