Fix bug in /accounts/switch_team/, updated messaging.

9 years ago · 435b8c220d
--- a/hc/accounts/models.py
+++ b/hc/accounts/models.py
@ -75,6 +75,11 @@ class Profile(models.Model):
        member = Member(team=self, user=user)
        member.save()

        # Switch the invited user over to the new team so they
        # notice the new team on next visit:
        user.profile.current_team = self
        user.profile.save()

        user.profile.send_instant_login_link(self)


--- a/hc/accounts/tests/test_switch_team.py
+++ b/hc/accounts/tests/test_switch_team.py
@ -21,3 +21,10 @@ class SwitchTeamTestCase(BaseTestCase):
        url = "/accounts/switch_team/%s/" % self.alice.username
        r = self.client.get(url)
        self.assertEqual(r.status_code, 403)

    def test_it_switches_to_own_team(self):
        self.client.login(username="[email protected]", password="password")

        url = "/accounts/switch_team/%s/" % self.alice.username
        r = self.client.get(url, follow=True)
        self.assertEqual(r.status_code, 200)
--- a/hc/accounts/views.py
+++ b/hc/accounts/views.py
@ -226,12 +226,23 @@ def unsubscribe_reports(request, username):
 def switch_team(request, target_username):
    other_user = User.objects.get(username=target_username)

    # The rules:
    # Superuser can switch to any team.
    # Other users can only switch to a team they are members of.
    if not request.user.is_superuser:
        q = Member.objects.filter(team=other_user.profile, user=request.user)
        if q.count() == 0:
            return HttpResponseForbidden()
    access_ok = request.user.is_superuser

    # Users can switch to teams they are members of.
    if not access_ok and other_user.id == request.user.id:
        access_ok = True

    # Users can switch to their own teams.
    if not access_ok:
        for membership in request.user.member_set.all():
            if membership.team.user.id == other_user.id:
                access_ok = True
                break

    if not access_ok:
        return HttpResponseForbidden()

    request.user.profile.current_team = other_user.profile
    request.user.profile.save()
--- a/templates/emails/login-body-html.html
+++ b/templates/emails/login-body-html.html
@ -1,5 +1,11 @@
 <p>Hello,</p>

 {% if inviting_profile %}
 <p>Joining {{ inviting_profile }} will allow you to manage existing
 monitoring checks and set up new ones. If you already have your own account
 on healthchecks.io, you will be able to switch between the two accounts.</p>
 {% endif %}

 <p>Here's a link to log yourself in:</p>
 <p><a href="{{ login_link }}">{{ login_link }}</a></p>

--- a/templates/front/my_checks.html
+++ b/templates/front/my_checks.html
@ -7,7 +7,13 @@
 {% block content %}
 <div class="row">
    <div class="col-sm-12">
        <h1>My Checks</h1>
        <h1>
        {% if request.team == request.user.profile %}
            My Checks
        {% else %}
            {{ request.team.team_name }}
        {% endif %}
        </h1>
    </div>
    {% if tags %}
    <div id="my-checks-tags" class="col-sm-12">