From 132411be2489d081513ab646e31acf7c78946749 Mon Sep 17 00:00:00 2001 From: Chris Hill-Scott Date: Fri, 30 Jul 2021 11:56:51 +0100 Subject: [PATCH] =?UTF-8?q?Don=E2=80=99t=20re-expire=20old=20keys?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit If a key has already been expired we don’t want to lose the information about when that happened by giving it a new expiry date. --- app/dao/broadcast_service_dao.py | 3 ++- tests/app/service/test_rest.py | 17 ++++++++++++++--- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/app/dao/broadcast_service_dao.py b/app/dao/broadcast_service_dao.py index 546b6ed91..6166b0634 100644 --- a/app/dao/broadcast_service_dao.py +++ b/app/dao/broadcast_service_dao.py @@ -70,7 +70,8 @@ def set_broadcast_service_type(service, service_mode, broadcast_channel, provide # Revoke any API keys to avoid a regular API key being used to send alerts ApiKey.query.filter_by( - service_id=service.id + service_id=service.id, + expiry_date=None, ).update({ ApiKey.expiry_date: datetime.utcnow() }) diff --git a/tests/app/service/test_rest.py b/tests/app/service/test_rest.py index a74ff05c9..b8a27c00f 100644 --- a/tests/app/service/test_rest.py +++ b/tests/app/service/test_rest.py @@ -4172,6 +4172,7 @@ def test_set_as_broadcast_service_removes_user_permissions( assert service_user.get_permissions(service_id=sample_service_full_permissions.id) == ['send_emails'] +@freeze_time('2021-12-21') def test_set_as_broadcast_service_revokes_api_keys( admin_request, broadcast_organisation, @@ -4179,7 +4180,10 @@ def test_set_as_broadcast_service_revokes_api_keys( sample_service_full_permissions, ): api_key_1 = create_api_key(service=sample_service) - api_key_2 = create_api_key(service=sample_service_full_permissions) + api_key_2 = create_api_key(service=sample_service) + api_key_3 = create_api_key(service=sample_service_full_permissions) + + api_key_2.expiry_date = datetime.utcnow() - timedelta(days=365) admin_request.post( 'service.set_as_broadcast_service', @@ -4190,5 +4194,12 @@ def test_set_as_broadcast_service_revokes_api_keys( 'provider_restriction': 'all', } ) - assert api_key_1.expiry_date < datetime.utcnow() - assert api_key_2.expiry_date is None + + # This key should have a new expiry date + assert api_key_1.expiry_date.isoformat().startswith('2021-12-21') + + # This key keeps its old expiry date + assert api_key_2.expiry_date.isoformat().startswith('2020-12-21') + + # This key is from a different service + assert api_key_3.expiry_date is None