Skip to content

Commit

Permalink
Merge pull request #945 from GSA/fix_service_invites
Browse files Browse the repository at this point in the history 
fix service invites
  • Loading branch information
@ccostino
ccostino authored Apr 25, 2024
2 parents 21c5e09 + bd80ef1 commit 87d0ae2
Show file tree
Hide file tree
Showing 4 changed files with 23 additions and 76 deletions.
8 changes: 0 additions & 8 deletions app/organization/invite_rest.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -89,14 +89,6 @@ def invite_user_to_org(organization_id):
ex=1800,
)

# This is for the login.gov path, note 24 hour expiry to match
# The expiration of invitations.
redis_key = f"organization-invite-{invited_org_user.email_address}"
redis_store.set(
redis_key,
organization_id,
ex=3600 * 24,
)
send_notification_to_queue(saved_notification, queue=QueueNames.NOTIFY)

return jsonify(data=invited_org_user.serialize()), 201
Expand Down
58 changes: 22 additions & 36 deletions app/service_invite/rest.py
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
import base64
import json
import os
from datetime import datetime
Expand Down Expand Up @@ -48,9 +49,25 @@ def _create_service_invite(invited_user, invite_link_host):
current_app.config["SECRET_KEY"],
current_app.config["DANGEROUS_SALT"],
)

# The raw permissions are in the form "a,b,c,d"
# but need to be in the form ["a", "b", "c", "d"]
data = {}
permissions = invited_user.permissions
permissions = permissions.split(",")
data["from_user_id"] = (str(invited_user.from_user.id))
data["service_id"] = str(invited_user.service.id)
data["permissions"] = permissions
data["folder_permissions"] = invited_user.folder_permissions
data["invited_user_id"] = str(invited_user.id)
data["invited_user_email"] = invited_user.email_address

url = os.environ["LOGIN_DOT_GOV_REGISTRATION_URL"]
url = url.replace("NONCE", token)
url = url.replace("STATE", token)

user_data_url_safe = get_user_data_url_safe(data)

url = url.replace("STATE", user_data_url_safe)

personalisation = {
"user_name": invited_user.from_user.name,
Expand All @@ -75,32 +92,6 @@ def _create_service_invite(invited_user, invite_link_host):
json.dumps(personalisation),
ex=1800,
)
# The raw permissions are in the form "a,b,c,d"
# but need to be in the form ["a", "b", "c", "d"]
data = {}
permissions = invited_user.permissions
permissions = permissions.split(",")
permission_list = []
for permission in permissions:
permission_list.append(f"{permission}")
data["from_user_id"] = (str(invited_user.from_user.id),)
data["service_id"] = str(invited_user.service.id)
data["permissions"] = permission_list
data["folder_permissions"] = invited_user.folder_permissions

# This is for the login.gov service invite on the
# "Set Up Your Profile" path.
redis_key = f"service-invite-{invited_user.email_address}"
redis_store.raw_set(
redis_key,
json.dumps(data),
ex=3600 * 24,
)
# TODO REMOVE DEBUG
print(hilite(f"Save this data {data} with this redis_key {redis_key}"))
did_we_save_it = redis_store.raw_get(redis_key)
print(hilite(f"Did we save the data successfully? {did_we_save_it}"))
# END DEBUG
send_notification_to_queue(saved_notification, queue=QueueNames.NOTIFY)


Expand Down Expand Up @@ -225,12 +216,7 @@ def validate_service_invitation_token(token):
return jsonify(data=invited_user_schema.dump(invited_user)), 200


@service_invite.route("/service/invite/redis/<redis_key>", methods=["GET"])
def get_service_invite_data(redis_key):
service_invite_data = redis_store.raw_get(redis_key)
# We can't log this because key may contain PII (email address)
if service_invite_data is None:
raise Exception("No service invite data")
else:
service_invite_data = service_invite_data.decode("utf8")
return jsonify(service_invite_data), 200
def get_user_data_url_safe(data):
data = json.dumps(data)
data = base64.b64encode(data.encode("utf8"))
return data.decode("utf8")
2 changes: 1 addition & 1 deletion poetry.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

31 changes: 0 additions & 31 deletions tests/app/service_invite/test_service_invite_rest.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -398,34 +398,3 @@ def test_get_invited_user_404s_if_invite_doesnt_exist(
_expected_status=404,
)
assert json_resp["result"] == "error"


def test_get_service_invite_data_with_invite(admin_request, mocker):
redis_key = "[email protected]"
expected_user_data = b'{"from_user_id": ["7480cdcf-fa31-42b8-a4bf-2cd4d7a9b4f4"], "service_id": "721b0aa6-2447-4bcd-91fc-26d576f2bbff", "permissions": ["manage_api_keys"], "folder_permissions": []}' # noqa
expected_status = 200

mocker.patch(
"app.service_invite.rest.redis_store.raw_get", return_value=expected_user_data
)
json_resp = json.loads(
admin_request.get(
"service_invite.get_service_invite_data",
redis_key=redis_key,
_expected_status=expected_status,
)
)
assert json_resp["permissions"] == ["manage_api_keys"]


def test_get_service_invite_data_without_invite(admin_request, mocker):
redis_key = "[email protected]"

mocker.patch("app.service_invite.rest.redis_store.raw_get", return_value=None)
with pytest.raises(BaseException, match="No service invite data"):
json.loads(
admin_request.get(
"service_invite.get_service_invite_data",
redis_key=redis_key,
)
)

0 comments on commit 87d0ae2

Please sign in to comment.