chore: Merge remote-tracking branch 'origin/main' into feat/transfer-…

…site-mutation

README.md

@@ -17,6 +17,8 @@ In the `.env` file
 
 -   set values for `APPLE_CLIENT_ID`, `APPLE_KEY_ID`, `APPLE_TEAM_ID`, `APPLE_PRIVATE_KEY` and based on what you have set up on developer.apple.com > Certificates, Identifiers & Profiles > Keys.
 
+-   set values for `MICROSOFT_CLIENT_ID` and either `MICROSOFT_CLIENT_SECRET` (less secure) or both `MICROSOFT_PRIVATE_KEY` and `MICROSOFT_CERTIFICATE_THUMBPRINT` based on what you have set up on portal.azure.com > App Registrations > [App Name] > Certificates & Secrets
+
 Start building the Docker images (make sure there's `requirements.txt`
 file created before building the images):
 

terraso_backend/apps/auth/providers.py

@@ -221,15 +221,20 @@ def _build_client_secret(self):
         )
 
     def fetch_auth_tokens(self, authorization_code):
-        client_assertion = self._build_client_secret()
         params = dict(
             client_id=self.CLIENT_ID,
             code=authorization_code,
             grant_type="authorization_code",
             redirect_uri=self.REDIRECT_URI,
-            client_assertion=client_assertion,
-            client_assertion_type="urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
         )
+        if not self.CLIENT_SECRET:
+            params.update(
+                dict(
+                    client_assertion=self._build_client_secret(),
+                    client_assertion_type="urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
+                )
+            )
+
         try:
             resp = httpx.post(self.TOKEN_URI, data=params)
             resp.raise_for_status()

terraso_backend/apps/graphql/schema/sites.py

@@ -124,7 +124,7 @@ def mutate_and_get_payload(cls, root, info, **kwargs):
         if adding_to_project:
             project = cls.get_or_throw(Project, "project_id", kwargs["project_id"])
             if not user.has_perm(Project.get_perm("add_site"), project):
-                raise cls.not_allowed(MutationTypes.ADD)
+                raise cls.not_allowed(MutationTypes.CREATE)
             kwargs["project"] = project
         else:
             kwargs["owner"] = info.context.user

terraso_backend/apps/project_management/models/projects.py

@@ -27,6 +27,8 @@
 
 
 class ProjectSettings(BaseModel):
+    """NOTE: Theses settings are currently ignored, and might be removed later"""
+
     class Meta(BaseModel.Meta):
         abstract = False
 

terraso_backend/tests/conftest.py

@@ -119,3 +119,10 @@ def project_user(project: Project) -> User:
         membership_status=Membership.APPROVED,
     )
     return user
+
+
+@pytest.fixture
+def project_user_w_role(request, project: Project):
+    user = mixer.blend(User)
+    project.add_user_with_role(user, request.param)
+    return user

terraso_backend/tests/graphql/mutations/test_sites.py

@@ -68,10 +68,11 @@ def test_site_creation(client_query, user):
     assert log_result.metadata == expected_metadata
 
 
-def test_site_creation_in_project(client, project_manager, project):
+@pytest.mark.parametrize("project_user_w_role", ["manager", "contributor"], indirect=True)
+def test_site_creation_in_project(client, project_user_w_role, project):
     kwargs = site_creation_keywords()
     kwargs["projectId"] = str(project.id)
-    client.force_login(project_manager)
+    client.force_login(project_user_w_role)
     response = graphql_query(CREATE_SITE_QUERY, variables={"input": kwargs}, client=client)
     content = json.loads(response.content)
     assert "errors" not in content and "errors" not in content["data"]