2018-02-20 11:22:17 +00:00
|
|
|
|
from flask import (
|
|
|
|
|
|
Markup,
|
|
|
|
|
|
abort,
|
|
|
|
|
|
flash,
|
|
|
|
|
|
redirect,
|
|
|
|
|
|
render_template,
|
|
|
|
|
|
request,
|
|
|
|
|
|
url_for,
|
|
|
|
|
|
)
|
2019-07-01 15:22:08 +01:00
|
|
|
|
from flask_login import current_user
|
2018-02-20 11:22:17 +00:00
|
|
|
|
|
|
|
|
|
|
from app import (
|
|
|
|
|
|
api_key_api_client,
|
|
|
|
|
|
current_service,
|
|
|
|
|
|
notification_api_client,
|
|
|
|
|
|
service_api_client,
|
|
|
|
|
|
)
|
2021-01-06 12:12:01 +00:00
|
|
|
|
from app.formatters import email_safe
|
2016-01-16 10:59:16 +00:00
|
|
|
|
from app.main import main
|
2020-08-03 15:10:02 +01:00
|
|
|
|
from app.main.forms import CallbackForm, CreateKeyForm, GuestList
|
2018-02-20 11:22:17 +00:00
|
|
|
|
from app.notify_client.api_key_api_client import (
|
|
|
|
|
|
KEY_TYPE_NORMAL,
|
|
|
|
|
|
KEY_TYPE_TEAM,
|
|
|
|
|
|
KEY_TYPE_TEST,
|
2017-12-08 10:52:38 +00:00
|
|
|
|
)
|
2021-06-09 13:19:05 +01:00
|
|
|
|
from app.utils.user import user_has_permissions
|
2016-01-19 09:55:13 +00:00
|
|
|
|
|
2017-12-04 15:07:11 +00:00
|
|
|
|
dummy_bearer_token = 'bearer_token_set'
|
|
|
|
|
|
|
2016-01-19 09:55:13 +00:00
|
|
|
|
|
2019-11-04 11:07:55 +00:00
|
|
|
|
@main.route("/services/<uuid:service_id>/api")
|
2018-03-01 10:30:17 +00:00
|
|
|
|
@user_has_permissions('manage_api_keys')
|
2016-09-20 11:34:37 +01:00
|
|
|
|
def api_integration(service_id):
|
2017-12-08 10:52:38 +00:00
|
|
|
|
callbacks_link = (
|
2018-07-20 08:43:02 +01:00
|
|
|
|
'.api_callbacks' if current_service.has_permission('inbound_sms')
|
2017-12-08 10:52:38 +00:00
|
|
|
|
else '.delivery_status_callback'
|
|
|
|
|
|
)
|
2016-09-20 11:34:37 +01:00
|
|
|
|
return render_template(
|
2016-09-21 10:13:25 +01:00
|
|
|
|
'views/api/index.html',
|
2017-12-08 10:52:38 +00:00
|
|
|
|
callbacks_link=callbacks_link,
|
2017-09-20 16:02:15 +01:00
|
|
|
|
api_notifications=notification_api_client.get_api_notifications_for_service(service_id)
|
2016-09-20 11:34:37 +01:00
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
|
2019-11-04 11:07:55 +00:00
|
|
|
|
@main.route("/services/<uuid:service_id>/api/documentation")
|
2018-03-01 10:30:17 +00:00
|
|
|
|
@user_has_permissions('manage_api_keys')
|
2016-09-20 11:38:22 +01:00
|
|
|
|
def api_documentation(service_id):
|
2017-11-28 12:00:12 +00:00
|
|
|
|
return redirect(url_for('.documentation'), code=301)
|
2016-09-20 11:38:22 +01:00
|
|
|
|
|
|
|
|
|
|
|
2020-06-12 09:07:29 +01:00
|
|
|
|
@main.route("/services/<uuid:service_id>/api/whitelist", methods=['GET', 'POST'], endpoint='old_guest_list')
|
|
|
|
|
|
@main.route("/services/<uuid:service_id>/api/guest-list", methods=['GET', 'POST'])
|
2018-03-01 10:30:17 +00:00
|
|
|
|
@user_has_permissions('manage_api_keys')
|
2020-06-12 09:03:40 +01:00
|
|
|
|
def guest_list(service_id):
|
2020-06-12 09:02:40 +01:00
|
|
|
|
form = GuestList()
|
2016-09-20 12:30:00 +01:00
|
|
|
|
if form.validate_on_submit():
|
2020-06-12 09:05:26 +01:00
|
|
|
|
service_api_client.update_guest_list(service_id, {
|
2016-09-20 12:30:00 +01:00
|
|
|
|
'email_addresses': list(filter(None, form.email_addresses.data)),
|
2017-10-18 14:51:26 +01:00
|
|
|
|
'phone_numbers': list(filter(None, form.phone_numbers.data))
|
2016-09-20 12:30:00 +01:00
|
|
|
|
})
|
2020-06-12 09:00:08 +01:00
|
|
|
|
flash('Guest list updated', 'default_with_tick')
|
2016-09-20 12:30:00 +01:00
|
|
|
|
return redirect(url_for('.api_integration', service_id=service_id))
|
|
|
|
|
|
if not form.errors:
|
2020-06-12 09:05:26 +01:00
|
|
|
|
form.populate(**service_api_client.get_guest_list(service_id))
|
2016-09-20 12:30:00 +01:00
|
|
|
|
return render_template(
|
2020-06-12 09:06:22 +01:00
|
|
|
|
'views/api/guest-list.html',
|
2016-09-20 12:30:00 +01:00
|
|
|
|
form=form
|
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
|
2019-11-04 11:07:55 +00:00
|
|
|
|
@main.route("/services/<uuid:service_id>/api/keys")
|
2018-03-01 10:30:17 +00:00
|
|
|
|
@user_has_permissions('manage_api_keys')
|
2016-01-16 10:59:16 +00:00
|
|
|
|
def api_keys(service_id):
|
2016-01-19 09:55:13 +00:00
|
|
|
|
return render_template(
|
2016-09-20 11:23:59 +01:00
|
|
|
|
'views/api/keys.html',
|
2016-01-19 09:55:13 +00:00
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
|
2019-11-04 11:07:55 +00:00
|
|
|
|
@main.route("/services/<uuid:service_id>/api/keys/create", methods=['GET', 'POST'])
|
2018-02-28 18:13:29 +00:00
|
|
|
|
@user_has_permissions('manage_api_keys', restrict_admin_usage=True)
|
2016-01-19 09:55:13 +00:00
|
|
|
|
def create_api_key(service_id):
|
2018-11-13 09:57:17 +00:00
|
|
|
|
form = CreateKeyForm(current_service.api_keys)
|
2016-11-01 15:34:04 +00:00
|
|
|
|
form.key_type.choices = [
|
2017-02-02 12:44:12 +00:00
|
|
|
|
(KEY_TYPE_NORMAL, 'Live – sends to anyone'),
|
2020-06-12 09:00:08 +01:00
|
|
|
|
(KEY_TYPE_TEAM, 'Team and guest list – limits who you can send to'),
|
2017-02-02 12:44:12 +00:00
|
|
|
|
(KEY_TYPE_TEST, 'Test – pretends to send messages'),
|
2016-11-01 15:34:04 +00:00
|
|
|
|
]
|
2021-01-12 15:04:54 +00:00
|
|
|
|
# preserve order of items extended by starting with empty dicts
|
|
|
|
|
|
form.key_type.param_extensions = {'items': [{}, {}]}
|
2018-07-20 08:42:01 +01:00
|
|
|
|
if current_service.trial_mode:
|
2021-01-12 15:04:54 +00:00
|
|
|
|
form.key_type.param_extensions['items'][0] = {
|
|
|
|
|
|
'disabled': True,
|
|
|
|
|
|
'hint': {
|
|
|
|
|
|
'html': Markup(
|
|
|
|
|
|
'Not available because your service is in '
|
|
|
|
|
|
'<a class="govuk-link govuk-link--no-visited-state" href="/features/trial-mode">trial mode</a>')
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2018-07-20 08:43:02 +01:00
|
|
|
|
if current_service.has_permission('letter'):
|
2021-01-12 15:04:54 +00:00
|
|
|
|
form.key_type.param_extensions['items'][1]['hint'] = {'text': 'Cannot be used to send letters'}
|
2016-01-19 09:55:13 +00:00
|
|
|
|
if form.validate_on_submit():
|
2021-01-12 15:04:54 +00:00
|
|
|
|
if current_service.trial_mode and form.key_type.data == KEY_TYPE_NORMAL:
|
2016-11-01 15:34:04 +00:00
|
|
|
|
abort(400)
|
2016-07-06 15:10:36 +01:00
|
|
|
|
secret = api_key_api_client.create_api_key(
|
|
|
|
|
|
service_id=service_id,
|
|
|
|
|
|
key_name=form.key_name.data,
|
|
|
|
|
|
key_type=form.key_type.data
|
|
|
|
|
|
)
|
2016-10-07 10:59:32 +01:00
|
|
|
|
return render_template(
|
|
|
|
|
|
'views/api/keys/show.html',
|
|
|
|
|
|
secret=secret,
|
|
|
|
|
|
service_id=service_id,
|
|
|
|
|
|
key_name=email_safe(form.key_name.data, whitespace='_')
|
|
|
|
|
|
)
|
2016-01-19 09:55:13 +00:00
|
|
|
|
return render_template(
|
2016-09-20 11:23:59 +01:00
|
|
|
|
'views/api/keys/create.html',
|
2021-01-12 15:04:54 +00:00
|
|
|
|
form=form
|
2016-01-19 09:55:13 +00:00
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
|
2019-11-04 11:07:55 +00:00
|
|
|
|
@main.route("/services/<uuid:service_id>/api/keys/revoke/<uuid:key_id>", methods=['GET', 'POST'])
|
2018-03-01 10:30:17 +00:00
|
|
|
|
@user_has_permissions('manage_api_keys')
|
2016-01-19 09:55:13 +00:00
|
|
|
|
def revoke_api_key(service_id, key_id):
|
2018-11-07 11:53:29 +00:00
|
|
|
|
key_name = current_service.get_api_key(key_id)['name']
|
2016-01-19 09:55:13 +00:00
|
|
|
|
if request.method == 'GET':
|
2018-11-15 17:14:03 +00:00
|
|
|
|
flash([
|
2018-11-16 11:03:16 +00:00
|
|
|
|
"Are you sure you want to revoke ‘{}’?".format(key_name),
|
|
|
|
|
|
"You will not be able to use this API key to connect to GOV.UK Notify."
|
|
|
|
|
|
], 'revoke this API key')
|
2016-01-21 12:28:05 +00:00
|
|
|
|
return render_template(
|
2017-07-24 15:36:38 +01:00
|
|
|
|
'views/api/keys.html',
|
2016-01-21 12:28:05 +00:00
|
|
|
|
)
|
2016-01-19 09:55:13 +00:00
|
|
|
|
elif request.method == 'POST':
|
2016-01-20 17:32:55 +00:00
|
|
|
|
api_key_api_client.revoke_api_key(service_id=service_id, key_id=key_id)
|
2016-02-05 10:33:14 +00:00
|
|
|
|
flash('‘{}’ was revoked'.format(key_name), 'default_with_tick')
|
2016-01-19 09:55:13 +00:00
|
|
|
|
return redirect(url_for('.api_keys', service_id=service_id))
|
2017-12-04 15:07:11 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def get_apis():
|
|
|
|
|
|
callback_api = None
|
|
|
|
|
|
inbound_api = None
|
2018-07-20 08:42:01 +01:00
|
|
|
|
if current_service.service_callback_api:
|
2017-12-04 15:07:11 +00:00
|
|
|
|
callback_api = service_api_client.get_service_callback_api(
|
2018-07-20 08:42:01 +01:00
|
|
|
|
current_service.id,
|
2018-10-27 13:09:03 +01:00
|
|
|
|
current_service.service_callback_api[0]
|
2017-12-04 15:07:11 +00:00
|
|
|
|
)
|
2018-07-20 08:42:01 +01:00
|
|
|
|
if current_service.inbound_api:
|
2017-12-04 15:07:11 +00:00
|
|
|
|
inbound_api = service_api_client.get_service_inbound_api(
|
2018-07-20 08:42:01 +01:00
|
|
|
|
current_service.id,
|
2018-10-27 13:09:03 +01:00
|
|
|
|
current_service.inbound_api[0]
|
2017-12-04 15:07:11 +00:00
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
return (callback_api, inbound_api)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def check_token_against_dummy_bearer(token):
|
|
|
|
|
|
if token != dummy_bearer_token:
|
|
|
|
|
|
return token
|
|
|
|
|
|
else:
|
|
|
|
|
|
return ''
|
|
|
|
|
|
|
|
|
|
|
|
|
2019-11-04 11:07:55 +00:00
|
|
|
|
@main.route("/services/<uuid:service_id>/api/callbacks", methods=['GET'])
|
2019-06-27 12:20:58 +01:00
|
|
|
|
@user_has_permissions('manage_api_keys')
|
2017-12-04 15:07:11 +00:00
|
|
|
|
def api_callbacks(service_id):
|
2018-07-20 08:42:01 +01:00
|
|
|
|
if not current_service.has_permission('inbound_sms'):
|
2017-12-08 10:52:38 +00:00
|
|
|
|
return redirect(url_for('.delivery_status_callback', service_id=service_id))
|
|
|
|
|
|
|
2017-12-13 11:42:41 +00:00
|
|
|
|
delivery_status_callback, received_text_messages_callback = get_apis()
|
2017-12-08 10:52:38 +00:00
|
|
|
|
|
|
|
|
|
|
return render_template(
|
|
|
|
|
|
'views/api/callbacks.html',
|
2017-12-11 12:03:23 +00:00
|
|
|
|
received_text_messages_callback=received_text_messages_callback['url']
|
|
|
|
|
|
if received_text_messages_callback else None,
|
2017-12-11 11:40:07 +00:00
|
|
|
|
delivery_status_callback=delivery_status_callback['url'] if delivery_status_callback else None
|
2017-12-08 10:52:38 +00:00
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def get_delivery_status_callback_details():
|
2018-07-20 08:42:01 +01:00
|
|
|
|
if current_service.service_callback_api:
|
2017-12-08 10:52:38 +00:00
|
|
|
|
return service_api_client.get_service_callback_api(
|
2018-07-20 08:42:01 +01:00
|
|
|
|
current_service.id,
|
|
|
|
|
|
current_service.service_callback_api[0]
|
2017-12-08 10:52:38 +00:00
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
|
2019-11-04 11:07:55 +00:00
|
|
|
|
@main.route("/services/<uuid:service_id>/api/callbacks/delivery-status-callback", methods=['GET', 'POST'])
|
2019-06-27 12:20:58 +01:00
|
|
|
|
@user_has_permissions('manage_api_keys')
|
2017-12-08 10:52:38 +00:00
|
|
|
|
def delivery_status_callback(service_id):
|
|
|
|
|
|
delivery_status_callback = get_delivery_status_callback_details()
|
|
|
|
|
|
back_link = (
|
2018-07-20 08:43:02 +01:00
|
|
|
|
'.api_callbacks' if current_service.has_permission('inbound_sms')
|
2017-12-08 10:52:38 +00:00
|
|
|
|
else '.api_integration'
|
|
|
|
|
|
)
|
|
|
|
|
|
|
2020-08-03 15:10:02 +01:00
|
|
|
|
form = CallbackForm(
|
2017-12-08 10:52:38 +00:00
|
|
|
|
url=delivery_status_callback.get('url') if delivery_status_callback else '',
|
|
|
|
|
|
bearer_token=dummy_bearer_token if delivery_status_callback else ''
|
2017-12-04 15:07:11 +00:00
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
if form.validate_on_submit():
|
2018-04-26 17:23:44 +01:00
|
|
|
|
if delivery_status_callback and form.url.data:
|
|
|
|
|
|
if (
|
|
|
|
|
|
delivery_status_callback.get('url') != form.url.data or
|
|
|
|
|
|
form.bearer_token.data != dummy_bearer_token
|
|
|
|
|
|
):
|
2017-12-04 15:07:11 +00:00
|
|
|
|
service_api_client.update_service_callback_api(
|
|
|
|
|
|
service_id,
|
2017-12-08 10:52:38 +00:00
|
|
|
|
url=form.url.data,
|
|
|
|
|
|
bearer_token=check_token_against_dummy_bearer(form.bearer_token.data),
|
2017-12-04 15:07:11 +00:00
|
|
|
|
user_id=current_user.id,
|
2017-12-08 10:52:38 +00:00
|
|
|
|
callback_api_id=delivery_status_callback.get('id')
|
2017-12-04 15:07:11 +00:00
|
|
|
|
)
|
2018-04-26 17:23:44 +01:00
|
|
|
|
elif delivery_status_callback and not form.url.data:
|
|
|
|
|
|
service_api_client.delete_service_callback_api(
|
|
|
|
|
|
service_id,
|
|
|
|
|
|
delivery_status_callback['id'],
|
|
|
|
|
|
)
|
|
|
|
|
|
elif form.url.data:
|
2017-12-04 15:07:11 +00:00
|
|
|
|
service_api_client.create_service_callback_api(
|
|
|
|
|
|
service_id,
|
2017-12-08 10:52:38 +00:00
|
|
|
|
url=form.url.data,
|
|
|
|
|
|
bearer_token=form.bearer_token.data,
|
2017-12-04 15:07:11 +00:00
|
|
|
|
user_id=current_user.id
|
|
|
|
|
|
)
|
2018-06-18 12:52:12 +01:00
|
|
|
|
else:
|
|
|
|
|
|
# If no callback is set up and the user chooses to continue
|
|
|
|
|
|
# having no callback (ie both fields empty) then there’s
|
|
|
|
|
|
# nothing for us to do here
|
|
|
|
|
|
pass
|
|
|
|
|
|
|
2017-12-08 10:52:38 +00:00
|
|
|
|
return redirect(url_for(back_link, service_id=service_id))
|
|
|
|
|
|
|
|
|
|
|
|
return render_template(
|
|
|
|
|
|
'views/api/callbacks/delivery-status-callback.html',
|
|
|
|
|
|
back_link=back_link,
|
|
|
|
|
|
form=form,
|
|
|
|
|
|
)
|
|
|
|
|
|
|
2017-12-04 15:07:11 +00:00
|
|
|
|
|
2017-12-08 10:52:38 +00:00
|
|
|
|
def get_received_text_messages_callback():
|
2018-07-20 08:42:01 +01:00
|
|
|
|
if current_service.inbound_api:
|
2017-12-08 10:52:38 +00:00
|
|
|
|
return service_api_client.get_service_inbound_api(
|
2018-07-20 08:42:01 +01:00
|
|
|
|
current_service.id,
|
2018-10-27 13:09:03 +01:00
|
|
|
|
current_service.inbound_api[0]
|
2017-12-08 10:52:38 +00:00
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
|
2019-11-04 11:07:55 +00:00
|
|
|
|
@main.route("/services/<uuid:service_id>/api/callbacks/received-text-messages-callback", methods=['GET', 'POST'])
|
2019-06-27 12:20:58 +01:00
|
|
|
|
@user_has_permissions('manage_api_keys')
|
2017-12-08 10:52:38 +00:00
|
|
|
|
def received_text_messages_callback(service_id):
|
2018-07-20 08:42:01 +01:00
|
|
|
|
if not current_service.has_permission('inbound_sms'):
|
2017-12-04 15:07:11 +00:00
|
|
|
|
return redirect(url_for('.api_integration', service_id=service_id))
|
|
|
|
|
|
|
2017-12-08 10:52:38 +00:00
|
|
|
|
received_text_messages_callback = get_received_text_messages_callback()
|
2020-08-03 15:10:02 +01:00
|
|
|
|
form = CallbackForm(
|
2017-12-08 10:52:38 +00:00
|
|
|
|
url=received_text_messages_callback.get('url') if received_text_messages_callback else '',
|
|
|
|
|
|
bearer_token=dummy_bearer_token if received_text_messages_callback else ''
|
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
if form.validate_on_submit():
|
2018-04-26 17:23:44 +01:00
|
|
|
|
if received_text_messages_callback and form.url.data:
|
|
|
|
|
|
if (
|
|
|
|
|
|
received_text_messages_callback.get('url') != form.url.data or
|
|
|
|
|
|
form.bearer_token.data != dummy_bearer_token
|
|
|
|
|
|
):
|
2017-12-08 10:52:38 +00:00
|
|
|
|
service_api_client.update_service_inbound_api(
|
|
|
|
|
|
service_id,
|
|
|
|
|
|
url=form.url.data,
|
|
|
|
|
|
bearer_token=check_token_against_dummy_bearer(form.bearer_token.data),
|
|
|
|
|
|
user_id=current_user.id,
|
|
|
|
|
|
inbound_api_id=received_text_messages_callback.get('id')
|
|
|
|
|
|
)
|
2018-04-26 17:23:44 +01:00
|
|
|
|
elif received_text_messages_callback and not form.url.data:
|
|
|
|
|
|
service_api_client.delete_service_inbound_api(
|
|
|
|
|
|
service_id,
|
|
|
|
|
|
received_text_messages_callback['id'],
|
|
|
|
|
|
)
|
|
|
|
|
|
elif form.url.data:
|
2017-12-08 10:52:38 +00:00
|
|
|
|
service_api_client.create_service_inbound_api(
|
|
|
|
|
|
service_id,
|
|
|
|
|
|
url=form.url.data,
|
|
|
|
|
|
bearer_token=form.bearer_token.data,
|
|
|
|
|
|
user_id=current_user.id
|
|
|
|
|
|
)
|
|
|
|
|
|
return redirect(url_for('.api_callbacks', service_id=service_id))
|
2017-12-04 15:07:11 +00:00
|
|
|
|
return render_template(
|
2017-12-08 10:52:38 +00:00
|
|
|
|
'views/api/callbacks/received-text-messages-callback.html',
|
2017-12-04 15:07:11 +00:00
|
|
|
|
form=form,
|
|
|
|
|
|
)
|
