darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2025-12-17 10:42:25 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
dc7bd216bf8a365b599e0b24ec9020ba6f4b51bd
notifications-api/app/template/rest.py

173 lines
6.7 KiB
Python
Raw Normal View History

Wire up error handlers. Replace some 400s with more appropriate 500s. DAO methods that cause unexpected exceptions get caught and logged by errors.py 500 error handler.
2016-02-17 17:04:50 +00:00
from flask import (
Blueprint,
Updates to template endpoints: - moved into templates rest class - updated dao - removed delete methods - constraint on subject line
2016-02-22 12:55:18 +00:00
jsonify,
request,
current_app
Wire up error handlers. Replace some 400s with more appropriate 500s. DAO methods that cause unexpected exceptions get caught and logged by errors.py 500 error handler.
2016-02-17 17:04:50 +00:00
)
Updates to template endpoints: - moved into templates rest class - updated dao - removed delete methods - constraint on subject line
2016-02-22 12:55:18 +00:00
from app.dao.templates_dao import (
dao_update_template,
dao_create_template,
add template personalisation redaction If passing in `redact_personalisation` to the template update endpoint, we should mark that template permanently as redacted - this means that we won't ever return the personalisation for any notifications for it. This is to be used with templates containing one time passwords, 2FA codes or other sensitive information that you may not want service workers to be able to see. This is implemented via a separate table, `template_redacted`, which just contains when the template was redacted.
2017-06-28 10:26:25 +01:00
dao_redact_template,
Updates to template endpoints: - moved into templates rest class - updated dao - removed delete methods - constraint on subject line
2016-02-22 12:55:18 +00:00
dao_get_template_by_id_and_service_id,
Get all versions for a template endpoint added.
2016-05-09 15:59:34 +01:00
dao_get_all_templates_for_service,
dao_get_template_versions
Updates to template endpoints: - moved into templates rest class - updated dao - removed delete methods - constraint on subject line
2016-02-22 12:55:18 +00:00
)
Update utils to 12.0.0 Includes: - [x] https://github.com/alphagov/notifications-utils/pull/94 (breaking changes which are responsible for all the changes to the API in this PR) The test for `get_sms_fragment_count` has been removed because this method is already tested in utils here: https://github.com/alphagov/notifications-utils/blob/ac20f7e99ece4935fccf39ed9d5c0fb40e45bfbc/tests/test_base_template.py#L140-L159
2016-12-09 15:56:25 +00:00
from notifications_utils.template import SMSMessageTemplate
Message limit added and all tests passing.
2016-04-29 10:36:59 +01:00
from app.dao.services_dao import dao_fetch_service_by_id
Prevent template creation or update w/o permission
2017-06-27 18:56:35 +01:00
from app.dao.service_permissions_dao import dao_fetch_service_permissions
from app.models import SMS_TYPE, EMAIL_TYPE
Refactored to make code clearer
2017-06-29 18:02:21 +01:00
from app.notifications.validators import service_has_permission
Template history endpoint added. All tests passing. Code quality fix.
2016-05-06 15:42:43 +01:00
from app.schemas import (template_schema, template_history_schema)
Template rest api skeleton added.
2016-01-13 11:04:13 +00:00
Register a before_request event for all blueprints, that defines the authentication requirement. There are three authentication methods: - requires_no_auth - public endpoint that does not require an Authorisation header - requires_auth - public endpoints that need an API key in the Authorisation header - requires_admin_auth - private endpoint that requires an Authorisation header which contains the API key for the defined as the client admin user
2017-03-16 18:15:49 +00:00
template_blueprint = Blueprint('template', __name__, url_prefix='/service/<uuid:service_id>/template')
Template rest api skeleton added.
2016-01-13 11:04:13 +00:00
Change endpoint responses where there are marshalling, unmarshalling or param errors to raise invalid data exception. That will cause those responses to be handled in by errors.py, which will log the errors. Set most of schemas to strict mode so that marshmallow will raise exception rather than checking for errors in return tuple from load. Added handler to errors.py for marshmallow validation errors.
2016-06-14 15:07:23 +01:00
from app.errors import (
register_errors,
InvalidRequest
)
Refactored to make code clearer
2017-06-29 18:02:21 +01:00
from app.utils import get_template_instance, get_public_notify_type_text
Updates to template endpoints: - moved into templates rest class - updated dao - removed delete methods - constraint on subject line
2016-02-22 12:55:18 +00:00
Register a before_request event for all blueprints, that defines the authentication requirement. There are three authentication methods: - requires_no_auth - public endpoint that does not require an Authorisation header - requires_auth - public endpoints that need an API key in the Authorisation header - requires_admin_auth - private endpoint that requires an Authorisation header which contains the API key for the defined as the client admin user
2017-03-16 18:15:49 +00:00
register_errors(template_blueprint)
Wire up error handlers. Replace some 400s with more appropriate 500s. DAO methods that cause unexpected exceptions get caught and logged by errors.py 500 error handler.
2016-02-17 17:04:50 +00:00
Template rest api skeleton added.
2016-01-13 11:04:13 +00:00
Message limit added and all tests passing.
2016-04-29 10:36:59 +01:00
def _content_count_greater_than_limit(content, template_type):
Update utils to 12.0.0 Includes: - [x] https://github.com/alphagov/notifications-utils/pull/94 (breaking changes which are responsible for all the changes to the API in this PR) The test for `get_sms_fragment_count` has been removed because this method is already tested in utils here: https://github.com/alphagov/notifications-utils/blob/ac20f7e99ece4935fccf39ed9d5c0fb40e45bfbc/tests/test_base_template.py#L140-L159
2016-12-09 15:56:25 +00:00
if template_type != SMS_TYPE:
return False
template = SMSMessageTemplate({'content': content, 'template_type': template_type})
return template.content_count > current_app.config.get('SMS_CHAR_COUNT_LIMIT')
Message limit added and all tests passing.
2016-04-29 10:36:59 +01:00
Register a before_request event for all blueprints, that defines the authentication requirement. There are three authentication methods: - requires_no_auth - public endpoint that does not require an Authorisation header - requires_auth - public endpoints that need an API key in the Authorisation header - requires_admin_auth - private endpoint that requires an Authorisation header which contains the API key for the defined as the client admin user
2017-03-16 18:15:49 +00:00
@template_blueprint.route('', methods=['POST'])
Updates to template endpoints: - moved into templates rest class - updated dao - removed delete methods - constraint on subject line
2016-02-22 12:55:18 +00:00
def create_template(service_id):
fetched_service = dao_fetch_service_by_id(service_id=service_id)
Prevent template creation or update w/o permission
2017-06-27 18:56:35 +01:00
# permissions needs to be placed here otherwise marshmallow will intefere with versioning
permissions = fetched_service.permissions
Change endpoint responses where there are marshalling, unmarshalling or param errors to raise invalid data exception. That will cause those responses to be handled in by errors.py, which will log the errors. Set most of schemas to strict mode so that marshmallow will raise exception rather than checking for errors in return tuple from load. Added handler to errors.py for marshmallow validation errors.
2016-06-14 15:07:23 +01:00
new_template = template_schema.load(request.get_json()).data
Prevent template creation or update w/o permission
2017-06-27 18:56:35 +01:00
Further refactoring
2017-06-30 15:00:44 +01:00
if not service_has_permission(new_template.template_type, permissions):
message = "Creating {} templates is not allowed".format(
get_public_notify_type_text(new_template.template_type))
errors = {'template_type': [message]}
raise InvalidRequest(errors, 403)
Prevent template creation or update w/o permission
2017-06-27 18:56:35 +01:00
Updates to template endpoints: - moved into templates rest class - updated dao - removed delete methods - constraint on subject line
2016-02-22 12:55:18 +00:00
new_template.service = fetched_service
Change endpoint responses where there are marshalling, unmarshalling or param errors to raise invalid data exception. That will cause those responses to be handled in by errors.py, which will log the errors. Set most of schemas to strict mode so that marshmallow will raise exception rather than checking for errors in return tuple from load. Added handler to errors.py for marshmallow validation errors.
2016-06-14 15:07:23 +01:00
over_limit = _content_count_greater_than_limit(new_template.content, new_template.template_type)
Message limit added and all tests passing.
2016-04-29 10:36:59 +01:00
if over_limit:
Change endpoint responses where there are marshalling, unmarshalling or param errors to raise invalid data exception. That will cause those responses to be handled in by errors.py, which will log the errors. Set most of schemas to strict mode so that marshmallow will raise exception rather than checking for errors in return tuple from load. Added handler to errors.py for marshmallow validation errors.
2016-06-14 15:07:23 +01:00
char_count_limit = current_app.config.get('SMS_CHAR_COUNT_LIMIT')
message = 'Content has a character count greater than the limit of {}'.format(char_count_limit)
errors = {'content': [message]}
raise InvalidRequest(errors, status_code=400)
Removed template subject uniqueness
2016-05-18 10:00:09 +01:00
dao_create_template(new_template)
Updates to template endpoints: - moved into templates rest class - updated dao - removed delete methods - constraint on subject line
2016-02-22 12:55:18 +00:00
return jsonify(data=template_schema.dump(new_template).data), 201
Register a before_request event for all blueprints, that defines the authentication requirement. There are three authentication methods: - requires_no_auth - public endpoint that does not require an Authorisation header - requires_auth - public endpoints that need an API key in the Authorisation header - requires_admin_auth - private endpoint that requires an Authorisation header which contains the API key for the defined as the client admin user
2017-03-16 18:15:49 +00:00
@template_blueprint.route('/<uuid:template_id>', methods=['POST'])
Updates to template endpoints: - moved into templates rest class - updated dao - removed delete methods - constraint on subject line
2016-02-22 12:55:18 +00:00
def update_template(service_id, template_id):
fetched_template = dao_get_template_by_id_and_service_id(template_id=template_id, service_id=service_id)
Further refactoring
2017-06-30 15:00:44 +01:00
if not service_has_permission(fetched_template.template_type, fetched_template.service.permissions):
message = "Updating {} templates is not allowed".format(
get_public_notify_type_text(fetched_template.template_type))
errors = {'template_type': [message]}
raise InvalidRequest(errors, 403)
Prevent template creation or update w/o permission
2017-06-27 18:56:35 +01:00
add template personalisation redaction If passing in `redact_personalisation` to the template update endpoint, we should mark that template permanently as redacted - this means that we won't ever return the personalisation for any notifications for it. This is to be used with templates containing one time passwords, 2FA codes or other sensitive information that you may not want service workers to be able to see. This is implemented via a separate table, `template_redacted`, which just contains when the template was redacted.
2017-06-28 10:26:25 +01:00
data = request.get_json()
# if redacting, don't update anything else
redacting a template now 400s if no updated_by_id supplied
2017-06-28 17:03:12 +01:00
if data.get('redact_personalisation') is True:
return redact_template(fetched_template, data)
add template personalisation redaction If passing in `redact_personalisation` to the template update endpoint, we should mark that template permanently as redacted - this means that we won't ever return the personalisation for any notifications for it. This is to be used with templates containing one time passwords, 2FA codes or other sensitive information that you may not want service workers to be able to see. This is implemented via a separate table, `template_redacted`, which just contains when the template was redacted.
2017-06-28 10:26:25 +01:00
Updates to template endpoints: - moved into templates rest class - updated dao - removed delete methods - constraint on subject line
2016-02-22 12:55:18 +00:00
current_data = dict(template_schema.dump(fetched_template).data.items())
Only test the items of the template that can change on an update request. Return 200 if no change is made.
2016-06-01 12:19:59 +01:00
updated_template = dict(template_schema.dump(fetched_template).data.items())
add template personalisation redaction If passing in `redact_personalisation` to the template update endpoint, we should mark that template permanently as redacted - this means that we won't ever return the personalisation for any notifications for it. This is to be used with templates containing one time passwords, 2FA codes or other sensitive information that you may not want service workers to be able to see. This is implemented via a separate table, `template_redacted`, which just contains when the template was redacted.
2017-06-28 10:26:25 +01:00
updated_template.update(data)
Do not create a new version of the template if there is no change to the tempalte.
2016-06-01 10:53:03 +01:00
# Check if there is a change to make.
Only test the items of the template that can change on an update request. Return 200 if no change is made.
2016-06-01 12:19:59 +01:00
if _template_has_not_changed(current_data, updated_template):
return jsonify(data=updated_template), 200
Do not create a new version of the template if there is no change to the tempalte.
2016-06-01 10:53:03 +01:00
Change endpoint responses where there are marshalling, unmarshalling or param errors to raise invalid data exception. That will cause those responses to be handled in by errors.py, which will log the errors. Set most of schemas to strict mode so that marshmallow will raise exception rather than checking for errors in return tuple from load. Added handler to errors.py for marshmallow validation errors.
2016-06-14 15:07:23 +01:00
update_dict = template_schema.load(updated_template).data
over_limit = _content_count_greater_than_limit(updated_template['content'], fetched_template.template_type)
Message limit added and all tests passing.
2016-04-29 10:36:59 +01:00
if over_limit:
Change endpoint responses where there are marshalling, unmarshalling or param errors to raise invalid data exception. That will cause those responses to be handled in by errors.py, which will log the errors. Set most of schemas to strict mode so that marshmallow will raise exception rather than checking for errors in return tuple from load. Added handler to errors.py for marshmallow validation errors.
2016-06-14 15:07:23 +01:00
char_count_limit = current_app.config.get('SMS_CHAR_COUNT_LIMIT')
message = 'Content has a character count greater than the limit of {}'.format(char_count_limit)
errors = {'content': [message]}
raise InvalidRequest(errors, status_code=400)
Updates to template endpoints: - moved into templates rest class - updated dao - removed delete methods - constraint on subject line
2016-02-22 12:55:18 +00:00
dao_update_template(update_dict)
return jsonify(data=template_schema.dump(update_dict).data), 200
Register a before_request event for all blueprints, that defines the authentication requirement. There are three authentication methods: - requires_no_auth - public endpoint that does not require an Authorisation header - requires_auth - public endpoints that need an API key in the Authorisation header - requires_admin_auth - private endpoint that requires an Authorisation header which contains the API key for the defined as the client admin user
2017-03-16 18:15:49 +00:00
@template_blueprint.route('', methods=['GET'])
Updates to template endpoints: - moved into templates rest class - updated dao - removed delete methods - constraint on subject line
2016-02-22 12:55:18 +00:00
def get_all_templates_for_service(service_id):
templates = dao_get_all_templates_for_service(service_id=service_id)
Change endpoint responses where there are marshalling, unmarshalling or param errors to raise invalid data exception. That will cause those responses to be handled in by errors.py, which will log the errors. Set most of schemas to strict mode so that marshmallow will raise exception rather than checking for errors in return tuple from load. Added handler to errors.py for marshmallow validation errors.
2016-06-14 15:07:23 +01:00
data = template_schema.dump(templates, many=True).data
Template rest api skeleton added.
2016-01-13 11:04:13 +00:00
return jsonify(data=data)
Updates to template endpoints: - moved into templates rest class - updated dao - removed delete methods - constraint on subject line
2016-02-22 12:55:18 +00:00
Register a before_request event for all blueprints, that defines the authentication requirement. There are three authentication methods: - requires_no_auth - public endpoint that does not require an Authorisation header - requires_auth - public endpoints that need an API key in the Authorisation header - requires_admin_auth - private endpoint that requires an Authorisation header which contains the API key for the defined as the client admin user
2017-03-16 18:15:49 +00:00
@template_blueprint.route('/<uuid:template_id>', methods=['GET'])
Updates to template endpoints: - moved into templates rest class - updated dao - removed delete methods - constraint on subject line
2016-02-22 12:55:18 +00:00
def get_template_by_id_and_service_id(service_id, template_id):
fetched_template = dao_get_template_by_id_and_service_id(template_id=template_id, service_id=service_id)
Change endpoint responses where there are marshalling, unmarshalling or param errors to raise invalid data exception. That will cause those responses to be handled in by errors.py, which will log the errors. Set most of schemas to strict mode so that marshmallow will raise exception rather than checking for errors in return tuple from load. Added handler to errors.py for marshmallow validation errors.
2016-06-14 15:07:23 +01:00
data = template_schema.dump(fetched_template).data
Changed db queries to use one, which throws NoResultFound exception, this exception is dealt with in our error handlers. Now a lot of the if none checks can be removed.
2016-03-11 12:39:55 +00:00
return jsonify(data=data)
Strip HTML from template content Templates are created in the admin app and persisted in the API. They are consumed: - in the admin app, by requesting them from the API - in the API, by loading them from the database There are two potential places where unescaped HTML could be sent to a user: - when the admin app is previewing a template (it has to render the template as markup in order to show the placeholders) - in the body of an email For all consumers to have confidence that the templates are safe, it makes sense to santitise them at the point of creation (and modification). This also avoids any performance issues that could come from doing it at the point of requesting a template. In the future they could be created by a direct API call, bypassing the admin app. Therefore it makes sense for the API to sanitise them. The commit sanitises templates using a Mozilla’s Bleach library[1]. It is configured to get the text content of the template, minus any HTML tags. It is not using a regex because[2]. 1. https://github.com/mozilla/bleach 2. http://stackoverflow.com/questions/1732348/regex-match-open-tags-except-xhtml-self-contained-tags/1732454#1732454
2016-03-04 07:03:15 +00:00
Register a before_request event for all blueprints, that defines the authentication requirement. There are three authentication methods: - requires_no_auth - public endpoint that does not require an Authorisation header - requires_auth - public endpoints that need an API key in the Authorisation header - requires_admin_auth - private endpoint that requires an Authorisation header which contains the API key for the defined as the client admin user
2017-03-16 18:15:49 +00:00
@template_blueprint.route('/<uuid:template_id>/preview', methods=['GET'])
Add a ‘preview template’ endpoint There’s a need for users of the API to be able to take advantage of Notify’s template rendering. For example, there’s a service that’s building a case management system. Their users are sending emails on a case-by-case basis. Before they send an email, it’s ressuring to double check that the right data is being inserted, that the right template is being used, etc. This commit: - adds a separate endpoint for previewing a template, with personalisation taken from the get parameters of the request - beefs up the tests around getting a template Not part of this pull request: - making this enpoint publicly accessible
2016-06-16 13:51:20 +01:00
def preview_template_by_id_and_service_id(service_id, template_id):
fetched_template = dao_get_template_by_id_and_service_id(template_id=template_id, service_id=service_id)
data = template_schema.dump(fetched_template).data
Update utils to 12.0.0 Includes: - [x] https://github.com/alphagov/notifications-utils/pull/94 (breaking changes which are responsible for all the changes to the API in this PR) The test for `get_sms_fragment_count` has been removed because this method is already tested in utils here: https://github.com/alphagov/notifications-utils/blob/ac20f7e99ece4935fccf39ed9d5c0fb40e45bfbc/tests/test_base_template.py#L140-L159
2016-12-09 15:56:25 +00:00
template_object = get_template_instance(data, values=request.args.to_dict())
Add a ‘preview template’ endpoint There’s a need for users of the API to be able to take advantage of Notify’s template rendering. For example, there’s a service that’s building a case management system. Their users are sending emails on a case-by-case basis. Before they send an email, it’s ressuring to double check that the right data is being inserted, that the right template is being used, etc. This commit: - adds a separate endpoint for previewing a template, with personalisation taken from the get parameters of the request - beefs up the tests around getting a template Not part of this pull request: - making this enpoint publicly accessible
2016-06-16 13:51:20 +01:00
if template_object.missing_data:
raise InvalidRequest(
{'template': [
'Missing personalisation: {}'.format(", ".join(template_object.missing_data))
]}, status_code=400
)
Update utils to 12.0.0 Includes: - [x] https://github.com/alphagov/notifications-utils/pull/94 (breaking changes which are responsible for all the changes to the API in this PR) The test for `get_sms_fragment_count` has been removed because this method is already tested in utils here: https://github.com/alphagov/notifications-utils/blob/ac20f7e99ece4935fccf39ed9d5c0fb40e45bfbc/tests/test_base_template.py#L140-L159
2016-12-09 15:56:25 +00:00
data['subject'], data['content'] = template_object.subject, str(template_object)
Add a ‘preview template’ endpoint There’s a need for users of the API to be able to take advantage of Notify’s template rendering. For example, there’s a service that’s building a case management system. Their users are sending emails on a case-by-case basis. Before they send an email, it’s ressuring to double check that the right data is being inserted, that the right template is being used, etc. This commit: - adds a separate endpoint for previewing a template, with personalisation taken from the get parameters of the request - beefs up the tests around getting a template Not part of this pull request: - making this enpoint publicly accessible
2016-06-16 13:51:20 +01:00
Remove wrapper around response object Before: ```json {'data': {'template': '…'}} ``` There’s no need to wrap the response in key because there will only ever be one valid key for the template preview endpoint. Flatter is better: ```json { 'content': '…', 'subject': '…', 'template_type': '…', … } ``` The response will be different if there’s an error, but you should be checking the status code first anyway. This commit: - changes the template preview endpoint to return the above format - adds a test to make sure that the original `/service/…/template/…` endpoint still returns JSON in the same format (with a `data` key)
2016-06-17 12:57:43 +01:00
return jsonify(data)
Add a ‘preview template’ endpoint There’s a need for users of the API to be able to take advantage of Notify’s template rendering. For example, there’s a service that’s building a case management system. Their users are sending emails on a case-by-case basis. Before they send an email, it’s ressuring to double check that the right data is being inserted, that the right template is being used, etc. This commit: - adds a separate endpoint for previewing a template, with personalisation taken from the get parameters of the request - beefs up the tests around getting a template Not part of this pull request: - making this enpoint publicly accessible
2016-06-16 13:51:20 +01:00
Register a before_request event for all blueprints, that defines the authentication requirement. There are three authentication methods: - requires_no_auth - public endpoint that does not require an Authorisation header - requires_auth - public endpoints that need an API key in the Authorisation header - requires_admin_auth - private endpoint that requires an Authorisation header which contains the API key for the defined as the client admin user
2017-03-16 18:15:49 +00:00
@template_blueprint.route('/<uuid:template_id>/version/<int:version>')
Template history endpoint added. All tests passing. Code quality fix.
2016-05-06 15:42:43 +01:00
def get_template_version(service_id, template_id, version):
Change endpoint responses where there are marshalling, unmarshalling or param errors to raise invalid data exception. That will cause those responses to be handled in by errors.py, which will log the errors. Set most of schemas to strict mode so that marshmallow will raise exception rather than checking for errors in return tuple from load. Added handler to errors.py for marshmallow validation errors.
2016-06-14 15:07:23 +01:00
data = template_history_schema.dump(
Add user details to template schema dump.
2016-05-10 14:55:59 +01:00
dao_get_template_by_id_and_service_id(
template_id=template_id,
service_id=service_id,
version=version
)
Change endpoint responses where there are marshalling, unmarshalling or param errors to raise invalid data exception. That will cause those responses to be handled in by errors.py, which will log the errors. Set most of schemas to strict mode so that marshmallow will raise exception rather than checking for errors in return tuple from load. Added handler to errors.py for marshmallow validation errors.
2016-06-14 15:07:23 +01:00
).data
Get all versions for a template endpoint added.
2016-05-09 15:59:34 +01:00
return jsonify(data=data)
Register a before_request event for all blueprints, that defines the authentication requirement. There are three authentication methods: - requires_no_auth - public endpoint that does not require an Authorisation header - requires_auth - public endpoints that need an API key in the Authorisation header - requires_admin_auth - private endpoint that requires an Authorisation header which contains the API key for the defined as the client admin user
2017-03-16 18:15:49 +00:00
@template_blueprint.route('/<uuid:template_id>/versions')
Get all versions for a template endpoint added.
2016-05-09 15:59:34 +01:00
def get_template_versions(service_id, template_id):
Change endpoint responses where there are marshalling, unmarshalling or param errors to raise invalid data exception. That will cause those responses to be handled in by errors.py, which will log the errors. Set most of schemas to strict mode so that marshmallow will raise exception rather than checking for errors in return tuple from load. Added handler to errors.py for marshmallow validation errors.
2016-06-14 15:07:23 +01:00
data = template_history_schema.dump(
Use the template version at the time the notification is created or at the time the job is created. Update notifications/sms|email endpoint to send the template version to the queue. Update the process_job celery talk to send the template version to the queue. When the send_sms|send_email task runs it will get the template by id and version. Created a data migration script to add the template_vesion column for jobs and notifications. The existing jobs and notifications are given the template_version of the current template. There is a chance this is the wrong template version, but deemed okay since the application is not live. Create unit test for the dao_get_template_versions method. Rename /template/<id>/version to /template/<id>/versions which returns all versions for that template id and service id.
2016-05-13 16:25:05 +01:00
dao_get_template_versions(service_id=service_id, template_id=template_id),
Add user details to template schema dump.
2016-05-10 14:55:59 +01:00
many=True
Change endpoint responses where there are marshalling, unmarshalling or param errors to raise invalid data exception. That will cause those responses to be handled in by errors.py, which will log the errors. Set most of schemas to strict mode so that marshmallow will raise exception rather than checking for errors in return tuple from load. Added handler to errors.py for marshmallow validation errors.
2016-06-14 15:07:23 +01:00
).data
Template history endpoint added. All tests passing. Code quality fix.
2016-05-06 15:42:43 +01:00
return jsonify(data=data)
Only test the items of the template that can change on an update request. Return 200 if no change is made.
2016-06-01 12:19:59 +01:00
def _template_has_not_changed(current_data, updated_template):
Use a more pythonic way to compare the dicts.
2016-06-01 13:55:04 +01:00
return all(
current_data[key] == updated_template[key]
Make the update template endpoint work when process_type is present.
2017-01-17 15:48:51 +00:00
for key in ('name', 'content', 'subject', 'archived', 'process_type')
Use a more pythonic way to compare the dicts.
2016-06-01 13:55:04 +01:00
)
redacting a template now 400s if no updated_by_id supplied
2017-06-28 17:03:12 +01:00
def redact_template(template, data):
# we also don't need to check what was passed in redact_personalisation - its presence in the dict is enough.
use created_by instead of updated_by to behave in same way as other endpoints
2017-06-29 12:39:02 +01:00
if 'created_by' not in data:
redacting a template now 400s if no updated_by_id supplied
2017-06-28 17:03:12 +01:00
message = 'Field is required'
use created_by instead of updated_by to behave in same way as other endpoints
2017-06-29 12:39:02 +01:00
errors = {'created_by': [message]}
redacting a template now 400s if no updated_by_id supplied
2017-06-28 17:03:12 +01:00
raise InvalidRequest(errors, status_code=400)
# if it's already redacted, then just return 200 straight away.
if not template.redact_personalisation:
use created_by instead of updated_by to behave in same way as other endpoints
2017-06-29 12:39:02 +01:00
dao_redact_template(template, data['created_by'])
redacting a template now 400s if no updated_by_id supplied
2017-06-28 17:03:12 +01:00
return 'null', 200
Reference in New Issue Copy Permalink