Viewer flag for invitations #7712

8 years ago · 9429d016a5
parent d87de0aef4
commit 9429d016a5
8 changed files with 56 additions and 19 deletions
--- a/app/controllers/carto/api/invitation_presenter.rb
+++ b/app/controllers/carto/api/invitation_presenter.rb
@ -13,6 +13,7 @@ module Carto
          id: @invitation.id,
          users_emails: @invitation.users_emails,
          welcome_text: @invitation.welcome_text,
+          viewer: @invitation.viewer,
          created_at: @invitation.created_at,
          updated_at: @invitation.updated_at
        }
--- a/app/controllers/carto/api/invitations_controller.rb
+++ b/app/controllers/carto/api/invitations_controller.rb
@ -14,7 +14,8 @@ module Carto
        invitation = Carto::Invitation.create_new(
          Carto::User.find(current_user.id),
          params[:users_emails],
-          params[:welcome_text]
+          params[:welcome_text],
+          params[:viewer]
        )
        if invitation.valid?
          render_jsonp(Carto::Api::InvitationPresenter.new(invitation).to_poro)
--- a/app/models/carto/invitation.rb
+++ b/app/models/carto/invitation.rb
@ -19,20 +19,22 @@ module Carto

    private_class_method :new

-    def self.create_new(inviter_user, users_emails, welcome_text)
+    def self.create_new(inviter_user, users_emails, welcome_text, viewer)
      raise CartoDB::InvalidUser.new("Only owners can create invitations") unless inviter_user.organization_owner?

      # ActiveRecord validation for all values
      invitation = new(inviter_user: inviter_user,
                       organization: inviter_user.organization,
                       users_emails: users_emails,
-                       welcome_text: welcome_text)
+                       welcome_text: welcome_text,
+                       viewer: viewer)
      return invitation unless invitation.valid?

      # Two-step creation workarounding array bug
      invitation = new(inviter_user: inviter_user,
                       organization: inviter_user.organization,
-                       welcome_text: welcome_text)
+                       welcome_text: welcome_text,
+                       viewer: viewer)

      invitation.seed = Carto::UserService.make_token
      if invitation.save
--- a/db/migrate/20160701125000_add_viewer_to_invitations.rb
+++ b/db/migrate/20160701125000_add_viewer_to_invitations.rb
@ -0,0 +1,13 @@
+Sequel.migration do
+  up do
+    alter_table(:invitations) do
+      add_column :viewer, :boolean, null: false, default: false
+    end
+  end
+
+  down do
+    alter_table(:invitations) do
+      drop_column :viewer
+    end
+  end
+end
--- a/spec/models/carto/invitation_spec.rb
+++ b/spec/models/carto/invitation_spec.rb
@ -11,25 +11,26 @@ describe Carto::Invitation do

  describe 'creation' do
    it 'fails for existing users' do
-      invitation = Carto::Invitation.create_new(@carto_org_user_owner, [@carto_org_user_1.email], 'hi')
+      invitation = Carto::Invitation.create_new(@carto_org_user_owner, [@carto_org_user_1.email], 'hi', false)
      invitation.valid?.should == false
    end

    it 'fails for non-owner users' do
      expect do
-        Carto::Invitation.create_new(@carto_org_user_1, ['no@cartodb.com'], 'hi')
+        Carto::Invitation.create_new(@carto_org_user_1, ['no@cartodb.com'], 'hi', false)
      end.to raise_error CartoDB::InvalidUser
    end

    it 'fails for wrong emails' do
-      invitation = Carto::Invitation.create_new(@carto_org_user_owner, ['no', 'neither@'], 'hi')
+      invitation = Carto::Invitation.create_new(@carto_org_user_owner, ['no', 'neither@'], 'hi', false)
      invitation.valid?.should == false
      invitation.errors[:users_emails].count.should == 2
    end

    it 'sends invitations' do
      ::Resque.expects(:enqueue).with(Resque::OrganizationJobs::Mail::Invitation, instance_of(String)).once
-      invitation = Carto::Invitation.create_new(@carto_org_user_owner, ['w_1@cartodb.com', 'w_2@cartodb.com'], 'hi')
+      emails = ['w_1@cartodb.com', 'w_2@cartodb.com']
+      invitation = Carto::Invitation.create_new(@carto_org_user_owner, emails, 'hi', false)
      invitation.inviter_user_id.should == @carto_org_user_owner.id
      invitation.organization_id.should == @carto_org_user_owner.organization_id
    end
@ -37,8 +38,8 @@ describe Carto::Invitation do

  describe 'token' do
    before(:each) do
-      @invitation = Carto::Invitation.create_new(@carto_org_user_owner, [], 'Welcome!')
-      @invitation_2 = Carto::Invitation.create_new(@carto_org_user_owner, [], 'Welcome!')
+      @invitation = Carto::Invitation.create_new(@carto_org_user_owner, [], 'Welcome!', false)
+      @invitation_2 = Carto::Invitation.create_new(@carto_org_user_owner, [], 'Welcome!', false)
    end

    it 'returns the same token for the same email' do
@ -70,7 +71,12 @@ describe Carto::Invitation do
    before(:each) do
      @valid_email = 'email1@cartodb.com'
      @valid_email_2 = 'email2@cartodb.com'
-      @invitation = Carto::Invitation.create_new(@carto_org_user_owner, [@valid_email, @valid_email_2], 'Welcome!')
+      @invitation = Carto::Invitation.create_new(
+        @carto_org_user_owner,
+        [@valid_email, @valid_email_2],
+        'Welcome!',
+        false
+      )
      @token = @invitation.token(@valid_email)
      @token_2 = @invitation.token(@valid_email_2)
    end
--- a/spec/models/carto/user_creation_spec.rb
+++ b/spec/models/carto/user_creation_spec.rb
@ -91,7 +91,7 @@ describe Carto::UserCreation do
      user_data.organization = @organization
      user_data.google_sign_in = false

-      invitation = Carto::Invitation.create_new(@carto_org_user_owner, [user_data.email], 'Welcome!')
+      invitation = Carto::Invitation.create_new(@carto_org_user_owner, [user_data.email], 'Welcome!', false)
      invitation.save

      user_creation = Carto::UserCreation.
--- a/spec/requests/carto/api/invitations_controller_spec.rb
+++ b/spec/requests/carto/api/invitations_controller_spec.rb
@ -32,21 +32,35 @@ describe Carto::Api::InvitationsController do
      end
    end

-    it 'registers invitations with a token seed returning its json' do
-      invitation = {
+    let(:invitation) do
+      {
        users_emails: ['email_a@cartodb.com', 'email_b@cartodb.com'],
-        welcome_text: 'Please join my organization!'
+        welcome_text: 'Please join my organization!',
+        viewer: false
      }
+    end
+
+    it 'registers invitations with a token seed returning its json' do
      post_api_v1_organization_invitations(@org_user_owner, invitation) do |response|
        response.status.should == 200
        response.body[:id].should_not be_nil
        response.body[:users_emails].should == invitation[:users_emails]
        response.body[:welcome_text].should == invitation[:welcome_text]
+        response.body[:viewer].should == false

        invitation = Carto::Invitation.find(response.body[:id]).seed.should_not be_nil
      end
    end

+    it 'registers viewer invitations' do
+      post_api_v1_organization_invitations(@org_user_owner, invitation.merge(viewer: true)) do |response|
+        response.status.should == 200
+        response.body[:viewer].should == true
+
+        Carto::Invitation.find(response.body[:id]).viewer.should eq true
+      end
+    end
+
    it 'fails if a user with any of the emails already exists' do
      welcome_text = 'invitation creation should fail'
      invitation = {
--- a/spec/requests/signup_controller_spec.rb
+++ b/spec/requests/signup_controller_spec.rb
@ -37,7 +37,7 @@ describe SignupController do
    it 'returns 200 for organizations without signup_page_enabled but with a valid invitation' do
      @fake_organization = FactoryGirl.create(:organization_with_users, whitelisted_email_domains: [])
      owner = Carto::User.find(@fake_organization.owner.id)
-      invitation = Carto::Invitation.create_new(owner, ['wadus@wad.us'], 'Welcome!')
+      invitation = Carto::Invitation.create_new(owner, ['wadus@wad.us'], 'Welcome!', false)
      Organization.stubs(:where).returns([@fake_organization])
      get signup_url(invitation_token: invitation.token('wadus@wad.us'), email: 'wadus@wad.us')
      response.status.should == 200
@ -159,7 +159,7 @@ describe SignupController do
        with(::Resque::UserJobs::Signup::NewUser, anything, anything, anything).
        never
      invited_email = 'invited_user@whatever.com'
-      invitation = Carto::Invitation.create_new(Carto::User.find(@org_user_owner.id), [invited_email], 'Welcome!')
+      invitation = Carto::Invitation.create_new(Carto::User.find(@org_user_owner.id), [invited_email], 'W!', false)
      invitation.save

      host! "#{@organization.name}.localhost.lan"
@ -175,7 +175,7 @@ describe SignupController do

    it 'returns 400 if invitation token is for a different organization' do
      invited_email = 'invited_user@whatever.com'
-      invitation = Carto::Invitation.create_new(Carto::User.find(@org_2_user_owner.id), [invited_email], 'Welcome!')
+      invitation = Carto::Invitation.create_new(Carto::User.find(@org_2_user_owner.id), [invited_email], 'W!', false)
      invitation.save

      ::Resque.expects(:enqueue).
@ -194,7 +194,7 @@ describe SignupController do

    it 'triggers creation without validation email spending an invitation even if mail domain is not whitelisted' do
      invited_email = 'invited_user@whatever.com'
-      invitation = Carto::Invitation.create_new(Carto::User.find(@org_user_owner.id), [invited_email], 'Welcome!')
+      invitation = Carto::Invitation.create_new(Carto::User.find(@org_user_owner.id), [invited_email], 'W!', false)
      invitation.save

      Cartodb::Central.stubs(:sync_data_with_cartodb_central?).returns(false)