darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2025-12-17 10:42:25 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
01993d98fe61a7dc796acefb25ce8f8edea5099a
notifications-api/tests/app/service_invite/test_service_invite_rest.py

410 lines
14 KiB
Python
Raw Normal View History

[WIP] added endpoint and dao to create invites for users. Droped token as later code to send email invite can generate timebased url to send to user. That can then be checked against configurable time threshold for expiry. Therefore no need to store a token.
2016-02-24 14:01:19 +00:00
import json
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
import uuid
black, isort, flake8 Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-08 21:43:52 -05:00
from functools import partial
Run auto-correct on app/ and tests/
2021-03-10 13:55:06 +00:00
Allow admin to domain to use for invite links When we’re doing user research we often: - start the task by inviting the participant to a service on Notify - have them use a prototype version of the admin app, hosted on a different domain Currently we can’t do both of these things together, because the invite emails always send people to `notifications.service.gov.uk` (because it’s the API that sends the emails, and the prototype admin app points at the production API). This commit changes the API to optionally allow an instance of the admin app to specify which domain should be used when generating invite links.
2017-12-20 14:38:49 +00:00
import pytest
Send broadcast invite email for broadcast service invites This means the copy is more accurate and mentions sending emergency alerts rather than previous copy about sending emails texts and letters.
2020-09-15 16:45:24 +01:00
from flask import current_app
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
from freezegun import freeze_time
more
2024-11-15 12:30:58 -08:00
from sqlalchemy import select
[WIP] added endpoint and dao to create invites for users. Droped token as later code to send email invite can generate timebased url to send to user. That can then be checked against configurable time threshold for expiry. Therefore no need to store a token.
2016-02-24 14:01:19 +00:00
more
2024-11-15 12:30:58 -08:00
from app import db
Lots more cleanup. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2024-02-21 13:47:04 -05:00
from app.enums import AuthType, InvitedUserStatus
Cleaning up tests. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2024-01-16 15:12:57 -05:00
from app.models import Notification
Localize notification_utils to the API This changeset pulls in all of the notification_utils code directly into the API and removes it as an external dependency. We are doing this to cut down on operational maintenance of the project and will begin removing parts of it no longer needed for the API. Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
2024-05-16 10:17:45 -04:00
from notifications_utils.url_safe_token import generate_token
Split generating authorization headers by type In response to [1]. [1]: https://github.com/alphagov/notifications-api/pull/3300#discussion_r681653248
2021-08-04 15:12:09 +01:00
from tests import create_admin_authorization_header
Stop calling fixures as functions in the tests
2019-10-31 15:02:30 +00:00
from tests.app.db import create_invited_user
Refactor create_invited_user to persist and send message to the notify queue. The reason for doing this is to ensure the tasks performed for the Notify users are not queued behind a large job, a way to ensure priority for messages. 6th task for story: https://www.pivotaltracker.com/story/show/135839709
2016-12-20 15:59:31 +00:00
reformat
2023-08-29 14:54:30 -07:00
@pytest.mark.parametrize(
"extra_args, expected_start_of_invite_url",
[
({}, "http://localhost:6012/invitation/"),
(
{"invite_link_host": "https://www.example.com"},
"https://www.example.com/invitation/",
),
],
)
Allow admin to domain to use for invite links When we’re doing user research we often: - start the task by inviting the participant to a service on Notify - have them use a prototype version of the admin app, hosted on a different domain Currently we can’t do both of these things together, because the invite emails always send people to `notifications.service.gov.uk` (because it’s the API that sends the emails, and the prototype admin app points at the production API). This commit changes the API to optionally allow an instance of the admin app to specify which domain should be used when generating invite links.
2017-12-20 14:38:49 +00:00
def test_create_invited_user(
admin_request,
sample_service,
mocker,
invitation_email_template,
extra_args,
expected_start_of_invite_url,
):
fix tests
2024-06-20 13:30:43 -07:00
mocker.patch("app.service_invite.rest.redis_store.set")
mocker.patch("app.service_invite.rest.redis_store.get")
use raw_set and raw_get, fix tests
2024-04-19 10:33:26 -07:00
reformat
2023-08-29 14:54:30 -07:00
mocked = mocker.patch("app.celery.provider_tasks.deliver_email.apply_async")
email_address = "invited_user@service.gov.uk"
Refactor create_invited_user to persist and send message to the notify queue. The reason for doing this is to ensure the tasks performed for the Notify users are not queued behind a large job, a way to ensure priority for messages. 6th task for story: https://www.pivotaltracker.com/story/show/135839709
2016-12-20 15:59:31 +00:00
invite_from = sample_service.users[0]
Allow admin to domain to use for invite links When we’re doing user research we often: - start the task by inviting the participant to a service on Notify - have them use a prototype version of the admin app, hosted on a different domain Currently we can’t do both of these things together, because the invite emails always send people to `notifications.service.gov.uk` (because it’s the API that sends the emails, and the prototype admin app points at the production API). This commit changes the API to optionally allow an instance of the admin app to specify which domain should be used when generating invite links.
2017-12-20 14:38:49 +00:00
data = dict(
service=str(sample_service.id),
email_address=email_address,
from_user=str(invite_from.id),
reformat
2023-08-29 14:54:30 -07:00
permissions="send_messages,manage_service,manage_api_keys",
Cleaning up tests. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2024-01-16 15:12:57 -05:00
auth_type=AuthType.EMAIL,
reformat
2023-08-29 14:54:30 -07:00
folder_permissions=["folder_1", "folder_2", "folder_3"],
Fixed tests Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2024-10-21 16:37:31 -04:00
nonce="FakeNonce",
Fixing tests, and resend invites endpoint. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2024-11-01 12:12:30 -04:00
state="FakeState",
Working on getting tests working. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-11-10 16:14:03 -05:00
**extra_args,
Allow admin to domain to use for invite links When we’re doing user research we often: - start the task by inviting the participant to a service on Notify - have them use a prototype version of the admin app, hosted on a different domain Currently we can’t do both of these things together, because the invite emails always send people to `notifications.service.gov.uk` (because it’s the API that sends the emails, and the prototype admin app points at the production API). This commit changes the API to optionally allow an instance of the admin app to specify which domain should be used when generating invite links.
2017-12-20 14:38:49 +00:00
)
Refactor create_invited_user to persist and send message to the notify queue. The reason for doing this is to ensure the tasks performed for the Notify users are not queued behind a large job, a way to ensure priority for messages. 6th task for story: https://www.pivotaltracker.com/story/show/135839709
2016-12-20 15:59:31 +00:00
add auth_type to schemas to enable updating in endpoints
2017-10-30 11:53:55 +00:00
json_resp = admin_request.post(
reformat
2023-08-29 14:54:30 -07:00
"service_invite.create_invited_user",
add auth_type to schemas to enable updating in endpoints
2017-10-30 11:53:55 +00:00
service_id=sample_service.id,
_data=data,
reformat
2023-08-29 14:54:30 -07:00
_expected_status=201,
Refactor create_invited_user to persist and send message to the notify queue. The reason for doing this is to ensure the tasks performed for the Notify users are not queued behind a large job, a way to ensure priority for messages. 6th task for story: https://www.pivotaltracker.com/story/show/135839709
2016-12-20 15:59:31 +00:00
)
reformat
2023-08-29 14:54:30 -07:00
assert json_resp["data"]["service"] == str(sample_service.id)
assert json_resp["data"]["email_address"] == email_address
assert json_resp["data"]["from_user"] == str(invite_from.id)
assert (
json_resp["data"]["permissions"]
== "send_messages,manage_service,manage_api_keys"
)
Cleaning up tests. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2024-01-16 15:12:57 -05:00
assert json_resp["data"]["auth_type"] == AuthType.EMAIL
reformat
2023-08-29 14:54:30 -07:00
assert json_resp["data"]["id"]
assert json_resp["data"]["folder_permissions"] == [
"folder_1",
"folder_2",
"folder_3",
]
Refactor create_invited_user to persist and send message to the notify queue. The reason for doing this is to ensure the tasks performed for the Notify users are not queued behind a large job, a way to ensure priority for messages. 6th task for story: https://www.pivotaltracker.com/story/show/135839709
2016-12-20 15:59:31 +00:00
more
2024-11-15 12:30:58 -08:00
notification = db.session.execute(select(Notification)).scalars().first()
Allow admin to domain to use for invite links When we’re doing user research we often: - start the task by inviting the participant to a service on Notify - have them use a prototype version of the admin app, hosted on a different domain Currently we can’t do both of these things together, because the invite emails always send people to `notifications.service.gov.uk` (because it’s the API that sends the emails, and the prototype admin app points at the production API). This commit changes the API to optionally allow an instance of the admin app to specify which domain should be used when generating invite links.
2017-12-20 14:38:49 +00:00
Change reply to address for invitation emails to be invitation sender If someone receives an invitation email for Notify the reply-to address of the email was the GOV.UK Notify email address. This has been changed to be the email address of the user who sent the invite. Pivotal story: https://www.pivotaltracker.com/story/show/153094646
2017-12-18 11:39:21 +00:00
assert notification.reply_to_text == invite_from.email_address
Allow admin to domain to use for invite links When we’re doing user research we often: - start the task by inviting the participant to a service on Notify - have them use a prototype version of the admin app, hosted on a different domain Currently we can’t do both of these things together, because the invite emails always send people to `notifications.service.gov.uk` (because it’s the API that sends the emails, and the prototype admin app points at the production API). This commit changes the API to optionally allow an instance of the admin app to specify which domain should be used when generating invite links.
2017-12-20 14:38:49 +00:00
fix tests
2024-01-22 10:55:09 -08:00
# As part of notify-api-749 we are removing personalisation from the db
# The personalisation should have been sent in the notification (see the service_invite code)
# it is just not stored in the db.
# assert len(notification.personalisation.keys()) == 3
# assert notification.personalisation["service_name"] == "Sample service"
# assert notification.personalisation["user_name"] == "Test User"
# assert notification.personalisation["url"].startswith(expected_start_of_invite_url)
# assert len(notification.personalisation["url"]) > len(expected_start_of_invite_url)
reformat
2023-08-29 14:54:30 -07:00
assert (
str(notification.template_id)
== current_app.config["INVITATION_EMAIL_TEMPLATE_ID"]
)
Send broadcast invite email for broadcast service invites This means the copy is more accurate and mentions sending emergency alerts rather than previous copy about sending emails texts and letters.
2020-09-15 16:45:24 +01:00
reformat
2023-08-29 14:54:30 -07:00
mocked.assert_called_once_with(
cleanup
2025-04-15 11:36:09 -07:00
[str(notification.id)], queue="notify-internal-tasks", countdown=60
reformat
2023-08-29 14:54:30 -07:00
)
Send broadcast invite email for broadcast service invites This means the copy is more accurate and mentions sending emergency alerts rather than previous copy about sending emails texts and letters.
2020-09-15 16:45:24 +01:00
reformat
2023-08-29 14:54:30 -07:00
def test_create_invited_user_without_auth_type(
admin_request, sample_service, mocker, invitation_email_template
):
use raw_set and raw_get, fix tests
2024-04-19 10:33:26 -07:00
fix raw_set and raw_get
2024-06-20 11:55:01 -07:00
mocker.patch("app.service_invite.rest.redis_store.set")
mocker.patch("app.service_invite.rest.redis_store.get")
reformat
2023-08-29 14:54:30 -07:00
mocker.patch("app.celery.provider_tasks.deliver_email.apply_async")
email_address = "invited_user@service.gov.uk"
add auth_type to schemas to enable updating in endpoints
2017-10-30 11:53:55 +00:00
invite_from = sample_service.users[0]
data = {
reformat
2023-08-29 14:54:30 -07:00
"service": str(sample_service.id),
"email_address": email_address,
"from_user": str(invite_from.id),
"permissions": "send_messages,manage_service,manage_api_keys",
"folder_permissions": [],
Fixed tests Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2024-10-21 16:37:31 -04:00
"nonce": "FakeNonce",
Fixing tests, and resend invites endpoint. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2024-11-01 12:12:30 -04:00
"state": "FakeState",
add auth_type to schemas to enable updating in endpoints
2017-10-30 11:53:55 +00:00
}
json_resp = admin_request.post(
reformat
2023-08-29 14:54:30 -07:00
"service_invite.create_invited_user",
add auth_type to schemas to enable updating in endpoints
2017-10-30 11:53:55 +00:00
service_id=sample_service.id,
_data=data,
reformat
2023-08-29 14:54:30 -07:00
_expected_status=201,
add auth_type to schemas to enable updating in endpoints
2017-10-30 11:53:55 +00:00
)
Cleaning up tests. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2024-01-16 15:12:57 -05:00
assert json_resp["data"]["auth_type"] == AuthType.SMS
add auth_type to schemas to enable updating in endpoints
2017-10-30 11:53:55 +00:00
Update invited user tests to take folder_permissions into account
2019-03-11 14:33:51 +00:00
def test_create_invited_user_invalid_email(client, sample_service, mocker, fake_uuid):
reformat
2023-08-29 14:54:30 -07:00
mocked = mocker.patch("app.celery.provider_tasks.deliver_email.apply_async")
email_address = "notanemail"
Refactor create_invited_user to persist and send message to the notify queue. The reason for doing this is to ensure the tasks performed for the Notify users are not queued behind a large job, a way to ensure priority for messages. 6th task for story: https://www.pivotaltracker.com/story/show/135839709
2016-12-20 15:59:31 +00:00
invite_from = sample_service.users[0]
data = {
reformat
2023-08-29 14:54:30 -07:00
"service": str(sample_service.id),
"email_address": email_address,
"from_user": str(invite_from.id),
"permissions": "send_messages,manage_service,manage_api_keys",
"folder_permissions": [fake_uuid, fake_uuid],
Fixed tests Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2024-10-21 16:37:31 -04:00
"nonce": "FakeNonce",
Fixing tests, and resend invites endpoint. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2024-11-01 12:12:30 -04:00
"state": "FakeState",
Refactor create_invited_user to persist and send message to the notify queue. The reason for doing this is to ensure the tasks performed for the Notify users are not queued behind a large job, a way to ensure priority for messages. 6th task for story: https://www.pivotaltracker.com/story/show/135839709
2016-12-20 15:59:31 +00:00
}
data = json.dumps(data)
Split generating authorization headers by type In response to [1]. [1]: https://github.com/alphagov/notifications-api/pull/3300#discussion_r681653248
2021-08-04 15:12:09 +01:00
auth_header = create_admin_authorization_header()
Refactor create_invited_user to persist and send message to the notify queue. The reason for doing this is to ensure the tasks performed for the Notify users are not queued behind a large job, a way to ensure priority for messages. 6th task for story: https://www.pivotaltracker.com/story/show/135839709
2016-12-20 15:59:31 +00:00
response = client.post(
Working on getting tests working. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-11-10 16:14:03 -05:00
f"/service/{sample_service.id}/invite",
reformat
2023-08-29 14:54:30 -07:00
headers=[("Content-Type", "application/json"), auth_header],
data=data,
Refactor create_invited_user to persist and send message to the notify queue. The reason for doing this is to ensure the tasks performed for the Notify users are not queued behind a large job, a way to ensure priority for messages. 6th task for story: https://www.pivotaltracker.com/story/show/135839709
2016-12-20 15:59:31 +00:00
)
assert response.status_code == 400
json_resp = json.loads(response.get_data(as_text=True))
reformat
2023-08-29 14:54:30 -07:00
assert json_resp["result"] == "error"
assert json_resp["message"] == {"email_address": ["Not a valid email address"]}
Refactor create_invited_user to persist and send message to the notify queue. The reason for doing this is to ensure the tasks performed for the Notify users are not queued behind a large job, a way to ensure priority for messages. 6th task for story: https://www.pivotaltracker.com/story/show/135839709
2016-12-20 15:59:31 +00:00
assert mocked.call_count == 0
remove usage of notify_db fixture in unit tests * notify_db fixture creates the database connection and ensures the test db exists and has migrations applied etc. It will run once per session (test run). * notify_db_session fixture runs after your test finishes and deletes all non static (eg type table) data. In unit tests that hit the database (ie: most of them), 99% of the time we will need to use notify_db_session to ensure everything is reset. The only time we don't need to use it is when we're querying things such as "ensure get X works when database is empty". This is such a low percentage of tests that it's easier for us to just use notify_db_session every time, and ensure that all our tests run much more consistently, at the cost of a small bit of performance when running tests. We used to use notify_db to access the session object for manually adding, committing, etc. To dissuade usage of that fixture I've moved that to the `notify_db_session`. I've then removed all uses of notify_db that I could find in the codebase. As a note, if you're writing a test that uses a `sample_x` fixture, all of those fixtures rely on notify_db_session so you'll get the teardown functionality for free. If you're just calling eg `create_x` db.py functions, then you'll need to make you add notify_db_session fixture to your test, even if you aren't manually accessing the session.
2022-05-03 17:00:51 +01:00
def test_get_all_invited_users_by_service(client, notify_db_session, sample_service):
[WIP] added dao and rest endpoint for retrieving invited users by service and by id.
2016-02-25 11:22:36 +00:00
invites = []
for i in range(0, 5):
Working on api test. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-07 16:26:25 -05:00
email = f"invited_user_{i}@service.gov.uk"
Stop calling fixures as functions in the tests
2019-10-31 15:02:30 +00:00
invited_user = create_invited_user(sample_service, to_email_address=email)
[WIP] added dao and rest endpoint for retrieving invited users by service and by id.
2016-02-25 11:22:36 +00:00
invites.append(invited_user)
Working on getting tests working. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-11-10 16:14:03 -05:00
url = f"/service/{sample_service.id}/invite"
[WIP] added dao and rest endpoint for retrieving invited users by service and by id.
2016-02-25 11:22:36 +00:00
Split generating authorization headers by type In response to [1]. [1]: https://github.com/alphagov/notifications-api/pull/3300#discussion_r681653248
2021-08-04 15:12:09 +01:00
auth_header = create_admin_authorization_header()
[WIP] added dao and rest endpoint for retrieving invited users by service and by id.
2016-02-25 11:22:36 +00:00
Refactor create_invited_user to persist and send message to the notify queue. The reason for doing this is to ensure the tasks performed for the Notify users are not queued behind a large job, a way to ensure priority for messages. 6th task for story: https://www.pivotaltracker.com/story/show/135839709
2016-12-20 15:59:31 +00:00
response = client.get(
reformat
2023-08-29 14:54:30 -07:00
url, headers=[("Content-Type", "application/json"), auth_header]
Refactor create_invited_user to persist and send message to the notify queue. The reason for doing this is to ensure the tasks performed for the Notify users are not queued behind a large job, a way to ensure priority for messages. 6th task for story: https://www.pivotaltracker.com/story/show/135839709
2016-12-20 15:59:31 +00:00
)
assert response.status_code == 200
json_resp = json.loads(response.get_data(as_text=True))
[WIP] added dao and rest endpoint for retrieving invited users by service and by id.
2016-02-25 11:22:36 +00:00
Refactor create_invited_user to persist and send message to the notify queue. The reason for doing this is to ensure the tasks performed for the Notify users are not queued behind a large job, a way to ensure priority for messages. 6th task for story: https://www.pivotaltracker.com/story/show/135839709
2016-12-20 15:59:31 +00:00
invite_from = sample_service.users[0]
[WIP] added dao and rest endpoint for retrieving invited users by service and by id.
2016-02-25 11:22:36 +00:00
reformat
2023-08-29 14:54:30 -07:00
for invite in json_resp["data"]:
assert invite["service"] == str(sample_service.id)
assert invite["from_user"] == str(invite_from.id)
Cleaning up tests. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2024-01-16 15:12:57 -05:00
assert invite["auth_type"] == AuthType.SMS
reformat
2023-08-29 14:54:30 -07:00
assert invite["id"]
[WIP] added dao and rest endpoint for retrieving invited users by service and by id.
2016-02-25 11:22:36 +00:00
reformat
2023-08-29 14:54:30 -07:00
def test_get_invited_users_by_service_with_no_invites(
client, notify_db_session, sample_service
):
Working on getting tests working. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-11-10 16:14:03 -05:00
url = f"/service/{sample_service.id}/invite"
[WIP] added dao and rest endpoint for retrieving invited users by service and by id.
2016-02-25 11:22:36 +00:00
Split generating authorization headers by type In response to [1]. [1]: https://github.com/alphagov/notifications-api/pull/3300#discussion_r681653248
2021-08-04 15:12:09 +01:00
auth_header = create_admin_authorization_header()
[WIP] added dao and rest endpoint for retrieving invited users by service and by id.
2016-02-25 11:22:36 +00:00
Refactor create_invited_user to persist and send message to the notify queue. The reason for doing this is to ensure the tasks performed for the Notify users are not queued behind a large job, a way to ensure priority for messages. 6th task for story: https://www.pivotaltracker.com/story/show/135839709
2016-12-20 15:59:31 +00:00
response = client.get(
reformat
2023-08-29 14:54:30 -07:00
url, headers=[("Content-Type", "application/json"), auth_header]
Refactor create_invited_user to persist and send message to the notify queue. The reason for doing this is to ensure the tasks performed for the Notify users are not queued behind a large job, a way to ensure priority for messages. 6th task for story: https://www.pivotaltracker.com/story/show/135839709
2016-12-20 15:59:31 +00:00
)
assert response.status_code == 200
json_resp = json.loads(response.get_data(as_text=True))
reformat
2023-08-29 14:54:30 -07:00
assert len(json_resp["data"]) == 0
[WIP] added dao and rest endpoint for retrieving invited users by service and by id.
2016-02-25 11:22:36 +00:00
Add endpoints to get invited users We want to display flash messages in admin when invites have been cancelled. This message needs to display the user's email address, so this commit adds endpoints to GET a single invited service user and org user so that we can look up the email address of a cancelled user.
2020-08-17 11:59:55 +01:00
def test_get_invited_user_by_service(admin_request, sample_invited_user):
json_resp = admin_request.get(
reformat
2023-08-29 14:54:30 -07:00
"service_invite.get_invited_user_by_service",
Add endpoints to get invited users We want to display flash messages in admin when invites have been cancelled. This message needs to display the user's email address, so this commit adds endpoints to GET a single invited service user and org user so that we can look up the email address of a cancelled user.
2020-08-17 11:59:55 +01:00
service_id=sample_invited_user.service.id,
reformat
2023-08-29 14:54:30 -07:00
invited_user_id=sample_invited_user.id,
Add endpoints to get invited users We want to display flash messages in admin when invites have been cancelled. This message needs to display the user's email address, so this commit adds endpoints to GET a single invited service user and org user so that we can look up the email address of a cancelled user.
2020-08-17 11:59:55 +01:00
)
reformat
2023-08-29 14:54:30 -07:00
assert json_resp["data"]["email_address"] == sample_invited_user.email_address
Add endpoints to get invited users We want to display flash messages in admin when invites have been cancelled. This message needs to display the user's email address, so this commit adds endpoints to GET a single invited service user and org user so that we can look up the email address of a cancelled user.
2020-08-17 11:59:55 +01:00
def test_get_invited_user_by_service_when_user_does_not_belong_to_the_service(
admin_request,
sample_invited_user,
fake_uuid,
):
json_resp = admin_request.get(
reformat
2023-08-29 14:54:30 -07:00
"service_invite.get_invited_user_by_service",
Add endpoints to get invited users We want to display flash messages in admin when invites have been cancelled. This message needs to display the user's email address, so this commit adds endpoints to GET a single invited service user and org user so that we can look up the email address of a cancelled user.
2020-08-17 11:59:55 +01:00
service_id=fake_uuid,
invited_user_id=sample_invited_user.id,
reformat
2023-08-29 14:54:30 -07:00
_expected_status=404,
Add endpoints to get invited users We want to display flash messages in admin when invites have been cancelled. This message needs to display the user's email address, so this commit adds endpoints to GET a single invited service user and org user so that we can look up the email address of a cancelled user.
2020-08-17 11:59:55 +01:00
)
reformat
2023-08-29 14:54:30 -07:00
assert json_resp["result"] == "error"
Add endpoints to get invited users We want to display flash messages in admin when invites have been cancelled. This message needs to display the user's email address, so this commit adds endpoints to GET a single invited service user and org user so that we can look up the email address of a cancelled user.
2020-08-17 11:59:55 +01:00
Did stuff, fixed things. This seems to work now. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-15 13:14:53 -05:00
def test_resend_expired_invite(
client,
sample_expired_user,
invitation_email_template,
mocker,
):
use raw_set and raw_get, fix tests
2024-04-19 10:33:26 -07:00
fix raw_set and raw_get
2024-06-20 11:55:01 -07:00
mocker.patch("app.service_invite.rest.redis_store.set")
mocker.patch("app.service_invite.rest.redis_store.get")
Working on tests. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-13 10:14:14 -05:00
url = f"/service/{sample_expired_user.service_id}/invite/{sample_expired_user.id}/resend"
Working on tests. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-08 13:15:40 -05:00
mock_send = mocker.patch("app.service_invite.rest.send_notification_to_queue")
mock_persist = mocker.patch("app.service_invite.rest.persist_notification")
from app.notifications.process_notifications import persist_notification
black, isort, flake8 Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-08 21:43:52 -05:00
Working on tests. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-08 13:15:40 -05:00
mock_persist.side_effect = partial(persist_notification, simulated=True)
Working on api test. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-07 16:26:25 -05:00
auth_header = create_admin_authorization_header()
response = client.post(
url,
headers=[("Content-Type", "application/json"), auth_header],
Fixing tests, and resend invites endpoint. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2024-11-01 12:12:30 -04:00
data='{"nonce": "FakeNonce", "state": "FakeState"}',
Working on api test. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-07 16:26:25 -05:00
)
assert response.status_code == 200
json_resp = json.loads(response.get_data(as_text=True))["data"]
Lots more cleanup. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2024-02-21 13:47:04 -05:00
assert json_resp["status"] == InvitedUserStatus.PENDING
Maybe tests are working now. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-08 21:41:56 -05:00
assert mock_send.called
Working on api test. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-07 16:26:25 -05:00
Refactor create_invited_user to persist and send message to the notify queue. The reason for doing this is to ensure the tasks performed for the Notify users are not queued behind a large job, a way to ensure priority for messages. 6th task for story: https://www.pivotaltracker.com/story/show/135839709
2016-12-20 15:59:31 +00:00
def test_update_invited_user_set_status_to_cancelled(client, sample_invited_user):
String cleanup complete. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2024-02-21 14:50:36 -05:00
data = {"status": InvitedUserStatus.CANCELLED}
Working on api test. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-07 16:26:25 -05:00
url = f"/service/{sample_invited_user.service_id}/invite/{sample_invited_user.id}"
Split generating authorization headers by type In response to [1]. [1]: https://github.com/alphagov/notifications-api/pull/3300#discussion_r681653248
2021-08-04 15:12:09 +01:00
auth_header = create_admin_authorization_header()
reformat
2023-08-29 14:54:30 -07:00
response = client.post(
url,
data=json.dumps(data),
headers=[("Content-Type", "application/json"), auth_header],
)
New endpoint to update invited user. Can be used to update status on invited user.
2016-03-01 13:33:20 +00:00
Refactor create_invited_user to persist and send message to the notify queue. The reason for doing this is to ensure the tasks performed for the Notify users are not queued behind a large job, a way to ensure priority for messages. 6th task for story: https://www.pivotaltracker.com/story/show/135839709
2016-12-20 15:59:31 +00:00
assert response.status_code == 200
reformat
2023-08-29 14:54:30 -07:00
json_resp = json.loads(response.get_data(as_text=True))["data"]
Lots more cleanup. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2024-02-21 13:47:04 -05:00
assert json_resp["status"] == InvitedUserStatus.CANCELLED
New endpoint to update invited user. Can be used to update status on invited user.
2016-03-01 13:33:20 +00:00
reformat
2023-08-29 14:54:30 -07:00
def test_update_invited_user_for_wrong_service_returns_404(
client, sample_invited_user, fake_uuid
):
String cleanup complete. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2024-02-21 14:50:36 -05:00
data = {"status": InvitedUserStatus.CANCELLED}
Working on api test. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-07 16:26:25 -05:00
url = f"/service/{fake_uuid}/invite/{sample_invited_user.id}"
Split generating authorization headers by type In response to [1]. [1]: https://github.com/alphagov/notifications-api/pull/3300#discussion_r681653248
2021-08-04 15:12:09 +01:00
auth_header = create_admin_authorization_header()
reformat
2023-08-29 14:54:30 -07:00
response = client.post(
url,
data=json.dumps(data),
headers=[("Content-Type", "application/json"), auth_header],
)
Refactor create_invited_user to persist and send message to the notify queue. The reason for doing this is to ensure the tasks performed for the Notify users are not queued behind a large job, a way to ensure priority for messages. 6th task for story: https://www.pivotaltracker.com/story/show/135839709
2016-12-20 15:59:31 +00:00
assert response.status_code == 404
reformat
2023-08-29 14:54:30 -07:00
json_response = json.loads(response.get_data(as_text=True))["message"]
assert json_response == "No result found"
New endpoint to update invited user. Can be used to update status on invited user.
2016-03-01 13:33:20 +00:00
Refactor create_invited_user to persist and send message to the notify queue. The reason for doing this is to ensure the tasks performed for the Notify users are not queued behind a large job, a way to ensure priority for messages. 6th task for story: https://www.pivotaltracker.com/story/show/135839709
2016-12-20 15:59:31 +00:00
def test_update_invited_user_for_invalid_data_returns_400(client, sample_invited_user):
reformat
2023-08-29 14:54:30 -07:00
data = {"status": "garbage"}
Working on api test. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-07 16:26:25 -05:00
url = f"/service/{sample_invited_user.service_id}/invite/{sample_invited_user.id}"
Split generating authorization headers by type In response to [1]. [1]: https://github.com/alphagov/notifications-api/pull/3300#discussion_r681653248
2021-08-04 15:12:09 +01:00
auth_header = create_admin_authorization_header()
reformat
2023-08-29 14:54:30 -07:00
response = client.post(
url,
data=json.dumps(data),
headers=[("Content-Type", "application/json"), auth_header],
)
Refactor create_invited_user to persist and send message to the notify queue. The reason for doing this is to ensure the tasks performed for the Notify users are not queued behind a large job, a way to ensure priority for messages. 6th task for story: https://www.pivotaltracker.com/story/show/135839709
2016-12-20 15:59:31 +00:00
assert response.status_code == 400
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
reformat
2023-08-29 14:54:30 -07:00
@pytest.mark.parametrize(
"endpoint_format_str",
[
"/invite/service/{}",
"/invite/service/check/{}",
],
)
def test_validate_invitation_token_returns_200_when_token_valid(
client, sample_invited_user, endpoint_format_str
):
token = generate_token(
str(sample_invited_user.id),
current_app.config["SECRET_KEY"],
current_app.config["DANGEROUS_SALT"],
)
add new `invite/<token_type>/check/<token>` endpoint having `/invite/service/<token>` and `/invite/service/<id>` as two separate routes (the first to validate an invite token, the second to retrieve invite metadata) technically works. Routes are matched from first to last until a match is found. The metadata endpoint only accepts UUIDs, so requests with a UUID will be picked up by the correct endpoint, while requests that don't look like a UUID will carry on searching for an endpoint, and will find the token validation endpoint. So while this works correctly for our normal expected input, it only does so _because the UUID endpoint is first in the file_. This isn't great, and it makes it harder to reason about the URLs when looking at them. To solve this, create the new `invite/service/check/<token>` endpoint. For backwards compatibility, assign this in parallel with the existing route - once the admin uses the new route we can remove the old route and make better guarantees about what endpoint is being hit.
2021-03-11 20:47:24 +00:00
url = endpoint_format_str.format(token)
Split generating authorization headers by type In response to [1]. [1]: https://github.com/alphagov/notifications-api/pull/3300#discussion_r681653248
2021-08-04 15:12:09 +01:00
auth_header = create_admin_authorization_header()
reformat
2023-08-29 14:54:30 -07:00
response = client.get(
url, headers=[("Content-Type", "application/json"), auth_header]
)
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
assert response.status_code == 200
json_resp = json.loads(response.get_data(as_text=True))
reformat
2023-08-29 14:54:30 -07:00
assert json_resp["data"]["id"] == str(sample_invited_user.id)
assert json_resp["data"]["email_address"] == sample_invited_user.email_address
assert json_resp["data"]["from_user"] == str(sample_invited_user.user_id)
assert json_resp["data"]["service"] == str(sample_invited_user.service_id)
assert json_resp["data"]["status"] == sample_invited_user.status
assert json_resp["data"]["permissions"] == sample_invited_user.permissions
assert (
json_resp["data"]["folder_permissions"]
== sample_invited_user.folder_permissions
)
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
def test_validate_invitation_token_for_expired_token_returns_400(client):
reformat
2023-08-29 14:54:30 -07:00
with freeze_time("2016-01-01T12:00:00"):
token = generate_token(
str(uuid.uuid4()),
current_app.config["SECRET_KEY"],
current_app.config["DANGEROUS_SALT"],
)
Working on api test. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-07 16:26:25 -05:00
url = f"/invite/service/{token}"
Split generating authorization headers by type In response to [1]. [1]: https://github.com/alphagov/notifications-api/pull/3300#discussion_r681653248
2021-08-04 15:12:09 +01:00
auth_header = create_admin_authorization_header()
reformat
2023-08-29 14:54:30 -07:00
response = client.get(
url, headers=[("Content-Type", "application/json"), auth_header]
)
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
assert response.status_code == 400
json_resp = json.loads(response.get_data(as_text=True))
reformat
2023-08-29 14:54:30 -07:00
assert json_resp["result"] == "error"
assert json_resp["message"] == {
fix invite text
2024-05-15 08:22:04 -07:00
"invitation": "Your invitation to Notify.gov has expired. "
reformat
2023-08-29 14:54:30 -07:00
"Please ask the person that invited you to send you another one"
}
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
def test_validate_invitation_token_returns_400_when_invited_user_does_not_exist(client):
reformat
2023-08-29 14:54:30 -07:00
token = generate_token(
str(uuid.uuid4()),
current_app.config["SECRET_KEY"],
current_app.config["DANGEROUS_SALT"],
)
Working on api test. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-07 16:26:25 -05:00
url = f"/invite/service/{token}"
Split generating authorization headers by type In response to [1]. [1]: https://github.com/alphagov/notifications-api/pull/3300#discussion_r681653248
2021-08-04 15:12:09 +01:00
auth_header = create_admin_authorization_header()
reformat
2023-08-29 14:54:30 -07:00
response = client.get(
url, headers=[("Content-Type", "application/json"), auth_header]
)
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
assert response.status_code == 404
json_resp = json.loads(response.get_data(as_text=True))
reformat
2023-08-29 14:54:30 -07:00
assert json_resp["result"] == "error"
assert json_resp["message"] == "No result found"
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
def test_validate_invitation_token_returns_400_when_token_is_malformed(client):
token = generate_token(
str(uuid.uuid4()),
reformat
2023-08-29 14:54:30 -07:00
current_app.config["SECRET_KEY"],
current_app.config["DANGEROUS_SALT"],
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
)[:-2]
Working on api test. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-07 16:26:25 -05:00
url = f"/invite/service/{token}"
Split generating authorization headers by type In response to [1]. [1]: https://github.com/alphagov/notifications-api/pull/3300#discussion_r681653248
2021-08-04 15:12:09 +01:00
auth_header = create_admin_authorization_header()
reformat
2023-08-29 14:54:30 -07:00
response = client.get(
url, headers=[("Content-Type", "application/json"), auth_header]
)
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
assert response.status_code == 400
json_resp = json.loads(response.get_data(as_text=True))
reformat
2023-08-29 14:54:30 -07:00
assert json_resp["result"] == "error"
assert json_resp["message"] == {
"invitation": "Somethings wrong with this link. Make sure youve copied the whole thing."
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
}
def test_get_invited_user(admin_request, sample_invited_user):
json_resp = admin_request.get(
reformat
2023-08-29 14:54:30 -07:00
"service_invite.get_invited_user", invited_user_id=sample_invited_user.id
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
)
reformat
2023-08-29 14:54:30 -07:00
assert json_resp["data"]["id"] == str(sample_invited_user.id)
assert json_resp["data"]["email_address"] == sample_invited_user.email_address
assert json_resp["data"]["service"] == str(sample_invited_user.service_id)
assert json_resp["data"]["permissions"] == sample_invited_user.permissions
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
reformat
2023-08-29 14:54:30 -07:00
def test_get_invited_user_404s_if_invite_doesnt_exist(
admin_request, sample_invited_user, fake_uuid
):
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
json_resp = admin_request.get(
reformat
2023-08-29 14:54:30 -07:00
"service_invite.get_invited_user",
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
invited_user_id=fake_uuid,
reformat
2023-08-29 14:54:30 -07:00
_expected_status=404,
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
)
reformat
2023-08-29 14:54:30 -07:00
assert json_resp["result"] == "error"
Reference in New Issue Copy Permalink