Merge branch 'develop' of github.com:tracim/tracim_backend into feature/671_read_unread_endpoints

tracim/exceptions.py

 class EmptyCommentContentNotAllowed(EmptyValueNotAllowed):
     pass
 
+
+class RoleDoesNotExist(TracimException):
+    pass
+
+
+class EmailValidationFailed(TracimException):
+    pass
+
+
+class UserCreationFailed(TracimException):
+    pass
+
+
 class ParentNotFound(NotFound):
     pass

tracim/lib/core/user.py

 import typing as typing
 
 from tracim.exceptions import NotificationNotSend
+from tracim.exceptions import EmailValidationFailed
 from tracim.lib.mail_notifier.notifier import get_email_manager
 from sqlalchemy.orm import Session
 
 from tracim.models.auth import User
 from tracim.models.auth import Group
 from sqlalchemy.orm.exc import NoResultFound
-from tracim.exceptions import WrongUserPassword, UserDoesNotExist
+from tracim.exceptions import UserDoesNotExist
+from tracim.exceptions import WrongUserPassword
 from tracim.exceptions import AuthenticationFailed
 from tracim.models.context_models import UserInContext
+from tracim.models.context_models import TypeUser
 
 
 class UserApi(object):
             raise UserDoesNotExist('User "{}" not found in database'.format(email)) from exc  # nopep8
         return user
 
+    def get_one_by_public_name(self, public_name: str) -> User:
+        """
+        Get one user by public_name
+        """
+        try:
+            user = self._base_query().filter(User.display_name == public_name).one()
+        except NoResultFound as exc:
+            raise UserDoesNotExist('User "{}" not found in database'.format(public_name)) from exc  # nopep8
+        return user
     # FIXME - G.M - 24-04-2018 - Duplicate method with get_one.
+
     def get_one_by_id(self, id: int) -> User:
         return self.get_one(user_id=id)
 
     def get_all(self) -> typing.Iterable[User]:
         return self._session.query(User).order_by(User.display_name).all()
 
+    def find(
+            self,
+            user_id: int=None,
+            email: str=None,
+            public_name: str=None
+    ) -> typing.Tuple[TypeUser, User]:
+        """
+        Find existing user from all theses params.
+        Check is made in this order: user_id, email, public_name
+        If no user found raise UserDoesNotExist exception
+        """
+        user = None
+
+        if user_id:
+            try:
+                user = self.get_one(user_id)
+                return TypeUser.USER_ID, user
+            except UserDoesNotExist:
+                pass
+        if email:
+            try:
+                user = self.get_one_by_email(email)
+                return TypeUser.EMAIL, user
+            except UserDoesNotExist:
+                pass
+        if public_name:
+            try:
+                user = self.get_one_by_public_name(public_name)
+                return TypeUser.PUBLIC_NAME, user
+            except UserDoesNotExist:
+                pass
+
+        raise UserDoesNotExist('User not found with any of given params.')
+
     # Check methods
 
     def user_with_email_exists(self, email: str) -> bool:
 
     # Actions
 
+    def _check_email(self, email: str) -> bool:
+        # TODO - G.M - 2018-07-05 - find a better way to check email
+        if not email:
+            return False
+        email = email.split('@')
+        if len(email) != 2:
+            return False
+        return True
+
     def update(
             self,
             user: User,
             user.display_name = name
 
         if email is not None:
+            email_exist = self._check_email(email)
+            if not email_exist:
+                raise EmailValidationFailed('Email given form {} is uncorrect'.format(email))  # nopep8
             user.email = email
 
         if password is not None:
         """Previous create_user method"""
         user = User()
 
+        email_exist = self._check_email(email)
+        if not email_exist:
+            raise EmailValidationFailed('Email given form {} is uncorrect'.format(email))  # nopep8
         user.email = email
+        user.display_name = email.split('@')[0]
 
         for group in groups:
             user.groups.append(group)

tracim/lib/core/userworkspace.py

 
 from tracim import CFG
 from tracim.models.context_models import UserRoleWorkspaceInContext
+from tracim.models.roles import WorkspaceRoles
 
 __author__ = 'damien'
 
 from tracim.models.auth import User
 from tracim.models.data import Workspace
 from tracim.models.data import UserRoleInWorkspace
-from tracim.models.data import RoleType
 
 
 class RoleApi(object):
 
-    ALL_ROLE_VALUES = UserRoleInWorkspace.get_all_role_values()
+    # TODO - G.M - 29-06-2018 - [Cleanup] Drop this
+    # ALL_ROLE_VALUES = UserRoleInWorkspace.get_all_role_values()
     # Dict containing readable members roles for given role
-    members_read_rights = {
-        UserRoleInWorkspace.NOT_APPLICABLE: [],
-        UserRoleInWorkspace.READER: [
-            UserRoleInWorkspace.WORKSPACE_MANAGER,
-        ],
-        UserRoleInWorkspace.CONTRIBUTOR: [
-            UserRoleInWorkspace.WORKSPACE_MANAGER,
-            UserRoleInWorkspace.CONTENT_MANAGER,
-            UserRoleInWorkspace.CONTRIBUTOR,
-        ],
-        UserRoleInWorkspace.CONTENT_MANAGER: [
-            UserRoleInWorkspace.WORKSPACE_MANAGER,
-            UserRoleInWorkspace.CONTENT_MANAGER,
-            UserRoleInWorkspace.CONTRIBUTOR,
-            UserRoleInWorkspace.READER,
-        ],
-        UserRoleInWorkspace.WORKSPACE_MANAGER: [
-            UserRoleInWorkspace.WORKSPACE_MANAGER,
-            UserRoleInWorkspace.CONTENT_MANAGER,
-            UserRoleInWorkspace.CONTRIBUTOR,
-            UserRoleInWorkspace.READER,
-        ],
-    }
+    # members_read_rights = {
+    #     UserRoleInWorkspace.NOT_APPLICABLE: [],
+    #     UserRoleInWorkspace.READER: [
+    #         UserRoleInWorkspace.WORKSPACE_MANAGER,
+    #     ],
+    #     UserRoleInWorkspace.CONTRIBUTOR: [
+    #         UserRoleInWorkspace.WORKSPACE_MANAGER,
+    #         UserRoleInWorkspace.CONTENT_MANAGER,
+    #         UserRoleInWorkspace.CONTRIBUTOR,
+    #     ],
+    #     UserRoleInWorkspace.CONTENT_MANAGER: [
+    #         UserRoleInWorkspace.WORKSPACE_MANAGER,
+    #         UserRoleInWorkspace.CONTENT_MANAGER,
+    #         UserRoleInWorkspace.CONTRIBUTOR,
+    #         UserRoleInWorkspace.READER,
+    #     ],
+    #     UserRoleInWorkspace.WORKSPACE_MANAGER: [
+    #         UserRoleInWorkspace.WORKSPACE_MANAGER,
+    #         UserRoleInWorkspace.CONTENT_MANAGER,
+    #         UserRoleInWorkspace.CONTRIBUTOR,
+    #         UserRoleInWorkspace.READER,
+    #     ],
+    # }
+
+    # TODO - G.M - 29-06-2018 - [Cleanup] Drop this
+    # @classmethod
+    # def role_can_read_member_role(cls, reader_role: int, tested_role: int) \
+    #         -> bool:
+    #     """
+    #     :param reader_role: role as viewer
+    #     :param tested_role: role as viwed
+    #     :return: True if given role can view member role in workspace.
+    #     """
+    #     if reader_role in cls.members_read_rights:
+    #         return tested_role in cls.members_read_rights[reader_role]
+    #     return False
 
     def get_user_role_workspace_with_context(
             self,
-            user_role: UserRoleInWorkspace
+            user_role: UserRoleInWorkspace,
+            newly_created:bool = None,
+            email_sent: bool = None,
     ) -> UserRoleWorkspaceInContext:
         """
         Return WorkspaceInContext object from Workspace
             user_role=user_role,
             dbsession=self._session,
             config=self._config,
+            newly_created=newly_created,
+            email_sent=email_sent,
         )
         return workspace
 
-    @classmethod
-    def role_can_read_member_role(cls, reader_role: int, tested_role: int) \
-            -> bool:
-        """
-        :param reader_role: role as viewer
-        :param tested_role: role as viwed
-        :return: True if given role can view member role in workspace.
-        """
-        if reader_role in cls.members_read_rights:
-            return tested_role in cls.members_read_rights[reader_role]
-        return False
-
-    @classmethod
-    def create_role(cls) -> UserRoleInWorkspace:
-        role = UserRoleInWorkspace()
-
-        return role
-
     def __init__(
         self,
         session: Session,
     def get_one(self, user_id: int, workspace_id: int) -> UserRoleInWorkspace:
         return self._get_one_rsc(user_id, workspace_id).one()
 
+    def update_role(
+        self,
+        role: UserRoleInWorkspace,
+        role_level: int,
+        with_notif: typing.Optional[bool] = None,
+        save_now: bool=False,
+    ):
+        """
+        Update role of user in this workspace
+        :param role: UserRoleInWorkspace object
+        :param role_level: level of new role wanted
+        :param with_notif: is user notification enabled in this workspace ?
+        :param save_now: database flush
+        :return: updated role
+        """
+        role.role = role_level
+        if with_notif is not None:
+            role.do_notify == with_notif
+        if save_now:
+            self.save(role)
+
+        return role
+
     def create_one(
         self,
         user: User,
         with_notif: bool,
         flush: bool=True
     ) -> UserRoleInWorkspace:
-        role = self.create_role()
+        role = UserRoleInWorkspace()
         role.user_id = user.user_id
         role.workspace = workspace
         role.role = role_level
         if flush:
             self._session.flush()
 
-    def _get_all_for_user(self, user_id) -> typing.List[UserRoleInWorkspace]:
-        return self._session.query(UserRoleInWorkspace)\
-            .filter(UserRoleInWorkspace.user_id == user_id)
-
-    def get_all_for_user(self, user: User) -> typing.List[UserRoleInWorkspace]:
-        return self._get_all_for_user(user.user_id).all()
-
-    def get_all_for_user_order_by_workspace(
-        self,
-        user_id: int
-    ) -> typing.List[UserRoleInWorkspace]:
-        return self._get_all_for_user(user_id)\
-            .join(UserRoleInWorkspace.workspace).order_by(Workspace.label).all()
-
     def get_all_for_workspace(
         self,
         workspace:Workspace
     def save(self, role: UserRoleInWorkspace) -> None:
         self._session.flush()
 
-    # TODO - G.M - 07-06-2018 - [Cleanup] Check if this method is already needed
-    @classmethod
-    def get_roles_for_select_field(cls) -> typing.List[RoleType]:
-        """
-
-        :return: list of DictLikeClass instances representing available Roles
-        (to be used in select fields)
-        """
-        result = list()
 
-        for role_id in UserRoleInWorkspace.get_all_role_values():
-            role = RoleType(role_id)
-            result.append(role)
+    # TODO - G.M - 29-06-2018 - [Cleanup] Drop this
+    # @classmethod
+    # def role_can_read_member_role(cls, reader_role: int, tested_role: int) \
+    #         -> bool:
+    #     """
+    #     :param reader_role: role as viewer
+    #     :param tested_role: role as viwed
+    #     :return: True if given role can view member role in workspace.
+    #     """
+    #     if reader_role in cls.members_read_rights:
+    #         return tested_role in cls.members_read_rights[reader_role]
+    #     return False
+    # def _get_all_for_user(self, user_id) -> typing.List[UserRoleInWorkspace]:
+    #     return self._session.query(UserRoleInWorkspace)\
+    #         .filter(UserRoleInWorkspace.user_id == user_id)
+    #
+    # def get_all_for_user(self, user: User) -> typing.List[UserRoleInWorkspace]:
+    #     return self._get_all_for_user(user.user_id).all()
+    #
+    # def get_all_for_user_order_by_workspace(
+    #     self,
+    #     user_id: int
+    # ) -> typing.List[UserRoleInWorkspace]:
+    #     return self._get_all_for_user(user_id)\
+    #         .join(UserRoleInWorkspace.workspace).order_by(Workspace.label).all()
 
-        return result
+    # TODO - G.M - 07-06-2018 - [Cleanup] Check if this method is already needed
+    # @classmethod
+    # def get_roles_for_select_field(cls) -> typing.List[RoleType]:
+    #     """
+    #
+    #     :return: list of DictLikeClass instances representing available Roles
+    #     (to be used in select fields)
+    #     """
+    #     result = list()
+    #
+    #     for role_id in UserRoleInWorkspace.get_all_role_values():
+    #         role = RoleType(role_id)
+    #         result.append(role)
+    #
+    #     return result

tracim/lib/core/workspace.py

 from sqlalchemy.orm import Session
 
 from tracim import CFG
+from tracim.exceptions import EmptyLabelNotAllowed
 from tracim.lib.utils.translation import fake_translator as _
 
 from tracim.lib.core.userworkspace import RoleApi
             save_now: bool=False,
     ) -> Workspace:
         if not label:
-            label = self.generate_label()
+            raise EmptyLabelNotAllowed('Workspace label cannot be empty')
 
         workspace = Workspace()
         workspace.label = label
 
         return workspace
 
+    def update_workspace(
+            self,
+            workspace: Workspace,
+            label: str,
+            description: str,
+            save_now: bool=False,
+    ) -> Workspace:
+        """
+        Update workspace
+        :param workspace: workspace to update
+        :param label: new label of workspace
+        :param description: new description
+        :param save_now: database flush
+        :return: updated workspace
+        """
+        if not label:
+            raise EmptyLabelNotAllowed('Workspace label cannot be empty')
+        workspace.label = label
+        workspace.description = description
+
+        if save_now:
+            self.save(workspace)
+
+        return workspace
+
     def get_one(self, id):
         return self._base_query().filter(Workspace.workspace_id == id).one()
 

tracim/models/context_models.py

 # coding=utf-8
 import typing
 from datetime import datetime
+from enum import Enum
 
 from slugify import slugify
 from sqlalchemy.orm import Session
 from tracim.models.auth import Profile
 from tracim.models.data import Content
 from tracim.models.data import ContentRevisionRO
-from tracim.models.data import Workspace, UserRoleInWorkspace
+from tracim.models.data import Workspace
+from tracim.models.data import UserRoleInWorkspace
+from tracim.models.roles import WorkspaceRoles
 from tracim.models.workspace_menu_entries import default_workspace_menu_entry
 from tracim.models.workspace_menu_entries import WorkspaceMenuEntry
 from tracim.models.contents import ContentTypeLegacy as ContentType
         self.workspace_id = workspace_id
 
 
-class UserWorkspacePath(object):
+class WorkspaceAndUserPath(object):
     """
-    Paths params with user_id and workspace id model
+    Paths params with workspace id and user_id
     """
-    def __init__(self, user_id: int, workspace_id: int) -> None:
+    def __init__(self, workspace_id: int, user_id: int):
         self.workspace_id = workspace_id
         self.user_id = workspace_id
 
         self.contents_ids = contents_ids
 
 
+class RoleUpdate(object):
+    """
+    Update role
+    """
+    def __init__(
+        self,
+        role: str,
+    ):
+        self.role = role
+
+
+class WorkspaceMemberInvitation(object):
+    """
+    Workspace Member Invitation
+    """
+    def __init__(
+        self,
+        user_id: int,
+        user_email_or_public_name: str,
+        role: str,
+    ):
+        self.role = role
+        self.user_email_or_public_name = user_email_or_public_name
+        self.user_id = user_id
+
+
+class WorkspaceUpdate(object):
+    """
+    Update workspace
+    """
+    def __init__(
+        self,
+        label: str,
+        description: str,
+    ):
+        self.label = label
+        self.description = description
+
+
 class ContentCreation(object):
     """
     Content creation model
         self.raw_content = raw_content
 
 
+class TypeUser(Enum):
+    """Params used to find user"""
+    USER_ID = 'found_id'
+    EMAIL = 'found_email'
+    PUBLIC_NAME = 'found_public_name'
+
+
 class UserInContext(object):
     """
     Interface to get User data and User data related to context.
             user_role: UserRoleInWorkspace,
             dbsession: Session,
             config: CFG,
+            # Extended params
+            newly_created: bool = None,
+            email_sent: bool = None
     )-> None:
         self.user_role = user_role
         self.dbsession = dbsession
         self.config = config
+        # Extended params
+        self.newly_created = newly_created
+        self.email_sent = email_sent
 
     @property
     def user_id(self) -> int:
         'contributor', 'content-manager', 'workspace-manager'
         :return: user workspace role as slug.
         """
-        return UserRoleInWorkspace.SLUG[self.user_role.role]
+        return WorkspaceRoles.get_role_from_level(self.user_role.role).slug
+
+    @property
+    def is_active(self) -> bool:
+        return self.user.is_active
 
     @property
     def user(self) -> UserInContext:

tracim/models/data.py

 from tracim.exceptions import ContentRevisionUpdateError
 from tracim.models.meta import DeclarativeBase
 from tracim.models.auth import User
+from tracim.models.roles import WorkspaceRoles
 
 DEFAULT_PROPERTIES = dict(
     allowed_content=dict(
     workspace = relationship('Workspace', remote_side=[Workspace.workspace_id], backref='roles', lazy='joined')
     user = relationship('User', remote_side=[User.user_id], backref='roles')
 
-    NOT_APPLICABLE = 0
-    READER = 1
-    CONTRIBUTOR = 2
-    CONTENT_MANAGER = 4
-    WORKSPACE_MANAGER = 8
-
-    SLUG = {
-        NOT_APPLICABLE: 'not-applicable',
-        READER: 'reader',
-        CONTRIBUTOR: 'contributor',
-        CONTENT_MANAGER: 'content-manager',
-        WORKSPACE_MANAGER: 'workspace-manager',
-    }
+    NOT_APPLICABLE = WorkspaceRoles.NOT_APPLICABLE.level
+    READER = WorkspaceRoles.READER.level
+    CONTRIBUTOR = WorkspaceRoles.CONTRIBUTOR.level
+    CONTENT_MANAGER = WorkspaceRoles.CONTENT_MANAGER.level
+    WORKSPACE_MANAGER = WorkspaceRoles.WORKSPACE_MANAGER.level
+
+    # TODO - G.M - 10-04-2018 - [Cleanup] Drop this
+    # SLUG = {
+    #     NOT_APPLICABLE: 'not-applicable',
+    #     READER: 'reader',
+    #     CONTRIBUTOR: 'contributor',
+    #     CONTENT_MANAGER: 'content-manager',
+    #     WORKSPACE_MANAGER: 'workspace-manager',
+    # }
 
-    LABEL = dict()
-    LABEL[0] = l_('N/A')
-    LABEL[1] = l_('Reader')
-    LABEL[2] = l_('Contributor')
-    LABEL[4] = l_('Content Manager')
-    LABEL[8] = l_('Workspace Manager')
+    # LABEL = dict()
+    # LABEL[0] = l_('N/A')
+    # LABEL[1] = l_('Reader')
+    # LABEL[2] = l_('Contributor')
+    # LABEL[4] = l_('Content Manager')
+    # LABEL[8] = l_('Workspace Manager')
     # TODO - G.M - 10-04-2018 - [Cleanup] Drop this
     #
     # STYLE = dict()
     #     return UserRoleInWorkspace.STYLE[self.role]
     #
 
+    def role_object(self):
+        return WorkspaceRoles.get_role_from_level(level=self.role)
+
     def role_as_label(self):
-        return UserRoleInWorkspace.LABEL[self.role]
+        return self.role_object().label
 
     @classmethod
     def get_all_role_values(cls) -> typing.List[int]:
         """
         Return all valid role value
         """
-        return [
-            UserRoleInWorkspace.READER,
-            UserRoleInWorkspace.CONTRIBUTOR,
-            UserRoleInWorkspace.CONTENT_MANAGER,
-            UserRoleInWorkspace.WORKSPACE_MANAGER
-        ]
+        return [role.level for role in WorkspaceRoles.get_all_valid_role()]
 
     @classmethod
     def get_all_role_slug(cls) -> typing.List[str]:
         # INFO - G.M - 25-05-2018 - Be carefull, as long as this method
         # and get_all_role_values are both used for API, this method should
         # return item in the same order as get_all_role_values
-        return [cls.SLUG[value] for value in cls.get_all_role_values()]
-
+        return [role.slug for role in WorkspaceRoles.get_all_valid_role()]
 
-class RoleType(object):
-    def __init__(self, role_id):
-        self.role_type_id = role_id
-        # TODO - G.M - 10-04-2018 - [Cleanup] Drop this
+# TODO - G.M - 10-04-2018 - [Cleanup] Drop this
+# class RoleType(object):
+#     def __init__(self, role_id):
+#         self.role_type_id = role_id
         # self.fa_icon = UserRoleInWorkspace.ICON[role_id]
         # self.role_label = UserRoleInWorkspace.LABEL[role_id]
         # self.css_style = UserRoleInWorkspace.STYLE[role_id]

tracim/models/roles.py

+import typing
+from enum import Enum
+
+from tracim.exceptions import RoleDoesNotExist
+
+
+class WorkspaceRoles(Enum):
+    """
+    Available role for workspace.
+    All roles should have a unique level and unique slug.
+    level is role value store in database and is also use for
+    permission check.
+    slug is for http endpoints and other place where readability is
+    needed.
+    """
+    NOT_APPLICABLE = (0, 'not-applicable')
+    READER = (1, 'reader')
+    CONTRIBUTOR = (2, 'contributor')
+    CONTENT_MANAGER = (4, 'content-manager')
+    WORKSPACE_MANAGER = (8, 'workspace-manager')
+
+    def __init__(self, level, slug):
+        self.level = level
+        self.slug = slug
+    
+    @property
+    def label(self):
+        """ Return valid label associated to role"""
+        # TODO - G.M - 2018-06-180 - Make this work correctly
+        return self.slug
+
+    @classmethod
+    def get_all_valid_role(cls) -> typing.List['WorkspaceRoles']:
+        """
+        Return all valid role value
+        """
+        return [item for item in list(WorkspaceRoles) if item.level > 0]
+
+    @classmethod
+    def get_role_from_level(cls, level: int) -> 'WorkspaceRoles':
+        """
+        Obtain Workspace role from a level value
+        :param level: level value as int
+        :return: correct workspace role related
+        """
+        roles = [item for item in list(WorkspaceRoles) if item.level == level]
+        if len(roles) != 1:
+            raise RoleDoesNotExist()
+        return roles[0]
+
+    @classmethod
+    def get_role_from_slug(cls, slug: str) -> 'WorkspaceRoles':
+        """
+        Obtain Workspace role from a slug value
+        :param slug: slug value as str
+        :return: correct workspace role related
+        """
+        roles = [item for item in list(WorkspaceRoles) if item.slug == slug]
+        if len(roles) != 1:
+            raise RoleDoesNotExist()
+        return roles[0]

tracim/tests/__init__.py

             'depot_storage_dir': '/tmp/test/depot',
             'depot_storage_name': 'test',
             'preview_cache_dir': '/tmp/test/preview_cache',
+            'email.notification.activated': 'false',
 
         }
         hapic.reset_context()

tracim/tests/functional/test_workspaces.py

         assert sidebar_entry['hexcolor'] == "#757575"
         assert sidebar_entry['fa_icon'] == "calendar"
 
+    def test_api__update_workspace__ok_200__nominal_case(self) -> None:
+        """
+        Test update workspace
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        params = {
+            'label': 'superworkspace',
+            'description': 'mysuperdescription'
+        }
+        # Before
+        res = self.testapp.get(
+            '/api/v2/workspaces/1',
+            status=200
+        )
+        assert res.json_body
+        workspace = res.json_body
+        assert workspace['workspace_id'] == 1
+        assert workspace['slug'] == 'business'
+        assert workspace['label'] == 'Business'
+        assert workspace['description'] == 'All importants documents'
+        assert len(workspace['sidebar_entries']) == 7
+
+        # modify workspace
+        res = self.testapp.put_json(
+            '/api/v2/workspaces/1',
+            status=200,
+            params=params,
+        )
+        assert res.json_body
+        workspace = res.json_body
+        assert workspace['workspace_id'] == 1
+        assert workspace['slug'] == 'superworkspace'
+        assert workspace['label'] == 'superworkspace'
+        assert workspace['description'] == 'mysuperdescription'
+        assert len(workspace['sidebar_entries']) == 7
+
+        # after
+        res = self.testapp.get(
+            '/api/v2/workspaces/1',
+            status=200
+        )
+        assert res.json_body
+        workspace = res.json_body
+        assert workspace['workspace_id'] == 1
+        assert workspace['slug'] == 'superworkspace'
+        assert workspace['label'] == 'superworkspace'
+        assert workspace['description'] == 'mysuperdescription'
+        assert len(workspace['sidebar_entries']) == 7
+
+    def test_api__update_workspace__err_400__empty_label(self) -> None:
+        """
+        Test update workspace with empty label
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        params = {
+            'label': '',
+            'description': 'mysuperdescription'
+        }
+        res = self.testapp.put_json(
+            '/api/v2/workspaces/1',
+            status=400,
+            params=params,
+        )
+
+    def test_api__create_workspace__ok_200__nominal_case(self) -> None:
+        """
+        Test create workspace
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        params = {
+            'label': 'superworkspace',
+            'description': 'mysuperdescription'
+        }
+        res = self.testapp.post_json(
+            '/api/v2/workspaces',
+            status=200,
+            params=params,
+        )
+        assert res.json_body
+        workspace = res.json_body
+        workspace_id = res.json_body['workspace_id']
+        res = self.testapp.get(
+            '/api/v2/workspaces/{}'.format(workspace_id),
+            status=200
+        )
+        workspace_2 = res.json_body
+        assert workspace == workspace_2
+
+    def test_api__create_workspace__err_400__empty_label(self) -> None:
+        """
+        Test create workspace with empty label
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        params = {
+            'label': '',
+            'description': 'mysuperdescription'
+        }
+        res = self.testapp.post_json(
+            '/api/v2/workspaces',
+            status=400,
+            params=params,
+        )
+
     def test_api__get_workspace__err_400__unallowed_user(self) -> None:
         """
         Check obtain workspace unreachable for user
         assert user_role['role'] == 'workspace-manager'
         assert user_role['user_id'] == 1
         assert user_role['workspace_id'] == 1
+        assert user_role['workspace']['workspace_id'] == 1
+        assert user_role['workspace']['label'] == 'Business'
+        assert user_role['workspace']['slug'] == 'business'
         assert user_role['user']['public_name'] == 'Global manager'
+        assert user_role['user']['user_id'] == 1
+        assert user_role['is_active'] is True
         # TODO - G.M - 24-05-2018 - [Avatar] Replace
         # by correct value when avatar feature will be enabled
         assert user_role['user']['avatar_url'] is None
         assert 'message' in res.json.keys()
         assert 'details' in res.json.keys()
 
+    def test_api__create_workspace_member_role__ok_200__user_id(self):
+        """
+        Create workspace member role
+        :return:
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        # create workspace role
+        params = {
+            'user_id': 2,
+            'user_email_or_public_name': None,
+            'role': 'content-manager',
+        }
+        res = self.testapp.post_json(
+            '/api/v2/workspaces/1/members',
+            status=200,
+            params=params,
+        )
+        user_role_found = res.json_body
+        assert user_role_found['role'] == 'content-manager'
+        assert user_role_found['user_id'] == 2
+        assert user_role_found['workspace_id'] == 1
+        assert user_role_found['newly_created'] is False
+        assert user_role_found['email_sent'] is False
+
+        res = self.testapp.get('/api/v2/workspaces/1/members', status=200).json_body   # nopep8
+        assert len(res) == 2
+        user_role = res[0]
+        assert user_role['role'] == 'workspace-manager'
+        assert user_role['user_id'] == 1
+        assert user_role['workspace_id'] == 1
+        user_role = res[1]
+        assert user_role_found['role'] == user_role['role']
+        assert user_role_found['user_id'] == user_role['user_id']
+        assert user_role_found['workspace_id'] == user_role['workspace_id']
+
+    def test_api__create_workspace_member_role__ok_200__user_email(self):
+        """
+        Create workspace member role
+        :return:
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        # create workspace role
+        params = {
+            'user_id': None,
+            'user_email_or_public_name': 'lawrence-not-real-email@fsf.local',
+            'role': 'content-manager',
+        }
+        res = self.testapp.post_json(
+            '/api/v2/workspaces/1/members',
+            status=200,
+            params=params,
+        )
+        user_role_found = res.json_body
+        assert user_role_found['role'] == 'content-manager'
+        assert user_role_found['user_id'] == 2
+        assert user_role_found['workspace_id'] == 1
+        assert user_role_found['newly_created'] is False
+        assert user_role_found['email_sent'] is False
+
+        res = self.testapp.get('/api/v2/workspaces/1/members', status=200).json_body   # nopep8
+        assert len(res) == 2
+        user_role = res[0]
+        assert user_role['role'] == 'workspace-manager'
+        assert user_role['user_id'] == 1
+        assert user_role['workspace_id'] == 1
+        user_role = res[1]
+        assert user_role_found['role'] == user_role['role']
+        assert user_role_found['user_id'] == user_role['user_id']
+        assert user_role_found['workspace_id'] == user_role['workspace_id']
+
+    def test_api__create_workspace_member_role__ok_200__user_public_name(self):
+        """
+        Create workspace member role
+        :return:
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        # create workspace role
+        params = {
+            'user_id': None,
+            'user_email_or_public_name': 'Lawrence L.',
+            'role': 'content-manager',
+        }
+        res = self.testapp.post_json(
+            '/api/v2/workspaces/1/members',
+            status=200,
+            params=params,
+        )
+        user_role_found = res.json_body
+        assert user_role_found['role'] == 'content-manager'
+        assert user_role_found['user_id'] == 2
+        assert user_role_found['workspace_id'] == 1
+        assert user_role_found['newly_created'] is False
+        assert user_role_found['email_sent'] is False
+
+        res = self.testapp.get('/api/v2/workspaces/1/members', status=200).json_body   # nopep8
+        assert len(res) == 2
+        user_role = res[0]
+        assert user_role['role'] == 'workspace-manager'
+        assert user_role['user_id'] == 1
+        assert user_role['workspace_id'] == 1
+        user_role = res[1]
+        assert user_role_found['role'] == user_role['role']
+        assert user_role_found['user_id'] == user_role['user_id']
+        assert user_role_found['workspace_id'] == user_role['workspace_id']
+
+    def test_api__create_workspace_member_role__err_400__nothing(self):
+        """
+        Create workspace member role
+        :return:
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        # create workspace role
+        params = {
+            'user_id': None,
+            'user_email_or_public_name': None,
+            'role': 'content-manager',
+        }
+        res = self.testapp.post_json(
+            '/api/v2/workspaces/1/members',
+            status=400,
+            params=params,
+        )
+
+    def test_api__create_workspace_member_role__err_400__wrong_user_id(self):
+        """
+        Create workspace member role
+        :return:
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        # create workspace role
+        params = {
+            'user_id': 47,
+            'user_email_or_public_name': None,
+            'role': 'content-manager',
+        }
+        res = self.testapp.post_json(
+            '/api/v2/workspaces/1/members',
+            status=400,
+            params=params,
+        )
+
+    def test_api__create_workspace_member_role__ok_200__new_user(self):  # nopep8
+        """
+        Create workspace member role
+        :return:
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        # create workspace role
+        params = {
+            'user_id': None,
+            'user_email_or_public_name': 'nothing@nothing.nothing',
+            'role': 'content-manager',
+        }
+        res = self.testapp.post_json(
+            '/api/v2/workspaces/1/members',
+            status=200,
+            params=params,
+        )
+        user_role_found = res.json_body
+        assert user_role_found['role'] == 'content-manager'
+        assert user_role_found['user_id']
+        user_id = user_role_found['user_id']
+        assert user_role_found['workspace_id'] == 1
+        assert user_role_found['newly_created'] is True
+        assert user_role_found['email_sent'] is False
+
+        res = self.testapp.get('/api/v2/workspaces/1/members',
+                               status=200).json_body  # nopep8
+        assert len(res) == 2
+        user_role = res[0]
+        assert user_role['role'] == 'workspace-manager'
+        assert user_role['user_id'] == 1
+        assert user_role['workspace_id'] == 1
+        user_role = res[1]
+        assert user_role_found['role'] == user_role['role']
+        assert user_role_found['user_id'] == user_role['user_id']
+        assert user_role_found['workspace_id'] == user_role['workspace_id']
+
+    def test_api__update_workspace_member_role__ok_200__nominal_case(self):
+        """
+        Update worskpace member role
+        """
+        # before
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        res = self.testapp.get('/api/v2/workspaces/1/members', status=200).json_body   # nopep8
+        assert len(res) == 1
+        user_role = res[0]
+        assert user_role['role'] == 'workspace-manager'
+        assert user_role['user_id'] == 1
+        assert user_role['workspace_id'] == 1
+        # update workspace role
+        params = {
+            'role': 'content-manager',
+        }
+        res = self.testapp.put_json(
+            '/api/v2/workspaces/1/members/1',
+            status=200,
+            params=params,
+        )
+        user_role = res.json_body
+        assert user_role['role'] == 'content-manager'
+        assert user_role['user_id'] == 1
+        assert user_role['workspace_id'] == 1
+        # after
+        res = self.testapp.get('/api/v2/workspaces/1/members', status=200).json_body   # nopep8
+        assert len(res) == 1
+        user_role = res[0]
+        assert user_role['role'] == 'content-manager'
+        assert user_role['user_id'] == 1
+        assert user_role['workspace_id'] == 1
+
 
 class TestWorkspaceContents(FunctionalTest):
     """
         assert content['workspace_id'] == 1
 
     # Root related
-    def test_api__get_workspace_content__ok_200__get_all_root_content__legacy_html_slug(self):
+    def test_api__get_workspace_content__ok_200__get_all_root_content__legacy_html_slug(self):  # nopep8
         """
         Check obtain workspace all root contents
         """

tracim/tests/library/test_role_api.py

+# coding=utf-8
+import pytest
+from sqlalchemy.orm.exc import NoResultFound
+
+from tracim.lib.core.userworkspace import RoleApi
+from tracim.models import User
+from tracim.models.roles import WorkspaceRoles
+from tracim.tests import DefaultTest
+from tracim.fixtures.users_and_groups import Base as BaseFixture
+from tracim.fixtures.content import Content as ContentFixture
+
+
+class TestRoleApi(DefaultTest):
+
+    fixtures = [BaseFixture, ContentFixture]
+
+    def test_unit__get_one__ok__nominal_case(self):
+        admin = self.session.query(User)\
+            .filter(User.email == 'admin@admin.admin').one()
+        rapi = RoleApi(
+            current_user=admin,
+            session=self.session,
+            config=self.config,
+        )
+        rapi.get_one(admin.user_id, 1)
+
+    def test_unit__get_one__err__role_does_not_exist(self):
+        admin = self.session.query(User)\
+            .filter(User.email == 'admin@admin.admin').one()
+        rapi = RoleApi(
+            current_user=admin,
+            session=self.session,
+            config=self.config,
+        )
+        with pytest.raises(NoResultFound):
+            rapi.get_one(admin.user_id, 100)  # workspace 100 does not exist
+
+    def test_unit__create_one__nominal_case(self):
+        admin = self.session.query(User)\
+            .filter(User.email == 'admin@admin.admin').one()
+        workspace = self._create_workspace_and_test(
+            'workspace_1',
+            admin
+        )
+        bob = self.session.query(User)\
+            .filter(User.email == 'bob@fsf.local').one()
+        rapi = RoleApi(
+            current_user=admin,
+            session=self.session,
+            config=self.config,
+        )
+        created_role = rapi.create_one(
+            user=bob,
+            workspace=workspace,
+            role_level=WorkspaceRoles.CONTENT_MANAGER.level,
+            with_notif=False,
+        )
+        obtain_role = rapi.get_one(bob.user_id, workspace.workspace_id)
+        assert created_role == obtain_role
+
+    def test_unit__get_all_for_usages(self):
+        admin = self.session.query(User)\
+            .filter(User.email == 'admin@admin.admin').one()
+        rapi = RoleApi(
+            current_user=admin,
+            session=self.session,
+            config=self.config,
+        )
+        workspace = self._create_workspace_and_test(
+            'workspace_1',
+            admin
+        )
+        roles = rapi.get_all_for_workspace(workspace)
+        len(roles) == 1
+        roles[0].user_id == admin.user_id
+        roles[0].role == WorkspaceRoles.WORKSPACE_MANAGER.level
+

tracim/tests/library/test_user_api.py

         )
         u = api.create_minimal_user('bob@bob')
         assert u.email == 'bob@bob'
-        assert u.display_name is None
+        assert u.display_name == 'bob'
 
     def test_unit__create_minimal_user_and_update__ok__nominal_case(self):
         api = UserApi(

tracim/tests/models/tests_roles.py

+# coding=utf-8
+import unittest
+import pytest
+from tracim.exceptions import RoleDoesNotExist
+from tracim.models.roles import WorkspaceRoles
+
+
+class TestWorkspacesRoles(unittest.TestCase):
+    """
+    Test for WorkspaceRoles Enum Object
+    """
+    def test_workspace_roles__ok__all_list(self):
+        roles = list(WorkspaceRoles)
+        assert len(roles) == 5
+        for role in roles:
+            assert role
+            assert role.slug
+            assert isinstance(role.slug, str)
+            assert role.level or role.level == 0
+            assert isinstance(role.level, int)
+            assert role.label
+            assert isinstance(role.slug, str)
+        assert WorkspaceRoles['READER']
+        assert WorkspaceRoles['NOT_APPLICABLE']
+        assert WorkspaceRoles['CONTRIBUTOR']
+        assert WorkspaceRoles['WORKSPACE_MANAGER']
+        assert WorkspaceRoles['CONTENT_MANAGER']
+
+    def test__workspace_roles__ok__check_model(self):
+        role = WorkspaceRoles.WORKSPACE_MANAGER
+        assert role
+        assert role.slug
+        assert isinstance(role.slug, str)
+        assert role.level
+        assert isinstance(role.level, int)
+        assert role.label
+        assert isinstance(role.slug, str)
+
+    def test_workspace_roles__ok__get_all_valid_roles(self):
+        roles = WorkspaceRoles.get_all_valid_role()
+        assert len(roles) == 4
+        for role in roles:
+            assert role
+            assert role.slug
+            assert isinstance(role.slug, str)
+            assert role.level or role.level == 0
+            assert isinstance(role.level, int)
+            assert role.level > 0
+            assert role.label
+            assert isinstance(role.slug, str)
+
+    def test_workspace_roles__ok__get_role__from_level__ok__nominal_case(self):
+        role = WorkspaceRoles.get_role_from_level(0)
+
+        assert role
+        assert role.slug
+        assert isinstance(role.slug, str)
+        assert role.level == 0
+        assert isinstance(role.level, int)
+        assert role.label
+        assert isinstance(role.slug, str)
+
+    def test_workspace_roles__ok__get_role__from_slug__ok__nominal_case(self):
+        role = WorkspaceRoles.get_role_from_slug('reader')
+
+        assert role
+        assert role.slug
+        assert isinstance(role.slug, str)
+        assert role.level > 0
+        assert isinstance(role.level, int)
+        assert role.label
+        assert isinstance(role.slug, str)
+
+    def test_workspace_roles__ok__get_role__from_level__err__role_does_not_exist(self):  # nopep8
+        with pytest.raises(RoleDoesNotExist):
+            WorkspaceRoles.get_role_from_level(-1000)
+
+    def test_workspace_roles__ok__get_role__from_slug__err__role_does_not_exist(self):  # nopep8
+        with pytest.raises(RoleDoesNotExist):
+            WorkspaceRoles.get_role_from_slug('this slug does not exist')

tracim/views/core_api/schemas.py

 from tracim.models.contents import open_status
 from tracim.models.contents import ContentTypeLegacy as ContentType
 from tracim.models.contents import ContentStatusLegacy as ContentStatus
-from tracim.models.context_models import ContentCreation, ActiveContentFilter, \
-    ContentIdsQuery
-from tracim.models.context_models import UserWorkspacePath
+from tracim.models.context_models import ActiveContentFilter
+from tracim.models.context_models import ContentIdsQuery
 from tracim.models.context_models import UserWorkspaceAndContentPath
+from tracim.models.context_models import ContentCreation
+from tracim.models.context_models import WorkspaceMemberInvitation
+from tracim.models.context_models import WorkspaceUpdate
+from tracim.models.context_models import RoleUpdate
 from tracim.models.context_models import CommentCreation
 from tracim.models.context_models import TextBasedContentUpdate
 from tracim.models.context_models import SetContentStatus
 from tracim.models.context_models import CommentPath
 from tracim.models.context_models import MoveParams
 from tracim.models.context_models import WorkspaceAndContentPath
+from tracim.models.context_models import WorkspaceAndUserPath
 from tracim.models.context_models import ContentFilter
 from tracim.models.context_models import LoginCredentials
 from tracim.models.data import UserRoleInWorkspace
     )
 
 
+class WorkspaceAndUserIdPathSchema(
+    UserIdPathSchema,
+    WorkspaceIdPathSchema
+):
+    @post_load
+    def make_path_object(self, data):
+        return WorkspaceAndUserPath(**data)
+
+
 class WorkspaceAndContentIdPathSchema(
     WorkspaceIdPathSchema,
     ContentIdPathSchema
 ):
     @post_load
     def make_path_object(self, data):
-        return UserWorkspacePath(**data)
+        return WorkspaceAndUserPath(**data)
 
 
 class CommentsPathSchema(WorkspaceAndContentIdPathSchema):
         required=True,
         validate=Range(min=1, error="Value must be greater than 0"),
     )
+
     @post_load
     def make_path_object(self, data):
         return CommentPath(**data)
 ###
 
 
+class RoleUpdateSchema(marshmallow.Schema):
+    role = marshmallow.fields.String(
+        example='contributor',
+        validate=OneOf(UserRoleInWorkspace.get_all_role_slug())
+    )
+
+    @post_load
+    def make_role(self, data):
+        return RoleUpdate(**data)
+
+
+class WorkspaceMemberInviteSchema(RoleUpdateSchema):
+    user_id = marshmallow.fields.Int(
+        example=5,
+        default=None,
+        allow_none=True,
+    )
+    user_email_or_public_name = marshmallow.fields.String(
+        example='suri@cate.fr',
+        default=None,
+        allow_none=True,
+    )
+
+    @post_load
+    def make_role(self, data):
+        return WorkspaceMemberInvitation(**data)
+
+
 class BasicAuthSchema(marshmallow.Schema):
 
     email = marshmallow.fields.Email(
     expire_after = marshmallow.fields.String()
 
 
+class WorkspaceModifySchema(marshmallow.Schema):
+    label = marshmallow.fields.String(
+        example='My Workspace',
+    )
+    description = marshmallow.fields.String(
+        example='A super description of my workspace.',
+    )
+
+    @post_load
+    def make_workspace_modifications(self, data):
+        return WorkspaceUpdate(**data)
+
+
+class WorkspaceCreationSchema(WorkspaceModifySchema):
+    pass
+
+
 class NoContentSchema(marshmallow.Schema):
 
     class Meta:
         validate=Range(min=1, error="Value must be greater than 0"),
     )
     user = marshmallow.fields.Nested(
-        UserSchema(only=('public_name', 'avatar_url'))
+        UserDigestSchema()
     )
+    workspace = marshmallow.fields.Nested(
+        WorkspaceDigestSchema(exclude=('sidebar_entries',))
+    )
+    is_active = marshmallow.fields.Bool()
 
     class Meta:
         description = 'Workspace Member information'
 
 
+class WorkspaceMemberCreationSchema(WorkspaceMemberSchema):
+    newly_created = marshmallow.fields.Bool(
+        exemple=False,
+        description='Is the user completely new '
+                    '(and account was just created) or not ?',
+    )
+    email_sent = marshmallow.fields.Bool(
+        exemple=False,
+        description='Has an email been sent to user to inform him about '
+                    'this new workspace registration and eventually his account'
+                    'creation'
+    )
+
+
 class ApplicationConfigSchema(marshmallow.Schema):
     pass
     #  TODO - G.M - 24-05-2018 - Set this

tracim/views/core_api/workspace_controller.py

 import typing
 import transaction
 from pyramid.config import Configurator
+
+from tracim.lib.core.user import UserApi
+from tracim.models.roles import WorkspaceRoles
+
 try:  # Python 3.5+
     from http import HTTPStatus
 except ImportError:
 from tracim.lib.core.content import ContentApi
 from tracim.lib.core.userworkspace import RoleApi
 from tracim.lib.utils.authorization import require_workspace_role
+from tracim.lib.utils.authorization import require_profile
+from tracim.models import Group
 from tracim.lib.utils.authorization import require_candidate_workspace_role
 from tracim.models.data import UserRoleInWorkspace
 from tracim.models.data import ActionDescription
 from tracim.models.context_models import UserRoleWorkspaceInContext
 from tracim.models.context_models import ContentInContext
 from tracim.exceptions import EmptyLabelNotAllowed
+from tracim.exceptions import EmailValidationFailed
+from tracim.exceptions import UserCreationFailed
+from tracim.exceptions import UserDoesNotExist
 from tracim.exceptions import ContentNotFound
 from tracim.exceptions import WorkspacesDoNotMatch
 from tracim.exceptions import ParentNotFound
 from tracim.views.controllers import Controller
 from tracim.views.core_api.schemas import FilterContentQuerySchema
+from tracim.views.core_api.schemas import WorkspaceMemberCreationSchema
+from tracim.views.core_api.schemas import WorkspaceMemberInviteSchema
+from tracim.views.core_api.schemas import RoleUpdateSchema
+from tracim.views.core_api.schemas import WorkspaceCreationSchema
+from tracim.views.core_api.schemas import WorkspaceModifySchema
+from tracim.views.core_api.schemas import WorkspaceAndUserIdPathSchema
 from tracim.views.core_api.schemas import ContentMoveSchema
 from tracim.views.core_api.schemas import NoContentSchema
 from tracim.views.core_api.schemas import ContentCreationSchema
         """
         Get workspace informations
         """
-        wid = hapic_data.path['workspace_id']
         app_config = request.registry.settings['CFG']
         wapi = WorkspaceApi(
             current_user=request.current_user,  # User
         return wapi.get_workspace_with_context(request.current_workspace)
 
     @hapic.with_api_doc(tags=[WORKSPACE_ENDPOINTS_TAG])
+    @hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
+    @require_workspace_role(UserRoleInWorkspace.WORKSPACE_MANAGER)
+    @hapic.input_path(WorkspaceIdPathSchema())
+    @hapic.input_body(WorkspaceModifySchema())
+    @hapic.output_body(WorkspaceSchema())
+    def update_workspace(self, context, request: TracimRequest, hapic_data=None):  # nopep8
+        """
+        Update workspace informations
+        """
+        app_config = request.registry.settings['CFG']
+        wapi = WorkspaceApi(
+            current_user=request.current_user,  # User
+            session=request.dbsession,
+            config=app_config,
+        )
+        wapi.update_workspace(
+            request.current_workspace,
+            label=hapic_data.body.label,
+            description=hapic_data.body.description,
+            save_now=True,
+        )
+        return wapi.get_workspace_with_context(request.current_workspace)
+
+    @hapic.with_api_doc(tags=[WORKSPACE_ENDPOINTS_TAG])
+    @hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
+    @require_profile(Group.TIM_MANAGER)
+    @hapic.input_body(WorkspaceCreationSchema())
+    @hapic.output_body(WorkspaceSchema())
+    def create_workspace(self, context, request: TracimRequest, hapic_data=None):  # nopep8
+        """
+        create workspace
+        """
+        app_config = request.registry.settings['CFG']
+        wapi = WorkspaceApi(
+            current_user=request.current_user,  # User
+            session=request.dbsession,
+            config=app_config,
+        )
+        workspace = wapi.create_workspace(
+            label=hapic_data.body.label,
+            description=hapic_data.body.description,
+            save_now=True,
+        )
+        return wapi.get_workspace_with_context(workspace)
+
+    @hapic.with_api_doc(tags=[WORKSPACE_ENDPOINTS_TAG])
     @require_workspace_role(UserRoleInWorkspace.READER)
     @hapic.input_path(WorkspaceIdPathSchema())
     @hapic.output_body(WorkspaceMemberSchema(many=True))
         ]
 
     @hapic.with_api_doc(tags=[WORKSPACE_ENDPOINTS_TAG])
+    @require_workspace_role(UserRoleInWorkspace.WORKSPACE_MANAGER)
+    @hapic.input_path(WorkspaceAndUserIdPathSchema())
+    @hapic.input_body(RoleUpdateSchema())
+    @hapic.output_body(WorkspaceMemberSchema())
+    def update_workspaces_members_role(
+            self,
+            context,
+            request: TracimRequest,
+            hapic_data=None
+    ) -> UserRoleWorkspaceInContext:
+        """
+        Update Members to this workspace
+        """
+        app_config = request.registry.settings['CFG']
+        rapi = RoleApi(
+            current_user=request.current_user,
+            session=request.dbsession,
+            config=app_config,
+        )
+
+        role = rapi.get_one(
+            user_id=hapic_data.path.user_id,
+            workspace_id=hapic_data.path.workspace_id,
+        )
+        workspace_role = WorkspaceRoles.get_role_from_slug(hapic_data.body.role)
+        role = rapi.update_role(
+            role,
+            role_level=workspace_role.level
+        )
+        return rapi.get_user_role_workspace_with_context(role)
+
+    @hapic.with_api_doc(tags=[WORKSPACE_ENDPOINTS_TAG])
+    @hapic.handle_exception(UserCreationFailed, HTTPStatus.BAD_REQUEST)
+    @require_workspace_role(UserRoleInWorkspace.WORKSPACE_MANAGER)
+    @hapic.input_path(WorkspaceIdPathSchema())
+    @hapic.input_body(WorkspaceMemberInviteSchema())
+    @hapic.output_body(WorkspaceMemberCreationSchema())
+    def create_workspaces_members_role(
+            self,
+            context,
+            request: TracimRequest,
+            hapic_data=None
+    ) -> UserRoleWorkspaceInContext:
+        """
+        Add Members to this workspace
+        """
+        newly_created = False
+        email_sent = False
+        app_config = request.registry.settings['CFG']
+        rapi = RoleApi(
+            current_user=request.current_user,
+            session=request.dbsession,
+            config=app_config,
+        )
+        uapi = UserApi(
+            current_user=request.current_user,
+            session=request.dbsession,
+            config=app_config,
+        )
+        try:
+            _, user = uapi.find(
+                user_id=hapic_data.body.user_id,
+                email=hapic_data.body.user_email_or_public_name,
+                public_name=hapic_data.body.user_email_or_public_name
+            )
+        except UserDoesNotExist:
+            try:
+                # TODO - G.M - 2018-07-05 - [UserCreation] Reenable email
+                # notification for creation
+                user = uapi.create_user(
+                    hapic_data.body.user_email_or_public_name,
+                    do_notify=False
+                )  # nopep8
+                newly_created = True
+            except EmailValidationFailed:
+                raise UserCreationFailed('no valid mail given')
+        role = rapi.create_one(
+            user=user,
+            workspace=request.current_workspace,
+            role_level=WorkspaceRoles.get_role_from_slug(hapic_data.body.role).level,  # nopep8
+            with_notif=False,
+            flush=True,
+        )
+        return rapi.get_user_role_workspace_with_context(
+            role,
+            newly_created=newly_created,
+            email_sent=email_sent,
+        )
+
+    @hapic.with_api_doc(tags=[WORKSPACE_ENDPOINTS_TAG])
     @require_workspace_role(UserRoleInWorkspace.READER)
     @hapic.input_path(WorkspaceIdPathSchema())
     @hapic.input_query(FilterContentQuerySchema())
             context,
             request: TracimRequest,
             hapic_data=None,
-    ) -> typing.List[ContentInContext]:
+    ) -> ContentInContext:
         """
         move a content
         """
             context,
             request: TracimRequest,
             hapic_data=None,
-    ) -> typing.List[ContentInContext]:
+    ) -> None:
         """
         delete a content
         """
             context,
             request: TracimRequest,
             hapic_data=None,
-    ) -> typing.List[ContentInContext]:
+    ) -> None:
         """
         undelete a content
         """
             context,
             request: TracimRequest,
             hapic_data=None,
-    ) -> typing.List[ContentInContext]:
+    ) -> None:
         """
         archive a content
         """
             session=request.dbsession,
             config=app_config,
         )
-        content = api.get_one(path_data.content_id, content_type=ContentType.Any)
+        content = api.get_one(path_data.content_id, content_type=ContentType.Any)  # nopep8
         with new_revision(
                 session=request.dbsession,
                 tm=transaction.manager,
             context,
             request: TracimRequest,
             hapic_data=None,
-    ) -> typing.List[ContentInContext]:
+    ) -> None:
         """
         unarchive a content
         """
         # Workspace
         configurator.add_route('workspace', '/workspaces/{workspace_id}', request_method='GET')  # nopep8
         configurator.add_view(self.workspace, route_name='workspace')
+        # Create workspace
+        configurator.add_route('create_workspace', '/workspaces', request_method='POST')  # nopep8
+        configurator.add_view(self.create_workspace, route_name='create_workspace')  # nopep8
+        # Update Workspace
+        configurator.add_route('update_workspace', '/workspaces/{workspace_id}', request_method='PUT')  # nopep8
+        configurator.add_view(self.update_workspace, route_name='update_workspace')  # nopep8
         # Workspace Members (Roles)
         configurator.add_route('workspace_members', '/workspaces/{workspace_id}/members', request_method='GET')  # nopep8
         configurator.add_view(self.workspaces_members, route_name='workspace_members')  # nopep8
+        # Update Workspace Members roles
+        configurator.add_route('update_workspace_member', '/workspaces/{workspace_id}/members/{user_id}', request_method='PUT')  # nopep8
+        configurator.add_view(self.update_workspaces_members_role, route_name='update_workspace_member')  # nopep8
+        # Create Workspace Members roles
+        configurator.add_route('create_workspace_member', '/workspaces/{workspace_id}/members', request_method='POST')  # nopep8
+        configurator.add_view(self.create_workspaces_members_role, route_name='create_workspace_member')  # nopep8
         # Workspace Content
         configurator.add_route('workspace_content', '/workspaces/{workspace_id}/contents', request_method='GET')  # nopep8
         configurator.add_view(self.workspace_content, route_name='workspace_content')  # nopep8