Address review comments

MerginMaps · Dec 9, 2024 · 56cd008 · 56cd008
1 parent be604ea
commit 56cd008
Show file tree

Hide file tree

Showing 6 changed files with 15 additions and 10 deletions.
diff --git a/server/mergin/auth/app.py b/server/mergin/auth/app.py
@@ -97,6 +97,10 @@ def confirm_token(token, expiration=3600 * 24 * 3):
 
 
 def send_confirmation_email(app, user, url, template, header, **kwargs):
+    """
+    Send confirmation email from selected template with customizable email subject and confirmation URL.
+    Optional kwargs are passed to render_template method if needed for particular template.
+    """
     from ..celery import send_email_async
 
     token = generate_confirmation_token(app, user.email)

diff --git a/server/mergin/auth/models.py b/server/mergin/auth/models.py
@@ -180,13 +180,13 @@ def anonymize(self):
         db.session.commit()
 
     @classmethod
-    def get_by_login(cls, username: str) -> Optional[User]:
-        """Find user by its username or email"""
-        username = username.strip().lower()
+    def get_by_login(cls, login: str) -> Optional[User]:
+        """Find user by its login which can be either username or email"""
+        login = login.strip().lower()
         return cls.query.filter(
             or_(
-                func.lower(User.email) == username,
-                func.lower(User.username) == username,
+                func.lower(User.email) == login,
+                func.lower(User.username) == login,
             )
         ).first()
 

diff --git a/server/mergin/sync/private_api_controller.py b/server/mergin/sync/private_api_controller.py
@@ -135,10 +135,10 @@ def accept_project_access_request(request_id):
     project = access_request.project
     project_role = ProjectPermissions.get_user_project_role(project, current_user)
     if project_role == ProjectRole.OWNER:
+        access_request.accept(permission)
         project_access_granted.send(
             access_request.project, user_id=access_request.requested_by
         )
-        access_request.accept(permission)
         return "", 200
     abort(403, "You don't have permissions to accept project access request")
 

diff --git a/server/mergin/sync/public_api_v2.yaml b/server/mergin/sync/public_api_v2.yaml
@@ -206,7 +206,7 @@ paths:
       tags:
         - project
       summary: Remove project collaborator
-      operationId: remove_project_member
+      operationId: remove_project_collaborator
       parameters:
         - $ref: "#/components/parameters/ProjectId"
       responses:

diff --git a/server/mergin/sync/public_api_v2_controller.py b/server/mergin/sync/public_api_v2_controller.py
@@ -100,8 +100,8 @@ def add_project_member(id):
         abort(409, "User is already a project member")
 
     project.set_role(user.id, ProjectRole(request.json["role"]))
-    project_access_granted.send(project, user_id=user.id)
     db.session.commit()
+    project_access_granted.send(project, user_id=user.id)
     data = ProjectMemberSchema().dump(project.get_member(user.id))
     return data, 201
 
@@ -121,7 +121,7 @@ def update_project_member(id, user_id):
 
 
 @auth_required
-def remove_project_member(id, user_id):
+def remove_project_collaborator(id, user_id):
     """Remove project collaborator"""
     project = require_project_by_uuid(id, ProjectPermissions.Update)
     if not project.get_role(user_id):

diff --git a/server/mergin/sync/schemas.py b/server/mergin/sync/schemas.py
@@ -337,7 +337,8 @@ class UserWorkspaceSchema(ma.SQLAlchemyAutoSchema):
     def _user_role(self, obj):
         if not self.context.get("user"):
             return
-        return obj.get_user_role(self.context.get("user")).value
+        role = obj.get_user_role(self.context.get("user"))
+        return role and role.value
 
 
 class ProjectInvitationAccessSchema(Schema):