Work in progress, skeleton of the api created and testing started. Need to fix authentication tests.

.gitignore

@@ -56,3 +56,6 @@ docs/_build/
 # PyBuilder
 target/
 .idea/
+
+# Mac
+*.DS_Store

app/__init__.py

@@ -25,7 +25,11 @@ def create_app(config_name):
     logging.init_app(application)
 
     from .main import main as main_blueprint
+    from .service import service as service_blueprint
+    from .user import user as user_blueprint
     application.register_blueprint(main_blueprint)
+    application.register_blueprint(service_blueprint, url_prefix='/service')
+    application.register_blueprint(user_blueprint, url_prefix='/user')
 
     from .status import status as status_blueprint
     application.register_blueprint(status_blueprint)

app/dao/services_dao.py

@@ -24,7 +24,9 @@ def create_service(service_name,
 
 def get_services(service_id=None, user_id=None):
     # TODO need better mapping from function params to sql query.
-    if service_id:
+    if user_id and service_id:
+        return Service.query.filter(Service.users.any(id=user_id), id=service_id).one()
+    elif service_id:
         return Service.query.filter_by(id=service_id).one()
     elif user_id:
         return Service.query.filter(Service.users.any(id=user_id)).all()

app/main/__init__.py

@@ -1,15 +1,5 @@
 from flask import Blueprint
-from app.main.authentication.auth import requires_auth
-
-AUTHORIZATION_HEADER = 'Authorization'
-AUTHORIZATION_SCHEME = 'Bearer'
-WINDOW = 1
 
 main = Blueprint('main', __name__)
 
-
-main.before_request(requires_auth)
-
-
-from app.main.views import notifications, index
-from app.main import errors
+from app.main.views import index

app/main/views/healthcheck.py

@@ -1,7 +0,0 @@
-from flask import jsonify
-from .. import main
-
-
-@main.route('/', methods=['GET'])
-def get_index():
-    return jsonify(result="hello world"), 200

app/main/views/index.py

@@ -1,17 +1,2 @@
 from flask import jsonify
 from .. import main
-
-
-# TODO need for health check url
-
-
-# TODO remove
-@main.route('/', methods=['GET'])
-def get_index():
-    return jsonify(result="hello world"), 200
-
-
-# TODO remove
-@main.route('/', methods=['POST'])
-def post_index():
-    return jsonify(result="hello world"), 200

app/main/views/notifications.py

@@ -1,7 +0,0 @@
-from flask import jsonify
-from .. import main
-
-
-@main.route('/notification', methods=['POST'])
-def create_notification():
-    return jsonify(result="created"), 201

app/main/views/services.py

@@ -1,38 +0,0 @@
-from flask import jsonify
-from app.main.dao.services_dao import (create_new_service, get_services)
-from app.main.dao.users_dao import (get_users)
-from .. import main
-
-
-# TODO auth to be added.
-@main.route('/service', methods=['POST'])
-def create_service():
-    return jsonify(result="created"), 201
-
-
-# TODO auth to be added
-@main.route('/service/<int:service_id>', method=['PUT'])
-def update_service(service_id):
-    return jsonify(result="updated")
-
-
-# TODO auth to be added.
-# Should be restricted by user, user id
-# is pulled from the token
-@main.route('/service/<int:service_id>', method=['GET'])
-@main.route('/service', methods=['GET'])
-def get_service(service_id=None):
-    services = get_services
-    return jsonify(
-        data=services
-    )
-
-
-# TODO auth to be added
-# auth should be allow for admin tokens only
-@main.route('/user/<int:user_id>/service', method=['GET'])
-@main.route('/user/<int:user_id>/service/<int:service_id>', method=['GET'])
-def get_service_by_user_id(user_id, service_id=None):
-    user = get_users(user_id=user_id)
-    services = get_services(user, service_id=service_id)
-    return jsonify(data=services)

app/models.py

@@ -1,6 +1,12 @@
 from . import db
 
 
+def filter_null_value_fields(obj):
+    return dict(
+        filter(lambda x: x[1] is not None, obj.items())
+    )
+
+
 class User(db.Model):
     __tablename__ = 'users'
 
@@ -9,6 +15,20 @@ class User(db.Model):
     created_at = db.Column(db.DateTime, index=False, unique=False, nullable=False)
     updated_at = db.Column(db.DateTime, index=False, unique=False, nullable=True)
 
+    # def serialize(self):
+    #     serialized = {
+    #         'id': self.id,
+    #         'name': self.name,
+    #         'emailAddress': self.email_address,
+    #         'locked': self.failed_login_count > current_app.config['MAX_FAILED_LOGIN_COUNT'],
+    #         'createdAt': self.created_at.strftime(DATETIME_FORMAT),
+    #         'updatedAt': self.updated_at.strftime(DATETIME_FORMAT),
+    #         'role': self.role,
+    #         'passwordChangedAt': self.password_changed_at.strftime(DATETIME_FORMAT),
+    #         'failedLoginCount': self.failed_login_count
+    #     }
+    #     return filter_null_value_fields(serialized)
+
 
 user_to_service = db.Table(
     'user_to_service',
@@ -29,15 +49,15 @@ class Service(db.Model):
     users = db.relationship('User', secondary=user_to_service, backref=db.backref('user_to_service', lazy='dynamic'))
     restricted = db.Column(db.Boolean, index=False, unique=False, nullable=False)
 
-    def serialize(self):
-        serialized = {
-            'id': self.id,
-            'name': self.name,
-            'createdAt': self.created_at.strftime(DATETIME_FORMAT),
-            'active': self.active,
-            'restricted': self.restricted,
-            'limit': self.limit,
-            'user': self.users.serialize()
-        }
+    # def serialize(self):
+    #     serialized = {
+    #         'id': self.id,
+    #         'name': self.name,
+    #         'createdAt': self.created_at.strftime(DATETIME_FORMAT),
+    #         'active': self.active,
+    #         'restricted': self.restricted,
+    #         'limit': self.limit,
+    #         'user': self.users.serialize()
+    #     }
 
-        return filter_null_value_fields(serialized)
+    #     return filter_null_value_fields(serialized)

app/schemas.py

@@ -0,0 +1,20 @@
+from marshmallow_sqlalchemy import ModelSchema
+from . import models
+
+
+class UserSchema(ModelSchema):
+    class Meta:
+        model = models.User
+
+
+# TODO process users list, to return a list of user.id
+# Should that list be restricted??
+class ServiceSchema(ModelSchema):
+    class Meta:
+        model = models.Service
+
+
+user_schema = ServiceSchema()
+users_schema = UserSchema(many=True)
+service_schema = ServiceSchema()
+services_schema = ServiceSchema(many=True)

app/service/__init__.py

@@ -0,0 +1,5 @@
+from flask import Blueprint
+
+service = Blueprint('service', __name__)
+
+from app.service.views import rest

app/service/views/rest.py

@@ -0,0 +1,36 @@
+from flask import jsonify
+from sqlalchemy.exc import DataError
+from sqlalchemy.orm.exc import NoResultFound
+from app.dao.services_dao import (create_service, get_services)
+from app.dao.users_dao import (get_users)
+from .. import service
+from app.schemas import (services_schema, service_schema)
+
+
+# TODO auth to be added.
+@service.route('/', methods=['POST'])
+def create_service():
+    # Be lenient with args passed in
+    parsed_data = service_schema(request.args)
+    return jsonify(result="created"), 201
+
+
+# TODO auth to be added
+@service.route('/<int:service_id>', methods=['PUT'])
+def update_service(service_id):
+    service = get_services(service_id=service_id)
+    return jsonify(data=service_schema.dump(service))
+
+
+# TODO auth to be added.
+@service.route('/<int:service_id>', methods=['GET'])
+@service.route('/', methods=['GET'])
+def get_service(service_id=None):
+    try:
+        services = get_services(service_id=service_id)
+    except DataError:
+        return jsonify(result="error", message="Invalid service id"), 400
+    except NoResultFound:
+        return jsonify(result="error", message="Service doesn't exist"), 404
+    result = services_schema.dump(services) if isinstance(services, list) else service_schema.dump(services)
+    return jsonify(data=result.data)

app/user/__init__.py

@@ -0,0 +1,5 @@
+from flask import Blueprint
+
+user = Blueprint('user', __name__)
+
+from app.user.views import rest

app/user/views/rest.py

@@ -0,0 +1,27 @@
+from flask import jsonify
+from sqlalchemy.exc import DataError
+from sqlalchemy.orm.exc import NoResultFound
+from app.dao.services_dao import get_services
+from app.dao.users_dao import get_users
+from .. import user
+
+
+# TODO auth to be added
+@user.route('/<int:user_id>/service', methods=['GET'])
+@user.route('/<int:user_id>/service/<int:service_id>', methods=['GET'])
+def get_service_by_user_id(user_id, service_id=None):
+    try:
+        user = get_users(user_id=user_id)
+    except DataError:
+        return jsonify(result="error", message="Invalid user id"), 400
+    except NoResultFound:
+        return jsonify(result="error", message="User doesn't exist"), 400
+
+    try:
+        services = get_services(user_id=user.id, service_id=service_id)
+    except DataError:
+        return jsonify(result="error", message="Invalid service id"), 400
+    except NoResultFound:
+        return jsonify(result="error", message="Service doesn't exist"), 404
+
+    return jsonify(data=services)

requirements.txt

@@ -6,6 +6,8 @@ psycopg2==2.6.1
 SQLAlchemy==1.0.5
 SQLAlchemy-Utils==0.30.5
 PyJWT==1.4.0
+marshmallow==2.4.2
+marshmallow-sqlalchemy==0.8.0
 
 git+https://github.com/alphagov/notifications-python-client.git@0.1.5#egg=notifications-python-client==0.1.5
 

tests/app/conftest.py

@@ -1,6 +1,6 @@
 import pytest
-from app.main.dao.users_dao import (create_user, get_users)
-from app.main.dao.services_dao import (create_service, get_services)
+from app.dao.users_dao import (create_user, get_users)
+from app.dao.services_dao import (create_service, get_services)
 
 
 @pytest.fixture(scope='function')

tests/app/dao/test_services_dao.py

@@ -1,4 +1,4 @@
-from app.main.dao.services_dao import (create_service, get_services)
+from app.dao.services_dao import (create_service, get_services)
 from tests.app.conftest import sample_service as create_sample_service
 from app.models import Service
 

tests/app/dao/test_users_dao.py

@@ -1,4 +1,6 @@
-from app.main.dao.users_dao import (create_user, get_users)
+from sqlalchemy.exc import DataError
+from sqlalchemy.orm.exc import NoResultFound
+from app.dao.users_dao import (create_user, get_users)
 from tests.app.conftest import sample_user as create_sample_user
 from app.models import User
 
@@ -28,3 +30,19 @@ def test_get_user(notify_api, notify_db, notify_db_session):
                                       notify_db_session,
                                       email=email)
     assert get_users(user_id=another_user.id).email_address == email
+
+
+def test_get_user_not_exists(notify_api, notify_db, notify_db_session):
+    try:
+        get_users(user_id="12345")
+        pytest.fail("NoResultFound exception not thrown.")
+    except:
+        pass
+
+
+def test_get_user_invalid_id(notify_api, notify_db, notify_db_session):
+    try:
+        get_users(user_id="blah")
+        pytest.fail("DataError exception not thrown.")
+    except DataError:
+        pass

tests/app/service/views/test_rest.py

@@ -0,0 +1,33 @@
+import json
+from flask import url_for
+
+
+def test_get_service_list(notify_api, notify_db, notify_db_session, sample_service):
+    with notify_api.test_request_context():
+        with notify_api.test_client() as client:
+            response = client.get(url_for('service.get_service'))
+            assert response.status_code == 200
+            json_resp = json.loads(response.get_data(as_text=True))
+            # TODO assert correct json returned
+            assert len(json_resp['data']) == 1
+            assert json_resp['data'][0]['name'] == sample_service.name
+            assert json_resp['data'][0]['id'] == sample_service.id
+
+
+def test_get_service(notify_api, notify_db, notify_db_session, sample_service):
+    with notify_api.test_request_context():
+        with notify_api.test_client() as client:
+            resp = client.get(url_for('service.get_service',
+                                      service_id=sample_service.id))
+            assert resp.status_code == 200
+            json_resp = json.loads(resp.get_data(as_text=True))
+            assert json_resp['data']['name'] == sample_service.name
+            assert json_resp['data']['id'] == sample_service.id
+
+
+def test_post_service(notify_api, notify_db, notify_db_session, sample_service):
+    pass
+
+
+def test_put_service(notify_api, notify_db, notify_db_session, sample_service):
+    pass