From 15b2d414ccd1eb4f171d9f8aa46ae0aacec40a04 Mon Sep 17 00:00:00 2001 From: Rebecca Law Date: Tue, 19 Jan 2016 13:11:22 +0000 Subject: [PATCH] Updates from review comments: Update api_key relationship. Check that id in dict exists before deleting it --- app/dao/api_key_dao.py | 3 ++- app/models.py | 2 +- app/schemas.py | 4 ++-- app/service/rest.py | 4 ++-- tests/app/conftest.py | 2 +- 5 files changed, 8 insertions(+), 7 deletions(-) diff --git a/app/dao/api_key_dao.py b/app/dao/api_key_dao.py index 3f1951f67..3a1912a70 100644 --- a/app/dao/api_key_dao.py +++ b/app/dao/api_key_dao.py @@ -7,7 +7,8 @@ from app.models import ApiKey def save_model_api_key(api_key, update_dict={}): if update_dict: - del update_dict['id'] + if update_dict['id']: + del update_dict['id'] db.session.query(ApiKey).filter_by(id=api_key.id).update(update_dict) else: api_key.secret = _generate_secret() diff --git a/app/models.py b/app/models.py index 4fb0ee9d7..4721cdb62 100644 --- a/app/models.py +++ b/app/models.py @@ -92,7 +92,7 @@ class ApiKey(db.Model): name = db.Column(db.String(255), nullable=False) secret = db.Column(db.String(255), unique=True, nullable=False) service_id = db.Column(db.Integer, db.ForeignKey('services.id'), index=True, nullable=False) - service = db.relationship('Service', backref=db.backref('api_key', lazy='dynamic')) + service = db.relationship('Service', backref=db.backref('api_keys', lazy='dynamic')) expiry_date = db.Column(db.DateTime) diff --git a/app/schemas.py b/app/schemas.py index edc87f4a3..ec98a69f1 100644 --- a/app/schemas.py +++ b/app/schemas.py @@ -18,7 +18,7 @@ class UserSchema(ma.ModelSchema): class ServiceSchema(ma.ModelSchema): class Meta: model = models.Service - exclude = ("updated_at", "created_at", "api_key", "templates", "jobs") + exclude = ("updated_at", "created_at", "api_keys", "templates", "jobs") class TemplateSchema(ma.ModelSchema): @@ -30,7 +30,7 @@ class TemplateSchema(ma.ModelSchema): class ApiKeySchema(ma.ModelSchema): class Meta: model = models.ApiKey - exclude = ["service"] + exclude = ("service", "secret", "expiry_date") class JobSchema(ma.ModelSchema): diff --git a/app/service/rest.py b/app/service/rest.py index 1f9c77f99..aa722a83c 100644 --- a/app/service/rest.py +++ b/app/service/rest.py @@ -78,7 +78,7 @@ def get_service(service_id=None): @service.route('//api-key/renew', methods=['POST']) def renew_api_key(service_id=None): try: - get_model_services(service_id=service_id) + service = get_model_services(service_id=service_id) except DataError: return jsonify(result="error", message="Invalid service id"), 400 except NoResultFound: @@ -92,7 +92,7 @@ def renew_api_key(service_id=None): # create a new one # TODO: what validation should be done here? secret_name = request.get_json()['name'] - save_model_api_key(ApiKey(service_id=service_id, name=secret_name)) + save_model_api_key(ApiKey(service=service, name=secret_name)) except DAOException as e: return jsonify(result='error', message=str(e)), 400 unsigned_api_key = get_unsigned_secret(service_id) diff --git a/tests/app/conftest.py b/tests/app/conftest.py index b8c931343..ced56de67 100644 --- a/tests/app/conftest.py +++ b/tests/app/conftest.py @@ -105,7 +105,7 @@ def sample_job(notify_db, def sample_admin_service_id(notify_db, notify_db_session): admin_user = sample_user(notify_db, notify_db_session, email="notify_admin@digital.cabinet-office.gov.uk") admin_service = sample_service(notify_db, notify_db_session, service_name="Sample Admin Service", user=admin_user) - data = {'service_id': admin_service.id, 'name': 'sample admin key'} + data = {'service': admin_service, 'name': 'sample admin key'} api_key = ApiKey(**data) save_model_api_key(api_key) return admin_service.id