New invitation backend for portfolio invitations.
Portfolio invitations do not associate a user entity until the invitation has been accepted. User info, including DOD ID, is held on the invitation itself. When a user accepts and invitation, their user entry is associated with the corresponding `portfolio_role` entry. The same change will be applied to `application_role` and application invitations. For now, small changes have been made to application-related methods so that that flow works as-is.
This commit is contained in:
dandds
@@ -33,7 +33,7 @@ def test_enabled_application_role():
|
||||
)
|
||||
assert app_role.status == ApplicationRoleStatus.DISABLED
|
||||
|
||||
ApplicationRoles.enable(app_role)
|
||||
ApplicationRoles.enable(app_role, app_role.user)
|
||||
|
||||
assert app_role.status == ApplicationRoleStatus.ACTIVE
|
||||
|
||||
|
||||
@@ -23,10 +23,11 @@ from tests.factories import (
|
||||
def test_create_invitation():
|
||||
portfolio = PortfolioFactory.create()
|
||||
user = UserFactory.create()
|
||||
ws_role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
|
||||
invite = PortfolioInvitations.create(portfolio.owner, ws_role, user.email)
|
||||
assert invite.user == user
|
||||
assert invite.role == ws_role
|
||||
role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
|
||||
invite = PortfolioInvitations.create(
|
||||
portfolio.owner, role, user.to_dictionary(), commit=True
|
||||
)
|
||||
assert invite.role == role
|
||||
assert invite.inviter == portfolio.owner
|
||||
assert invite.status == InvitationStatus.PENDING
|
||||
assert re.match(r"^[\w\-_]+$", invite.token)
|
||||
@@ -35,8 +36,10 @@ def test_create_invitation():
|
||||
def test_accept_invitation():
|
||||
portfolio = PortfolioFactory.create()
|
||||
user = UserFactory.create()
|
||||
ws_role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
|
||||
invite = PortfolioInvitations.create(portfolio.owner, ws_role, user.email)
|
||||
role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
|
||||
invite = PortfolioInvitations.create(
|
||||
portfolio.owner, role, user.to_dictionary(), commit=True
|
||||
)
|
||||
assert invite.is_pending
|
||||
accepted_invite = PortfolioInvitations.accept(user, invite.token)
|
||||
assert accepted_invite.is_accepted
|
||||
@@ -45,14 +48,14 @@ def test_accept_invitation():
|
||||
def test_accept_expired_invitation():
|
||||
user = UserFactory.create()
|
||||
portfolio = PortfolioFactory.create()
|
||||
ws_role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
|
||||
role = PortfolioRoleFactory.create(portfolio=portfolio)
|
||||
increment = PortfolioInvitations.EXPIRATION_LIMIT_MINUTES + 1
|
||||
expiration_time = datetime.datetime.now() - datetime.timedelta(minutes=increment)
|
||||
invite = PortfolioInvitationFactory.create(
|
||||
user=user,
|
||||
expiration_time=expiration_time,
|
||||
status=InvitationStatus.PENDING,
|
||||
role=ws_role,
|
||||
role=role,
|
||||
dod_id=user.dod_id,
|
||||
)
|
||||
with pytest.raises(ExpiredError):
|
||||
PortfolioInvitations.accept(user, invite.token)
|
||||
@@ -63,9 +66,9 @@ def test_accept_expired_invitation():
|
||||
def test_accept_rejected_invite():
|
||||
user = UserFactory.create()
|
||||
portfolio = PortfolioFactory.create()
|
||||
ws_role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
|
||||
role = PortfolioRoleFactory.create(portfolio=portfolio)
|
||||
invite = PortfolioInvitationFactory.create(
|
||||
user=user, status=InvitationStatus.REJECTED_EXPIRED, role=ws_role
|
||||
status=InvitationStatus.REJECTED_EXPIRED, role=role, dod_id=user.dod_id
|
||||
)
|
||||
with pytest.raises(InvitationError):
|
||||
PortfolioInvitations.accept(user, invite.token)
|
||||
@@ -74,9 +77,9 @@ def test_accept_rejected_invite():
|
||||
def test_accept_revoked_invite():
|
||||
user = UserFactory.create()
|
||||
portfolio = PortfolioFactory.create()
|
||||
ws_role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
|
||||
role = PortfolioRoleFactory.create(portfolio=portfolio)
|
||||
invite = PortfolioInvitationFactory.create(
|
||||
user=user, status=InvitationStatus.REVOKED, role=ws_role
|
||||
status=InvitationStatus.REVOKED, role=role, dod_id=user.dod_id
|
||||
)
|
||||
with pytest.raises(InvitationError):
|
||||
PortfolioInvitations.accept(user, invite.token)
|
||||
@@ -85,9 +88,9 @@ def test_accept_revoked_invite():
|
||||
def test_wrong_user_accepts_invitation():
|
||||
user = UserFactory.create()
|
||||
portfolio = PortfolioFactory.create()
|
||||
ws_role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
|
||||
role = PortfolioRoleFactory.create(portfolio=portfolio)
|
||||
wrong_user = UserFactory.create()
|
||||
invite = PortfolioInvitationFactory.create(user=user, role=ws_role)
|
||||
invite = PortfolioInvitationFactory.create(role=role, dod_id=user.dod_id)
|
||||
with pytest.raises(WrongUserError):
|
||||
PortfolioInvitations.accept(wrong_user, invite.token)
|
||||
|
||||
@@ -95,9 +98,9 @@ def test_wrong_user_accepts_invitation():
|
||||
def test_user_cannot_accept_invitation_accepted_by_wrong_user():
|
||||
user = UserFactory.create()
|
||||
portfolio = PortfolioFactory.create()
|
||||
ws_role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
|
||||
role = PortfolioRoleFactory.create(portfolio=portfolio)
|
||||
wrong_user = UserFactory.create()
|
||||
invite = PortfolioInvitationFactory.create(user=user, role=ws_role)
|
||||
invite = PortfolioInvitationFactory.create(role=role, dod_id=user.dod_id)
|
||||
with pytest.raises(WrongUserError):
|
||||
PortfolioInvitations.accept(wrong_user, invite.token)
|
||||
with pytest.raises(InvitationError):
|
||||
@@ -107,8 +110,8 @@ def test_user_cannot_accept_invitation_accepted_by_wrong_user():
|
||||
def test_accept_invitation_twice():
|
||||
portfolio = PortfolioFactory.create()
|
||||
user = UserFactory.create()
|
||||
ws_role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
|
||||
invite = PortfolioInvitations.create(portfolio.owner, ws_role, user.email)
|
||||
role = PortfolioRoleFactory.create(portfolio=portfolio)
|
||||
invite = PortfolioInvitationFactory.create(role=role, dod_id=user.dod_id)
|
||||
PortfolioInvitations.accept(user, invite.token)
|
||||
with pytest.raises(InvitationError):
|
||||
PortfolioInvitations.accept(user, invite.token)
|
||||
@@ -117,44 +120,31 @@ def test_accept_invitation_twice():
|
||||
def test_revoke_invitation():
|
||||
portfolio = PortfolioFactory.create()
|
||||
user = UserFactory.create()
|
||||
ws_role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
|
||||
invite = PortfolioInvitations.create(portfolio.owner, ws_role, user.email)
|
||||
role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
|
||||
invite = PortfolioInvitationFactory.create(role=role, dod_id=user.dod_id)
|
||||
assert invite.is_pending
|
||||
PortfolioInvitations.revoke(invite.token)
|
||||
assert invite.is_revoked
|
||||
|
||||
|
||||
def test_resend_invitation():
|
||||
def test_resend_invitation(session):
|
||||
portfolio = PortfolioFactory.create()
|
||||
user = UserFactory.create()
|
||||
ws_role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
|
||||
invite = PortfolioInvitations.create(portfolio.owner, ws_role, user.email)
|
||||
PortfolioInvitations.resend(user, invite.token)
|
||||
assert ws_role.invitations[0].is_revoked
|
||||
assert ws_role.invitations[1].is_pending
|
||||
role = PortfolioRoleFactory.create(portfolio=portfolio)
|
||||
first_invite = PortfolioInvitationFactory.create(role=role, dod_id=user.dod_id)
|
||||
assert first_invite.is_pending
|
||||
second_invite = PortfolioInvitations.resend(user, first_invite.token)
|
||||
assert first_invite.is_revoked
|
||||
assert second_invite.is_pending
|
||||
|
||||
|
||||
def test_audit_event_for_accepted_invite():
|
||||
portfolio = PortfolioFactory.create()
|
||||
user = UserFactory.create()
|
||||
ws_role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
|
||||
invite = PortfolioInvitations.create(portfolio.owner, ws_role, user.email)
|
||||
role = PortfolioRoleFactory.create(portfolio=portfolio)
|
||||
invite = PortfolioInvitationFactory.create(role=role, dod_id=user.dod_id)
|
||||
invite = PortfolioInvitations.accept(user, invite.token)
|
||||
|
||||
accepted_event = AuditLog.get_by_resource(invite.id)[0]
|
||||
assert "email" in accepted_event.event_details
|
||||
assert "dod_id" in accepted_event.event_details
|
||||
|
||||
|
||||
def test_lookup_by_user_and_portfolio():
|
||||
portfolio = PortfolioFactory.create()
|
||||
user = UserFactory.create()
|
||||
ws_role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
|
||||
invite = PortfolioInvitations.create(portfolio.owner, ws_role, user.email)
|
||||
|
||||
assert PortfolioInvitations.lookup_by_resource_and_user(portfolio, user) == invite
|
||||
|
||||
with pytest.raises(NotFoundError):
|
||||
PortfolioInvitations.lookup_by_resource_and_user(
|
||||
portfolio, UserFactory.create()
|
||||
)
|
||||
|
||||
@@ -49,36 +49,6 @@ def test_portfolio_has_timestamps(portfolio):
|
||||
assert portfolio.time_created == portfolio.time_updated
|
||||
|
||||
|
||||
def test_can_create_portfolio_role(portfolio, portfolio_owner):
|
||||
user_data = {
|
||||
"first_name": "New",
|
||||
"last_name": "User",
|
||||
"email": "new.user@mail.com",
|
||||
"portfolio_role": "developer",
|
||||
"dod_id": "1234567890",
|
||||
}
|
||||
|
||||
new_member = Portfolios.create_member(portfolio, user_data)
|
||||
assert new_member.portfolio == portfolio
|
||||
assert new_member.user.provisional
|
||||
|
||||
|
||||
def test_can_add_existing_user_to_portfolio(portfolio, portfolio_owner):
|
||||
user = UserFactory.create()
|
||||
user_data = {
|
||||
"first_name": "New",
|
||||
"last_name": "User",
|
||||
"email": "new.user@mail.com",
|
||||
"portfolio_role": "developer",
|
||||
"dod_id": user.dod_id,
|
||||
}
|
||||
|
||||
new_member = Portfolios.create_member(portfolio, user_data)
|
||||
assert new_member.portfolio == portfolio
|
||||
assert new_member.user.email == user.email
|
||||
assert not new_member.user.provisional
|
||||
|
||||
|
||||
def test_update_portfolio_role_role(portfolio, portfolio_owner):
|
||||
user_data = {
|
||||
"first_name": "New",
|
||||
@@ -238,3 +208,16 @@ def test_does_not_count_disabled_members(session):
|
||||
)
|
||||
|
||||
assert portfolio.user_count == 3
|
||||
|
||||
|
||||
def test_invite():
|
||||
portfolio = PortfolioFactory.create()
|
||||
inviter = UserFactory.create()
|
||||
member_data = UserFactory.dictionary()
|
||||
|
||||
invitation = Portfolios.invite(portfolio, inviter, member_data)
|
||||
|
||||
assert invitation.role
|
||||
assert invitation.role.portfolio == portfolio
|
||||
assert invitation.role.user is None
|
||||
assert invitation.dod_id == member_data["dod_id"]
|
||||
|
||||
Reference in New Issue
Block a user