From 16571c5b3c8adb0841f0621c9547b03dc71e75cc Mon Sep 17 00:00:00 2001
From: venusbb <venus.bailey@digital.cabinet-office.gov.uk>
Date: Thu, 29 Jun 2017 10:47:27 +0100
Subject: [PATCH] IP restriction for inbound sms test 2

---
 app/__init__.py                            |  4 ++--
 app/authentication/auth.py                 | 11 +++++++++++
 app/notifications/receive_notifications.py |  5 +++--
 app/status/healthcheck.py                  |  5 -----
 4 files changed, 16 insertions(+), 9 deletions(-)

diff --git a/app/__init__.py b/app/__init__.py
index f8fefbe15..d1193a35e 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -98,7 +98,7 @@ def register_blueprint(application):
     from app.notifications.notifications_ses_callback import ses_callback_blueprint
     from app.notifications.notifications_sms_callback import sms_callback_blueprint
     from app.notifications.notifications_letter_callback import letter_callback_blueprint
-    from app.authentication.auth import requires_admin_auth, requires_auth, requires_no_auth
+    from app.authentication.auth import requires_admin_auth, requires_auth, requires_no_auth, restrict_ip_sms
     from app.letters.send_letter_jobs import letter_job
 
     service_blueprint.before_request(requires_admin_auth)
@@ -119,7 +119,7 @@ def register_blueprint(application):
     sms_callback_blueprint.before_request(requires_no_auth)
     application.register_blueprint(sms_callback_blueprint)
 
-    receive_notifications_blueprint.before_request(requires_no_auth)
+    receive_notifications_blueprint.before_request(restrict_ip_sms)
     application.register_blueprint(receive_notifications_blueprint)
 
     notifications_blueprint.before_request(requires_auth)
diff --git a/app/authentication/auth.py b/app/authentication/auth.py
index 81f7f81a4..8499f4068 100644
--- a/app/authentication/auth.py
+++ b/app/authentication/auth.py
@@ -1,4 +1,5 @@
 from flask import request, _request_ctx_stack, current_app, g
+from flask import jsonify
 from sqlalchemy.exc import DataError
 from sqlalchemy.orm.exc import NoResultFound
 
@@ -43,6 +44,16 @@ def requires_no_auth():
     pass
 
 
+def restrict_ip_sms():
+    ip_addr = jsonify({'remote_addr': request.remote_addr,
+                       'X-Forwarded_FOR': request.headers.getlist('X-Forwarded-For'),
+                       'X_Real-Ip': request.headers.getlist('X-Real-Ip')})
+
+    current_app.logger.info("Inbound sms ip addresses = {}".format(ip_addr))
+
+    return
+
+
 def requires_admin_auth():
     auth_token = get_auth_token(request)
     client = __get_token_issuer(auth_token)
diff --git a/app/notifications/receive_notifications.py b/app/notifications/receive_notifications.py
index 13b3c47ed..dc488b7fb 100644
--- a/app/notifications/receive_notifications.py
+++ b/app/notifications/receive_notifications.py
@@ -28,7 +28,10 @@ def receive_mmg_sms():
         'DateRecieved': '2017-05-21+11%3A56%3A11'
     }
     """
+    # This will inject the sender IP route to log
+    '''
     current_app.logger.info("Inbound sms sender IP information {}".format(request.headers.getlist("X-Forwarded-For")))
+    '''
     post_data = request.get_json()
 
     inbound_number = strip_leading_forty_four(post_data['Number'])
@@ -51,8 +54,6 @@ def receive_mmg_sms():
                                         provider_name="mmg")
 
     tasks.send_inbound_sms_to_service.apply_async([str(inbound.id), str(service.id)], queue=QueueNames.NOTIFY)
-    current_app.logger.info(
-        '{} received inbound SMS with reference {} from MMG'.format(service.id, inbound.provider_reference))
 
     return 'RECEIVED', 200
 
diff --git a/app/status/healthcheck.py b/app/status/healthcheck.py
index 7ccf1f84d..205906db8 100644
--- a/app/status/healthcheck.py
+++ b/app/status/healthcheck.py
@@ -57,11 +57,6 @@ def show_delivery_status():
             db_version=get_db_version()), 200
 
 
-@status.route('/_check_IP_source')
-def show_check_IP_source():
-    return jsonify({'ip': request.headers.getlist("X-Forwarded-For")}), 200
-
-
 def get_db_version():
     try:
         query = 'SELECT version_num FROM alembic_version'