Fix bug in /accounts/switch_team/, updated messaging.

2016-05-09 18:00:34 +03:00 · 2016-05-09 18:00:34 +03:00 · 435b8c220d
commit 435b8c220d
parent feb2294a7e
5 changed files with 41 additions and 6 deletions
--- a/hc/accounts/models.py
+++ b/hc/accounts/models.py
@ -75,6 +75,11 @@ class Profile(models.Model):
        member = Member(team=self, user=user)
        member.save()

+        # Switch the invited user over to the new team so they
+        # notice the new team on next visit:
+        user.profile.current_team = self
+        user.profile.save()
+
        user.profile.send_instant_login_link(self)


--- a/hc/accounts/tests/test_switch_team.py
+++ b/hc/accounts/tests/test_switch_team.py
@ -21,3 +21,10 @@ class SwitchTeamTestCase(BaseTestCase):
        url = "/accounts/switch_team/%s/" % self.alice.username
        r = self.client.get(url)
        self.assertEqual(r.status_code, 403)
+
+    def test_it_switches_to_own_team(self):
+        self.client.login(username="alice@example.org", password="password")
+
+        url = "/accounts/switch_team/%s/" % self.alice.username
+        r = self.client.get(url, follow=True)
+        self.assertEqual(r.status_code, 200)
--- a/hc/accounts/views.py
+++ b/hc/accounts/views.py
@ -226,12 +226,23 @@ def unsubscribe_reports(request, username):
 def switch_team(request, target_username):
    other_user = User.objects.get(username=target_username)

+    # The rules:
    # Superuser can switch to any team.
-    # Other users can only switch to a team they are members of.
-    if not request.user.is_superuser:
-        q = Member.objects.filter(team=other_user.profile, user=request.user)
-        if q.count() == 0:
-            return HttpResponseForbidden()
+    access_ok = request.user.is_superuser
+
+    # Users can switch to teams they are members of.
+    if not access_ok and other_user.id == request.user.id:
+        access_ok = True
+
+    # Users can switch to their own teams.
+    if not access_ok:
+        for membership in request.user.member_set.all():
+            if membership.team.user.id == other_user.id:
+                access_ok = True
+                break
+
+    if not access_ok:
+        return HttpResponseForbidden()

    request.user.profile.current_team = other_user.profile
    request.user.profile.save()
--- a/templates/emails/login-body-html.html
+++ b/templates/emails/login-body-html.html
@ -1,5 +1,11 @@
 <p>Hello,</p>

+{% if inviting_profile %}
+<p>Joining {{ inviting_profile }} will allow you to manage existing
+monitoring checks and set up new ones. If you already have your own account
+on healthchecks.io, you will be able to switch between the two accounts.</p>
+{% endif %}
+
 <p>Here's a link to log yourself in:</p>
 <p><a href="{{ login_link }}">{{ login_link }}</a></p>

--- a/templates/front/my_checks.html
+++ b/templates/front/my_checks.html
@ -7,7 +7,13 @@
 {% block content %}
 <div class="row">
    <div class="col-sm-12">
-        <h1>My Checks</h1>
+        <h1>
+        {% if request.team == request.user.profile %}
+            My Checks
+        {% else %}
+            {{ request.team.team_name }}
+        {% endif %}
+        </h1>
    </div>
    {% if tags %}
    <div id="my-checks-tags" class="col-sm-12">