gitea/tests/integration/org_team_invite_test.go

// Copyright 2022 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT

package integration

import (
	"fmt"
	"net/http"
	"net/url"
	"strings"
	"testing"

	"code.gitea.io/gitea/models/db"
	"code.gitea.io/gitea/models/organization"
	"code.gitea.io/gitea/models/unittest"
	user_model "code.gitea.io/gitea/models/user"
	"code.gitea.io/gitea/modules/setting"
	"code.gitea.io/gitea/modules/test"
	"code.gitea.io/gitea/tests"

	"github.com/stretchr/testify/assert"
)

func TestOrgTeamEmailInvite(t *testing.T) {
	if setting.MailService == nil {
		t.Skip()
		return
	}

	defer tests.PrepareTestEnv(t)()

	org := unittest.AssertExistsAndLoadBean(t, &organization.Organization{ID: 3})
	team := unittest.AssertExistsAndLoadBean(t, &organization.Team{ID: 2})
	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 5})

	isMember, err := organization.IsTeamMember(db.DefaultContext, team.OrgID, team.ID, user.ID)
	assert.NoError(t, err)
	assert.False(t, isMember)

	session := loginUser(t, "user1")

	teamURL := fmt.Sprintf("/org/%s/teams/%s", org.Name, team.Name)
	csrf := GetUserCSRFToken(t, session)
	req := NewRequestWithValues(t, "POST", teamURL+"/action/add", map[string]string{
		"_csrf": csrf,
		"uid":   "1",
		"uname": user.Email,
	})
	resp := session.MakeRequest(t, req, http.StatusSeeOther)
	req = NewRequest(t, "GET", test.RedirectURL(resp))
	session.MakeRequest(t, req, http.StatusOK)

	// get the invite token
	invites, err := organization.GetInvitesByTeamID(db.DefaultContext, team.ID)
	assert.NoError(t, err)
	assert.Len(t, invites, 1)

	session = loginUser(t, user.Name)

	// join the team
	inviteURL := fmt.Sprintf("/org/invite/%s", invites[0].Token)
	csrf = GetUserCSRFToken(t, session)
	req = NewRequestWithValues(t, "POST", inviteURL, map[string]string{
		"_csrf": csrf,
	})
	resp = session.MakeRequest(t, req, http.StatusSeeOther)
	req = NewRequest(t, "GET", test.RedirectURL(resp))
	session.MakeRequest(t, req, http.StatusOK)

	isMember, err = organization.IsTeamMember(db.DefaultContext, team.OrgID, team.ID, user.ID)
	assert.NoError(t, err)
	assert.True(t, isMember)
}

// Check that users are redirected to accept the invitation correctly after login
func TestOrgTeamEmailInviteRedirectsExistingUser(t *testing.T) {
	if setting.MailService == nil {
		t.Skip()
		return
	}

	defer tests.PrepareTestEnv(t)()

	org := unittest.AssertExistsAndLoadBean(t, &organization.Organization{ID: 3})
	team := unittest.AssertExistsAndLoadBean(t, &organization.Team{ID: 2})
	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 5})

	isMember, err := organization.IsTeamMember(db.DefaultContext, team.OrgID, team.ID, user.ID)
	assert.NoError(t, err)
	assert.False(t, isMember)

	// create the invite
	session := loginUser(t, "user1")

	teamURL := fmt.Sprintf("/org/%s/teams/%s", org.Name, team.Name)
	req := NewRequestWithValues(t, "POST", teamURL+"/action/add", map[string]string{
		"_csrf": GetUserCSRFToken(t, session),
		"uid":   "1",
		"uname": user.Email,
	})
	resp := session.MakeRequest(t, req, http.StatusSeeOther)
	req = NewRequest(t, "GET", test.RedirectURL(resp))
	session.MakeRequest(t, req, http.StatusOK)

	// get the invite token
	invites, err := organization.GetInvitesByTeamID(db.DefaultContext, team.ID)
	assert.NoError(t, err)
	assert.Len(t, invites, 1)

	// accept the invite
	inviteURL := fmt.Sprintf("/org/invite/%s", invites[0].Token)
	req = NewRequest(t, "GET", fmt.Sprintf("/user/login?redirect_to=%s", url.QueryEscape(inviteURL)))
	resp = MakeRequest(t, req, http.StatusOK)

	doc := NewHTMLParser(t, resp.Body)
	req = NewRequestWithValues(t, "POST", "/user/login", map[string]string{
		"_csrf":     doc.GetCSRF(),
		"user_name": "user5",
		"password":  "password",
	})
	for _, c := range resp.Result().Cookies() {
		req.AddCookie(c)
	}

	resp = MakeRequest(t, req, http.StatusSeeOther)
	assert.Equal(t, inviteURL, test.RedirectURL(resp))

	// complete the login process
	ch := http.Header{}
	ch.Add("Cookie", strings.Join(resp.Header()["Set-Cookie"], ";"))
	cr := http.Request{Header: ch}

	session = emptyTestSession(t)
	baseURL, err := url.Parse(setting.AppURL)
	assert.NoError(t, err)
	session.jar.SetCookies(baseURL, cr.Cookies())

	// make the request
	req = NewRequestWithValues(t, "POST", test.RedirectURL(resp), map[string]string{
		"_csrf": GetUserCSRFToken(t, session),
	})
	resp = session.MakeRequest(t, req, http.StatusSeeOther)
	req = NewRequest(t, "GET", test.RedirectURL(resp))
	session.MakeRequest(t, req, http.StatusOK)

	isMember, err = organization.IsTeamMember(db.DefaultContext, team.OrgID, team.ID, user.ID)
	assert.NoError(t, err)
	assert.True(t, isMember)
}

// Check that newly signed up users are redirected to accept the invitation correctly
func TestOrgTeamEmailInviteRedirectsNewUser(t *testing.T) {
	if setting.MailService == nil {
		t.Skip()
		return
	}

	defer tests.PrepareTestEnv(t)()

	org := unittest.AssertExistsAndLoadBean(t, &organization.Organization{ID: 3})
	team := unittest.AssertExistsAndLoadBean(t, &organization.Team{ID: 2})

	// create the invite
	session := loginUser(t, "user1")

	teamURL := fmt.Sprintf("/org/%s/teams/%s", org.Name, team.Name)
	req := NewRequestWithValues(t, "POST", teamURL+"/action/add", map[string]string{
		"_csrf": GetUserCSRFToken(t, session),
		"uid":   "1",
		"uname": "doesnotexist@example.com",
	})
	resp := session.MakeRequest(t, req, http.StatusSeeOther)
	req = NewRequest(t, "GET", test.RedirectURL(resp))
	session.MakeRequest(t, req, http.StatusOK)

	// get the invite token
	invites, err := organization.GetInvitesByTeamID(db.DefaultContext, team.ID)
	assert.NoError(t, err)
	assert.Len(t, invites, 1)

	// accept the invite
	inviteURL := fmt.Sprintf("/org/invite/%s", invites[0].Token)
	req = NewRequest(t, "GET", fmt.Sprintf("/user/sign_up?redirect_to=%s", url.QueryEscape(inviteURL)))
	resp = MakeRequest(t, req, http.StatusOK)

	doc := NewHTMLParser(t, resp.Body)
	req = NewRequestWithValues(t, "POST", "/user/sign_up", map[string]string{
		"_csrf":     doc.GetCSRF(),
		"user_name": "doesnotexist",
		"email":     "doesnotexist@example.com",
		"password":  "examplePassword!1",
		"retype":    "examplePassword!1",
	})
	for _, c := range resp.Result().Cookies() {
		req.AddCookie(c)
	}

	resp = MakeRequest(t, req, http.StatusSeeOther)
	assert.Equal(t, inviteURL, test.RedirectURL(resp))

	// complete the signup process
	ch := http.Header{}
	ch.Add("Cookie", strings.Join(resp.Header()["Set-Cookie"], ";"))
	cr := http.Request{Header: ch}

	session = emptyTestSession(t)
	baseURL, err := url.Parse(setting.AppURL)
	assert.NoError(t, err)
	session.jar.SetCookies(baseURL, cr.Cookies())

	// make the redirected request
	req = NewRequestWithValues(t, "POST", test.RedirectURL(resp), map[string]string{
		"_csrf": GetUserCSRFToken(t, session),
	})
	resp = session.MakeRequest(t, req, http.StatusSeeOther)
	req = NewRequest(t, "GET", test.RedirectURL(resp))
	session.MakeRequest(t, req, http.StatusOK)

	// get the new user
	newUser, err := user_model.GetUserByName(db.DefaultContext, "doesnotexist")
	assert.NoError(t, err)

	isMember, err := organization.IsTeamMember(db.DefaultContext, team.OrgID, team.ID, newUser.ID)
	assert.NoError(t, err)
	assert.True(t, isMember)
}

// Check that users are redirected correctly after confirming their email
func TestOrgTeamEmailInviteRedirectsNewUserWithActivation(t *testing.T) {
	if setting.MailService == nil {
		t.Skip()
		return
	}

	// enable email confirmation temporarily
	defer test.MockVariableValue(&setting.Service.RegisterEmailConfirm, true)()
	defer tests.PrepareTestEnv(t)()

	org := unittest.AssertExistsAndLoadBean(t, &organization.Organization{ID: 3})
	team := unittest.AssertExistsAndLoadBean(t, &organization.Team{ID: 2})

	// user1: create the invite
	session := loginUser(t, "user1")

	teamURL := fmt.Sprintf("/org/%s/teams/%s", org.Name, team.Name)
	req := NewRequestWithValues(t, "POST", teamURL+"/action/add", map[string]string{
		"_csrf": GetUserCSRFToken(t, session),
		"uid":   "1",
		"uname": "doesnotexist@example.com",
	})
	resp := session.MakeRequest(t, req, http.StatusSeeOther)
	req = NewRequest(t, "GET", test.RedirectURL(resp))
	session.MakeRequest(t, req, http.StatusOK)

	// get the invite token
	invites, err := organization.GetInvitesByTeamID(db.DefaultContext, team.ID)
	assert.NoError(t, err)
	assert.Len(t, invites, 1)

	// new user: accept the invite
	session = emptyTestSession(t)

	inviteURL := fmt.Sprintf("/org/invite/%s", invites[0].Token)
	req = NewRequest(t, "GET", fmt.Sprintf("/user/sign_up?redirect_to=%s", url.QueryEscape(inviteURL)))
	session.MakeRequest(t, req, http.StatusOK)
	req = NewRequestWithValues(t, "POST", "/user/sign_up", map[string]string{
		"user_name": "doesnotexist",
		"email":     "doesnotexist@example.com",
		"password":  "examplePassword!1",
		"retype":    "examplePassword!1",
	})
	session.MakeRequest(t, req, http.StatusOK)

	user, err := user_model.GetUserByName(db.DefaultContext, "doesnotexist")
	assert.NoError(t, err)

	activateURL := fmt.Sprintf("/user/activate?code=%s", user.GenerateEmailActivateCode("doesnotexist@example.com"))
	req = NewRequestWithValues(t, "POST", activateURL, map[string]string{
		"password": "examplePassword!1",
	})

	resp = session.MakeRequest(t, req, http.StatusSeeOther)
	// should be redirected to accept the invite
	assert.Equal(t, inviteURL, test.RedirectURL(resp))

	req = NewRequestWithValues(t, "POST", test.RedirectURL(resp), map[string]string{
		"_csrf": GetUserCSRFToken(t, session),
	})
	resp = session.MakeRequest(t, req, http.StatusSeeOther)
	req = NewRequest(t, "GET", test.RedirectURL(resp))
	session.MakeRequest(t, req, http.StatusOK)

	isMember, err := organization.IsTeamMember(db.DefaultContext, team.OrgID, team.ID, user.ID)
	assert.NoError(t, err)
	assert.True(t, isMember)
}

// Test that a logged-in user who navigates to the sign-up link is then redirected using redirect_to
// For example: an invite may have been created before the user account was created, but they may be
// accepting the invite after having created an account separately
func TestOrgTeamEmailInviteRedirectsExistingUserWithLogin(t *testing.T) {
	if setting.MailService == nil {
		t.Skip()
		return
	}

	defer tests.PrepareTestEnv(t)()

	org := unittest.AssertExistsAndLoadBean(t, &organization.Organization{ID: 3})
	team := unittest.AssertExistsAndLoadBean(t, &organization.Team{ID: 2})
	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 5})

	isMember, err := organization.IsTeamMember(db.DefaultContext, team.OrgID, team.ID, user.ID)
	assert.NoError(t, err)
	assert.False(t, isMember)

	// create the invite
	session := loginUser(t, "user1")

	teamURL := fmt.Sprintf("/org/%s/teams/%s", org.Name, team.Name)
	req := NewRequestWithValues(t, "POST", teamURL+"/action/add", map[string]string{
		"_csrf": GetUserCSRFToken(t, session),
		"uid":   "1",
		"uname": user.Email,
	})
	resp := session.MakeRequest(t, req, http.StatusSeeOther)
	req = NewRequest(t, "GET", test.RedirectURL(resp))
	session.MakeRequest(t, req, http.StatusOK)

	// get the invite token
	invites, err := organization.GetInvitesByTeamID(db.DefaultContext, team.ID)
	assert.NoError(t, err)
	assert.Len(t, invites, 1)

	// note: the invited user has logged in
	session = loginUser(t, "user5")

	// accept the invite (note: this uses the sign_up url)
	inviteURL := fmt.Sprintf("/org/invite/%s", invites[0].Token)
	req = NewRequest(t, "GET", fmt.Sprintf("/user/sign_up?redirect_to=%s", url.QueryEscape(inviteURL)))
	resp = session.MakeRequest(t, req, http.StatusSeeOther)
	assert.Equal(t, inviteURL, test.RedirectURL(resp))

	// make the request
	req = NewRequestWithValues(t, "POST", test.RedirectURL(resp), map[string]string{
		"_csrf": GetUserCSRFToken(t, session),
	})
	resp = session.MakeRequest(t, req, http.StatusSeeOther)
	req = NewRequest(t, "GET", test.RedirectURL(resp))
	session.MakeRequest(t, req, http.StatusOK)

	isMember, err = organization.IsTeamMember(db.DefaultContext, team.OrgID, team.ID, user.ID)
	assert.NoError(t, err)
	assert.True(t, isMember)
}
Add team member invite by email (#20307) Allows to add (not registered) team members by email. related #5353 Invite by mail: ![grafik](https://user-images.githubusercontent.com/1666336/178154779-adcc547f-c0b7-4a2a-a131-4e41a3d9d3ad.png) Pending invitations: ![grafik](https://user-images.githubusercontent.com/1666336/178154882-9d739bb8-2b04-46c1-a025-c1f4be26af98.png) Email: ![grafik](https://user-images.githubusercontent.com/1666336/178164716-f2f90893-7ba6-4a5e-a3db-42538a660258.png) Join form: ![grafik](https://user-images.githubusercontent.com/1666336/178154840-aaab983a-d922-4414-b01a-9b1a19c5cef7.png) Co-authored-by: Jack Hay <jjphay@gmail.com> 2022-10-19 12:40:28 +00:00			`// Copyright 2022 The Gitea Authors. All rights reserved.`
Implement FSFE REUSE for golang files (#21840) Change all license headers to comply with REUSE specification. Fix #16132 Co-authored-by: flynnnnnnnnnn <flynnnnnnnnnn@github> Co-authored-by: John Olheiser <john.olheiser@gmail.com> 2022-11-27 18:20:29 +00:00			`// SPDX-License-Identifier: MIT`
Add team member invite by email (#20307) Allows to add (not registered) team members by email. related #5353 Invite by mail: ![grafik](https://user-images.githubusercontent.com/1666336/178154779-adcc547f-c0b7-4a2a-a131-4e41a3d9d3ad.png) Pending invitations: ![grafik](https://user-images.githubusercontent.com/1666336/178154882-9d739bb8-2b04-46c1-a025-c1f4be26af98.png) Email: ![grafik](https://user-images.githubusercontent.com/1666336/178164716-f2f90893-7ba6-4a5e-a3db-42538a660258.png) Join form: ![grafik](https://user-images.githubusercontent.com/1666336/178154840-aaab983a-d922-4414-b01a-9b1a19c5cef7.png) Co-authored-by: Jack Hay <jjphay@gmail.com> 2022-10-19 12:40:28 +00:00
			`package integration`

			`import (`
			`"fmt"`
			`"net/http"`
Update team invitation email link (#26550) Co-authored-by: Kyle D <kdumontnu@gmail.com> Co-authored-by: Jonathan Tran <jonnytran@gmail.com> 2023-08-31 16:26:13 +00:00			`"net/url"`
			`"strings"`
Add team member invite by email (#20307) Allows to add (not registered) team members by email. related #5353 Invite by mail: ![grafik](https://user-images.githubusercontent.com/1666336/178154779-adcc547f-c0b7-4a2a-a131-4e41a3d9d3ad.png) Pending invitations: ![grafik](https://user-images.githubusercontent.com/1666336/178154882-9d739bb8-2b04-46c1-a025-c1f4be26af98.png) Email: ![grafik](https://user-images.githubusercontent.com/1666336/178164716-f2f90893-7ba6-4a5e-a3db-42538a660258.png) Join form: ![grafik](https://user-images.githubusercontent.com/1666336/178154840-aaab983a-d922-4414-b01a-9b1a19c5cef7.png) Co-authored-by: Jack Hay <jjphay@gmail.com> 2022-10-19 12:40:28 +00:00			`"testing"`

			`"code.gitea.io/gitea/models/db"`
			`"code.gitea.io/gitea/models/organization"`
			`"code.gitea.io/gitea/models/unittest"`
			`user_model "code.gitea.io/gitea/models/user"`
			`"code.gitea.io/gitea/modules/setting"`
			`"code.gitea.io/gitea/modules/test"`
			`"code.gitea.io/gitea/tests"`

			`"github.com/stretchr/testify/assert"`
			`)`

			`func TestOrgTeamEmailInvite(t *testing.T) {`
			`if setting.MailService == nil {`
			`t.Skip()`
			`return`
			`}`

			`defer tests.PrepareTestEnv(t)()`

			`org := unittest.AssertExistsAndLoadBean(t, &organization.Organization{ID: 3})`
			`team := unittest.AssertExistsAndLoadBean(t, &organization.Team{ID: 2})`
			`user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 5})`

			`isMember, err := organization.IsTeamMember(db.DefaultContext, team.OrgID, team.ID, user.ID)`
			`assert.NoError(t, err)`
			`assert.False(t, isMember)`

			`session := loginUser(t, "user1")`

Update team invitation email link (#26550) Co-authored-by: Kyle D <kdumontnu@gmail.com> Co-authored-by: Jonathan Tran <jonnytran@gmail.com> 2023-08-31 16:26:13 +00:00			`teamURL := fmt.Sprintf("/org/%s/teams/%s", org.Name, team.Name)`
Refactor CSRF token (#32216) 2024-10-10 03:48:21 +00:00			`csrf := GetUserCSRFToken(t, session)`
Update team invitation email link (#26550) Co-authored-by: Kyle D <kdumontnu@gmail.com> Co-authored-by: Jonathan Tran <jonnytran@gmail.com> 2023-08-31 16:26:13 +00:00			`req := NewRequestWithValues(t, "POST", teamURL+"/action/add", map[string]string{`
Add team member invite by email (#20307) Allows to add (not registered) team members by email. related #5353 Invite by mail: ![grafik](https://user-images.githubusercontent.com/1666336/178154779-adcc547f-c0b7-4a2a-a131-4e41a3d9d3ad.png) Pending invitations: ![grafik](https://user-images.githubusercontent.com/1666336/178154882-9d739bb8-2b04-46c1-a025-c1f4be26af98.png) Email: ![grafik](https://user-images.githubusercontent.com/1666336/178164716-f2f90893-7ba6-4a5e-a3db-42538a660258.png) Join form: ![grafik](https://user-images.githubusercontent.com/1666336/178154840-aaab983a-d922-4414-b01a-9b1a19c5cef7.png) Co-authored-by: Jack Hay <jjphay@gmail.com> 2022-10-19 12:40:28 +00:00			`"_csrf": csrf,`
			`"uid": "1",`
			`"uname": user.Email,`
			`})`
			`resp := session.MakeRequest(t, req, http.StatusSeeOther)`
			`req = NewRequest(t, "GET", test.RedirectURL(resp))`
			`session.MakeRequest(t, req, http.StatusOK)`

			`// get the invite token`
			`invites, err := organization.GetInvitesByTeamID(db.DefaultContext, team.ID)`
			`assert.NoError(t, err)`
			`assert.Len(t, invites, 1)`

			`session = loginUser(t, user.Name)`

			`// join the team`
Update team invitation email link (#26550) Co-authored-by: Kyle D <kdumontnu@gmail.com> Co-authored-by: Jonathan Tran <jonnytran@gmail.com> 2023-08-31 16:26:13 +00:00			`inviteURL := fmt.Sprintf("/org/invite/%s", invites[0].Token)`
Refactor CSRF token (#32216) 2024-10-10 03:48:21 +00:00			`csrf = GetUserCSRFToken(t, session)`
Update team invitation email link (#26550) Co-authored-by: Kyle D <kdumontnu@gmail.com> Co-authored-by: Jonathan Tran <jonnytran@gmail.com> 2023-08-31 16:26:13 +00:00			`req = NewRequestWithValues(t, "POST", inviteURL, map[string]string{`
Add team member invite by email (#20307) Allows to add (not registered) team members by email. related #5353 Invite by mail: ![grafik](https://user-images.githubusercontent.com/1666336/178154779-adcc547f-c0b7-4a2a-a131-4e41a3d9d3ad.png) Pending invitations: ![grafik](https://user-images.githubusercontent.com/1666336/178154882-9d739bb8-2b04-46c1-a025-c1f4be26af98.png) Email: ![grafik](https://user-images.githubusercontent.com/1666336/178164716-f2f90893-7ba6-4a5e-a3db-42538a660258.png) Join form: ![grafik](https://user-images.githubusercontent.com/1666336/178154840-aaab983a-d922-4414-b01a-9b1a19c5cef7.png) Co-authored-by: Jack Hay <jjphay@gmail.com> 2022-10-19 12:40:28 +00:00			`"_csrf": csrf,`
			`})`
			`resp = session.MakeRequest(t, req, http.StatusSeeOther)`
			`req = NewRequest(t, "GET", test.RedirectURL(resp))`
			`session.MakeRequest(t, req, http.StatusOK)`

			`isMember, err = organization.IsTeamMember(db.DefaultContext, team.OrgID, team.ID, user.ID)`
			`assert.NoError(t, err)`
			`assert.True(t, isMember)`
			`}`
Update team invitation email link (#26550) Co-authored-by: Kyle D <kdumontnu@gmail.com> Co-authored-by: Jonathan Tran <jonnytran@gmail.com> 2023-08-31 16:26:13 +00:00
			`// Check that users are redirected to accept the invitation correctly after login`
			`func TestOrgTeamEmailInviteRedirectsExistingUser(t *testing.T) {`
			`if setting.MailService == nil {`
			`t.Skip()`
			`return`
			`}`

			`defer tests.PrepareTestEnv(t)()`

			`org := unittest.AssertExistsAndLoadBean(t, &organization.Organization{ID: 3})`
			`team := unittest.AssertExistsAndLoadBean(t, &organization.Team{ID: 2})`
			`user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 5})`

			`isMember, err := organization.IsTeamMember(db.DefaultContext, team.OrgID, team.ID, user.ID)`
			`assert.NoError(t, err)`
			`assert.False(t, isMember)`

			`// create the invite`
			`session := loginUser(t, "user1")`

			`teamURL := fmt.Sprintf("/org/%s/teams/%s", org.Name, team.Name)`
			`req := NewRequestWithValues(t, "POST", teamURL+"/action/add", map[string]string{`
Refactor CSRF token (#32216) 2024-10-10 03:48:21 +00:00			`"_csrf": GetUserCSRFToken(t, session),`
Update team invitation email link (#26550) Co-authored-by: Kyle D <kdumontnu@gmail.com> Co-authored-by: Jonathan Tran <jonnytran@gmail.com> 2023-08-31 16:26:13 +00:00			`"uid": "1",`
			`"uname": user.Email,`
			`})`
			`resp := session.MakeRequest(t, req, http.StatusSeeOther)`
			`req = NewRequest(t, "GET", test.RedirectURL(resp))`
			`session.MakeRequest(t, req, http.StatusOK)`

			`// get the invite token`
			`invites, err := organization.GetInvitesByTeamID(db.DefaultContext, team.ID)`
			`assert.NoError(t, err)`
			`assert.Len(t, invites, 1)`

			`// accept the invite`
			`inviteURL := fmt.Sprintf("/org/invite/%s", invites[0].Token)`
			`req = NewRequest(t, "GET", fmt.Sprintf("/user/login?redirect_to=%s", url.QueryEscape(inviteURL)))`
			`resp = MakeRequest(t, req, http.StatusOK)`

			`doc := NewHTMLParser(t, resp.Body)`
			`req = NewRequestWithValues(t, "POST", "/user/login", map[string]string{`
			`"_csrf": doc.GetCSRF(),`
			`"user_name": "user5",`
			`"password": "password",`
			`})`
			`for _, c := range resp.Result().Cookies() {`
			`req.AddCookie(c)`
			`}`

			`resp = MakeRequest(t, req, http.StatusSeeOther)`
			`assert.Equal(t, inviteURL, test.RedirectURL(resp))`

			`// complete the login process`
			`ch := http.Header{}`
			`ch.Add("Cookie", strings.Join(resp.Header()["Set-Cookie"], ";"))`
			`cr := http.Request{Header: ch}`

			`session = emptyTestSession(t)`
			`baseURL, err := url.Parse(setting.AppURL)`
			`assert.NoError(t, err)`
			`session.jar.SetCookies(baseURL, cr.Cookies())`

			`// make the request`
			`req = NewRequestWithValues(t, "POST", test.RedirectURL(resp), map[string]string{`
Refactor CSRF token (#32216) 2024-10-10 03:48:21 +00:00			`"_csrf": GetUserCSRFToken(t, session),`
Update team invitation email link (#26550) Co-authored-by: Kyle D <kdumontnu@gmail.com> Co-authored-by: Jonathan Tran <jonnytran@gmail.com> 2023-08-31 16:26:13 +00:00			`})`
			`resp = session.MakeRequest(t, req, http.StatusSeeOther)`
			`req = NewRequest(t, "GET", test.RedirectURL(resp))`
			`session.MakeRequest(t, req, http.StatusOK)`

			`isMember, err = organization.IsTeamMember(db.DefaultContext, team.OrgID, team.ID, user.ID)`
			`assert.NoError(t, err)`
			`assert.True(t, isMember)`
			`}`

			`// Check that newly signed up users are redirected to accept the invitation correctly`
			`func TestOrgTeamEmailInviteRedirectsNewUser(t *testing.T) {`
			`if setting.MailService == nil {`
			`t.Skip()`
			`return`
			`}`

			`defer tests.PrepareTestEnv(t)()`

			`org := unittest.AssertExistsAndLoadBean(t, &organization.Organization{ID: 3})`
			`team := unittest.AssertExistsAndLoadBean(t, &organization.Team{ID: 2})`

			`// create the invite`
			`session := loginUser(t, "user1")`

			`teamURL := fmt.Sprintf("/org/%s/teams/%s", org.Name, team.Name)`
			`req := NewRequestWithValues(t, "POST", teamURL+"/action/add", map[string]string{`
Refactor CSRF token (#32216) 2024-10-10 03:48:21 +00:00			`"_csrf": GetUserCSRFToken(t, session),`
Update team invitation email link (#26550) Co-authored-by: Kyle D <kdumontnu@gmail.com> Co-authored-by: Jonathan Tran <jonnytran@gmail.com> 2023-08-31 16:26:13 +00:00			`"uid": "1",`
			`"uname": "doesnotexist@example.com",`
			`})`
			`resp := session.MakeRequest(t, req, http.StatusSeeOther)`
			`req = NewRequest(t, "GET", test.RedirectURL(resp))`
			`session.MakeRequest(t, req, http.StatusOK)`

			`// get the invite token`
			`invites, err := organization.GetInvitesByTeamID(db.DefaultContext, team.ID)`
			`assert.NoError(t, err)`
			`assert.Len(t, invites, 1)`

			`// accept the invite`
			`inviteURL := fmt.Sprintf("/org/invite/%s", invites[0].Token)`
			`req = NewRequest(t, "GET", fmt.Sprintf("/user/sign_up?redirect_to=%s", url.QueryEscape(inviteURL)))`
			`resp = MakeRequest(t, req, http.StatusOK)`

			`doc := NewHTMLParser(t, resp.Body)`
			`req = NewRequestWithValues(t, "POST", "/user/sign_up", map[string]string{`
			`"_csrf": doc.GetCSRF(),`
			`"user_name": "doesnotexist",`
			`"email": "doesnotexist@example.com",`
			`"password": "examplePassword!1",`
			`"retype": "examplePassword!1",`
			`})`
			`for _, c := range resp.Result().Cookies() {`
			`req.AddCookie(c)`
			`}`

			`resp = MakeRequest(t, req, http.StatusSeeOther)`
			`assert.Equal(t, inviteURL, test.RedirectURL(resp))`

			`// complete the signup process`
			`ch := http.Header{}`
			`ch.Add("Cookie", strings.Join(resp.Header()["Set-Cookie"], ";"))`
			`cr := http.Request{Header: ch}`

			`session = emptyTestSession(t)`
			`baseURL, err := url.Parse(setting.AppURL)`
			`assert.NoError(t, err)`
			`session.jar.SetCookies(baseURL, cr.Cookies())`

			`// make the redirected request`
			`req = NewRequestWithValues(t, "POST", test.RedirectURL(resp), map[string]string{`
Refactor CSRF token (#32216) 2024-10-10 03:48:21 +00:00			`"_csrf": GetUserCSRFToken(t, session),`
Update team invitation email link (#26550) Co-authored-by: Kyle D <kdumontnu@gmail.com> Co-authored-by: Jonathan Tran <jonnytran@gmail.com> 2023-08-31 16:26:13 +00:00			`})`
			`resp = session.MakeRequest(t, req, http.StatusSeeOther)`
			`req = NewRequest(t, "GET", test.RedirectURL(resp))`
			`session.MakeRequest(t, req, http.StatusOK)`

			`// get the new user`
			`newUser, err := user_model.GetUserByName(db.DefaultContext, "doesnotexist")`
			`assert.NoError(t, err)`

			`isMember, err := organization.IsTeamMember(db.DefaultContext, team.OrgID, team.ID, newUser.ID)`
			`assert.NoError(t, err)`
			`assert.True(t, isMember)`
			`}`

			`// Check that users are redirected correctly after confirming their email`
			`func TestOrgTeamEmailInviteRedirectsNewUserWithActivation(t *testing.T) {`
			`if setting.MailService == nil {`
			`t.Skip()`
			`return`
			`}`

			`// enable email confirmation temporarily`
Refactor CSRF token (#32216) 2024-10-10 03:48:21 +00:00			`defer test.MockVariableValue(&setting.Service.RegisterEmailConfirm, true)()`
Update team invitation email link (#26550) Co-authored-by: Kyle D <kdumontnu@gmail.com> Co-authored-by: Jonathan Tran <jonnytran@gmail.com> 2023-08-31 16:26:13 +00:00			`defer tests.PrepareTestEnv(t)()`

			`org := unittest.AssertExistsAndLoadBean(t, &organization.Organization{ID: 3})`
			`team := unittest.AssertExistsAndLoadBean(t, &organization.Team{ID: 2})`

Refactor CSRF token (#32216) 2024-10-10 03:48:21 +00:00			`// user1: create the invite`
Update team invitation email link (#26550) Co-authored-by: Kyle D <kdumontnu@gmail.com> Co-authored-by: Jonathan Tran <jonnytran@gmail.com> 2023-08-31 16:26:13 +00:00			`session := loginUser(t, "user1")`

			`teamURL := fmt.Sprintf("/org/%s/teams/%s", org.Name, team.Name)`
			`req := NewRequestWithValues(t, "POST", teamURL+"/action/add", map[string]string{`
Refactor CSRF token (#32216) 2024-10-10 03:48:21 +00:00			`"_csrf": GetUserCSRFToken(t, session),`
Update team invitation email link (#26550) Co-authored-by: Kyle D <kdumontnu@gmail.com> Co-authored-by: Jonathan Tran <jonnytran@gmail.com> 2023-08-31 16:26:13 +00:00			`"uid": "1",`
			`"uname": "doesnotexist@example.com",`
			`})`
			`resp := session.MakeRequest(t, req, http.StatusSeeOther)`
			`req = NewRequest(t, "GET", test.RedirectURL(resp))`
			`session.MakeRequest(t, req, http.StatusOK)`

			`// get the invite token`
			`invites, err := organization.GetInvitesByTeamID(db.DefaultContext, team.ID)`
			`assert.NoError(t, err)`
			`assert.Len(t, invites, 1)`

Refactor CSRF token (#32216) 2024-10-10 03:48:21 +00:00			`// new user: accept the invite`
			`session = emptyTestSession(t)`

Update team invitation email link (#26550) Co-authored-by: Kyle D <kdumontnu@gmail.com> Co-authored-by: Jonathan Tran <jonnytran@gmail.com> 2023-08-31 16:26:13 +00:00			`inviteURL := fmt.Sprintf("/org/invite/%s", invites[0].Token)`
			`req = NewRequest(t, "GET", fmt.Sprintf("/user/sign_up?redirect_to=%s", url.QueryEscape(inviteURL)))`
Refactor CSRF token (#32216) 2024-10-10 03:48:21 +00:00			`session.MakeRequest(t, req, http.StatusOK)`
Update team invitation email link (#26550) Co-authored-by: Kyle D <kdumontnu@gmail.com> Co-authored-by: Jonathan Tran <jonnytran@gmail.com> 2023-08-31 16:26:13 +00:00			`req = NewRequestWithValues(t, "POST", "/user/sign_up", map[string]string{`
			`"user_name": "doesnotexist",`
			`"email": "doesnotexist@example.com",`
			`"password": "examplePassword!1",`
			`"retype": "examplePassword!1",`
			`})`
Refactor CSRF token (#32216) 2024-10-10 03:48:21 +00:00			`session.MakeRequest(t, req, http.StatusOK)`
Update team invitation email link (#26550) Co-authored-by: Kyle D <kdumontnu@gmail.com> Co-authored-by: Jonathan Tran <jonnytran@gmail.com> 2023-08-31 16:26:13 +00:00
			`user, err := user_model.GetUserByName(db.DefaultContext, "doesnotexist")`
			`assert.NoError(t, err)`

			`activateURL := fmt.Sprintf("/user/activate?code=%s", user.GenerateEmailActivateCode("doesnotexist@example.com"))`
			`req = NewRequestWithValues(t, "POST", activateURL, map[string]string{`
			`"password": "examplePassword!1",`
			`})`

			`resp = session.MakeRequest(t, req, http.StatusSeeOther)`
			`// should be redirected to accept the invite`
			`assert.Equal(t, inviteURL, test.RedirectURL(resp))`

			`req = NewRequestWithValues(t, "POST", test.RedirectURL(resp), map[string]string{`
Refactor CSRF token (#32216) 2024-10-10 03:48:21 +00:00			`"_csrf": GetUserCSRFToken(t, session),`
Update team invitation email link (#26550) Co-authored-by: Kyle D <kdumontnu@gmail.com> Co-authored-by: Jonathan Tran <jonnytran@gmail.com> 2023-08-31 16:26:13 +00:00			`})`
			`resp = session.MakeRequest(t, req, http.StatusSeeOther)`
			`req = NewRequest(t, "GET", test.RedirectURL(resp))`
			`session.MakeRequest(t, req, http.StatusOK)`

			`isMember, err := organization.IsTeamMember(db.DefaultContext, team.OrgID, team.ID, user.ID)`
			`assert.NoError(t, err)`
			`assert.True(t, isMember)`
			`}`

			`// Test that a logged-in user who navigates to the sign-up link is then redirected using redirect_to`
			`// For example: an invite may have been created before the user account was created, but they may be`
			`// accepting the invite after having created an account separately`
			`func TestOrgTeamEmailInviteRedirectsExistingUserWithLogin(t *testing.T) {`
			`if setting.MailService == nil {`
			`t.Skip()`
			`return`
			`}`

			`defer tests.PrepareTestEnv(t)()`

			`org := unittest.AssertExistsAndLoadBean(t, &organization.Organization{ID: 3})`
			`team := unittest.AssertExistsAndLoadBean(t, &organization.Team{ID: 2})`
			`user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 5})`

			`isMember, err := organization.IsTeamMember(db.DefaultContext, team.OrgID, team.ID, user.ID)`
			`assert.NoError(t, err)`
			`assert.False(t, isMember)`

			`// create the invite`
			`session := loginUser(t, "user1")`

			`teamURL := fmt.Sprintf("/org/%s/teams/%s", org.Name, team.Name)`
			`req := NewRequestWithValues(t, "POST", teamURL+"/action/add", map[string]string{`
Refactor CSRF token (#32216) 2024-10-10 03:48:21 +00:00			`"_csrf": GetUserCSRFToken(t, session),`
Update team invitation email link (#26550) Co-authored-by: Kyle D <kdumontnu@gmail.com> Co-authored-by: Jonathan Tran <jonnytran@gmail.com> 2023-08-31 16:26:13 +00:00			`"uid": "1",`
			`"uname": user.Email,`
			`})`
			`resp := session.MakeRequest(t, req, http.StatusSeeOther)`
			`req = NewRequest(t, "GET", test.RedirectURL(resp))`
			`session.MakeRequest(t, req, http.StatusOK)`

			`// get the invite token`
			`invites, err := organization.GetInvitesByTeamID(db.DefaultContext, team.ID)`
			`assert.NoError(t, err)`
			`assert.Len(t, invites, 1)`

			`// note: the invited user has logged in`
			`session = loginUser(t, "user5")`

			`// accept the invite (note: this uses the sign_up url)`
			`inviteURL := fmt.Sprintf("/org/invite/%s", invites[0].Token)`
			`req = NewRequest(t, "GET", fmt.Sprintf("/user/sign_up?redirect_to=%s", url.QueryEscape(inviteURL)))`
			`resp = session.MakeRequest(t, req, http.StatusSeeOther)`
			`assert.Equal(t, inviteURL, test.RedirectURL(resp))`

			`// make the request`
			`req = NewRequestWithValues(t, "POST", test.RedirectURL(resp), map[string]string{`
Refactor CSRF token (#32216) 2024-10-10 03:48:21 +00:00			`"_csrf": GetUserCSRFToken(t, session),`
Update team invitation email link (#26550) Co-authored-by: Kyle D <kdumontnu@gmail.com> Co-authored-by: Jonathan Tran <jonnytran@gmail.com> 2023-08-31 16:26:13 +00:00			`})`
			`resp = session.MakeRequest(t, req, http.StatusSeeOther)`
			`req = NewRequest(t, "GET", test.RedirectURL(resp))`
			`session.MakeRequest(t, req, http.StatusOK)`

			`isMember, err = organization.IsTeamMember(db.DefaultContext, team.OrgID, team.ID, user.ID)`
			`assert.NoError(t, err)`
			`assert.True(t, isMember)`
			`}`