Get team invite confirmation working and fully tested

endpoints/api/team.py

@@ -2,7 +2,7 @@ from flask import request
 
 from endpoints.api import (resource, nickname, ApiResource, validate_json_request, request_error,
                            log_action, Unauthorized, NotFound, internal_only, require_scope,
-                           query_param, truthy_bool, parse_args)
+                           query_param, truthy_bool, parse_args, require_user_admin)
 from auth.permissions import AdministerOrganizationPermission, ViewTeamPermission
 from auth.auth_context import get_authenticated_user
 from auth import scopes
@@ -10,8 +10,8 @@ from data import model
 from util.useremails import send_org_invite_email
 from util.gravatar import compute_hash
 
-def add_or_invite_to_team(team, user=None, email=None, adder=None):
-  invite = model.add_or_invite_to_team(team, user, email, adder)
+def add_or_invite_to_team(inviter, team, user=None, email=None):
+  invite = model.add_or_invite_to_team(inviter, team, user, email)
   if not invite:
     # User was added to the team directly.
     return
@@ -20,13 +20,13 @@ def add_or_invite_to_team(team, user=None, email=None, adder=None):
   if user:
     model.create_notification('org_team_invite', user, metadata = {
       'code': invite.invite_token,
-      'adder': adder,
+      'inviter': inviter.username,
       'org': orgname,
       'team': team.name
     })
 
   send_org_invite_email(user.username if user else email, user.email if user else email,
-                        orgname, team.name, adder, invite.invite_token)
+                        orgname, team.name, inviter.username, invite.invite_token)
   return invite
 
 def team_view(orgname, team):
@@ -204,11 +204,8 @@ class TeamMember(ApiResource):
         raise request_error(message='Unknown user')
         
       # Add or invite the user to the team.
-      adder = None
-      if get_authenticated_user():
-        adder = get_authenticated_user().username
-
-      invite = add_or_invite_to_team(team, user=user, adder=adder)
+      inviter = get_authenticated_user()
+      invite = add_or_invite_to_team(inviter, team, user=user)
       if not invite:
         log_action('org_add_team_member', orgname, {'member': membername, 'team': teamname})
         return member_view(user, invited=False)
@@ -232,3 +229,52 @@ class TeamMember(ApiResource):
       return 'Deleted', 204
 
     raise Unauthorized()
+
+
+@resource('/v1/teaminvite/<code>')
+@internal_only
+class TeamMemberInvite(ApiResource):
+  """ Resource for managing invites to jon a team. """
+  @require_user_admin
+  @nickname('acceptOrganizationTeamInvite')
+  def put(self, code):
+    """ Accepts an invite to join a team in an organization. """
+    # Accept the invite for the current user.
+    try:
+      (team, inviter) = model.confirm_team_invite(code, get_authenticated_user())
+    except model.DataModelException:
+      raise NotFound()
+
+    model.delete_matching_notifications(get_authenticated_user(), 'org_team_invite', code=code)
+
+    orgname = team.organization.username
+    log_action('org_team_member_invite_accepted', orgname, {
+        'member': get_authenticated_user().username,
+        'team': team.name,
+        'inviter': inviter.username
+    })
+
+    return {
+      'org': orgname,
+      'team': team.name
+    }
+
+  @nickname('declineOrganizationTeamInvite')
+  @require_user_admin
+  def delete(self, code):
+    """ Delete an existing member of a team. """
+    try:
+      (team, inviter) = model.delete_team_invite(code, get_authenticated_user())
+    except model.DataModelException:
+      raise NotFound()
+
+    model.delete_matching_notifications(get_authenticated_user(), 'org_team_invite', code=code)
+
+    orgname = team.organization.username
+    log_action('org_team_member_invite_declined', orgname, {
+        'member': get_authenticated_user().username,
+        'team': team.name,
+        'inviter': inviter.username
+    })
+
+    return 'Deleted', 204