Merge pull request #5866 from 4teamwork/es-frontend-351-fix-participa…

…tion-api Fix workspace participation restapi.
4teamwork · Aug 15, 2019 · 29ddc4a · 29ddc4a
2 parents c83660a + 2ca4c4b
commit 29ddc4a
Show file tree

Hide file tree

Showing 3 changed files with 55 additions and 19 deletions.
diff --git a/docs/HISTORY.txt b/docs/HISTORY.txt
@@ -4,6 +4,7 @@ Changelog
 2019.4.0rc2 (unreleased)
 ------------------------
 
+- Fix workspace participation restapi to handle new payload format for post and patch requests due to the new plone.restapi. [elioschmutz]
 - Update workflow security for opengever_workspace workflow to fix permission on existing workspaces. [elioschmutz]
 - Remove userid from the users fullname in all teamraum sources. [phgross]
 - Move task reminders of responsibles to the successor, when accepting a multi admin unit task. [phgross]

diff --git a/opengever/api/participation.py b/opengever/api/participation.py
@@ -121,12 +121,13 @@ class ParticipationsPost(ParticipationTraverseService):
     def reply(self):
         self.validate_params()
         data = self.validate_data(json_body(self.request))
-
-        if not self.validate_duplicated_users(data.get('userid')):
+        userid = data.get('user').get('token')
+        role = data.get('role').get('token')
+        if not self.validate_duplicated_users(userid):
             raise BadRequest("User already participate to this workspace")
 
         manager = ManageParticipants(self.context, self.request)
-        invitation = manager._add(data.get('userid'), data.get('role'))
+        invitation = manager._add(userid, role)
         return participation_item(
             self.context, self.request,
             token=invitation['iid'],
@@ -148,7 +149,7 @@ def validate_params(self):
             raise NotFound
 
     def validate_data(self, data):
-        if not data.get('userid'):
+        if not data.get('user'):
             raise BadRequest('Missing parameter userid')
 
         if not data.get('role'):
@@ -164,7 +165,7 @@ def reply(self):
         data = self.validate_data(json_body(self.request))
 
         manager = ManageParticipants(self.context, self.request)
-        manager._modify(token, data.get('role'), participation_type.id)
+        manager._modify(token, data.get('role').get('token'), participation_type.id)
         return None
 
     def read_params(self):
@@ -241,7 +242,7 @@ def reply(self):
         if action == 'accept':
             target = my_invitations_manager._accept(invitation)
             return getMultiAdapter(
-                (target, self.request),ISerializeToJson)(include_items=False)
+                (target, self.request), ISerializeToJson)(include_items=False)
 
     def read_params(self):
         if len(self.params) != 2:

diff --git a/opengever/api/tests/test_participation.py b/opengever/api/tests/test_participation.py
@@ -3,6 +3,7 @@
 from ftw.testing import freeze
 from opengever.testing import IntegrationTestCase
 from opengever.workspace.participation.storage import IInvitationStorage
+from plone.restapi.serializer.converters import json_compatible
 from zExceptions import Unauthorized
 from zope.component import getUtility
 import json
@@ -343,7 +344,10 @@ def test_add_invitiation(self, browser):
             get_entry_by_token(browser.json.get('items'), self.regular_user.id),
             'Regular user should not be a participant of this workspace.')
 
-        data = json.dumps({'userid': self.regular_user.id, 'role': 'WorkspaceGuest'})
+        data = json.dumps(json_compatible({
+            'user': {'token': self.regular_user.id},
+            'role': {'token': 'WorkspaceGuest'}
+        }))
         item = browser.open(
             self.workspace.absolute_url() + '/@participations/invitations',
             method='POST',
@@ -383,7 +387,10 @@ def test_add_invitiation(self, browser):
     def test_can_only_add_invitations_with_Workspace_related_roles(self, browser):
         self.login(self.workspace_admin, browser=browser)
         with browser.expect_http_error(401):
-            data = json.dumps({'userid': self.regular_user.id, 'role': 'Reader'})
+            data = json.dumps(json_compatible({
+                'user': {'token': self.regular_user.id},
+                'role': {'token': 'Reader'}
+            }))
             browser.open(
                 self.workspace.absolute_url() + '/@participations/invitations',
                 method='POST',
@@ -392,7 +399,10 @@ def test_can_only_add_invitations_with_Workspace_related_roles(self, browser):
                 )
 
         with browser.expect_http_error(500):
-            data = json.dumps({'userid': self.regular_user.id, 'role': 'Site Administrator'})
+            data = json.dumps(json_compatible({
+                'user': {'token': self.regular_user.id},
+                'role': {'token': 'Site Administrator'}
+            }))
             browser.open(
                 self.workspace.absolute_url() + '/@participations/invitations',
                 method='POST',
@@ -404,7 +414,10 @@ def test_can_only_add_invitations_with_Workspace_related_roles(self, browser):
     def test_member_cannot_use_post_endpoint(self, browser):
         self.login(self.workspace_member, browser=browser)
         with browser.expect_http_error(401):
-            data = json.dumps({'userid': self.regular_user.id, 'role': 'WorkspaceAdmin'})
+            data = json.dumps(json_compatible({
+                'user': {'token': self.regular_user.id},
+                'role': {'token': 'WorkspaceAdmin'}
+            }))
             browser.open(
                 self.workspace.absolute_url() + '/@participations/invitations',
                 method='POST',
@@ -416,7 +429,10 @@ def test_member_cannot_use_post_endpoint(self, browser):
     def test_guest_cannot_use_post_endpoint(self, browser):
         self.login(self.workspace_guest, browser=browser)
         with browser.expect_http_error(401):
-            data = json.dumps({'userid': self.regular_user.id, 'role': 'WorkspaceAdmin'})
+            data = json.dumps(json_compatible({
+                'user': {'token': self.regular_user.id},
+                'role': {'token': 'WorkspaceAdmin'}
+            }))
             browser.open(
                 self.workspace.absolute_url() + '/@participations/invitations',
                 method='POST',
@@ -438,8 +454,10 @@ def test_raise_not_found_if_post_on_users_endpoint(self, browser):
     @browsing
     def test_raise_bad_request_if_adding_existing_user(self, browser):
         self.login(self.workspace_admin, browser=browser)
-        data = json.dumps({'userid': self.workspace_guest.id, 'role': 'WorkspaceMember'})
-
+        data = json.dumps(json_compatible({
+            'user': {'token': self.workspace_guest.id},
+            'role': {'token': 'WorkspaceMember'}
+        }))
         with browser.expect_http_error(400):
             browser.open(
                 self.workspace.absolute_url() + '/@participations/invitations',
@@ -464,7 +482,9 @@ def test_modify_a_users_loca_roles(self, browser):
         entry = get_entry_by_token(browser.json.get('items'), self.workspace_guest.id)
         self.assertEquals('WorkspaceGuest', entry.get('role'))
 
-        data = json.dumps({'role': 'WorkspaceMember'})
+        data = json.dumps(json_compatible({
+            'role': {'token': 'WorkspaceMember'}
+        }))
         browser.open(
             entry['@id'],
             method='PATCH',
@@ -486,7 +506,9 @@ def test_cannot_modify_inexisting_user(self, browser):
         self.login(self.workspace_admin, browser=browser)
 
         with browser.expect_http_error(400):
-            data = json.dumps({'role': 'WorkspaceMember'})
+            data = json.dumps(json_compatible({
+                'role': {'token': 'WorkspaceMember'}
+            }))
             browser.open(
                 self.workspace.absolute_url() + '/@participations/users/{}'.format(self.regular_user.id),
                 method='PATCH',
@@ -507,7 +529,10 @@ def test_can_only_modify_workspace_roles(self, browser):
         entry = get_entry_by_token(browser.json.get('items'), self.workspace_guest.id)
 
         with browser.expect_http_error(401):
-            data = json.dumps({'role': 'Contributor'})
+            data = json.dumps(json_compatible({
+                'role': {'token': 'Contributor'}
+            }))
+
             browser.open(
                 entry['@id'],
                 method='PATCH',
@@ -524,7 +549,10 @@ def test_modify_role_of_invitation(self, browser):
             self.workspace, self.regular_user.getId(),
             self.workspace_admin.getId(), 'WorkspaceGuest')
 
-        data = json.dumps({'role': 'WorkspaceAdmin'})
+        data = json.dumps(json_compatible({
+            'role': {'token': 'WorkspaceAdmin'}
+        }))
+
         browser.open(
             self.workspace.absolute_url() + '/@participations/invitations/{}'.format(iid),
             method='PATCH',
@@ -555,7 +583,10 @@ def test_do_not_allow_modifying_the_WorkspaceOwnerRole(self, browser):
         entry = get_entry_by_token(browser.json.get('items'), self.workspace_owner.id)
 
         with browser.expect_http_error(400):
-            data = json.dumps({'role': 'WorkspaceAdmin'})
+            data = json.dumps(json_compatible({
+                'role': {'token': 'WorkspaceAdmin'}
+            }))
+
             browser.open(
                 entry['@id'],
                 method='PATCH',
@@ -576,7 +607,10 @@ def test_do_not_allow_modifying_the_current_user(self, browser):
         entry = get_entry_by_token(browser.json.get('items'), self.workspace_admin.id)
 
         with browser.expect_http_error(401):
-            data = json.dumps({'role': 'WorkspaceMember'})
+            data = json.dumps(json_compatible({
+                'role': {'token': 'WorkspaceMember'}
+            }))
+
             browser.open(
                 entry['@id'],
                 method='PATCH',