Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

invites: Extract helpers for accessing invites by ID. 

This adds `access_invite_by_id` to retrieve the preregistration user
for email invites by id, and a parallel function for multi-user invites.
This commit is contained in:
Harsh 2024-10-16 16:22:28 +05:30 committed by Tim Abbott
parent ed18175ce7
commit c1ec39f3ba
1 changed files with 36 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
zerver/views/invite.py
View File

@ -44,6 +44,39 @@ def check_role_based_permissions(
raise JsonableError(_("Must be an organization administrator")) raise JsonableError(_("Must be an organization administrator"))
def access_invite_by_id(user_profile: UserProfile, invite_id: int) -> PreregistrationUser:
try:
prereg_user = PreregistrationUser.objects.get(id=invite_id)
except PreregistrationUser.DoesNotExist:
raise JsonableError(_("No such invitation"))
# Structurally, any invitation the user can actually access should
# have a referred_by set for the user who created it.
if prereg_user.referred_by is None or prereg_user.referred_by.realm != user_profile.realm:
raise JsonableError(_("No such invitation"))
if prereg_user.referred_by_id != user_profile.id:
check_role_based_permissions(prereg_user.invited_as, user_profile, require_admin=True)
return prereg_user
def access_multiuse_invite_by_id(user_profile: UserProfile, invite_id: int) -> MultiuseInvite:
try:
invite = MultiuseInvite.objects.get(id=invite_id)
except MultiuseInvite.DoesNotExist:
raise JsonableError(_("No such invitation"))
if invite.realm != user_profile.realm:
raise JsonableError(_("No such invitation"))
if invite.referred_by_id != user_profile.id:
check_role_based_permissions(invite.invited_as, user_profile, require_admin=True)
if invite.status == confirmation_settings.STATUS_REVOKED:
raise JsonableError(_("Invitation has already been revoked"))
return invite
@require_member_or_admin @require_member_or_admin
@typed_endpoint @typed_endpoint
def invite_users_backend( def invite_users_backend(
@ -140,17 +173,7 @@ def get_user_invites(request: HttpRequest, user_profile: UserProfile) -> HttpRes
def revoke_user_invite( def revoke_user_invite(
request: HttpRequest, user_profile: UserProfile, *, invite_id: PathOnly[int] request: HttpRequest, user_profile: UserProfile, *, invite_id: PathOnly[int]
) -> HttpResponse: ) -> HttpResponse:
try: prereg_user = access_invite_by_id(user_profile, invite_id)
prereg_user = PreregistrationUser.objects.get(id=invite_id)
except PreregistrationUser.DoesNotExist:
raise JsonableError(_("No such invitation"))
if prereg_user.realm != user_profile.realm:
raise JsonableError(_("No such invitation"))
if prereg_user.referred_by_id != user_profile.id:
check_role_based_permissions(prereg_user.invited_as, user_profile, require_admin=True)
do_revoke_user_invite(prereg_user) do_revoke_user_invite(prereg_user)
return json_success(request) return json_success(request)
@ -160,20 +183,7 @@ def revoke_user_invite(
def revoke_multiuse_invite( def revoke_multiuse_invite(
request: HttpRequest, user_profile: UserProfile, *, invite_id: PathOnly[int] request: HttpRequest, user_profile: UserProfile, *, invite_id: PathOnly[int]
) -> HttpResponse: ) -> HttpResponse:
try: invite = access_multiuse_invite_by_id(user_profile, invite_id)
invite = MultiuseInvite.objects.get(id=invite_id)
except MultiuseInvite.DoesNotExist:
raise JsonableError(_("No such invitation"))
if invite.realm != user_profile.realm:
raise JsonableError(_("No such invitation"))
if invite.referred_by_id != user_profile.id:
check_role_based_permissions(invite.invited_as, user_profile, require_admin=True)
if invite.status == confirmation_settings.STATUS_REVOKED:
raise JsonableError(_("Invitation has already been revoked"))
do_revoke_multi_use_invite(invite) do_revoke_multi_use_invite(invite)
return json_success(request) return json_success(request)
@ -183,19 +193,7 @@ def revoke_multiuse_invite(
def resend_user_invite_email( def resend_user_invite_email(
request: HttpRequest, user_profile: UserProfile, *, invite_id: PathOnly[int] request: HttpRequest, user_profile: UserProfile, *, invite_id: PathOnly[int]
) -> HttpResponse: ) -> HttpResponse:
try: prereg_user = access_invite_by_id(user_profile, invite_id)
prereg_user = PreregistrationUser.objects.get(id=invite_id)
except PreregistrationUser.DoesNotExist:
raise JsonableError(_("No such invitation"))
# Structurally, any invitation the user can actually access should
# have a referred_by set for the user who created it.
if prereg_user.referred_by is None or prereg_user.referred_by.realm != user_profile.realm:
raise JsonableError(_("No such invitation"))
if prereg_user.referred_by_id != user_profile.id:
check_role_based_permissions(prereg_user.invited_as, user_profile, require_admin=True)
do_send_user_invite_email(prereg_user, event_time=timezone_now()) do_send_user_invite_email(prereg_user, event_time=timezone_now())
return json_success(request) return json_success(request)