Merge pull request #30 from tracim/fix/834_endpoint_enable_disable_notification

backend/tracim_backend/models/context_models.py

     """
     def __init__(self, workspace_id: int, user_id: int):
         self.workspace_id = workspace_id
-        self.user_id = workspace_id
+        self.user_id = user_id
 
 
 class UserWorkspaceAndContentPath(object):
     def __init__(
         self,
         role: str,
-        do_notify: bool,
     ):
         self.role = role
-        self.do_notify = do_notify
 
 
 class WorkspaceMemberInvitation(object):
         user_id: int,
         user_email_or_public_name: str,
         role: str,
-        do_notify: str,
     ):
         self.role = role
         self.user_email_or_public_name = user_email_or_public_name
         self.user_id = user_id
-        self.do_notify = do_notify
 
 
 class WorkspaceUpdate(object):

backend/tracim_backend/tests/functional/test_user.py

         )
 
 
+class TestUserEnableWorkspaceNotification(FunctionalTest):
+    """
+    Tests for /api/v2/users/{user_id}/workspaces/{workspace_id}/notify
+    """
+    def test_api_enable_user_workspace_notification__ok__200__admin(self):
+        # init DB
+        dbsession = get_tm_session(self.session_factory, transaction.manager)
+        admin = dbsession.query(models.User) \
+            .filter(models.User.email == 'admin@admin.admin') \
+            .one()
+        workspace_api = WorkspaceApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config
+
+        )
+        workspace = WorkspaceApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        ).create_workspace(
+            'test workspace',
+            save_now=True
+        )
+        uapi = UserApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        gapi = GroupApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        groups = [gapi.get_one_with_name('users')]
+        test_user = uapi.create_user(
+            email='test@test.test',
+            password='pass',
+            name='bob',
+            groups=groups,
+            timezone='Europe/Paris',
+            lang='fr',
+            do_save=True,
+            do_notify=False,
+        )
+        rapi = RoleApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, with_notif=False)  # nopep8
+        transaction.commit()
+        role = rapi.get_one(test_user.user_id, workspace.workspace_id)
+        assert role.do_notify is False
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        self.testapp.put_json('/api/v2/users/{user_id}/workspaces/{workspace_id}/notify'.format(  # nopep8
+            user_id=test_user.user_id,
+            workspace_id=workspace.workspace_id
+        ), status=204)
+        dbsession = get_tm_session(self.session_factory, transaction.manager)
+        rapi = RoleApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        role = rapi.get_one(test_user.user_id, workspace.workspace_id)
+        assert role.do_notify is True
+
+    def test_api_enable_user_workspace_notification__ok__200__user_itself(self):
+        # init DB
+        dbsession = get_tm_session(self.session_factory, transaction.manager)
+        admin = dbsession.query(models.User) \
+            .filter(models.User.email == 'admin@admin.admin') \
+            .one()
+        workspace_api = WorkspaceApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config
+
+        )
+        workspace = WorkspaceApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        ).create_workspace(
+            'test workspace',
+            save_now=True
+        )
+        uapi = UserApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        gapi = GroupApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        groups = [gapi.get_one_with_name('users')]
+        test_user = uapi.create_user(
+            email='test@test.test',
+            password='pass',
+            name='bob',
+            groups=groups,
+            timezone='Europe/Paris',
+            lang='fr',
+            do_save=True,
+            do_notify=False,
+        )
+        rapi = RoleApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, with_notif=False)  # nopep8
+        transaction.commit()
+        role = rapi.get_one(test_user.user_id, workspace.workspace_id)
+        assert role.do_notify is False
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'test@test.test',
+                'pass',
+            )
+        )
+        self.testapp.put_json('/api/v2/users/{user_id}/workspaces/{workspace_id}/notify'.format(  # nopep8
+            user_id=test_user.user_id,
+            workspace_id=workspace.workspace_id
+        ), status=204)
+
+        dbsession = get_tm_session(self.session_factory, transaction.manager)
+        rapi = RoleApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        role = rapi.get_one(test_user.user_id, workspace.workspace_id)
+        assert role.do_notify is True
+
+    def test_api_enable_user_workspace_notification__err__403__other_user(self):
+        # init DB
+        dbsession = get_tm_session(self.session_factory, transaction.manager)
+        admin = dbsession.query(models.User) \
+            .filter(models.User.email == 'admin@admin.admin') \
+            .one()
+        workspace_api = WorkspaceApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config
+
+        )
+        workspace = WorkspaceApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        ).create_workspace(
+            'test workspace',
+            save_now=True
+        )
+        uapi = UserApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        gapi = GroupApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        groups = [gapi.get_one_with_name('users')]
+        test_user = uapi.create_user(
+            email='test@test.test',
+            password='pass',
+            name='bob',
+            groups=groups,
+            timezone='Europe/Paris',
+            lang='fr',
+            do_save=True,
+            do_notify=False,
+        )
+        test_user2 = uapi.create_user(
+            email='test2@test2.test2',
+            password='pass',
+            name='boby',
+            groups=groups,
+            timezone='Europe/Paris',
+            lang='fr',
+            do_save=True,
+            do_notify=False,
+        )
+        rapi = RoleApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, with_notif=False)  # nopep8
+        rapi.create_one(test_user2, workspace, UserRoleInWorkspace.READER, with_notif=False)  # nopep8
+        transaction.commit()
+        role = rapi.get_one(test_user.user_id, workspace.workspace_id)
+        assert role.do_notify is False
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'test2@test2.test2',
+                'pass',
+            )
+        )
+        self.testapp.put_json('/api/v2/users/{user_id}/workspaces/{workspace_id}/notify'.format(  # nopep8
+            user_id=test_user.user_id,
+            workspace_id=workspace.workspace_id
+        ), status=403)
+
+
+class TestUserDisableWorkspaceNotification(FunctionalTest):
+    """
+    Tests for /api/v2/users/{user_id}/workspaces/{workspace_id}/unnotify
+    """
+    def test_api_disable_user_workspace_notification__ok__200__admin(self):
+        # init DB
+        dbsession = get_tm_session(self.session_factory, transaction.manager)
+        admin = dbsession.query(models.User) \
+            .filter(models.User.email == 'admin@admin.admin') \
+            .one()
+        workspace_api = WorkspaceApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config
+
+        )
+        workspace = WorkspaceApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        ).create_workspace(
+            'test workspace',
+            save_now=True
+        )
+        uapi = UserApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        gapi = GroupApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        groups = [gapi.get_one_with_name('users')]
+        test_user = uapi.create_user(
+            email='test@test.test',
+            password='pass',
+            name='bob',
+            groups=groups,
+            timezone='Europe/Paris',
+            lang='fr',
+            do_save=True,
+            do_notify=True,
+        )
+        rapi = RoleApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, with_notif=True)  # nopep8
+        transaction.commit()
+        role = rapi.get_one(test_user.user_id, workspace.workspace_id)
+        assert role.do_notify is True
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        self.testapp.put_json('/api/v2/users/{user_id}/workspaces/{workspace_id}/unnotify'.format(  # nopep8
+            user_id=test_user.user_id,
+            workspace_id=workspace.workspace_id
+        ), status=204)
+
+        dbsession = get_tm_session(self.session_factory, transaction.manager)
+        rapi = RoleApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        role = rapi.get_one(test_user.user_id, workspace.workspace_id)
+        assert role.do_notify is False
+
+    def test_api_enable_user_workspace_notification__ok__200__user_itself(self):
+        # init DB
+        dbsession = get_tm_session(self.session_factory, transaction.manager)
+        admin = dbsession.query(models.User) \
+            .filter(models.User.email == 'admin@admin.admin') \
+            .one()
+        workspace_api = WorkspaceApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config
+
+        )
+        workspace = WorkspaceApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        ).create_workspace(
+            'test workspace',
+            save_now=True
+        )
+        uapi = UserApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        gapi = GroupApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        groups = [gapi.get_one_with_name('users')]
+        test_user = uapi.create_user(
+            email='test@test.test',
+            password='pass',
+            name='bob',
+            groups=groups,
+            timezone='Europe/Paris',
+            lang='fr',
+            do_save=True,
+            do_notify=False,
+        )
+        rapi = RoleApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, with_notif=True)  # nopep8
+        transaction.commit()
+        role = rapi.get_one(test_user.user_id, workspace.workspace_id)
+        assert role.do_notify is True
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'test@test.test',
+                'pass',
+            )
+        )
+        self.testapp.put_json('/api/v2/users/{user_id}/workspaces/{workspace_id}/unnotify'.format(  # nopep8
+            user_id=test_user.user_id,
+            workspace_id=workspace.workspace_id
+        ), status=204)
+        dbsession = get_tm_session(self.session_factory, transaction.manager)
+        rapi = RoleApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        role = rapi.get_one(test_user.user_id, workspace.workspace_id)
+        assert role.do_notify is False
+
+    def test_api_disable_user_workspace_notification__err__403__other_user(self):
+        # init DB
+        dbsession = get_tm_session(self.session_factory, transaction.manager)
+        admin = dbsession.query(models.User) \
+            .filter(models.User.email == 'admin@admin.admin') \
+            .one()
+        workspace_api = WorkspaceApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config
+
+        )
+        workspace = WorkspaceApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        ).create_workspace(
+            'test workspace',
+            save_now=True
+        )
+        uapi = UserApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        gapi = GroupApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        groups = [gapi.get_one_with_name('users')]
+        test_user = uapi.create_user(
+            email='test@test.test',
+            password='pass',
+            name='bob',
+            groups=groups,
+            timezone='Europe/Paris',
+            lang='fr',
+            do_save=True,
+            do_notify=False,
+        )
+        test_user2 = uapi.create_user(
+            email='test2@test2.test2',
+            password='pass',
+            name='boby',
+            groups=groups,
+            timezone='Europe/Paris',
+            lang='fr',
+            do_save=True,
+            do_notify=False,
+        )
+        rapi = RoleApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        rapi.create_one(test_user, workspace, UserRoleInWorkspace.READER, with_notif=True)  # nopep8
+        rapi.create_one(test_user2, workspace, UserRoleInWorkspace.READER, with_notif=False)  # nopep8
+        transaction.commit()
+        role = rapi.get_one(test_user.user_id, workspace.workspace_id)
+        assert role.do_notify is True
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'test2@test2.test2',
+                'pass',
+            )
+        )
+        self.testapp.put_json('/api/v2/users/{user_id}/workspaces/{workspace_id}/unnotify'.format(  # nopep8
+            user_id=test_user.user_id,
+            workspace_id=workspace.workspace_id
+        ), status=403)
+
+
 class TestUserWorkspaceEndpoint(FunctionalTest):
     """
     Tests for /api/v2/users/{user_id}/workspaces
         params = {
             'public_name': 'updated',
             'timezone': 'Europe/London',
-            'lang' : 'en',
+            'lang': 'en',
         }
         self.testapp.put_json(
             '/api/v2/users/{}'.format(user_id),

backend/tracim_backend/tests/functional/test_workspaces.py

         assert 'details' in res.json.keys()
 
 
+class TestWorkspacesEndpoints(FunctionalTest):
+    """
+    Tests for /api/v2/workspaces
+    """
+    fixtures = [BaseFixture]
+
+    def test_api__get_workspaces__ok_200__nominal_case(self):
+        """
+        Check obtain all workspaces reachables for user with user auth.
+        """
+        dbsession = get_tm_session(self.session_factory, transaction.manager)
+        admin = dbsession.query(models.User) \
+            .filter(models.User.email == 'admin@admin.admin') \
+            .one()
+
+        workspace_api = WorkspaceApi(
+            session=dbsession,
+            current_user=admin,
+            config=self.app_config,
+        )
+        workspace_api.create_workspace('test', save_now=True)  # nopep8
+        workspace_api.create_workspace('test2', save_now=True)  # nopep8
+        workspace_api.create_workspace('test3', save_now=True)  # nopep8
+        transaction.commit()
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        res = self.testapp.get('/api/v2/workspaces', status=200)
+        res = res.json_body
+        assert len(res) == 3
+        workspace = res[0]
+        assert workspace['label'] == 'test'
+        assert workspace['slug'] == 'test'
+        workspace = res[1]
+        assert workspace['label'] == 'test2'
+        assert workspace['slug'] == 'test2'
+        workspace = res[2]
+        assert workspace['label'] == 'test3'
+        assert workspace['slug'] == 'test3'
+
+    def test_api__get_workspaces__err_403__unallowed_user(self):
+        """
+        Check obtain all workspaces reachables for one user
+        with another non-admin user auth.
+        """
+        dbsession = get_tm_session(self.session_factory, transaction.manager)
+        admin = dbsession.query(models.User) \
+            .filter(models.User.email == 'admin@admin.admin') \
+            .one()
+        uapi = UserApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        gapi = GroupApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        groups = [gapi.get_one_with_name('users')]
+        user = uapi.create_user('test@test.test', password='test@test.test',
+                                do_save=True, do_notify=False,
+                                groups=groups)  # nopep8
+        transaction.commit()
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'test@test.test',
+                'test@test.test'
+            )
+        )
+        res = self.testapp.get('/api/v2/workspaces', status=403)
+        assert isinstance(res.json, dict)
+        assert 'code' in res.json.keys()
+        assert 'message' in res.json.keys()
+        assert 'details' in res.json.keys()
+
+    def test_api__get_workspaces__err_401__unregistered_user(self):
+        """
+        Check obtain all workspaces reachables for one user
+        without correct user auth (user unregistered).
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'john@doe.doe',
+                'lapin'
+            )
+        )
+        res = self.testapp.get('/api/v2/workspaces', status=401)
+        assert isinstance(res.json, dict)
+        assert 'code' in res.json.keys()
+        assert 'message' in res.json.keys()
+        assert 'details' in res.json.keys()
+
+
 class TestWorkspaceMembersEndpoint(FunctionalTest):
     """
     Tests for /api/v2/workspaces/{workspace_id}/members endpoint
         assert 'message' in res.json.keys()
         assert 'details' in res.json.keys()
 
+    def test_api__get_workspace_member__ok_200__self(self):
+        """
+        Check obtain workspace members list with a reachable workspace for user
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        res = self.testapp.get('/api/v2/workspaces/1/members/1', status=200).json_body   # nopep8
+        user_role = res
+        assert user_role['role'] == 'workspace-manager'
+        assert user_role['user_id'] == 1
+        assert user_role['workspace_id'] == 1
+        assert user_role['workspace']['workspace_id'] == 1
+        assert user_role['workspace']['label'] == 'Business'
+        assert user_role['workspace']['slug'] == 'business'
+        assert user_role['user']['public_name'] == 'Global manager'
+        assert user_role['user']['user_id'] == 1
+        assert user_role['is_active'] is True
+        assert user_role['do_notify'] is True
+        # TODO - G.M - 24-05-2018 - [Avatar] Replace
+        # by correct value when avatar feature will be enabled
+        assert user_role['user']['avatar_url'] is None
+
+    def test_api__get_workspace_member__ok_200__other_user(self):
+        """
+        Check obtain workspace members list with a reachable workspace for user
+        """
+        dbsession = get_tm_session(self.session_factory, transaction.manager)
+        admin = dbsession.query(models.User) \
+            .filter(models.User.email == 'admin@admin.admin') \
+            .one()
+        uapi = UserApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        gapi = GroupApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        groups = [gapi.get_one_with_name('managers')]
+        user = uapi.create_user('test@test.test', password='test@test.test', do_save=True, do_notify=False, groups=groups)  # nopep8
+        workspace_api = WorkspaceApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        workspace = workspace_api.create_workspace('test_2', save_now=True)  # nopep8
+        rapi = RoleApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        rapi.create_one(user, workspace, UserRoleInWorkspace.READER, False)  # nopep8
+        transaction.commit()
+        user_id = user.user_id
+        workspace_id = workspace.workspace_id
+        admin_id = admin.user_id
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        print(str(user_id) + '##' + str(workspace_id))
+        res = self.testapp.get('/api/v2/workspaces/{}/members/{}'.format(
+            workspace_id,
+            user_id
+        ), status=200).json_body
+        user_role = res
+        assert user_role['role'] == 'reader'
+        assert user_role['user_id'] == user_id
+        assert user_role['workspace_id'] == workspace_id
+        assert user_role['is_active'] is True
+        assert user_role['do_notify'] is False
+
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'test@test.test',
+                'test@test.test'
+            )
+        )
+        res = self.testapp.get('/api/v2/workspaces/{}/members/{}'.format(
+            workspace_id,
+            admin_id
+        ), status=200).json_body
+        user_role = res
+        assert user_role['role'] == 'workspace-manager'
+        assert user_role['user_id'] == admin_id
+        assert user_role['workspace_id'] == workspace_id
+        assert user_role['is_active'] is True
+        assert user_role['do_notify'] is True
+
+
+    def test_api__get_workspace_member__err_400__unallowed_user(self):
+        """
+        Check obtain workspace members info with an unreachable workspace for
+        user
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'lawrence-not-real-email@fsf.local',
+                'foobarbaz'
+            )
+        )
+        res = self.testapp.get('/api/v2/workspaces/3/members/1', status=400)
+        assert isinstance(res.json, dict)
+        assert 'code' in res.json.keys()
+        assert 'message' in res.json.keys()
+        assert 'details' in res.json.keys()
+
+    def test_api__get_workspace_member__err_401__unregistered_user(self):
+        """
+        Check obtain workspace member info with an unregistered user
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'john@doe.doe',
+                'lapin'
+            )
+        )
+        res = self.testapp.get('/api/v2/workspaces/1/members/1', status=401)
+        assert isinstance(res.json, dict)
+        assert 'code' in res.json.keys()
+        assert 'message' in res.json.keys()
+        assert 'details' in res.json.keys()
+
+
     def test_api__get_workspace_members__err_400__workspace_does_not_exist(self):  # nopep8
         """
         Check obtain workspace members list with an existing user but
             'user_id': 2,
             'user_email_or_public_name': None,
             'role': 'content-manager',
-            'do_notify': False,
         }
         res = self.testapp.post_json(
             '/api/v2/workspaces/1/members',
             'user_id': None,
             'user_email_or_public_name': 'lawrence-not-real-email@fsf.local',
             'role': 'content-manager',
-            'do_notify': 'True',
         }
         res = self.testapp.post_json(
             '/api/v2/workspaces/1/members',
         assert user_role_found['workspace_id'] == 1
         assert user_role_found['newly_created'] is False
         assert user_role_found['email_sent'] is False
-        assert user_role_found['do_notify'] is True
+        assert user_role_found['do_notify'] is False
 
         res = self.testapp.get('/api/v2/workspaces/1/members', status=200).json_body   # nopep8
         assert len(res) == 2
             'user_id': None,
             'user_email_or_public_name': 'Lawrence L.',
             'role': 'content-manager',
-            'do_notify': True,
         }
         res = self.testapp.post_json(
             '/api/v2/workspaces/1/members',
         assert user_role_found['workspace_id'] == 1
         assert user_role_found['newly_created'] is False
         assert user_role_found['email_sent'] is False
-        assert user_role_found['do_notify'] is True
+        assert user_role_found['do_notify'] is False
 
         res = self.testapp.get('/api/v2/workspaces/1/members', status=200).json_body   # nopep8
         assert len(res) == 2
             'user_id': None,
             'user_email_or_public_name': None,
             'role': 'content-manager',
-            'do_notify': True,
         }
         res = self.testapp.post_json(
             '/api/v2/workspaces/1/members',
             'user_id': 47,
             'user_email_or_public_name': None,
             'role': 'content-manager',
-            'do_notify': True,
         }
         res = self.testapp.post_json(
             '/api/v2/workspaces/1/members',
             'user_id': None,
             'user_email_or_public_name': 'nothing@nothing.nothing',
             'role': 'content-manager',
-            'do_notify': True,
         }
         res = self.testapp.post_json(
             '/api/v2/workspaces/1/members',
         assert user_role_found['workspace_id'] == 1
         assert user_role_found['newly_created'] is True
         assert user_role_found['email_sent'] is False
-        assert user_role_found['do_notify'] is True
+        assert user_role_found['do_notify'] is False
 
         res = self.testapp.get('/api/v2/workspaces/1/members',
                                status=200).json_body  # nopep8
         assert user_role['role'] == 'workspace-manager'
         assert user_role['user_id'] == 1
         assert user_role['workspace_id'] == 1
+        assert user_role['do_notify'] is True
         # update workspace role
         params = {
             'role': 'content-manager',
-            'do_notify': False,
         }
         res = self.testapp.put_json(
             '/api/v2/workspaces/1/members/1',
         assert len(res) == 1
         user_role = res[0]
         assert user_role['role'] == 'content-manager'
-        assert user_role['do_notify'] is False
+        assert user_role['do_notify'] is True
         assert user_role['user_id'] == 1
         assert user_role['workspace_id'] == 1
 
             'user_id': None,
             'user_email_or_public_name': 'bob@bob.bob',
             'role': 'content-manager',
-            'do_notify': True,
         }
         res = self.testapp.post_json(
             '/api/v2/workspaces/1/members',
         assert user_role_found['workspace_id'] == 1
         assert user_role_found['newly_created'] is True
         assert user_role_found['email_sent'] is True
-        assert user_role_found['do_notify'] is True
+        assert user_role_found['do_notify'] is False
 
         # check mail received
         response = requests.get('http://127.0.0.1:8025/api/v1/messages')
             'user_id': None,
             'user_email_or_public_name': 'bob@bob.bob',
             'role': 'content-manager',
-            'do_notify': True,
         }
         res = self.testapp.post_json(
             '/api/v2/workspaces/1/members',

backend/tracim_backend/views/core_api/schemas.py

         example='contributor',
         validate=OneOf(UserRoleInWorkspace.get_all_role_slug())
     )
-    do_notify = marshmallow.fields.Bool(
-        description='has user enabled notification for this workspace',
-        example=True,
-        default=None,
-        allow_none=True,
-    )
 
     @post_load
     def make_role(self, data):

backend/tracim_backend/views/core_api/user_controller.py

 from pyramid.config import Configurator
+from tracim_backend.lib.core.userworkspace import RoleApi
 from tracim_backend.lib.utils.utils import password_generator
 
 try:  # Python 3.5+
         api.mark_read__workspace(request.current_workspace)
         return
 
+    @hapic.with_api_doc(tags=[SWAGGER_TAG__USER_ENDPOINTS])
+    @require_same_user_or_profile(Group.TIM_ADMIN)
+    @hapic.input_path(UserWorkspaceIdPathSchema())
+    @hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.NO_CONTENT)  # nopep8
+    def enable_workspace_notification(self, context, request: TracimRequest, hapic_data=None):  # nopep8
+        """
+        enable workspace notification
+        """
+        app_config = request.registry.settings['CFG']
+        api = ContentApi(
+            current_user=request.candidate_user,  # User
+            session=request.dbsession,
+            config=app_config,
+        )
+        wapi = WorkspaceApi(
+            current_user=request.candidate_user,  # User
+            session=request.dbsession,
+            config=app_config,
+        )
+        workspace = wapi.get_one(hapic_data.path.workspace_id)
+        wapi.enable_notifications(request.candidate_user, workspace)
+        rapi = RoleApi(
+            current_user=request.candidate_user,  # User
+            session=request.dbsession,
+            config=app_config,
+        )
+        role = rapi.get_one(request.candidate_user.user_id, workspace.workspace_id)
+        wapi.save(workspace)
+        return
+
+    @hapic.with_api_doc(tags=[SWAGGER_TAG__USER_ENDPOINTS])
+    @require_same_user_or_profile(Group.TIM_ADMIN)
+    @hapic.input_path(UserWorkspaceIdPathSchema())
+    @hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.NO_CONTENT)  # nopep8
+    def disable_workspace_notification(self, context, request: TracimRequest, hapic_data=None):  # nopep8
+        """
+        disable workspace notification
+        """
+        app_config = request.registry.settings['CFG']
+        api = ContentApi(
+            current_user=request.candidate_user,  # User
+            session=request.dbsession,
+            config=app_config,
+        )
+        wapi = WorkspaceApi(
+            current_user=request.candidate_user,  # User
+            session=request.dbsession,
+            config=app_config,
+        )
+        workspace = wapi.get_one(hapic_data.path.workspace_id)
+        wapi.disable_notifications(request.candidate_user, workspace)
+        wapi.save(workspace)
+        return
+
     def bind(self, configurator: Configurator) -> None:
         """
         Create all routes and views using pyramid configurator
         # set workspace as read
         configurator.add_route('read_workspace', '/users/{user_id}/workspaces/{workspace_id}/read', request_method='PUT')  # nopep8
         configurator.add_view(self.set_workspace_as_read, route_name='read_workspace')  # nopep8
+
+        # enable workspace notification
+        configurator.add_route('enable_workspace_notification', '/users/{user_id}/workspaces/{workspace_id}/notify', request_method='PUT')  # nopep8
+        configurator.add_view(self.enable_workspace_notification, route_name='enable_workspace_notification')  # nopep8
+
+        # enable workspace notification
+        configurator.add_route('disable_workspace_notification', '/users/{user_id}/workspaces/{workspace_id}/unnotify', request_method='PUT')  # nopep8
+        configurator.add_view(self.disable_workspace_notification, route_name='disable_workspace_notification')  # nopep8

backend/tracim_backend/views/core_api/workspace_controller.py

 from tracim_backend.lib.core.content import ContentApi
 from tracim_backend.lib.core.userworkspace import RoleApi
 from tracim_backend.lib.utils.authorization import require_workspace_role
+from tracim_backend.lib.utils.authorization import require_same_user_or_profile
 from tracim_backend.lib.utils.authorization import require_profile_or_other_profile_with_workspace_role
 from tracim_backend.lib.utils.authorization import require_profile
 from tracim_backend.models import Group
         return wapi.get_workspace_with_context(request.current_workspace)
 
     @hapic.with_api_doc(tags=[SWAGGER_TAG_WORKSPACE_ENDPOINTS])
+    @require_profile(Group.TIM_ADMIN)
+    @hapic.output_body(WorkspaceSchema(many=True), )
+    def workspaces(self, context, request: TracimRequest, hapic_data=None):
+        """
+        Get list of all workspaces
+        """
+        app_config = request.registry.settings['CFG']
+        wapi = WorkspaceApi(
+            current_user=request.current_user,  # User
+            session=request.dbsession,
+            config=app_config,
+        )
+
+        workspaces = wapi.get_all()
+        return [
+            wapi.get_workspace_with_context(workspace)
+            for workspace in workspaces
+        ]
+
+    @hapic.with_api_doc(tags=[SWAGGER_TAG_WORKSPACE_ENDPOINTS])
     @hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
     @require_workspace_role(UserRoleInWorkspace.WORKSPACE_MANAGER)
     @hapic.input_path(WorkspaceIdPathSchema())
         ]
 
     @hapic.with_api_doc(tags=[SWAGGER_TAG_WORKSPACE_ENDPOINTS])
+    @require_workspace_role(UserRoleInWorkspace.READER)
+    @hapic.input_path(WorkspaceAndUserIdPathSchema())
+    @hapic.output_body(WorkspaceMemberSchema())
+    def workspaces_member_role(
+            self,
+            context,
+            request: TracimRequest,
+            hapic_data=None
+    ) -> UserRoleWorkspaceInContext:
+        """
+        Get role of user in workspace
+        """
+        app_config = request.registry.settings['CFG']
+        rapi = RoleApi(
+            current_user=request.current_user,
+            session=request.dbsession,
+            config=app_config,
+        )
+
+        role = rapi.get_one(
+            user_id=hapic_data.path.user_id,
+            workspace_id=hapic_data.path.workspace_id,
+        )
+        return rapi.get_user_role_workspace_with_context(role)
+
+    @hapic.with_api_doc(tags=[SWAGGER_TAG_WORKSPACE_ENDPOINTS])
     @require_workspace_role(UserRoleInWorkspace.WORKSPACE_MANAGER)
     @hapic.input_path(WorkspaceAndUserIdPathSchema())
     @hapic.input_body(RoleUpdateSchema())
         workspace_role = WorkspaceRoles.get_role_from_slug(hapic_data.body.role)
         role = rapi.update_role(
             role,
-            role_level=workspace_role.level,
-            with_notif=hapic_data.body.do_notify
+            role_level=workspace_role.level
         )
         return rapi.get_user_role_workspace_with_context(role)
 
             user=user,
             workspace=request.current_workspace,
             role_level=WorkspaceRoles.get_role_from_slug(hapic_data.body.role).level,  # nopep8
-            with_notif=hapic_data.body.do_notify or False,  # nopep8, default value as false
+            with_notif=False,
             flush=True,
         )
         return rapi.get_user_role_workspace_with_context(
         pyramid configurator for this controller
         """
 
+        # Workspaces
+        configurator.add_route('workspaces', '/workspaces', request_method='GET')  # nopep8
+        configurator.add_view(self.workspaces, route_name='workspaces')
         # Workspace
         configurator.add_route('workspace', '/workspaces/{workspace_id}', request_method='GET')  # nopep8
         configurator.add_view(self.workspace, route_name='workspace')
         # Workspace Members (Roles)
         configurator.add_route('workspace_members', '/workspaces/{workspace_id}/members', request_method='GET')  # nopep8
         configurator.add_view(self.workspaces_members, route_name='workspace_members')  # nopep8
+        # Workspace Members (Role) Individual
+        configurator.add_route('workspace_member_role', '/workspaces/{workspace_id}/members/{user_id}', request_method='GET')  # nopep8
+        configurator.add_view(self.workspaces_member_role, route_name='workspace_member_role')  # nopep8
         # Update Workspace Members roles
         configurator.add_route('update_workspace_member', '/workspaces/{workspace_id}/members/{user_id}', request_method='PUT')  # nopep8
         configurator.add_view(self.update_workspaces_members_role, route_name='update_workspace_member')  # nopep8