harmacist/healthchecks
1
0
Fork 0
forked from GithubBackups/healthchecks
Code Issues Pull Requests Projects Releases Wiki Activity

Fix bug in /accounts/switch_team/, updated messaging.

Browse Source
This commit is contained in:
Pēteris Caune 2016-05-09 18:00:34 +03:00
parent feb2294a7e
commit 435b8c220d
5 changed files with 41 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
hc/accounts/models.py
View File

@ -75,6 +75,11 @@ class Profile(models.Model):
member = Member(team=self, user=user) member = Member(team=self, user=user)
member.save() member.save()
# Switch the invited user over to the new team so they
# notice the new team on next visit:
user.profile.current_team = self
user.profile.save()
user.profile.send_instant_login_link(self) user.profile.send_instant_login_link(self)

7
hc/accounts/tests/test_switch_team.py
View File

@ -21,3 +21,10 @@ class SwitchTeamTestCase(BaseTestCase):
url = "/accounts/switch_team/%s/" % self.alice.username url = "/accounts/switch_team/%s/" % self.alice.username
r = self.client.get(url) r = self.client.get(url)
self.assertEqual(r.status_code, 403) self.assertEqual(r.status_code, 403)
def test_it_switches_to_own_team(self):
self.client.login(username="alice@example.org", password="password")
url = "/accounts/switch_team/%s/" % self.alice.username
r = self.client.get(url, follow=True)
self.assertEqual(r.status_code, 200)

21
hc/accounts/views.py
View File

@ -226,12 +226,23 @@ def unsubscribe_reports(request, username):
def switch_team(request, target_username): def switch_team(request, target_username):
other_user = User.objects.get(username=target_username) other_user = User.objects.get(username=target_username)
# The rules:
# Superuser can switch to any team. # Superuser can switch to any team.
# Other users can only switch to a team they are members of. access_ok = request.user.is_superuser
if not request.user.is_superuser:
q = Member.objects.filter(team=other_user.profile, user=request.user) # Users can switch to teams they are members of.
if q.count() == 0: if not access_ok and other_user.id == request.user.id:
return HttpResponseForbidden() access_ok = True
# Users can switch to their own teams.
if not access_ok:
for membership in request.user.member_set.all():
if membership.team.user.id == other_user.id:
access_ok = True
break
if not access_ok:
return HttpResponseForbidden()
request.user.profile.current_team = other_user.profile request.user.profile.current_team = other_user.profile
request.user.profile.save() request.user.profile.save()

6
templates/emails/login-body-html.html
View File

@ -1,5 +1,11 @@
<p>Hello,</p> <p>Hello,</p>
{% if inviting_profile %}
<p>Joining {{ inviting_profile }} will allow you to manage existing
monitoring checks and set up new ones. If you already have your own account
on healthchecks.io, you will be able to switch between the two accounts.</p>
{% endif %}
<p>Here's a link to log yourself in:</p> <p>Here's a link to log yourself in:</p>
<p><a href="{{ login_link }}">{{ login_link }}</a></p> <p><a href="{{ login_link }}">{{ login_link }}</a></p>

8
templates/front/my_checks.html
View File

@ -7,7 +7,13 @@
{% block content %} {% block content %}
<div class="row"> <div class="row">
<div class="col-sm-12"> <div class="col-sm-12">
<h1>My Checks</h1> <h1>
{% if request.team == request.user.profile %}
My Checks
{% else %}
{{ request.team.team_name }}
{% endif %}
</h1>
</div> </div>
{% if tags %} {% if tags %}
<div id="my-checks-tags" class="col-sm-12"> <div id="my-checks-tags" class="col-sm-12">