Add endpoints to create role/update role

tracim/lib/core/user.py

 from tracim.models.auth import User
 from tracim.models.auth import Group
 from sqlalchemy.orm.exc import NoResultFound
-from tracim.exceptions import WrongUserPassword, UserDoesNotExist
+from tracim.exceptions import UserDoesNotExist
+from tracim.exceptions import WrongUserPassword
 from tracim.exceptions import AuthenticationFailed
 from tracim.models.context_models import UserInContext
 
             raise UserDoesNotExist('User "{}" not found in database'.format(email)) from exc  # nopep8
         return user
 
+    def get_one_by_public_name(self, public_name: str) -> User:
+        """
+        Get one user by public_name
+        """
+        try:
+            user = self._base_query().filter(User.display_name == public_name).one()
+        except NoResultFound as exc:
+            raise UserDoesNotExist('User "{}" not found in database'.format(public_name)) from exc  # nopep8
+        return user
     # FIXME - G.M - 24-04-2018 - Duplicate method with get_one.
+
     def get_one_by_id(self, id: int) -> User:
         return self.get_one(user_id=id)
 
     def get_all(self) -> typing.Iterable[User]:
         return self._session.query(User).order_by(User.display_name).all()
 
+    def find_one(self, user_email_or_public_name: str) -> User:
+        user = None
+        try:
+            user = self.get_one_by_email(email=user_email_or_public_name)
+        except UserDoesNotExist:
+            # INFO - G.M - 2018-07-183 - we discard this exception in order
+            # allow secondary check (public_name)
+            pass
+
+        if not user:
+            user = self.get_one_by_public_name(user_email_or_public_name)
+
+        return user
     # Check methods
 
     def user_with_email_exists(self, email: str) -> bool:

tracim/lib/core/userworkspace.py

 
 from tracim import CFG
 from tracim.models.context_models import UserRoleWorkspaceInContext
+from tracim.models.roles import WorkspaceRoles
 
 __author__ = 'damien'
 
     def get_one(self, user_id: int, workspace_id: int) -> UserRoleInWorkspace:
         return self._get_one_rsc(user_id, workspace_id).one()
 
+    def update_role(
+        self,
+        role: UserRoleInWorkspace,
+        role_level: int,
+        with_notif: typing.Optional[bool] = None,
+        save_now: bool=False,
+    ):
+        """
+        Update role of user in this workspace
+        :param role: UserRoleInWorkspace object
+        :param role_level: level of new role wanted
+        :param with_notif: is user notification enabled in this workspace ?
+        :param save_now: database flush
+        :return: updated role
+        """
+        role.role = role_level
+        if with_notif is not None:
+            role.do_notify == with_notif
+        if save_now:
+            self.save(role)
+
+        return role
+
     def create_one(
         self,
         user: User,

tracim/models/context_models.py

 from tracim.models.auth import Profile
 from tracim.models.data import Content
 from tracim.models.data import ContentRevisionRO
-from tracim.models.data import Workspace, UserRoleInWorkspace
+from tracim.models.data import Workspace
+from tracim.models.data import UserRoleInWorkspace
 from tracim.models.roles import WorkspaceRoles
 from tracim.models.workspace_menu_entries import default_workspace_menu_entry
 from tracim.models.workspace_menu_entries import WorkspaceMenuEntry
         self.workspace_id = workspace_id
 
 
+class WorkspaceAndUserPath(object):
+    """
+    Paths params with workspace id and user_id
+    """
+    def __init__(self, workspace_id: int, user_id: int):
+        self.workspace_id = workspace_id
+        self.user_id = workspace_id
+
+
 class CommentPath(object):
     """
     Paths params with workspace id and content_id and comment_id model
         self.show_active = bool(show_active)
 
 
+class RoleUpdate(object):
+    """
+    Update role
+    """
+    def __init__(
+        self,
+        role: str,
+    ):
+        self.role = role
+
+
+class WorkspaceMemberInvitation(object):
+    """
+    Workspace Member Invitation
+    """
+    def __init__(
+        self,
+        user_id: int,
+        user_email_or_public_name: str,
+        role: str,
+    ):
+        self.role = role
+        self.user_email_or_public_name = user_email_or_public_name
+        self.user_id = user_id
+
+
 class WorkspaceUpdate(object):
     """
     Update workspace

tracim/models/roles.py

         """ Return valid label associated to role"""
         # TODO - G.M - 2018-06-180 - Make this work correctly
         return self.slug
-    
+
     @classmethod
     def get_all_valid_role(cls) -> typing.List['WorkspaceRoles']:
         """

tracim/tests/functional/test_workspaces.py

         assert 'message' in res.json.keys()
         assert 'details' in res.json.keys()
 
+    def test_api__create_workspace_member_role__ok_200__user_id(self):
+        """
+        Create workspace member role
+        :return:
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        # create workspace role
+        params = {
+            'user_id': 2,
+            'user_email_or_public_name': None,
+            'role': 'content-manager',
+        }
+        res = self.testapp.post_json(
+            '/api/v2/workspaces/1/members',
+            status=200,
+            params=params,
+        )
+        user_role_found = res.json_body
+        assert user_role_found['role'] == 'content-manager'
+        assert user_role_found['user_id'] == 2
+        assert user_role_found['workspace_id'] == 1
+
+        res = self.testapp.get('/api/v2/workspaces/1/members', status=200).json_body   # nopep8
+        assert len(res) == 2
+        user_role = res[0]
+        assert user_role['role'] == 'workspace-manager'
+        assert user_role['user_id'] == 1
+        assert user_role['workspace_id'] == 1
+        user_role = res[1]
+        assert user_role_found == user_role
+
+    def test_api__create_workspace_member_role__ok_200__user_email(self):
+        """
+        Create workspace member role
+        :return:
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        # create workspace role
+        params = {
+            'user_id': None,
+            'user_email_or_public_name': 'lawrence-not-real-email@fsf.local',
+            'role': 'content-manager',
+        }
+        res = self.testapp.post_json(
+            '/api/v2/workspaces/1/members',
+            status=200,
+            params=params,
+        )
+        user_role_found = res.json_body
+        assert user_role_found['role'] == 'content-manager'
+        assert user_role_found['user_id'] == 2
+        assert user_role_found['workspace_id'] == 1
+
+        res = self.testapp.get('/api/v2/workspaces/1/members', status=200).json_body   # nopep8
+        assert len(res) == 2
+        user_role = res[0]
+        assert user_role['role'] == 'workspace-manager'
+        assert user_role['user_id'] == 1
+        assert user_role['workspace_id'] == 1
+        user_role = res[1]
+        assert user_role_found == user_role
+
+    def test_api__create_workspace_member_role__ok_200__user_public_name(self):
+        """
+        Create workspace member role
+        :return:
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        # create workspace role
+        params = {
+            'user_id': None,
+            'user_email_or_public_name': 'Lawrence L.',
+            'role': 'content-manager',
+        }
+        res = self.testapp.post_json(
+            '/api/v2/workspaces/1/members',
+            status=200,
+            params=params,
+        )
+        user_role_found = res.json_body
+        assert user_role_found['role'] == 'content-manager'
+        assert user_role_found['user_id'] == 2
+        assert user_role_found['workspace_id'] == 1
+
+        res = self.testapp.get('/api/v2/workspaces/1/members', status=200).json_body   # nopep8
+        assert len(res) == 2
+        user_role = res[0]
+        assert user_role['role'] == 'workspace-manager'
+        assert user_role['user_id'] == 1
+        assert user_role['workspace_id'] == 1
+        user_role = res[1]
+        assert user_role_found == user_role
+
+    def test_api__create_workspace_member_role__err_400__nothing(self):
+        """
+        Create workspace member role
+        :return:
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        # create workspace role
+        params = {
+            'user_id': None,
+            'user_email_or_public_name': None,
+            'role': 'content-manager',
+        }
+        res = self.testapp.post_json(
+            '/api/v2/workspaces/1/members',
+            status=400,
+            params=params,
+        )
+
+    def test_api__create_workspace_member_role__err_400__wrong_user_id(self):
+        """
+        Create workspace member role
+        :return:
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        # create workspace role
+        params = {
+            'user_id': 47,
+            'user_email_or_public_name': None,
+            'role': 'content-manager',
+        }
+        res = self.testapp.post_json(
+            '/api/v2/workspaces/1/members',
+            status=400,
+            params=params,
+        )
+
+    def test_api__create_workspace_member_role__err_400__wrong_user_email_or_public_name(self):  # nopep8
+        """
+        Create workspace member role
+        :return:
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        # create workspace role
+        params = {
+            'user_id': None,
+            'user_email_or_public_name': 'nothing@nothing.nothing',
+            'role': 'content-manager',
+        }
+        res = self.testapp.post_json(
+            '/api/v2/workspaces/1/members',
+            status=400,
+            params=params,
+        )
+
+    def test_api__update_workspace_member_role__ok_200__nominal_case(self):
+        """
+        Update worskpace member role
+        """
+        # before
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        res = self.testapp.get('/api/v2/workspaces/1/members', status=200).json_body   # nopep8
+        assert len(res) == 1
+        user_role = res[0]
+        assert user_role['role'] == 'workspace-manager'
+        assert user_role['user_id'] == 1
+        assert user_role['workspace_id'] == 1
+        # update workspace role
+        params = {
+            'role': 'content-manager',
+        }
+        res = self.testapp.put_json(
+            '/api/v2/workspaces/1/members/1',
+            status=200,
+            params=params,
+        )
+        user_role = res.json_body
+        assert user_role['role'] == 'content-manager'
+        assert user_role['user_id'] == 1
+        assert user_role['workspace_id'] == 1
+        # after
+        res = self.testapp.get('/api/v2/workspaces/1/members', status=200).json_body   # nopep8
+        assert len(res) == 1
+        user_role = res[0]
+        assert user_role['role'] == 'content-manager'
+        assert user_role['user_id'] == 1
+        assert user_role['workspace_id'] == 1
+
 
 class TestWorkspaceContents(FunctionalTest):
     """
         assert content['workspace_id'] == 1
 
     # Root related
-    def test_api__get_workspace_content__ok_200__get_all_root_content__legacy_html_slug(self):
+    def test_api__get_workspace_content__ok_200__get_all_root_content__legacy_html_slug(self):  # nopep8
         """
         Check obtain workspace all root contents
         """

tracim/views/core_api/schemas.py

 from tracim.models.contents import ContentTypeLegacy as ContentType
 from tracim.models.contents import ContentStatusLegacy as ContentStatus
 from tracim.models.context_models import ContentCreation
+from tracim.models.context_models import WorkspaceMemberInvitation
 from tracim.models.context_models import WorkspaceUpdate
+from tracim.models.context_models import RoleUpdate
 from tracim.models.context_models import CommentCreation
 from tracim.models.context_models import TextBasedContentUpdate
 from tracim.models.context_models import SetContentStatus
 from tracim.models.context_models import CommentPath
 from tracim.models.context_models import MoveParams
 from tracim.models.context_models import WorkspaceAndContentPath
+from tracim.models.context_models import WorkspaceAndUserPath
 from tracim.models.context_models import ContentFilter
 from tracim.models.context_models import LoginCredentials
 from tracim.models.data import UserRoleInWorkspace
     content_id = marshmallow.fields.Int(example=6, required=True)
 
 
+class WorkspaceAndUserIdPathSchema(
+    UserIdPathSchema,
+    WorkspaceIdPathSchema
+):
+    @post_load
+    def make_path_object(self, data):
+        return WorkspaceAndUserPath(**data)
+
+
 class WorkspaceAndContentIdPathSchema(
     WorkspaceIdPathSchema,
     ContentIdPathSchema
         description='id of a comment related to content content_id',
         required=True
     )
+
     @post_load
     def make_path_object(self, data):
         return CommentPath(**data)
 ###
 
 
+class RoleUpdateSchema(marshmallow.Schema):
+    role = marshmallow.fields.String(
+        example='contributor',
+        validate=OneOf(UserRoleInWorkspace.get_all_role_slug())
+    )
+
+    @post_load
+    def make_role(self, data):
+        return RoleUpdate(**data)
+
+
+class WorkspaceMemberInviteSchema(RoleUpdateSchema):
+    user_id = marshmallow.fields.Int(
+        example=5,
+        default=None,
+        allow_none=True,
+    )
+    user_email_or_public_name = marshmallow.fields.String(
+        example='suri@cate.fr',
+        default=None,
+        allow_none=True,
+    )
+
+    @post_load
+    def make_role(self, data):
+        return WorkspaceMemberInvitation(**data)
+
+
 class BasicAuthSchema(marshmallow.Schema):
 
     email = marshmallow.fields.Email(

tracim/views/core_api/workspace_controller.py

 import typing
 import transaction
 from pyramid.config import Configurator
+
+from tracim.lib.core.user import UserApi
+from tracim.models.roles import WorkspaceRoles
+
 try:  # Python 3.5+
     from http import HTTPStatus
 except ImportError:
 from tracim.models.context_models import UserRoleWorkspaceInContext
 from tracim.models.context_models import ContentInContext
 from tracim.exceptions import EmptyLabelNotAllowed
+from tracim.exceptions import UserDoesNotExist
 from tracim.exceptions import WorkspacesDoNotMatch
 from tracim.views.controllers import Controller
 from tracim.views.core_api.schemas import FilterContentQuerySchema
+from tracim.views.core_api.schemas import WorkspaceMemberInviteSchema
+from tracim.views.core_api.schemas import RoleUpdateSchema
 from tracim.views.core_api.schemas import WorkspaceCreationSchema
 from tracim.views.core_api.schemas import WorkspaceModifySchema
+from tracim.views.core_api.schemas import WorkspaceAndUserIdPathSchema
 from tracim.views.core_api.schemas import ContentMoveSchema
 from tracim.views.core_api.schemas import NoContentSchema
 from tracim.views.core_api.schemas import ContentCreationSchema
         ]
 
     @hapic.with_api_doc(tags=[WORKSPACE_ENDPOINTS_TAG])
+    @require_workspace_role(UserRoleInWorkspace.WORKSPACE_MANAGER)
+    @hapic.input_path(WorkspaceAndUserIdPathSchema())
+    @hapic.input_body(RoleUpdateSchema())
+    @hapic.output_body(WorkspaceMemberSchema())
+    def update_workspaces_members_role(
+            self,
+            context,
+            request: TracimRequest,
+            hapic_data=None
+    ) -> UserRoleWorkspaceInContext:
+        """
+        Update Members to this workspace
+        """
+        app_config = request.registry.settings['CFG']
+        rapi = RoleApi(
+            current_user=request.current_user,
+            session=request.dbsession,
+            config=app_config,
+        )
+
+        role = rapi.get_one(
+            user_id=hapic_data.path.user_id,
+            workspace_id=hapic_data.path.workspace_id,
+        )
+        workspace_role = WorkspaceRoles.get_role_from_slug(hapic_data.body.role)
+        role = rapi.update_role(
+            role,
+            role_level=workspace_role.level
+        )
+        return rapi.get_user_role_workspace_with_context(role)
+
+    @hapic.with_api_doc(tags=[WORKSPACE_ENDPOINTS_TAG])
+    @require_workspace_role(UserRoleInWorkspace.WORKSPACE_MANAGER)
+    @hapic.input_path(WorkspaceIdPathSchema())
+    @hapic.input_body(WorkspaceMemberInviteSchema())
+    @hapic.output_body(WorkspaceMemberSchema())
+    def create_workspaces_members_role(
+            self,
+            context,
+            request: TracimRequest,
+            hapic_data=None
+    ) -> UserRoleWorkspaceInContext:
+        """
+        Add Members to this workspace
+        """
+        app_config = request.registry.settings['CFG']
+        rapi = RoleApi(
+            current_user=request.current_user,
+            session=request.dbsession,
+            config=app_config,
+        )
+        uapi = UserApi(
+            current_user=request.current_user,
+            session=request.dbsession,
+            config=app_config,
+        )
+        if hapic_data.body.user_id is not None:
+            user = uapi.get_one(user_id=hapic_data.body.user_id)
+        elif hapic_data.body.user_email_or_public_name:
+            user = uapi.find_one(
+                user_email_or_public_name=hapic_data.body.user_email_or_public_name  # nopep8
+            )
+        else:
+            raise UserDoesNotExist(
+                'user_id or user_email_or_public_name should have '
+                'valid value.'
+            )
+        role = rapi.create_one(
+            user=user,
+            workspace=request.current_workspace,
+            role_level=WorkspaceRoles.get_role_from_slug(hapic_data.body.role).level,  # nopep8
+            with_notif=False,
+            flush=True,
+        )
+        return rapi.get_user_role_workspace_with_context(role)
+
+    @hapic.with_api_doc(tags=[WORKSPACE_ENDPOINTS_TAG])
     @require_workspace_role(UserRoleInWorkspace.READER)
     @hapic.input_path(WorkspaceIdPathSchema())
     @hapic.input_query(FilterContentQuerySchema())
         # Workspace Members (Roles)
         configurator.add_route('workspace_members', '/workspaces/{workspace_id}/members', request_method='GET')  # nopep8
         configurator.add_view(self.workspaces_members, route_name='workspace_members')  # nopep8
+        # Update Workspace Members roles
+        configurator.add_route('update_workspace_member', '/workspaces/{workspace_id}/members/{user_id}', request_method='PUT')  # nopep8
+        configurator.add_view(self.update_workspaces_members_role, route_name='update_workspace_member')  # nopep8
+        # Create Workspace Members roles
+        configurator.add_route('create_workspace_member', '/workspaces/{workspace_id}/members', request_method='POST')  # nopep8
+        configurator.add_view(self.create_workspaces_members_role, route_name='create_workspace_member')  # nopep8
         # Workspace Content
         configurator.add_route('workspace_content', '/workspaces/{workspace_id}/contents', request_method='GET')  # nopep8
         configurator.add_view(self.workspace_content, route_name='workspace_content')  # nopep8