From bc9539a35e5b1bfbee3f537f6ae363b95136323d Mon Sep 17 00:00:00 2001 From: Murilo Dal Ri Date: Tue, 31 Oct 2017 14:53:07 +0000 Subject: [PATCH] Remove code that added role to tokens The role should now be added when the token is generated in our frontend apps, so we can remove that step from here. --- CHANGELOG.md | 40 ++++++++++++++++++++++++++++++++++++++ dmutils/__init__.py | 2 +- dmutils/email/tokens.py | 4 ---- tests/email/test_tokens.py | 28 -------------------------- 4 files changed, 41 insertions(+), 33 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 026473c8..02e8996c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,46 @@ Records breaking changes from major version bumps +## 30.0.0 + +PR: [#341](https://github.com/alphagov/digitalmarketplace-utils/pull/341) + +### What changed + +We don't need to add the user role to tokens when decoding them since now we're using the "send_user_account_email" function to create tokens and the user role should be passed in to that function. + +### Example app changes + +Old token creation: +``` +token = generate_token( + { + "role": "supplier", + "supplier_id": 1234, + "supplier_name": "Supplier Name", + "email_address": "supplier@example.com" + }, + current_app.config['SHARED_EMAIL_KEY'], + current_app.config['INVITE_EMAIL_SALT'] +) +``` +New token creation: +``` +send_user_account_email( + 'supplier', + "murilo@example.com", + current_app.config['NOTIFY_TEMPLATES']['invite_contributor'], + extra_token_data={ + 'supplier_id': 1234, + 'supplier_name': "Supplier Name" + }, + personalisation={ + 'user': "Name", + 'supplier': "Supplier Name" + } +) +``` + ## 29.0.0 PR: [#339](https://github.com/alphagov/digitalmarketplace-utils/pull/339) diff --git a/dmutils/__init__.py b/dmutils/__init__.py index be00fa50..e9e2e9e4 100644 --- a/dmutils/__init__.py +++ b/dmutils/__init__.py @@ -4,4 +4,4 @@ import flask_featureflags # noqa -__version__ = '29.0.0' +__version__ = '30.0.0' diff --git a/dmutils/email/tokens.py b/dmutils/email/tokens.py index afc01bc1..c664250c 100644 --- a/dmutils/email/tokens.py +++ b/dmutils/email/tokens.py @@ -133,10 +133,6 @@ def decode_invitation_token(encoded_token): current_app.config['INVITE_EMAIL_SALT'], SEVEN_DAYS_IN_SECONDS ) - if 'role' not in token: - token.update({ - 'role': 'supplier' if token.get('supplier_id') else 'buyer' - }) return token except fernet.InvalidToken as error: diff --git a/tests/email/test_tokens.py b/tests/email/test_tokens.py index 2c926dd9..d6c2ed63 100644 --- a/tests/email/test_tokens.py +++ b/tests/email/test_tokens.py @@ -189,34 +189,6 @@ def test_decode_invitation_token_returns_an_error_and_role_if_token_expired(emai assert decode_invitation_token(token) == {'error': 'token_expired', 'role': 'supplier'} -def test_decode_invitation_token_adds_the_role_key_to_old_style_buyer_tokens(email_app): - data = {'email_address': 'test-user@email.com'} - token = generate_token(data, 'Key', 'Salt') - - with email_app.app_context(): - assert decode_invitation_token(token) == { - 'email_address': 'test-user@email.com', - 'role': 'buyer' - } - - -def test_decode_invitation_token_adds_the_role_key_to_old_style_supplier_tokens(email_app): - data = { - 'email_address': 'test-user@email.com', - 'supplier_id': 1234, - 'supplier_name': 'A. Supplier', - } - token = generate_token(data, 'Key', 'Salt') - - with email_app.app_context(): - assert decode_invitation_token(token) == { - 'email_address': 'test-user@email.com', - 'supplier_id': 1234, - 'supplier_name': 'A. Supplier', - 'role': 'supplier' - } - - def test_decode_invitation_token_adds_the_role_key_to_expired_old_style_buyer_tokens(email_app): with freeze_time('2015-01-02 03:04:05'): data = {'email_address': 'test-user@email.com'}