darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2025-12-11 15:52:21 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
e4a37c84caec72c2829ad200147c20d88a7ed6e0
notifications-api/app/__init__.py

424 lines
16 KiB
Python
Raw Normal View History

Basic commit to add get pages showing - bootstrap script - run script - couple of views - basic config
2015-12-10 10:56:59 +00:00
import os
Review and update uses of PRNG
2022-08-19 15:26:12 +00:00
import secrets
Added the random string reference to the letter - uses the reference field on the notifications table to store a 16char random string used to cross reference DVLA letters back to the notification - used as letter barcode does not have space for a UUID notification id Depends on https://github.com/alphagov/notifications-utils/pull/149 Renamed the numeric_id to notification_reference in utils and changed validation rules to match this Note also the persist_notification method set "reference" to be "client_reference" which is confusing and they are different things, so fixed this too.
2017-04-12 17:56:55 +01:00
import string
Run auto-correct on app/ and tests/
2021-03-10 13:55:06 +00:00
import time
Added tests for setting and fetching from redis respecting the enabled flag.
2016-11-10 13:22:38 +00:00
import uuid
Run auto-correct on app/ and tests/
2021-03-10 13:55:06 +00:00
from time import monotonic
Added statsd integration into the API - new client for statsd, follows conventions used elsewhere for configuration - client wraps underlying library so we can use a config property to send/not send statsd Added statsd metrics for: - count of API successful calls SMS/Email - count of successful task execution for SMS/Email - count of errors from Client libraries - timing of API calls to third party clients - timing of how long messages live on the SQS queue
2016-05-13 17:15:39 +01:00
dd sqlalchemy connection metrics for celery tasks grab the worker app name and task name rather than the web host and endpoint. also add a fallback for if we're not in a web request or a celery task. I think that'll probably happen when we use alembic, or if we do things from within flask shell
2020-04-24 15:15:41 +01:00
from celery import current_task
Run auto-correct on app/ and tests/
2021-03-10 13:55:06 +00:00
from flask import (
current_app,
g,
has_request_context,
jsonify,
make_response,
request,
)
Service and User API added, working with tests. Still need to polish the edges and add more tests.
2016-01-11 15:07:13 +00:00
from flask_marshmallow import Marshmallow
Remove flask-script, move commands to click click (http://click.pocoo.org/) is used by flask to run its cli args. In removing flask_script (it's unmaintained), we had to migrate all our commands to use click. This is a change for the better in my eyes - you don't need to define the command in several places, and it makes managing options a bit easier. View diff with whitespace turned off unless you're a masochist.
2017-11-06 12:34:29 +00:00
from flask_migrate import Migrate
Run auto-correct on app/ and tests/
2021-03-10 13:55:06 +00:00
from flask_sqlalchemy import SQLAlchemy as _SQLAlchemy
Add GDSMetrics package As per instructions https://github.com/alphagov/gds_metrics_python The celery workers don't have an HTTP endpoint so no point in trying to get prometheus to scrape them.
2020-04-20 15:59:47 +01:00
from gds_metrics import GDSMetrics
add prometheus metrics for connection pools (both web and sql) add the following prometheus metrics to keep track of general app instance health. # sqs_apply_async_duration how long does the actual SQS call (a standard web request to AWS) take. a histogram with default bucket sizes, split up per task that was created. # concurrent_web_request_count how many web requests is this app currently serving. this is split up per process, so we'd expect multiple responses per app instance # db_connection_total_connected how many connections does this app (process) have open to the database. They might be idle. # db_connection_total_checked_out how many connections does this app (process) have open that are currently in use by a web worker # db_connection_open_duration_seconds a histogram per endpoint of how long the db connection was taken from the pool for. won't have any data if a connection was never opened.
2020-04-24 14:36:21 +01:00
from gds_metrics.metrics import Gauge, Histogram
Use function from utils to check secret header value This adds a before_request handler to check whether all incoming requests have the proxy header configured.
2017-11-14 14:26:00 +00:00
from notifications_utils import logging, request_helper
Use central NotifyCelery base class in utils Note that the new base class doesn't include a bespoke feature we had here: 'log_on_worker_shutdown'. We've agreed it's reasonable to remove it for now as it was introduced many years ago and its use case is unclear - we can always add it back if needed.
2021-11-16 13:29:55 +00:00
from notifications_utils.celery import NotifyCelery
Run auto-correct on app/ and tests/
2021-03-10 13:55:06 +00:00
from notifications_utils.clients.encryption.encryption_client import Encryption
from notifications_utils.clients.redis.redis_client import RedisClient
from notifications_utils.clients.zendesk.zendesk_client import ZendeskClient
add prometheus metrics for connection pools (both web and sql) add the following prometheus metrics to keep track of general app instance health. # sqs_apply_async_duration how long does the actual SQS call (a standard web request to AWS) take. a histogram with default bucket sizes, split up per task that was created. # concurrent_web_request_count how many web requests is this app currently serving. this is split up per process, so we'd expect multiple responses per app instance # db_connection_total_connected how many connections does this app (process) have open to the database. They might be idle. # db_connection_total_checked_out how many connections does this app (process) have open that are currently in use by a web worker # db_connection_open_duration_seconds a histogram per endpoint of how long the db connection was taken from the pool for. won't have any data if a connection was never opened.
2020-04-24 14:36:21 +01:00
from sqlalchemy import event
handle 405s Handle werkzeug http errors separately. Also, improve the generic `Exception` handler to be more flexible when exceptions don't look like http errors. note: because they're 405s the route isn't matched, so the v2 error handlers don't trip properly. this might be an issue because the internal endpoints expect a different return format. Might have to think about how to handle this.
2019-07-26 13:26:20 +01:00
from werkzeug.exceptions import HTTPException as WerkzeugHTTPException
Added tests for setting and fetching from redis respecting the enabled flag.
2016-11-10 13:22:38 +00:00
from werkzeug.local import LocalProxy
rename clients to notification_provider_clients i think it's causing havoc with my attempts to mock stuff in the `app.clients` directory because it's also accessible at that path. the name's super vague and doesn't explain what it is anyway
2020-11-17 12:35:18 +00:00
from app.clients import NotificationProviderClients
notify-152 sms delivery receipts
2023-05-04 07:56:24 -07:00
from app.clients.cloudwatch.aws_cloudwatch import AwsCloudwatchClient
Add a document download client Allows uploading documents to the Document Download API. The client is configured with an API host and auth token. There's no need for a flag to disable the client in the test environments at the moment since the upload is only triggered by a specific payload which would only be sent with an explicit goal of using document download.
2018-04-04 17:31:02 +01:00
from app.clients.document_download import DocumentDownloadClient
Added tests for setting and fetching from redis respecting the enabled flag.
2016-11-10 13:22:38 +00:00
from app.clients.email.aws_ses import AwsSesClient
Stub SES email client to avoid hitting SES during load testing If we set an environment variable, we can stub out calls to SES and send them to our own stub app. If the environment variable is not set, things work as normal. To be used alongside https://github.com/alphagov/notifications-email-provider-stub
2020-06-01 17:08:30 +01:00
from app.clients.email.aws_ses_stub import AwsSesStubClient
implement SNS
2022-06-17 11:16:23 -07:00
from app.clients.sms.aws_sns import AwsSnsClient
New config style
2016-07-05 15:38:20 +01:00
Set statement timeout on all DB connections A recent issue with a long-running query (#2288) highlighted the fact that even though the original HTTP connection might be closed (for example after gorouter timeout of 15 minutes, which returns a 504 response to the client), the request worker will not be stopped. This means that the worker is spending time and potentially DB resources generating a response that will never be delivered. Gunicorn's timeout setting only applies to sync workers and there doesn't seem to be an option to interrupt individual requests in gevent/eventlet deployments. Since the most likely (and potentially most dangerous) scenario for this is a long-running DB query, we can set a statement timeout on our DB connections. This will raise a sqlalchemy.exc.OperationalError (wrapping psycopg2.extensions.QueryCanceledError), interrupting the request after the given timeout has been reached. This is a Postgres client setting, so the database itself will abort the transaction when it reaches the set timeout. Since this will also apply to our celery tasks (including potentially long-running nightly tasks) we set a timeout of 20 minutes to begin with. This can potentially be split in the future to set a different value for each app, so that we could limit API requests even more.
2019-01-09 12:22:51 +00:00
class SQLAlchemy(_SQLAlchemy):
"""We need to subclass SQLAlchemy in order to override create_engine options"""
def apply_driver_hacks(self, app, info, options):
Upgrade pip packages
2022-08-12 15:37:39 +00:00
sa_url, options = super().apply_driver_hacks(app, info, options)
Set statement timeout on all DB connections A recent issue with a long-running query (#2288) highlighted the fact that even though the original HTTP connection might be closed (for example after gorouter timeout of 15 minutes, which returns a 504 response to the client), the request worker will not be stopped. This means that the worker is spending time and potentially DB resources generating a response that will never be delivered. Gunicorn's timeout setting only applies to sync workers and there doesn't seem to be an option to interrupt individual requests in gevent/eventlet deployments. Since the most likely (and potentially most dangerous) scenario for this is a long-running DB query, we can set a statement timeout on our DB connections. This will raise a sqlalchemy.exc.OperationalError (wrapping psycopg2.extensions.QueryCanceledError), interrupting the request after the given timeout has been reached. This is a Postgres client setting, so the database itself will abort the transaction when it reaches the set timeout. Since this will also apply to our celery tasks (including potentially long-running nightly tasks) we set a timeout of 20 minutes to begin with. This can potentially be split in the future to set a different value for each app, so that we could limit API requests even more.
2019-01-09 12:22:51 +00:00
if 'connect_args' not in options:
options['connect_args'] = {}
options['connect_args']["options"] = "-c statement_timeout={}".format(
int(app.config['SQLALCHEMY_STATEMENT_TIMEOUT']) * 1000
)
Upgrade pip packages
2022-08-12 15:37:39 +00:00
return (sa_url, options)
Set statement timeout on all DB connections A recent issue with a long-running query (#2288) highlighted the fact that even though the original HTTP connection might be closed (for example after gorouter timeout of 15 minutes, which returns a 504 response to the client), the request worker will not be stopped. This means that the worker is spending time and potentially DB resources generating a response that will never be delivered. Gunicorn's timeout setting only applies to sync workers and there doesn't seem to be an option to interrupt individual requests in gevent/eventlet deployments. Since the most likely (and potentially most dangerous) scenario for this is a long-running DB query, we can set a statement timeout on our DB connections. This will raise a sqlalchemy.exc.OperationalError (wrapping psycopg2.extensions.QueryCanceledError), interrupting the request after the given timeout has been reached. This is a Postgres client setting, so the database itself will abort the transaction when it reaches the set timeout. Since this will also apply to our celery tasks (including potentially long-running nightly tasks) we set a timeout of 20 minutes to begin with. This can potentially be split in the future to set a different value for each app, so that we could limit API requests even more.
2019-01-09 12:22:51 +00:00
Initial code added for models and services not functional yet. Bootstrap and migrations added for db.
2016-01-07 17:31:17 +00:00
db = SQLAlchemy()
Remove flask-script, move commands to click click (http://click.pocoo.org/) is used by flask to run its cli args. In removing flask_script (it's unmaintained), we had to migrate all our commands to use click. This is a change for the better in my eyes - you don't need to define the command in several places, and it makes managing options a bit easier. View diff with whitespace turned off unless you're a masochist.
2017-11-06 12:34:29 +00:00
migrate = Migrate()
Service and User API added, working with tests. Still need to polish the edges and add more tests.
2016-01-11 15:07:13 +00:00
ma = Marshmallow()
Fixing up tests to validate the call to the celery tasks. - mocker used to test call or otherwise of the task - no new tests just a spring clean
2016-02-16 14:06:56 +00:00
notify_celery = NotifyCelery()
I have an issue with the test, not sure why?
2016-02-17 17:48:23 +00:00
aws_ses_client = AwsSesClient()
Stub SES email client to avoid hitting SES during load testing If we set an environment variable, we can stub out calls to SES and send them to our own stub app. If the environment variable is not set, things work as normal. To be used alongside https://github.com/alphagov/notifications-email-provider-stub
2020-06-01 17:08:30 +01:00
aws_ses_stub_client = AwsSesStubClient()
implement SNS
2022-06-17 11:16:23 -07:00
aws_sns_client = AwsSnsClient()
notify-152 sms delivery receipts
2023-05-04 07:56:24 -07:00
aws_cloudwatch_client = AwsCloudwatchClient()
Extracted serialiser for encryption into a flask module - allows mocking easier - shared across methods - not built everytime
2016-02-16 15:28:30 +00:00
encryption = Encryption()
zendesk instead of deskpro
2018-04-25 14:22:23 +01:00
zendesk_client = ZendeskClient()
Refactored the initialisation of the redis client to follow the model used in the StatsdClient. Basically wrapped the client so we can enable/disable, exception handle and so on.
2016-11-10 11:50:49 +00:00
redis_store = RedisClient()
Add a document download client Allows uploading documents to the Document Download API. The client is configured with an API host and auth token. There's no need for a flag to disable the client in the test environments at the moment since the upload is only triggered by a specific payload which would only be sent with an explicit goal of using document download.
2018-04-04 17:31:02 +01:00
document_download_client = DocumentDownloadClient()
Add GDSMetrics package As per instructions https://github.com/alphagov/gds_metrics_python The celery workers don't have an HTTP endpoint so no point in trying to get prometheus to scrape them.
2020-04-20 15:59:47 +01:00
metrics = GDSMetrics()
Initial code added for models and services not functional yet. Bootstrap and migrations added for db.
2016-01-07 17:31:17 +00:00
rename clients to notification_provider_clients i think it's causing havoc with my attempts to mock stuff in the `app.clients` directory because it's also accessible at that path. the name's super vague and doesn't explain what it is anyway
2020-11-17 12:35:18 +00:00
notification_provider_clients = NotificationProviderClients()
Updated the Provider stats and rates DAO objects to query based on the identifier in the ProviderDetails object. - updated all tests - changed teardown to leave provider details rows on end of individual tests
2016-05-06 09:09:47 +01:00
Bump utils to bring in fix for optional placeholder bug See https://github.com/alphagov/notifications-utils/pull/878 for details. Changes we had to make for our app and tests to work correctly after the dependency updates: 1. Update emergency alerts polygons test because we changed how exact we are with locations of the points on the map. 2. Use Flask's g object to set additional request attributes So far we have been storing them in _request_ctx_stack which is an innard for Flask's request context. Because of major update to Werkzeug dependency, which Flask relies on, the way we were using it stopped working, so we had a new way to set those values. The way we set those values now, by using g object, seems to also be favoured in Flask documentation: https://flask.palletsprojects.com/en/1.1.x/reqcontext/#how-the-context-works
2021-07-07 17:35:15 +01:00
api_user = LocalProxy(lambda: g.api_user)
authenticated_service = LocalProxy(lambda: g.authenticated_service)
First pass at implementing API authentication using new JWT tokens - NOTE - this does not manage secrets. There is only one URL and there is no functionality implemented - prior to rolling out we need to store secrets properly Uses the JWT libraries in [https://github.com/alphagov/notifications-python-client](https://github.com/alphagov/notifications-python-client) - Tokens are checked on every request and will be rejected if token is invalid as per the rules in the python clients.
2015-12-15 10:47:20 +00:00
Tidy up
2020-06-12 14:52:04 +01:00
CONCURRENT_REQUESTS = Gauge(
'concurrent_web_request_count',
'How many concurrent requests are currently being served',
)
Basic commit to add get pages showing - bootstrap script - run script - couple of views - basic config
2015-12-10 10:56:59 +00:00
Remove flask-script, move commands to click click (http://click.pocoo.org/) is used by flask to run its cli args. In removing flask_script (it's unmaintained), we had to migrate all our commands to use click. This is a change for the better in my eyes - you don't need to define the command in several places, and it makes managing options a bit easier. View diff with whitespace turned off unless you're a masochist.
2017-11-06 12:34:29 +00:00
def create_app(application):
Run API on Paas
2016-12-08 12:12:45 +00:00
from app.config import configs
notify_environment = os.environ['NOTIFY_ENVIRONMENT']
Revert celery4 Revert the following three pull requests: https://github.com/alphagov/notifications-api/pull/1085 https://github.com/alphagov/notifications-api/pull/1086 https://github.com/alphagov/notifications-api/pull/1088 celery 4.0.2 looked promising, however, on staging under mild load (5/sec api calls) the performance was actually worse than 3.1.25
2017-07-19 13:50:29 +01:00
Run API on Paas
2016-12-08 12:12:45 +00:00
application.config.from_object(configs[notify_environment])
Remove flask-script, move commands to click click (http://click.pocoo.org/) is used by flask to run its cli args. In removing flask_script (it's unmaintained), we had to migrate all our commands to use click. This is a change for the better in my eyes - you don't need to define the command in several places, and it makes managing options a bit easier. View diff with whitespace turned off unless you're a masochist.
2017-11-06 12:34:29 +00:00
application.config['NOTIFY_APP_NAME'] = application.name
Merge branch 'master' into move-sms-notifications-into-celery Conflicts: app/__init__.py tests/conftest.py
2016-02-17 09:14:37 +00:00
init_app(application)
Fix risk of uncaught exceptions due to gds metrics Similar to https://github.com/alphagov/notifications-admin/pull/3510 Because of https://github.com/alphagov/gds_metrics_python/pull/8
2020-07-08 16:51:41 +01:00
# Metrics intentionally high up to give the most accurate timing and reliability that the metric is recorded
metrics.init_app(application)
Use function from utils to check secret header value This adds a before_request handler to check whether all incoming requests have the proxy header configured.
2017-11-14 14:26:00 +00:00
request_helper.init_app(application)
Initial code added for models and services not functional yet. Bootstrap and migrations added for db.
2016-01-07 17:31:17 +00:00
db.init_app(application)
Remove flask-script, move commands to click click (http://click.pocoo.org/) is used by flask to run its cli args. In removing flask_script (it's unmaintained), we had to migrate all our commands to use click. This is a change for the better in my eyes - you don't need to define the command in several places, and it makes managing options a bit easier. View diff with whitespace turned off unless you're a masochist.
2017-11-06 12:34:29 +00:00
migrate.init_app(application, db=db)
Service and User API added, working with tests. Still need to polish the edges and add more tests.
2016-01-11 15:07:13 +00:00
ma.init_app(application)
zendesk instead of deskpro
2018-04-25 14:22:23 +01:00
zendesk_client.init_app(application)
Use only stdout logging in cloud.gov
2022-11-22 11:05:55 -05:00
logging.init_app(application)
notify-243 remove statsd
2023-04-25 07:50:56 -07:00
aws_sns_client.init_app(application)
Stub SES email client to avoid hitting SES during load testing If we set an environment variable, we can stub out calls to SES and send them to our own stub app. If the environment variable is not set, things work as normal. To be used alongside https://github.com/alphagov/notifications-email-provider-stub
2020-06-01 17:08:30 +01:00
notify-243 remove statsd
2023-04-25 07:50:56 -07:00
aws_ses_client.init_app()
Stub SES email client to avoid hitting SES during load testing If we set an environment variable, we can stub out calls to SES and send them to our own stub app. If the environment variable is not set, things work as normal. To be used alongside https://github.com/alphagov/notifications-email-provider-stub
2020-06-01 17:08:30 +01:00
aws_ses_stub_client.init_app(
Ensure that aws ses stub client is not run in production
2020-06-03 12:34:04 +01:00
stub_url=application.config['SES_STUB_URL']
Stub SES email client to avoid hitting SES during load testing If we set an environment variable, we can stub out calls to SES and send them to our own stub app. If the environment variable is not set, things work as normal. To be used alongside https://github.com/alphagov/notifications-email-provider-stub
2020-06-01 17:08:30 +01:00
)
code review feedback
2023-05-05 08:09:15 -07:00
aws_cloudwatch_client.init_app(application)
Stub SES email client to avoid hitting SES during load testing If we set an environment variable, we can stub out calls to SES and send them to our own stub app. If the environment variable is not set, things work as normal. To be used alongside https://github.com/alphagov/notifications-email-provider-stub
2020-06-01 17:08:30 +01:00
# If a stub url is provided for SES, then use the stub client rather than the real SES boto client
Ensure that aws ses stub client is not run in production
2020-06-03 12:34:04 +01:00
email_clients = [aws_ses_stub_client] if application.config['SES_STUB_URL'] else [aws_ses_client]
Add boilerplate for sending SMS via Reach This works in conjunction with the new SMS provider stub [^1]. Local testing: - Run the migrations to add Reach as an inactive provider. - Activate the Reach provider locally and deactivate the others. update provider_details set priority = 100, active = false where notification_type = 'sms'; update provider_details set active = true where identifier = 'reach'; - Tweak your local environment to point at the SMS stub. export REACH_URL="http://host.docker.internal:6300/reach" - Start / restart Celery to pick up the config change. - Send a SMS via the Admin app and see the stub log it. - Reset your environment so you can send normal SMS. update provider_details set active = true where notification_type = 'sms'; update provider_details set active = false where identifier = 'reach'; [^1]: https://github.com/alphagov/notifications-sms-provider-stub/pull/10
2022-03-25 15:03:52 +00:00
notification_provider_clients.init_app(
implement SNS
2022-06-17 11:16:23 -07:00
sms_clients=[aws_sns_client],
Add boilerplate for sending SMS via Reach This works in conjunction with the new SMS provider stub [^1]. Local testing: - Run the migrations to add Reach as an inactive provider. - Activate the Reach provider locally and deactivate the others. update provider_details set priority = 100, active = false where notification_type = 'sms'; update provider_details set active = true where identifier = 'reach'; - Tweak your local environment to point at the SMS stub. export REACH_URL="http://host.docker.internal:6300/reach" - Start / restart Celery to pick up the config change. - Send a SMS via the Admin app and see the stub log it. - Reset your environment so you can send normal SMS. update provider_details set active = true where notification_type = 'sms'; update provider_details set active = false where identifier = 'reach'; [^1]: https://github.com/alphagov/notifications-sms-provider-stub/pull/10
2022-03-25 15:03:52 +00:00
email_clients=email_clients
)
Stub SES email client to avoid hitting SES during load testing If we set an environment variable, we can stub out calls to SES and send them to our own stub app. If the environment variable is not set, things work as normal. To be used alongside https://github.com/alphagov/notifications-email-provider-stub
2020-06-01 17:08:30 +01:00
Remove unnecessary statsd_client parameter It turns out this is available from the app object [1], and we were already assuming this in the tests. [1]: https://github.com/alphagov/notifications-utils/blob/48c6c822e85d0d1893d2c239e14706cfe0ad8e16/notifications_utils/clients/statsd/statsd_client.py#L52
2021-04-13 14:53:46 +01:00
notify_celery.init_app(application)
Extracted serialiser for encryption into a flask module - allows mocking easier - shared across methods - not built everytime
2016-02-16 15:28:30 +00:00
encryption.init_app(application)
Adding Flask-Redis to the project. [https://pypi.python.org/pypi/Flask-Redis/0.1.0](https://pypi.python.org/pypi/Flask-Redis/0.1.0) Initial addition as we think about redis as cache.
2016-11-10 11:27:57 +00:00
redis_store.init_app(application)
Add a document download client Allows uploading documents to the Document Download API. The client is configured with an API host and auth token. There's no need for a flag to disable the client in the test environments at the moment since the upload is only triggered by a specific payload which would only be sent with an explicit goal of using document download.
2018-04-04 17:31:02 +01:00
document_download_client.init_app(application)
Celery tests
2016-02-09 13:31:45 +00:00
- Add validation methods for post notification. - Use these validation methods in post_sms_notification and the version 1 of post_notification. - Create a v2 error handlers. - InvalidRequest has a to_dict method for private and v1 error responses and a to_dict_v2 method to create the v2 of the error responses. - Each validation method has extensive unit tests, so the unit test for the endpoint do not need to check every error case, but check that the error handle formats the message correctly. - The format of the error messages is still a work on progress. - This version of the api could be deployed without causing a problem to the application. - The new endpoing is still a work in progress and is not being used yet.
2016-10-27 11:46:37 +01:00
register_blueprint(application)
register_v2_blueprints(application)
Updated utils to the latest version. This version of utils has less logging at info level and as such no longer prints out the celery task timing which are found to be use to find out if a tasks has been called but also the timing for the task. Added an extra timing message for celery tasks so that it can be determined if the these are less frequent than the API calls and provide more useful information
2018-02-05 14:58:02 +00:00
# avoid circular imports by importing this file later
Remove flask-script, move commands to click click (http://click.pocoo.org/) is used by flask to run its cli args. In removing flask_script (it's unmaintained), we had to migrate all our commands to use click. This is a change for the better in my eyes - you don't need to define the command in several places, and it makes managing options a bit easier. View diff with whitespace turned off unless you're a masochist.
2017-11-06 12:34:29 +00:00
from app.commands import setup_commands
setup_commands(application)
add prometheus metrics for connection pools (both web and sql) add the following prometheus metrics to keep track of general app instance health. # sqs_apply_async_duration how long does the actual SQS call (a standard web request to AWS) take. a histogram with default bucket sizes, split up per task that was created. # concurrent_web_request_count how many web requests is this app currently serving. this is split up per process, so we'd expect multiple responses per app instance # db_connection_total_connected how many connections does this app (process) have open to the database. They might be idle. # db_connection_total_checked_out how many connections does this app (process) have open that are currently in use by a web worker # db_connection_open_duration_seconds a histogram per endpoint of how long the db connection was taken from the pool for. won't have any data if a connection was never opened.
2020-04-24 14:36:21 +01:00
# set up sqlalchemy events
setup_sqlalchemy_events(application)
- Add validation methods for post notification. - Use these validation methods in post_sms_notification and the version 1 of post_notification. - Create a v2 error handlers. - InvalidRequest has a to_dict method for private and v1 error responses and a to_dict_v2 method to create the v2 of the error responses. - Each validation method has extensive unit tests, so the unit test for the endpoint do not need to check every error case, but check that the error handle formats the message correctly. - The format of the error messages is still a work on progress. - This version of the api could be deployed without causing a problem to the application. - The new endpoing is still a work in progress and is not being used yet.
2016-10-27 11:46:37 +01:00
return application
def register_blueprint(application):
Run auto-correct on app/ and tests/
2021-03-10 13:55:06 +00:00
from app.authentication.auth import (
requires_admin_auth,
requires_auth,
requires_no_auth,
)
from app.billing.rest import billing_blueprint
from app.complaint.complaint_rest import complaint_blueprint
Read openapi schema for the owasp scan
2022-11-16 15:50:08 -05:00
from app.docs import docs as docs_blueprint
create, edit and use email branding instead of organisation notable things that have been kept until migration is complete: * passing in `organisation` to update_service will update email branding * both `/email-branding` and `/organisation` hit the same code * service endpoints still return organisation as well as email branding
2018-02-05 12:02:35 +00:00
from app.email_branding.rest import email_branding_blueprint
Run auto-correct on app/ and tests/
2021-03-10 13:55:06 +00:00
from app.events.rest import events as events_blueprint
Add inbound_number rest and tests
2017-08-04 19:26:51 +01:00
from app.inbound_number.rest import inbound_number_blueprint
add inbound sms api two endpoints: * get all inbound sms for a service (you can limit to the X most recent, or filter by user's phone number [which will be normalised]) * get a summary of inbound sms for a service - returns the count of inbound sms in the database, and the date that the most recent was sent
2017-05-31 14:49:14 +01:00
from app.inbound_sms.rest import inbound_sms as inbound_sms_blueprint
Run auto-correct on app/ and tests/
2021-03-10 13:55:06 +00:00
from app.job.rest import job_blueprint
fixing tests
2022-10-03 17:16:59 -07:00
from app.notifications.notifications_ses_callback import (
ses_callback_blueprint,
)
Run auto-correct on app/ and tests/
2021-03-10 13:55:06 +00:00
from app.notifications.receive_notifications import (
receive_notifications_blueprint,
)
from app.notifications.rest import notifications as notifications_blueprint
notify-api-332 rename organisation
2023-07-10 11:06:29 -07:00
from app.organization.invite_rest import organization_invite_blueprint
from app.organization.rest import organization_blueprint
Rename to performance_dashboard Fix totals to return totals for all time rather than for date range. Added more test data
2021-03-10 11:12:29 +00:00
from app.performance_dashboard.rest import performance_dashboard_blueprint
Create platform-stats blueprint Created a platform-stats blueprint and moved the new platform stats endpoint to the new blueprint (it was previously in the service blueprint). Since the original platform stats route and the new platform stats route are now in different blueprints, their view functions can have the same name without any issues.
2018-06-28 08:39:25 +01:00
from app.platform_stats.rest import platform_stats_blueprint
Run auto-correct on app/ and tests/
2021-03-10 13:55:06 +00:00
from app.provider_details.rest import (
provider_details as provider_details_blueprint,
)
from app.service.callback_rest import service_callback_blueprint
from app.service.rest import service_blueprint
rename invite blueprints nb: the routes are not changing as part of this, only file paths and blueprint names. invite -> service_invite this blueprint handles fetching invites for a service, creating invites, etc. accept_invite -> global_invite this blueprint handles accepting invites for now, but will also involve retrieving service/org user invite data without knowing the service/org id associated. i'm not in love with this name and open to suggestions, but i wanted to contrast it from service_invite and organisation/invite_rest.py.
2021-03-05 20:13:56 +00:00
from app.service_invite.rest import (
service_invite as service_invite_blueprint,
)
Run auto-correct on app/ and tests/
2021-03-10 13:55:06 +00:00
from app.status.healthcheck import status as status_blueprint
from app.template.rest import template_blueprint
add template folder CRUD * create template folder * rename template folder * get list of template folders for service (not nested/presented in any particular way) * delete template folder Also removed `lazy=dynamic` from the `template_folder.templates` relationship. lazy=dynamic returns a query object (which you can then filter further). We just want to return the entire fetched list, at least for now.
2018-10-30 16:26:25 +00:00
from app.template_folder.rest import template_folder_blueprint
Run auto-correct on app/ and tests/
2021-03-10 13:55:06 +00:00
from app.template_statistics.rest import (
template_statistics as template_statistics_blueprint,
)
Add uploads blueprint, the endpoint returns a combination of uploaded letters and jobs. The endpoint returns data about the uploaded letter or job, including notification statistics for the upload. The data is ordered by scheduled for and created_at. It is likely this endppoint will need additional data for the UI to display, for the first iteration this will enable the /uploads page to show both letters and jobs. Only letter uploaded by the UI are included in the resultset. Add file name to resultset.
2019-12-03 15:53:32 +00:00
from app.upload.rest import upload_blueprint
Run auto-correct on app/ and tests/
2021-03-10 13:55:06 +00:00
from app.user.rest import user_blueprint
add webauthn crud endpoints added some simple validation to the delete endpoint for sanity, but generally my assumption is that more validation will happen on the admin side. noteably im not checking whether the credentials are duplicated, nor is there a uniqueness constraint in the database - I'm not sure if the credential blob will always reliably be equivalent, and I believe the browser should hopefully take care of dupes.
2021-05-10 22:09:07 +01:00
from app.webauthn.rest import webauthn_blueprint
Added endpoints for creating job, and getting job/jobs.
2016-01-15 15:48:05 +00:00
Register a before_request event for all blueprints, that defines the authentication requirement. There are three authentication methods: - requires_no_auth - public endpoint that does not require an Authorisation header - requires_auth - public endpoints that need an API key in the Authorisation header - requires_admin_auth - private endpoint that requires an Authorisation header which contains the API key for the defined as the client admin user
2017-03-16 18:15:49 +00:00
service_blueprint.before_request(requires_admin_auth)
Work in progress, skeleton of the api created and testing started. Need to fix authentication tests.
2016-01-08 17:51:46 +00:00
application.register_blueprint(service_blueprint, url_prefix='/service')
Register a before_request event for all blueprints, that defines the authentication requirement. There are three authentication methods: - requires_no_auth - public endpoint that does not require an Authorisation header - requires_auth - public endpoints that need an API key in the Authorisation header - requires_admin_auth - private endpoint that requires an Authorisation header which contains the API key for the defined as the client admin user
2017-03-16 18:15:49 +00:00
user_blueprint.before_request(requires_admin_auth)
Work in progress, skeleton of the api created and testing started. Need to fix authentication tests.
2016-01-08 17:51:46 +00:00
application.register_blueprint(user_blueprint, url_prefix='/user')
Register a before_request event for all blueprints, that defines the authentication requirement. There are three authentication methods: - requires_no_auth - public endpoint that does not require an Authorisation header - requires_auth - public endpoints that need an API key in the Authorisation header - requires_admin_auth - private endpoint that requires an Authorisation header which contains the API key for the defined as the client admin user
2017-03-16 18:15:49 +00:00
add webauthn crud endpoints added some simple validation to the delete endpoint for sanity, but generally my assumption is that more validation will happen on the admin side. noteably im not checking whether the credentials are duplicated, nor is there a uniqueness constraint in the database - I'm not sure if the credential blob will always reliably be equivalent, and I believe the browser should hopefully take care of dupes.
2021-05-10 22:09:07 +01:00
webauthn_blueprint.before_request(requires_admin_auth)
application.register_blueprint(webauthn_blueprint)
Register a before_request event for all blueprints, that defines the authentication requirement. There are three authentication methods: - requires_no_auth - public endpoint that does not require an Authorisation header - requires_auth - public endpoints that need an API key in the Authorisation header - requires_admin_auth - private endpoint that requires an Authorisation header which contains the API key for the defined as the client admin user
2017-03-16 18:15:49 +00:00
template_blueprint.before_request(requires_admin_auth)
Updates to template endpoints: - moved into templates rest class - updated dao - removed delete methods - constraint on subject line
2016-02-22 12:55:18 +00:00
application.register_blueprint(template_blueprint)
Register a before_request event for all blueprints, that defines the authentication requirement. There are three authentication methods: - requires_no_auth - public endpoint that does not require an Authorisation header - requires_auth - public endpoints that need an API key in the Authorisation header - requires_admin_auth - private endpoint that requires an Authorisation header which contains the API key for the defined as the client admin user
2017-03-16 18:15:49 +00:00
status_blueprint.before_request(requires_no_auth)
Updated status page - include travis build number - renamed properties - ELB version - moved code all into health check - changed health check to be on same URL for admin and api
2016-03-03 15:18:12 +00:00
application.register_blueprint(status_blueprint)
clean flake8 except provider code
2022-10-14 14:45:27 +00:00
Read openapi schema for the owasp scan
2022-11-16 15:50:08 -05:00
docs_blueprint.before_request(requires_no_auth)
application.register_blueprint(docs_blueprint)
canada UK ses callbacks monster mash
2022-09-15 14:59:13 -07:00
# delivery receipts
ses_callback_blueprint.before_request(requires_no_auth)
application.register_blueprint(ses_callback_blueprint)
Register a before_request event for all blueprints, that defines the authentication requirement. There are three authentication methods: - requires_no_auth - public endpoint that does not require an Authorisation header - requires_auth - public endpoints that need an API key in the Authorisation header - requires_admin_auth - private endpoint that requires an Authorisation header which contains the API key for the defined as the client admin user
2017-03-16 18:15:49 +00:00
remove ip restrictions from sms delivery receipts for now our research mode tasks were hitting these endpoints, and getting 403s, causing lots of unexpected exceptions.
2017-10-16 13:23:19 +01:00
# inbound sms
Change to fix ip restrictions
2017-11-10 12:05:06 +00:00
receive_notifications_blueprint.before_request(requires_no_auth)
Register a before_request event for all blueprints, that defines the authentication requirement. There are three authentication methods: - requires_no_auth - public endpoint that does not require an Authorisation header - requires_auth - public endpoints that need an API key in the Authorisation header - requires_admin_auth - private endpoint that requires an Authorisation header which contains the API key for the defined as the client admin user
2017-03-16 18:15:49 +00:00
application.register_blueprint(receive_notifications_blueprint)
notifications_blueprint.before_request(requires_auth)
Move job processing into celery - brings boto S3 into new AWS folder - CSV processing utils method Rejigs the jobs rest endpoint - removes some now unused endpoints, Calls to the task with the job, job processing in task, delegating SMS calls to the sms task
2016-02-24 17:12:30 +00:00
application.register_blueprint(notifications_blueprint)
Register a before_request event for all blueprints, that defines the authentication requirement. There are three authentication methods: - requires_no_auth - public endpoint that does not require an Authorisation header - requires_auth - public endpoints that need an API key in the Authorisation header - requires_admin_auth - private endpoint that requires an Authorisation header which contains the API key for the defined as the client admin user
2017-03-16 18:15:49 +00:00
job_blueprint.before_request(requires_admin_auth)
Fix for job urls that should have been within context of a service. The service id path parameter is captured in the url prefix for the job blueprint.
2016-01-18 09:57:04 +00:00
application.register_blueprint(job_blueprint)
Register a before_request event for all blueprints, that defines the authentication requirement. There are three authentication methods: - requires_no_auth - public endpoint that does not require an Authorisation header - requires_auth - public endpoints that need an API key in the Authorisation header - requires_admin_auth - private endpoint that requires an Authorisation header which contains the API key for the defined as the client admin user
2017-03-16 18:15:49 +00:00
rename invite blueprints nb: the routes are not changing as part of this, only file paths and blueprint names. invite -> service_invite this blueprint handles fetching invites for a service, creating invites, etc. accept_invite -> global_invite this blueprint handles accepting invites for now, but will also involve retrieving service/org user invite data without knowing the service/org id associated. i'm not in love with this name and open to suggestions, but i wanted to contrast it from service_invite and organisation/invite_rest.py.
2021-03-05 20:13:56 +00:00
service_invite_blueprint.before_request(requires_admin_auth)
application.register_blueprint(service_invite_blueprint)
Register a before_request event for all blueprints, that defines the authentication requirement. There are three authentication methods: - requires_no_auth - public endpoint that does not require an Authorisation header - requires_auth - public endpoints that need an API key in the Authorisation header - requires_admin_auth - private endpoint that requires an Authorisation header which contains the API key for the defined as the client admin user
2017-03-16 18:15:49 +00:00
notify-api-332 rename organisation
2023-07-10 11:06:29 -07:00
organization_invite_blueprint.before_request(requires_admin_auth)
application.register_blueprint(organization_invite_blueprint)
remove the global_invite (accept_invite) endpoint move the endpoints into service_invite/rest.py and organisation/invite_rest.py respectively. Remove the prefix from all the blueprints to allow this.
2021-03-11 20:26:44 +00:00
Add inbound_number rest and tests
2017-08-04 19:26:51 +01:00
inbound_number_blueprint.before_request(requires_admin_auth)
Moved url_prefix to inbound_number rest.py
2017-08-14 12:46:04 +01:00
application.register_blueprint(inbound_number_blueprint)
Add inbound_number rest and tests
2017-08-04 19:26:51 +01:00
add inbound sms api two endpoints: * get all inbound sms for a service (you can limit to the X most recent, or filter by user's phone number [which will be normalised]) * get a summary of inbound sms for a service - returns the count of inbound sms in the database, and the date that the most recent was sent
2017-05-31 14:49:14 +01:00
inbound_sms_blueprint.before_request(requires_admin_auth)
application.register_blueprint(inbound_sms_blueprint)
Register a before_request event for all blueprints, that defines the authentication requirement. There are three authentication methods: - requires_no_auth - public endpoint that does not require an Authorisation header - requires_auth - public endpoints that need an API key in the Authorisation header - requires_admin_auth - private endpoint that requires an Authorisation header which contains the API key for the defined as the client admin user
2017-03-16 18:15:49 +00:00
template_statistics_blueprint.before_request(requires_admin_auth)
[WIP] Added dao method and rest endpoint for getting template statistics by service. Some cosmetic changes to imports. Added fix for job rest not correctly returning errors.
2016-04-04 12:21:38 +01:00
application.register_blueprint(template_statistics_blueprint)
Register a before_request event for all blueprints, that defines the authentication requirement. There are three authentication methods: - requires_no_auth - public endpoint that does not require an Authorisation header - requires_auth - public endpoints that need an API key in the Authorisation header - requires_admin_auth - private endpoint that requires an Authorisation header which contains the API key for the defined as the client admin user
2017-03-16 18:15:49 +00:00
events_blueprint.before_request(requires_admin_auth)
Endpoint for recording events in api. An event has an id, a type and a blob of json attached.
2016-04-27 10:27:05 +01:00
application.register_blueprint(events_blueprint)
Register a before_request event for all blueprints, that defines the authentication requirement. There are three authentication methods: - requires_no_auth - public endpoint that does not require an Authorisation header - requires_auth - public endpoints that need an API key in the Authorisation header - requires_admin_auth - private endpoint that requires an Authorisation header which contains the API key for the defined as the client admin user
2017-03-16 18:15:49 +00:00
provider_details_blueprint.before_request(requires_admin_auth)
Ensure that the primary provider is used in all tasks
2016-05-10 09:04:22 +01:00
application.register_blueprint(provider_details_blueprint, url_prefix='/provider-details')
Register a before_request event for all blueprints, that defines the authentication requirement. There are three authentication methods: - requires_no_auth - public endpoint that does not require an Authorisation header - requires_auth - public endpoints that need an API key in the Authorisation header - requires_admin_auth - private endpoint that requires an Authorisation header which contains the API key for the defined as the client admin user
2017-03-16 18:15:49 +00:00
create, edit and use email branding instead of organisation notable things that have been kept until migration is complete: * passing in `organisation` to update_service will update email branding * both `/email-branding` and `/organisation` hit the same code * service endpoints still return organisation as well as email branding
2018-02-05 12:02:35 +00:00
email_branding_blueprint.before_request(requires_admin_auth)
application.register_blueprint(email_branding_blueprint, url_prefix='/email-branding')
Added healthcheck page - used in ELB healthchecks
2015-12-15 17:14:13 +00:00
This adds new endpoints to retrieve billing data from the new table: 1. Create a separate billing blueprint to house these endpoints 2. Return monthly breakdown in same format as we did before 3. Return yearly breakdown but only return {billing units, rate, notification_type}. Admin only makes use of these.
2017-08-15 17:26:10 +01:00
billing_blueprint.before_request(requires_admin_auth)
application.register_blueprint(billing_blueprint)
move service_inbound_api endpoints to their own blueprint try and reduce the size of the service blueprint :)
2017-11-29 16:28:01 +00:00
service_callback_blueprint.before_request(requires_admin_auth)
application.register_blueprint(service_callback_blueprint)
This adds new endpoints to retrieve billing data from the new table: 1. Create a separate billing blueprint to house these endpoints 2. Return monthly breakdown in same format as we did before 3. Return yearly breakdown but only return {billing units, rate, notification_type}. Admin only makes use of these.
2017-08-15 17:26:10 +01:00
notify-api-332 rename organisation
2023-07-10 11:06:29 -07:00
organization_blueprint.before_request(requires_admin_auth)
application.register_blueprint(organization_blueprint, url_prefix='/organizations')
Add Organisations endpoints As part of this we also needed to add: - schemas for validation - serialize method for Organisation model
2018-02-08 14:54:08 +00:00
New endpoint to return data for complaints.
2018-06-05 14:25:24 +01:00
complaint_blueprint.before_request(requires_admin_auth)
application.register_blueprint(complaint_blueprint)
Rename to performance_dashboard Fix totals to return totals for all time rather than for date range. Added more test data
2021-03-10 11:12:29 +00:00
performance_dashboard_blueprint.before_request(requires_admin_auth)
application.register_blueprint(performance_dashboard_blueprint)
Add an endpoint to return all the data required for the performance platform page.
2021-03-04 16:10:53 +00:00
Create platform-stats blueprint Created a platform-stats blueprint and moved the new platform stats endpoint to the new blueprint (it was previously in the service blueprint). Since the original platform stats route and the new platform stats route are now in different blueprints, their view functions can have the same name without any issues.
2018-06-28 08:39:25 +01:00
platform_stats_blueprint.before_request(requires_admin_auth)
application.register_blueprint(platform_stats_blueprint, url_prefix='/platform-stats')
add template folder CRUD * create template folder * rename template folder * get list of template folders for service (not nested/presented in any particular way) * delete template folder Also removed `lazy=dynamic` from the `template_folder.templates` relationship. lazy=dynamic returns a query object (which you can then filter further). We just want to return the entire fetched list, at least for now.
2018-10-30 16:26:25 +00:00
template_folder_blueprint.before_request(requires_admin_auth)
application.register_blueprint(template_folder_blueprint)
Add uploads blueprint, the endpoint returns a combination of uploaded letters and jobs. The endpoint returns data about the uploaded letter or job, including notification statistics for the upload. The data is ordered by scheduled for and created_at. It is likely this endppoint will need additional data for the UI to display, for the first iteration this will enable the /uploads page to show both letters and jobs. Only letter uploaded by the UI are included in the resultset. Add file name to resultset.
2019-12-03 15:53:32 +00:00
upload_blueprint.before_request(requires_admin_auth)
application.register_blueprint(upload_blueprint)
- Add validation methods for post notification. - Use these validation methods in post_sms_notification and the version 1 of post_notification. - Create a v2 error handlers. - InvalidRequest has a to_dict method for private and v1 error responses and a to_dict_v2 method to create the v2 of the error responses. - Each validation method has extensive unit tests, so the unit test for the endpoint do not need to check every error case, but check that the error handle formats the message correctly. - The format of the error messages is still a work on progress. - This version of the api could be deployed without causing a problem to the application. - The new endpoing is still a work in progress and is not being used yet.
2016-10-27 11:46:37 +01:00
def register_v2_blueprints(application):
Restructure govuk-alerts endpoint to be internal In response to: https://github.com/alphagov/notifications-api/pull/3305#pullrequestreview-726672421 Previously this was added among the public /v2 endpoints, but it's only meant for internal use. While only the govuk-alerts app would be able to access it, the location and /v2 URL suggested otherwise. This restructures the endpoint so it resembles other internal ones.
2021-09-15 15:21:20 +01:00
from app.authentication.auth import requires_auth
Bump Flask and itsdangerous This bumps Flask to version 2.1.0, which requires some minor changes to the app code and itsdangerous to also be bumped.
2022-04-05 17:06:08 +01:00
from app.v2.inbound_sms.get_inbound_sms import v2_inbound_sms_blueprint
from app.v2.notifications import ( # noqa
get_notifications,
post_notifications,
v2_notification_blueprint,
Run auto-correct on app/ and tests/
2021-03-10 13:55:06 +00:00
)
Bump Flask and itsdangerous This bumps Flask to version 2.1.0, which requires some minor changes to the app code and itsdangerous to also be bumped.
2022-04-05 17:06:08 +01:00
from app.v2.template import ( # noqa
get_template,
post_template,
v2_template_blueprint,
Run auto-correct on app/ and tests/
2021-03-10 13:55:06 +00:00
)
Bump Flask and itsdangerous This bumps Flask to version 2.1.0, which requires some minor changes to the app code and itsdangerous to also be bumped.
2022-04-05 17:06:08 +01:00
from app.v2.templates.get_templates import v2_templates_blueprint
Refactor and fix auth errors
2017-03-22 10:54:15 +00:00
Bump Flask and itsdangerous This bumps Flask to version 2.1.0, which requires some minor changes to the app code and itsdangerous to also be bumped.
2022-04-05 17:06:08 +01:00
v2_notification_blueprint.before_request(requires_auth)
application.register_blueprint(v2_notification_blueprint)
First commit
2017-03-28 10:41:25 +01:00
Bump Flask and itsdangerous This bumps Flask to version 2.1.0, which requires some minor changes to the app code and itsdangerous to also be bumped.
2022-04-05 17:06:08 +01:00
v2_templates_blueprint.before_request(requires_auth)
application.register_blueprint(v2_templates_blueprint)
Refactor and fix auth errors
2017-03-22 10:54:15 +00:00
Bump Flask and itsdangerous This bumps Flask to version 2.1.0, which requires some minor changes to the app code and itsdangerous to also be bumped.
2022-04-05 17:06:08 +01:00
v2_template_blueprint.before_request(requires_auth)
application.register_blueprint(v2_template_blueprint)
Basic commit to add get pages showing - bootstrap script - run script - couple of views - basic config
2015-12-10 10:56:59 +00:00
Bump Flask and itsdangerous This bumps Flask to version 2.1.0, which requires some minor changes to the app code and itsdangerous to also be bumped.
2022-04-05 17:06:08 +01:00
v2_inbound_sms_blueprint.before_request(requires_auth)
application.register_blueprint(v2_inbound_sms_blueprint)
Add V2 inbound_sms API - had to update the serialization in the model so that the date time is appended with the UTC timezone - test has been added to ensure that the schema will validate the response correctly
2017-11-03 16:35:22 +00:00
Added the before_request so that all calls must have a valid token. Next is to get all the rest tests to pass again.
2016-01-14 17:45:30 +00:00
Added a test to ensure that all blueprints have a registered before_request method. Added a test for the status endpoint.
2017-03-17 16:21:41 +00:00
def init_app(app):
add prometheus metrics for connection pools (both web and sql) add the following prometheus metrics to keep track of general app instance health. # sqs_apply_async_duration how long does the actual SQS call (a standard web request to AWS) take. a histogram with default bucket sizes, split up per task that was created. # concurrent_web_request_count how many web requests is this app currently serving. this is split up per process, so we'd expect multiple responses per app instance # db_connection_total_connected how many connections does this app (process) have open to the database. They might be idle. # db_connection_total_checked_out how many connections does this app (process) have open that are currently in use by a web worker # db_connection_open_duration_seconds a histogram per endpoint of how long the db connection was taken from the pool for. won't have any data if a connection was never opened.
2020-04-24 14:36:21 +01:00
Log start of request so requests can be timed
2016-05-12 13:56:27 +01:00
@app.before_request
Refactor statsd logging Removed all existing statsd logging and replaced with: - statsd decorator. Infers the stat name from the decorated function call. Delegates statsd call to statsd client. Calls incr and timing for each decorated method. This is applied to all tasks and all dao methods that touch the notifications/notification_history tables - statsd client changed to prefix all stats with "notification.api." - Relies on https://github.com/alphagov/notifications-utils/pull/61 for request logging. Once integrated we pass the statsd client to the logger, allowing us to statsd all API calls. This passes in the start time and the method to be called (NOT the url) onto the global flask object. We then construct statsd counters and timers in the following way notifications.api.POST.notifications.send_notification.200 This should allow us to aggregate to the level of - API or ADMIN - POST or GET etc - modules - methods - status codes Finally we count the callbacks received from 3rd parties to mapped status.
2016-08-05 10:44:43 +01:00
def record_request_details():
add prometheus metrics for connection pools (both web and sql) add the following prometheus metrics to keep track of general app instance health. # sqs_apply_async_duration how long does the actual SQS call (a standard web request to AWS) take. a histogram with default bucket sizes, split up per task that was created. # concurrent_web_request_count how many web requests is this app currently serving. this is split up per process, so we'd expect multiple responses per app instance # db_connection_total_connected how many connections does this app (process) have open to the database. They might be idle. # db_connection_total_checked_out how many connections does this app (process) have open that are currently in use by a web worker # db_connection_open_duration_seconds a histogram per endpoint of how long the db connection was taken from the pool for. won't have any data if a connection was never opened.
2020-04-24 14:36:21 +01:00
CONCURRENT_REQUESTS.inc()
Log start of request so requests can be timed
2016-05-12 13:56:27 +01:00
g.start = monotonic()
Refactor statsd logging Removed all existing statsd logging and replaced with: - statsd decorator. Infers the stat name from the decorated function call. Delegates statsd call to statsd client. Calls incr and timing for each decorated method. This is applied to all tasks and all dao methods that touch the notifications/notification_history tables - statsd client changed to prefix all stats with "notification.api." - Relies on https://github.com/alphagov/notifications-utils/pull/61 for request logging. Once integrated we pass the statsd client to the logger, allowing us to statsd all API calls. This passes in the start time and the method to be called (NOT the url) onto the global flask object. We then construct statsd counters and timers in the following way notifications.api.POST.notifications.send_notification.200 This should allow us to aggregate to the level of - API or ADMIN - POST or GET etc - modules - methods - status codes Finally we count the callbacks received from 3rd parties to mapped status.
2016-08-05 10:44:43 +01:00
g.endpoint = request.endpoint
Log start of request so requests can be timed
2016-05-12 13:56:27 +01:00
Addedcors response.
2016-01-20 15:28:39 +00:00
@app.after_request
def after_request(response):
add prometheus metrics for connection pools (both web and sql) add the following prometheus metrics to keep track of general app instance health. # sqs_apply_async_duration how long does the actual SQS call (a standard web request to AWS) take. a histogram with default bucket sizes, split up per task that was created. # concurrent_web_request_count how many web requests is this app currently serving. this is split up per process, so we'd expect multiple responses per app instance # db_connection_total_connected how many connections does this app (process) have open to the database. They might be idle. # db_connection_total_checked_out how many connections does this app (process) have open that are currently in use by a web worker # db_connection_open_duration_seconds a histogram per endpoint of how long the db connection was taken from the pool for. won't have any data if a connection was never opened.
2020-04-24 14:36:21 +01:00
CONCURRENT_REQUESTS.dec()
Address moderate and low owasp findings * CORS headers removed because browsers should not interact with API directly * Updated error handling to return expected content-type for JSON error messages
2023-04-19 09:27:16 -04:00
response.headers.add('X-Content-Type-Options', 'nosniff')
Fixed formatting
2016-01-20 15:51:13 +00:00
return response
Addedcors response.
2016-01-20 15:28:39 +00:00
Add application level error handler. This should catch any unexcpeted exceptions.
2016-11-24 17:09:56 +00:00
@app.errorhandler(Exception)
def exception(error):
app.logger.exception(error)
# error.code is set for our exception types.
handle 405s Handle werkzeug http errors separately. Also, improve the generic `Exception` handler to be more flexible when exceptions don't look like http errors. note: because they're 405s the route isn't matched, so the v2 error handlers don't trip properly. this might be an issue because the internal endpoints expect a different return format. Might have to think about how to handle this.
2019-07-26 13:26:20 +01:00
msg = getattr(error, 'message', str(error))
code = getattr(error, 'code', 500)
Address moderate and low owasp findings * CORS headers removed because browsers should not interact with API directly * Updated error handling to return expected content-type for JSON error messages
2023-04-19 09:27:16 -04:00
response = make_response(
jsonify(result='error', message=msg),
code,
error.get_headers()
)
response.content_type = "application/json"
return response
handle 405s Handle werkzeug http errors separately. Also, improve the generic `Exception` handler to be more flexible when exceptions don't look like http errors. note: because they're 405s the route isn't matched, so the v2 error handlers don't trip properly. this might be an issue because the internal endpoints expect a different return format. Might have to think about how to handle this.
2019-07-26 13:26:20 +01:00
@app.errorhandler(WerkzeugHTTPException)
def werkzeug_exception(e):
Address moderate and low owasp findings * CORS headers removed because browsers should not interact with API directly * Updated error handling to return expected content-type for JSON error messages
2023-04-19 09:27:16 -04:00
response = make_response(
handle 405s Handle werkzeug http errors separately. Also, improve the generic `Exception` handler to be more flexible when exceptions don't look like http errors. note: because they're 405s the route isn't matched, so the v2 error handlers don't trip properly. this might be an issue because the internal endpoints expect a different return format. Might have to think about how to handle this.
2019-07-26 13:26:20 +01:00
jsonify(result='error', message=e.description),
e.code,
e.get_headers()
)
Address moderate and low owasp findings * CORS headers removed because browsers should not interact with API directly * Updated error handling to return expected content-type for JSON error messages
2023-04-19 09:27:16 -04:00
response.content_type = 'application/json'
return response
Add application level error handler. This should catch any unexcpeted exceptions.
2016-11-24 17:09:56 +00:00
- Add validation methods for post notification. - Use these validation methods in post_sms_notification and the version 1 of post_notification. - Create a v2 error handlers. - InvalidRequest has a to_dict method for private and v1 error responses and a to_dict_v2 method to create the v2 of the error responses. - Each validation method has extensive unit tests, so the unit test for the endpoint do not need to check every error case, but check that the error handle formats the message correctly. - The format of the error messages is still a work on progress. - This version of the api could be deployed without causing a problem to the application. - The new endpoing is still a work in progress and is not being used yet.
2016-10-27 11:46:37 +01:00
@app.errorhandler(404)
def page_not_found(e):
msg = e.description or "Not found"
Address moderate and low owasp findings * CORS headers removed because browsers should not interact with API directly * Updated error handling to return expected content-type for JSON error messages
2023-04-19 09:27:16 -04:00
response = make_response(
jsonify(result='error', message=msg),
404,
e.get_headers()
)
response.content_type = 'application/json'
return response
- Add validation methods for post notification. - Use these validation methods in post_sms_notification and the version 1 of post_notification. - Create a v2 error handlers. - InvalidRequest has a to_dict method for private and v1 error responses and a to_dict_v2 method to create the v2 of the error responses. - Each validation method has extensive unit tests, so the unit test for the endpoint do not need to check every error case, but check that the error handle formats the message correctly. - The format of the error messages is still a work on progress. - This version of the api could be deployed without causing a problem to the application. - The new endpoing is still a work in progress and is not being used yet.
2016-10-27 11:46:37 +01:00
Basic commit to add get pages showing - bootstrap script - run script - couple of views - basic config
2015-12-10 10:56:59 +00:00
Move job processing into celery - brings boto S3 into new AWS folder - CSV processing utils method Rejigs the jobs rest endpoint - removes some now unused endpoints, Calls to the task with the job, job processing in task, delegating SMS calls to the sms task
2016-02-24 17:12:30 +00:00
def create_uuid():
return str(uuid.uuid4())
Statsd counter for user agents. We want to log the usage of the various API clients we have so that we understand when they can be cycled. To this end we are going to count usage in statsd. All notify clients have a suer agent, of the format: NOTIFY-API-{LANGUAGE}-CLIENT/version.number For example, NOTIFY-API-PYTHON-CLIENT/3.0.0 We convert that into a statsd/graphite friendly string of the format: notify-api-python-client.3-0-0 So we can subdivide on client and client version on our dashboards. Present but unknown User agents are records as "non-notify-user-agent" Missing are presented as "unknown"
2016-11-25 13:27:36 +00:00
Added the random string reference to the letter - uses the reference field on the notifications table to store a 16char random string used to cross reference DVLA letters back to the notification - used as letter barcode does not have space for a UUID notification id Depends on https://github.com/alphagov/notifications-utils/pull/149 Renamed the numeric_id to notification_reference in utils and changed validation rules to match this Note also the persist_notification method set "reference" to be "client_reference" which is confusing and they are different things, so fixed this too.
2017-04-12 17:56:55 +01:00
def create_random_identifier():
Review and update uses of PRNG
2022-08-19 15:26:12 +00:00
return ''.join(secrets.choice(string.ascii_uppercase + string.digits) for _ in range(16))
Added the random string reference to the letter - uses the reference field on the notifications table to store a 16char random string used to cross reference DVLA letters back to the notification - used as letter barcode does not have space for a UUID notification id Depends on https://github.com/alphagov/notifications-utils/pull/149 Renamed the numeric_id to notification_reference in utils and changed validation rules to match this Note also the persist_notification method set "reference" to be "client_reference" which is confusing and they are different things, so fixed this too.
2017-04-12 17:56:55 +01:00
more tests
2023-08-14 15:32:22 -07:00
# TODO maintainability what is the purpose of this? Debugging?
add prometheus metrics for connection pools (both web and sql) add the following prometheus metrics to keep track of general app instance health. # sqs_apply_async_duration how long does the actual SQS call (a standard web request to AWS) take. a histogram with default bucket sizes, split up per task that was created. # concurrent_web_request_count how many web requests is this app currently serving. this is split up per process, so we'd expect multiple responses per app instance # db_connection_total_connected how many connections does this app (process) have open to the database. They might be idle. # db_connection_total_checked_out how many connections does this app (process) have open that are currently in use by a web worker # db_connection_open_duration_seconds a histogram per endpoint of how long the db connection was taken from the pool for. won't have any data if a connection was never opened.
2020-04-24 14:36:21 +01:00
def setup_sqlalchemy_events(app):
TOTAL_DB_CONNECTIONS = Gauge(
'db_connection_total_connected',
Tidy up
2020-06-12 14:52:04 +01:00
'How many db connections are currently held (potentially idle) by the server',
add prometheus metrics for connection pools (both web and sql) add the following prometheus metrics to keep track of general app instance health. # sqs_apply_async_duration how long does the actual SQS call (a standard web request to AWS) take. a histogram with default bucket sizes, split up per task that was created. # concurrent_web_request_count how many web requests is this app currently serving. this is split up per process, so we'd expect multiple responses per app instance # db_connection_total_connected how many connections does this app (process) have open to the database. They might be idle. # db_connection_total_checked_out how many connections does this app (process) have open that are currently in use by a web worker # db_connection_open_duration_seconds a histogram per endpoint of how long the db connection was taken from the pool for. won't have any data if a connection was never opened.
2020-04-24 14:36:21 +01:00
)
TOTAL_CHECKED_OUT_DB_CONNECTIONS = Gauge(
'db_connection_total_checked_out',
'How many db connections are currently checked out by web requests',
)
DB_CONNECTION_OPEN_DURATION_SECONDS = Histogram(
'db_connection_open_duration_seconds',
'How long db connections are held open for in seconds',
['method', 'host', 'path']
)
# need this or db.engine isn't accessible
with app.app_context():
@event.listens_for(db.engine, 'connect')
add noqa for some db methods
2023-08-08 11:57:57 -07:00
def connect(dbapi_connection, connection_record): # noqa
add prometheus metrics for connection pools (both web and sql) add the following prometheus metrics to keep track of general app instance health. # sqs_apply_async_duration how long does the actual SQS call (a standard web request to AWS) take. a histogram with default bucket sizes, split up per task that was created. # concurrent_web_request_count how many web requests is this app currently serving. this is split up per process, so we'd expect multiple responses per app instance # db_connection_total_connected how many connections does this app (process) have open to the database. They might be idle. # db_connection_total_checked_out how many connections does this app (process) have open that are currently in use by a web worker # db_connection_open_duration_seconds a histogram per endpoint of how long the db connection was taken from the pool for. won't have any data if a connection was never opened.
2020-04-24 14:36:21 +01:00
# connection first opened with db
TOTAL_DB_CONNECTIONS.inc()
@event.listens_for(db.engine, 'close')
add noqa for some db methods
2023-08-08 11:57:57 -07:00
def close(dbapi_connection, connection_record): # noqa
add prometheus metrics for connection pools (both web and sql) add the following prometheus metrics to keep track of general app instance health. # sqs_apply_async_duration how long does the actual SQS call (a standard web request to AWS) take. a histogram with default bucket sizes, split up per task that was created. # concurrent_web_request_count how many web requests is this app currently serving. this is split up per process, so we'd expect multiple responses per app instance # db_connection_total_connected how many connections does this app (process) have open to the database. They might be idle. # db_connection_total_checked_out how many connections does this app (process) have open that are currently in use by a web worker # db_connection_open_duration_seconds a histogram per endpoint of how long the db connection was taken from the pool for. won't have any data if a connection was never opened.
2020-04-24 14:36:21 +01:00
# connection closed (probably only happens with overflow connections)
TOTAL_DB_CONNECTIONS.dec()
@event.listens_for(db.engine, 'checkout')
add noqa for some db methods
2023-08-08 11:57:57 -07:00
def checkout(dbapi_connection, connection_record, connection_proxy): # noqa
Catch and log any exception thrown in the checkin event method. We don't want an exception while recording metrics to affect a user action. A KeyError exception was thrown today, that meant that a user say a 500, the action being performed was to download a document from the document-download-frontend app. By catching the error we prevent the user from seeing a 500 when a recording the connection metric fails. Also catch the exception in the checkout event.
2020-08-28 11:23:51 +01:00
try:
# connection given to a web worker
TOTAL_CHECKED_OUT_DB_CONNECTIONS.inc()
# this will overwrite any previous checkout_at timestamp
connection_record.info['checkout_at'] = time.monotonic()
# checkin runs after the request is already torn down, therefore we add the request_data onto the
# connection_record as otherwise it won't have that information when checkin actually runs.
# Note: this is not a problem for checkouts as the checkout always happens within a web request or task
# web requests
if has_request_context():
connection_record.info['request_data'] = {
'method': request.method,
'host': request.host,
'url_rule': request.url_rule.rule if request.url_rule else 'No endpoint'
}
# celery apps
elif current_task:
connection_record.info['request_data'] = {
'method': 'celery',
'host': current_app.config['NOTIFY_APP_NAME'], # worker name
'url_rule': current_task.name, # task name
}
only retry if the broadcast message task is in sending previously we would retry if the task was queued up for retry but the status is in "received-ack" or "received-err". We don't expect that a task will be retried after getting this status, but if there are duplicate tasks that could happen. Lets plan for the worst by saying "only process a retry if the task is currently in sending". this way, if a duplicate task is on retry and the first task goes through succesfully, the duplicate task will give up.
2021-02-18 12:02:34 +00:00
# anything else. migrations possibly, or flask cli commands.
Catch and log any exception thrown in the checkin event method. We don't want an exception while recording metrics to affect a user action. A KeyError exception was thrown today, that meant that a user say a 500, the action being performed was to download a document from the document-download-frontend app. By catching the error we prevent the user from seeing a 500 when a recording the connection metric fails. Also catch the exception in the checkout event.
2020-08-28 11:23:51 +01:00
else:
current_app.logger.warning('Checked out sqlalchemy connection from outside of request/task')
connection_record.info['request_data'] = {
'method': 'unknown',
'host': 'unknown',
'url_rule': 'unknown',
}
except Exception:
current_app.logger.exception("Exception caught for checkout event.")
add prometheus metrics for connection pools (both web and sql) add the following prometheus metrics to keep track of general app instance health. # sqs_apply_async_duration how long does the actual SQS call (a standard web request to AWS) take. a histogram with default bucket sizes, split up per task that was created. # concurrent_web_request_count how many web requests is this app currently serving. this is split up per process, so we'd expect multiple responses per app instance # db_connection_total_connected how many connections does this app (process) have open to the database. They might be idle. # db_connection_total_checked_out how many connections does this app (process) have open that are currently in use by a web worker # db_connection_open_duration_seconds a histogram per endpoint of how long the db connection was taken from the pool for. won't have any data if a connection was never opened.
2020-04-24 14:36:21 +01:00
@event.listens_for(db.engine, 'checkin')
add noqa for some db methods
2023-08-08 11:57:57 -07:00
def checkin(dbapi_connection, connection_record): # noqa
Catch and log any exception thrown in the checkin event method. We don't want an exception while recording metrics to affect a user action. A KeyError exception was thrown today, that meant that a user say a 500, the action being performed was to download a document from the document-download-frontend app. By catching the error we prevent the user from seeing a 500 when a recording the connection metric fails. Also catch the exception in the checkout event.
2020-08-28 11:23:51 +01:00
try:
# connection returned by a web worker
TOTAL_CHECKED_OUT_DB_CONNECTIONS.dec()
# duration that connection was held by a single web request
duration = time.monotonic() - connection_record.info['checkout_at']
DB_CONNECTION_OPEN_DURATION_SECONDS.labels(
connection_record.info['request_data']['method'],
connection_record.info['request_data']['host'],
connection_record.info['request_data']['url_rule']
).observe(duration)
except Exception:
current_app.logger.exception("Exception caught for checkin event.")
Reference in New Issue Copy Permalink