From 7427e5f72806b86f9d4cc2dac0977a1cdae0fbe4 Mon Sep 17 00:00:00 2001
From: Mathias de Riese <mdrie@fastmail.com>
Date: Mon, 28 Aug 2023 13:42:56 +0200
Subject: [PATCH] [#23] Existing users can use invitation link.

---
 .../messages/invite_for_logged_in_user.txt    |  3 ++
 .../invite_for_logged_in_user_invalid.txt     |  3 ++
 cpmonitor/tests/permissions_test.py           | 28 ++++++++++++++++-
 cpmonitor/views.py                            | 30 +++++++++++++++++++
 4 files changed, 63 insertions(+), 1 deletion(-)
 create mode 100644 cpmonitor/templates/invitations/messages/invite_for_logged_in_user.txt
 create mode 100644 cpmonitor/templates/invitations/messages/invite_for_logged_in_user_invalid.txt

diff --git a/cpmonitor/templates/invitations/messages/invite_for_logged_in_user.txt b/cpmonitor/templates/invitations/messages/invite_for_logged_in_user.txt
new file mode 100644
index 00000000..9bab6454
--- /dev/null
+++ b/cpmonitor/templates/invitations/messages/invite_for_logged_in_user.txt
@@ -0,0 +1,3 @@
+{% autoescape off %}
+Nutzer {{username}} ist eingeloggt und ist jetzt auch {{role}} von {{city}}.
+{% endautoescape %}
\ No newline at end of file
diff --git a/cpmonitor/templates/invitations/messages/invite_for_logged_in_user_invalid.txt b/cpmonitor/templates/invitations/messages/invite_for_logged_in_user_invalid.txt
new file mode 100644
index 00000000..b19f275b
--- /dev/null
+++ b/cpmonitor/templates/invitations/messages/invite_for_logged_in_user_invalid.txt
@@ -0,0 +1,3 @@
+{% autoescape off %}
+Nutzer {{username}} ist eingeloggt aber inaktiv. Bitte einen neuen Nutzer anlegen.
+{% endautoescape %}
\ No newline at end of file
diff --git a/cpmonitor/tests/permissions_test.py b/cpmonitor/tests/permissions_test.py
index 2498bb99..bc98dc11 100644
--- a/cpmonitor/tests/permissions_test.py
+++ b/cpmonitor/tests/permissions_test.py
@@ -10,6 +10,7 @@
     assertTemplateNotUsed,
     assertContains,
     assertNotContains,
+    assertRedirects,
 )
 
 
@@ -708,7 +709,7 @@ def test_site_admin_should_not_be_allowed_to_change_task_of_other_city(
 city_editor_key = "lypvs6fb6qxk8ylskkckwp3g3djilpsiiunm1fuz68rdwg1emuwhnsuxexpbgjel"
 
 
-def test_city_editor_should_be_able_to_see_invitation_links(
+def test_city_editor_should_not_be_able_to_see_invitation_links(
     city_editor_client: Client,
 ):
     response = city_editor_client.get("/admin/cpmonitor/city/1/change/")
@@ -860,3 +861,28 @@ def test_can_register_with_city_admin_registration_link(
     assert not "city_admins" in adminform.readonly_fields
     assertContains(response, city_admin_key)
     assertContains(response, city_editor_key)
+
+
+def test_city_editor_should_be_able_to_accept_invitation_link_for_city_admin(
+    city_editor_client: Client,
+):
+    response = city_editor_client.get(
+        f"/invitations/accept-invite/{city_admin_key}", follow=True
+    )
+    assertTemplateUsed(response, "admin/index.html")
+    assertContains(
+        response,
+        "Nutzer heinz ist eingeloggt und ist jetzt auch Kommunen-Administrator von Beispielstadt",
+    )
+
+    response = city_editor_client.get("/admin/cpmonitor/city/1/change/")
+    assertTemplateUsed(response, "admin/change_form.html")
+
+    adminform = response.context["adminform"]
+    fields = _fields_from_form(adminform)
+    assert "draft_mode" in fields
+    assert "city_editors" in fields
+    assert "city_admins" in fields
+    assert not "draft_mode" in adminform.readonly_fields
+    assert not "city_editors" in adminform.readonly_fields
+    assert not "city_admins" in adminform.readonly_fields
diff --git a/cpmonitor/views.py b/cpmonitor/views.py
index ecf6e02e..ca1d99a1 100644
--- a/cpmonitor/views.py
+++ b/cpmonitor/views.py
@@ -6,6 +6,7 @@
 import uuid
 
 from django.conf import settings
+from django.contrib import auth
 from django.contrib.auth.decorators import login_required
 from django.contrib import messages
 from django.core.files.base import ContentFile
@@ -24,6 +25,7 @@
 from martor.utils import LazyEncoder
 
 from .models import (
+    AccessRight,
     City,
     ExecutionStatus,
     Task,
@@ -510,6 +512,34 @@ def post(self, *args, **kwargs):
             invitation.accepted = False
             invitation.save()
 
+        user: auth.models.User = self.request.user
+        if user.is_authenticated:
+            if user.is_active and user.is_staff:
+                get_invitations_adapter().add_message(
+                    self.request,
+                    messages.SUCCESS,
+                    "invitations/messages/invite_for_logged_in_user.txt",
+                    {
+                        "role": invitation.get_access_right_display(),
+                        "city": invitation.city.name,
+                        "username": user.username,
+                    },
+                )
+                city: City = invitation.city
+                if invitation.access_right == AccessRight.CITY_EDITOR:
+                    city.city_editors.add(user.pk)
+                elif invitation.access_right == AccessRight.CITY_ADMIN:
+                    city.city_admins.add(user.pk)
+                return redirect(invitations_settings.LOGIN_REDIRECT)
+            else:
+                get_invitations_adapter().add_message(
+                    self.request,
+                    messages.ERROR,
+                    "invitations/messages/invite_for_logged_in_user_invalid.txt",
+                    {"role": str(invitation), "username": user.username},
+                )
+                auth.logout(self.request)
+
         # Difference: Saving key and not email.
         self.request.session["invitation_key"] = invitation.key