diff --git a/redash/handlers/authentication.py b/redash/handlers/authentication.py index d6c0380d6a..77b5de0ec5 100644 --- a/redash/handlers/authentication.py +++ b/redash/handlers/authentication.py @@ -38,7 +38,7 @@ def render_token_login_page(template, org_slug, token): return render_template("error.html", error_message="Your invite link has expired. Please ask for a new one."), 400 - if not user.is_invitation_pending: + if user.details.get('is_invitation_pending') is False: return render_template("error.html", error_message=("This invitation has already been accepted. " "Please try resetting your password instead.")), 400 diff --git a/tests/handlers/test_authentication.py b/tests/handlers/test_authentication.py index c0fb797d9f..1559921d14 100644 --- a/tests/handlers/test_authentication.py +++ b/tests/handlers/test_authentication.py @@ -50,6 +50,12 @@ def test_bad_token(self): response = self.post_request('/invite/{}'.format('jdsnfkjdsnfkj'), data={'password': '1234'}, org=self.factory.org) self.assertEqual(response.status_code, 400) + def test_user_invited_before_invitation_pending_check(self): + user = self.factory.create_user(details={}) + token = invite_token(user) + response = self.post_request('/invite/{}'.format(token), data={'password': 'test1234'}, org=self.factory.org) + self.assertEqual(response.status_code, 302) + def test_already_active_user(self): token = invite_token(self.factory.user) self.post_request('/invite/{}'.format(token), data={'password': 'test1234'}, org=self.factory.org)