darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2025-12-20 15:31:15 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
751e8ab077de656805ecc7d2d07b9ab0729611c9
notifications-api/app/service_invite/rest.py

224 lines
7.6 KiB
Python
Raw Normal View History

fix tests
2024-01-24 07:55:14 -08:00
import json
fix tests
2024-03-19 13:23:22 -07:00
import os
black, isort, flake8 Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-08 21:43:52 -05:00
from datetime import datetime
Made new /resend route in api. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-04 16:59:05 -05:00
more debug
2024-04-19 09:14:36 -07:00
from app.utils import hilite
Run auto-correct on app/ and tests/
2021-03-10 13:55:06 +00:00
from flask import Blueprint, current_app, jsonify, request
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
from itsdangerous import BadData, SignatureExpired
from notifications_utils.url_safe_token import check_token, generate_token
[WIP] added endpoint and dao to create invites for users. Droped token as later code to send email invite can generate timebased url to send to user. That can then be checked against configurable time threshold for expiry. Therefore no need to store a token.
2016-02-24 14:01:19 +00:00
fix tests
2024-01-24 07:55:14 -08:00
from app import redis_store
Revert celery4 Revert the following three pull requests: https://github.com/alphagov/notifications-api/pull/1085 https://github.com/alphagov/notifications-api/pull/1086 https://github.com/alphagov/notifications-api/pull/1088 celery 4.0.2 looked promising, however, on staging under mild load (5/sec api calls) the performance was actually worse than 3.1.25
2017-07-19 13:50:29 +01:00
from app.config import QueueNames
[WIP] added dao and rest endpoint for retrieving invited users by service and by id.
2016-02-25 11:22:36 +00:00
from app.dao.invited_user_dao import (
Fixing stuff. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-20 09:51:43 -05:00
get_expired_invite_by_service_and_id,
Working on getting tests working. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-11-10 16:14:03 -05:00
get_expired_invited_users_for_service,
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
get_invited_user_by_id,
remove duplicate dao invite fns and improve naming
2021-03-12 12:50:07 +00:00
get_invited_user_by_service_and_id,
Run auto-correct on app/ and tests/
2021-03-10 13:55:06 +00:00
get_invited_users_for_service,
save_invited_user,
[WIP] added dao and rest endpoint for retrieving invited users by service and by id.
2016-02-25 11:22:36 +00:00
)
Use the send email task to send the password reset and invitation email. Next PR can remove those tasks.
2016-06-16 17:34:33 +01:00
from app.dao.templates_dao import dao_get_template_by_id
Cleaning up with black, isort, flake8. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2024-01-16 07:37:21 -05:00
from app.enums import InvitedUserStatus, KeyType, NotificationType
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
from app.errors import InvalidRequest, register_errors
KeyType implemented. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2024-01-18 10:28:50 -05:00
from app.models import Service
Run auto-correct on app/ and tests/
2021-03-10 13:55:06 +00:00
from app.notifications.process_notifications import (
persist_notification,
send_notification_to_queue,
)
Working permissions and all tests passing. Remove print statements. Fix for review comments.
2016-02-26 12:00:16 +00:00
from app.schemas import invited_user_schema
[WIP] added endpoint and dao to create invites for users. Droped token as later code to send email invite can generate timebased url to send to user. That can then be checked against configurable time threshold for expiry. Therefore no need to store a token.
2016-02-24 14:01:19 +00:00
reformat
2023-08-29 14:54:30 -07:00
service_invite = Blueprint("service_invite", __name__)
[WIP] added endpoint and dao to create invites for users. Droped token as later code to send email invite can generate timebased url to send to user. That can then be checked against configurable time threshold for expiry. Therefore no need to store a token.
2016-02-24 14:01:19 +00:00
rename invite blueprints nb: the routes are not changing as part of this, only file paths and blueprint names. invite -> service_invite this blueprint handles fetching invites for a service, creating invites, etc. accept_invite -> global_invite this blueprint handles accepting invites for now, but will also involve retrieving service/org user invite data without knowing the service/org id associated. i'm not in love with this name and open to suggestions, but i wanted to contrast it from service_invite and organisation/invite_rest.py.
2021-03-05 20:13:56 +00:00
register_errors(service_invite)
[WIP] added endpoint and dao to create invites for users. Droped token as later code to send email invite can generate timebased url to send to user. That can then be checked against configurable time threshold for expiry. Therefore no need to store a token.
2016-02-24 14:01:19 +00:00
black, isort, flake8 Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-08 21:43:52 -05:00
Made new /resend route in api. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-04 16:59:05 -05:00
def _create_service_invite(invited_user, invite_link_host):
more debug
2024-04-19 09:14:36 -07:00
# TODO REMOVE DEBUG
print(hilite("ENTER _create_service_invite"))
# END DEBUG
reformat
2023-08-29 14:54:30 -07:00
template_id = current_app.config["INVITATION_EMAIL_TEMPLATE_ID"]
Send broadcast invite email for broadcast service invites This means the copy is more accurate and mentions sending emergency alerts rather than previous copy about sending emails texts and letters.
2020-09-15 16:45:24 +01:00
template = dao_get_template_by_id(template_id)
Did stuff, fixed things. This seems to work now. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-15 13:14:53 -05:00
reformat
2023-08-29 14:54:30 -07:00
service = Service.query.get(current_app.config["NOTIFY_SERVICE_ID"])
make state non-arbitrary
2024-04-02 13:18:21 -07:00
token = generate_token(
str(invited_user.email_address),
current_app.config["SECRET_KEY"],
current_app.config["DANGEROUS_SALT"],
)
url = os.environ["LOGIN_DOT_GOV_REGISTRATION_URL"]
url = url.replace("NONCE", token)
url = url.replace("STATE", token)
fix tests
2024-01-22 10:55:09 -08:00
personalisation = {
"user_name": invited_user.from_user.name,
"service_name": invited_user.service.name,
make state non-arbitrary
2024-04-02 13:18:21 -07:00
"url": url,
fix tests
2024-01-22 10:55:09 -08:00
}
fix tests
2024-01-24 07:55:14 -08:00
Refactor create_invited_user to persist and send message to the notify queue. The reason for doing this is to ensure the tasks performed for the Notify users are not queued behind a large job, a way to ensure priority for messages. 6th task for story: https://www.pivotaltracker.com/story/show/135839709
2016-12-20 15:59:31 +00:00
saved_notification = persist_notification(
template_id=template.id,
template_version=template.version,
recipient=invited_user.email_address,
Two new methods needed to pass the service not the service ID into the create notifications methods.
2017-01-10 13:41:16 +00:00
service=service,
fix invitations
2024-03-22 11:18:47 -07:00
personalisation={},
Cleaning up a lot of things, getting Enums used everywhere. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2024-02-28 12:40:52 -05:00
notification_type=NotificationType.EMAIL,
Refactor create_invited_user to persist and send message to the notify queue. The reason for doing this is to ensure the tasks performed for the Notify users are not queued behind a large job, a way to ensure priority for messages. 6th task for story: https://www.pivotaltracker.com/story/show/135839709
2016-12-20 15:59:31 +00:00
api_key_id=None,
KeyType implemented. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2024-01-18 10:28:50 -05:00
key_type=KeyType.NORMAL,
reformat
2023-08-29 14:54:30 -07:00
reply_to_text=invited_user.from_user.email_address,
Refactor create_invited_user to persist and send message to the notify queue. The reason for doing this is to ensure the tasks performed for the Notify users are not queued behind a large job, a way to ensure priority for messages. 6th task for story: https://www.pivotaltracker.com/story/show/135839709
2016-12-20 15:59:31 +00:00
)
fix tests
2024-01-22 10:55:09 -08:00
saved_notification.personalisation = personalisation
fix tests
2024-01-24 07:55:14 -08:00
redis_store.set(
f"email-personalisation-{saved_notification.id}",
json.dumps(personalisation),
ex=1800,
)
fix invitations
2024-03-22 11:18:47 -07:00
# The raw permissions are in the form "a,b,c,d"
# but need to be in the form ["a", "b", "c", "d"]
data = {}
permissions = invited_user.permissions
permissions = permissions.split(",")
permission_list = []
for permission in permissions:
permission_list.append(f"{permission}")
data["from_user_id"] = (str(invited_user.from_user.id),)
data["service_id"] = str(invited_user.service.id)
data["permissions"] = permission_list
data["folder_permissions"] = invited_user.folder_permissions
# This is for the login.gov service invite on the
# "Set Up Your Profile" path.
more debug
2024-04-19 09:14:36 -07:00
redis_key = f"service-invite-{invited_user.email_address}"
fix invitations
2024-03-22 11:18:47 -07:00
redis_store.set(
more debug
2024-04-19 09:14:36 -07:00
redis_key,
fix invitations
2024-03-22 11:18:47 -07:00
json.dumps(data),
ex=3600 * 24,
)
more debug
2024-04-19 09:14:36 -07:00
# TODO REMOVE DEBUG
print(hilite(f"Save this data {data} with this redis_key {redis_key}"))
# END DEBUG
notify-api-433b remove research mode
2023-08-25 12:09:00 -07:00
send_notification_to_queue(saved_notification, queue=QueueNames.NOTIFY)
Use the send email task to send the password reset and invitation email. Next PR can remove those tasks.
2016-06-16 17:34:33 +01:00
Made new /resend route in api. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-04 16:59:05 -05:00
@service_invite.route("/service/<service_id>/invite", methods=["POST"])
def create_invited_user(service_id):
request_json = request.get_json()
invited_user = invited_user_schema.load(request_json)
save_invited_user(invited_user)
_create_service_invite(invited_user, request_json.get("invite_link_host"))
Replace how `.dump` is called As with `.load`, only data is now returned instead of a tuple.
2022-05-06 15:52:44 +01:00
return jsonify(data=invited_user_schema.dump(invited_user)), 201
[WIP] added dao and rest endpoint for retrieving invited users by service and by id.
2016-02-25 11:22:36 +00:00
Working on getting tests working. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-11-10 16:14:03 -05:00
@service_invite.route("/service/<service_id>/invite/expired", methods=["GET"])
def get_expired_invited_users_by_service(service_id):
expired_invited_users = get_expired_invited_users_for_service(service_id)
return jsonify(data=invited_user_schema.dump(expired_invited_users, many=True)), 200
reformat
2023-08-29 14:54:30 -07:00
@service_invite.route("/service/<service_id>/invite", methods=["GET"])
[WIP] added dao and rest endpoint for retrieving invited users by service and by id.
2016-02-25 11:22:36 +00:00
def get_invited_users_by_service(service_id):
invited_users = get_invited_users_for_service(service_id)
Replace how `.dump` is called As with `.load`, only data is now returned instead of a tuple.
2022-05-06 15:52:44 +01:00
return jsonify(data=invited_user_schema.dump(invited_users, many=True)), 200
[WIP] added dao and rest endpoint for retrieving invited users by service and by id.
2016-02-25 11:22:36 +00:00
reformat
2023-08-29 14:54:30 -07:00
@service_invite.route("/service/<service_id>/invite/<invited_user_id>", methods=["GET"])
Add endpoints to get invited users We want to display flash messages in admin when invites have been cancelled. This message needs to display the user's email address, so this commit adds endpoints to GET a single invited service user and org user so that we can look up the email address of a cancelled user.
2020-08-17 11:59:55 +01:00
def get_invited_user_by_service(service_id, invited_user_id):
remove duplicate dao invite fns and improve naming
2021-03-12 12:50:07 +00:00
invited_user = get_invited_user_by_service_and_id(service_id, invited_user_id)
Replace how `.dump` is called As with `.load`, only data is now returned instead of a tuple.
2022-05-06 15:52:44 +01:00
return jsonify(data=invited_user_schema.dump(invited_user)), 200
Add endpoints to get invited users We want to display flash messages in admin when invites have been cancelled. This message needs to display the user's email address, so this commit adds endpoints to GET a single invited service user and org user so that we can look up the email address of a cancelled user.
2020-08-17 11:59:55 +01:00
reformat
2023-08-29 14:54:30 -07:00
@service_invite.route(
"/service/<service_id>/invite/<invited_user_id>", methods=["POST"]
)
New endpoint to update invited user. Can be used to update status on invited user.
2016-03-01 13:33:20 +00:00
def update_invited_user(service_id, invited_user_id):
reformat
2023-08-29 14:54:30 -07:00
fetched = get_invited_user_by_service_and_id(
service_id=service_id, invited_user_id=invited_user_id
)
New endpoint to update invited user. Can be used to update status on invited user.
2016-03-01 13:33:20 +00:00
Replace how `.dump` is called As with `.load`, only data is now returned instead of a tuple.
2022-05-06 15:52:44 +01:00
current_data = dict(invited_user_schema.dump(fetched).items())
New endpoint to update invited user. Can be used to update status on invited user.
2016-03-01 13:33:20 +00:00
current_data.update(request.get_json())
Replace how `.load` is called https://marshmallow.readthedocs.io/en/stable/upgrading.html#schemas-are-always-strict `.load` doesn't return a `(data, errors)` tuple any more - only data is returned. A `ValidationError` is raised if validation fails. The code now relies on the `marshmallow_validation_error` error handler to handle errors instead of having to raise an `InvalidRequest`. This has no effect on the response that is returned (a test has been modified to check). Also added a new `password` field to the `UserSchema` so that we don't have to specially check for password errors in the `.create_user` endpoint - we can let marshmallow handle them.
2022-05-06 15:25:14 +01:00
update_dict = invited_user_schema.load(current_data)
New endpoint to update invited user. Can be used to update status on invited user.
2016-03-01 13:33:20 +00:00
save_invited_user(update_dict)
Replace how `.dump` is called As with `.load`, only data is now returned instead of a tuple.
2022-05-06 15:52:44 +01:00
return jsonify(data=invited_user_schema.dump(fetched)), 200
New endpoint to update invited user. Can be used to update status on invited user.
2016-03-01 13:33:20 +00:00
Made new /resend route in api. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-04 16:59:05 -05:00
@service_invite.route(
"/service/<service_id>/invite/<invited_user_id>/resend", methods=["POST"]
)
def resend_service_invite(service_id, invited_user_id):
"""Resend an expired invite.
This resets the invited user's created date and status to make it a new invite, and
sends the new invite out to the user.
Note:
This ignores the POST data entirely.
"""
Fixing stuff. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-20 09:51:43 -05:00
fetched = get_expired_invite_by_service_and_id(
Filtering the rest endpoint for resending invites by status = pending now. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-20 08:15:19 -05:00
service_id=service_id,
invited_user_id=invited_user_id,
Made new /resend route in api. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-04 16:59:05 -05:00
)
fetched.created_at = datetime.utcnow()
KeyType implemented. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2024-01-18 10:28:50 -05:00
fetched.status = InvitedUserStatus.PENDING
Made new /resend route in api. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-04 16:59:05 -05:00
current_data = {k: v for k, v in invited_user_schema.dump(fetched).items()}
update_dict = invited_user_schema.load(current_data)
Did stuff, fixed things. This seems to work now. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-15 13:14:53 -05:00
Made new /resend route in api. Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2023-12-04 16:59:05 -05:00
save_invited_user(update_dict)
_create_service_invite(fetched, current_app.config["ADMIN_BASE_URL"])
return jsonify(data=invited_user_schema.dump(fetched)), 200
Allow admin to domain to use for invite links When we’re doing user research we often: - start the task by inviting the participant to a service on Notify - have them use a prototype version of the admin app, hosted on a different domain Currently we can’t do both of these things together, because the invite emails always send people to `notifications.service.gov.uk` (because it’s the API that sends the emails, and the prototype admin app points at the production API). This commit changes the API to optionally allow an instance of the admin app to specify which domain should be used when generating invite links.
2017-12-20 14:38:49 +00:00
def invited_user_url(invited_user_id, invite_link_host=None):
reformat
2023-08-29 14:54:30 -07:00
token = generate_token(
str(invited_user_id),
current_app.config["SECRET_KEY"],
current_app.config["DANGEROUS_SALT"],
)
Use the send email task to send the password reset and invitation email. Next PR can remove those tasks.
2016-06-16 17:34:33 +01:00
Allow admin to domain to use for invite links When we’re doing user research we often: - start the task by inviting the participant to a service on Notify - have them use a prototype version of the admin app, hosted on a different domain Currently we can’t do both of these things together, because the invite emails always send people to `notifications.service.gov.uk` (because it’s the API that sends the emails, and the prototype admin app points at the production API). This commit changes the API to optionally allow an instance of the admin app to specify which domain should be used when generating invite links.
2017-12-20 14:38:49 +00:00
if invite_link_host is None:
reformat
2023-08-29 14:54:30 -07:00
invite_link_host = current_app.config["ADMIN_BASE_URL"]
Allow admin to domain to use for invite links When we’re doing user research we often: - start the task by inviting the participant to a service on Notify - have them use a prototype version of the admin app, hosted on a different domain Currently we can’t do both of these things together, because the invite emails always send people to `notifications.service.gov.uk` (because it’s the API that sends the emails, and the prototype admin app points at the production API). This commit changes the API to optionally allow an instance of the admin app to specify which domain should be used when generating invite links.
2017-12-20 14:38:49 +00:00
reformat
2023-08-29 14:54:30 -07:00
return "{0}/invitation/{1}".format(invite_link_host, token)
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
reformat
2023-08-29 14:54:30 -07:00
@service_invite.route("/invite/service/<uuid:invited_user_id>", methods=["GET"])
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
def get_invited_user(invited_user_id):
invited_user = get_invited_user_by_id(invited_user_id)
Replace how `.dump` is called As with `.load`, only data is now returned instead of a tuple.
2022-05-06 15:52:44 +01:00
return jsonify(data=invited_user_schema.dump(invited_user)), 200
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
reformat
2023-08-29 14:54:30 -07:00
@service_invite.route("/invite/service/<token>", methods=["GET"])
@service_invite.route("/invite/service/check/<token>", methods=["GET"])
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
def validate_service_invitation_token(token):
reformat
2023-08-29 14:54:30 -07:00
max_age_seconds = 60 * 60 * 24 * current_app.config["INVITATION_EXPIRATION_DAYS"]
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
try:
reformat
2023-08-29 14:54:30 -07:00
invited_user_id = check_token(
token,
current_app.config["SECRET_KEY"],
current_app.config["DANGEROUS_SALT"],
max_age_seconds,
)
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
except SignatureExpired:
reformat
2023-08-29 14:54:30 -07:00
errors = {
"invitation": "Your invitation to GOV.UK Notify has expired. "
"Please ask the person that invited you to send you another one"
}
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
raise InvalidRequest(errors, status_code=400)
except BadData:
reformat
2023-08-29 14:54:30 -07:00
errors = {
"invitation": "Somethings wrong with this link. Make sure youve copied the whole thing."
}
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
raise InvalidRequest(errors, status_code=400)
invited_user = get_invited_user_by_id(invited_user_id)
Replace how `.dump` is called As with `.load`, only data is now returned instead of a tuple.
2022-05-06 15:52:44 +01:00
return jsonify(data=invited_user_schema.dump(invited_user)), 200
Reference in New Issue Copy Permalink