notify-api-332 rename organisation

app/organization/invite_rest.py

@@ -0,0 +1,145 @@
+from flask import Blueprint, current_app, jsonify, request
+from itsdangerous import BadData, SignatureExpired
+from notifications_utils.url_safe_token import check_token, generate_token
+
+from app.config import QueueNames
+from app.dao.invited_org_user_dao import (
+    get_invited_org_user as dao_get_invited_org_user,
+)
+from app.dao.invited_org_user_dao import (
+    get_invited_org_user_by_id,
+    get_invited_org_users_for_organization,
+    save_invited_org_user,
+)
+from app.dao.templates_dao import dao_get_template_by_id
+from app.errors import InvalidRequest, register_errors
+from app.models import EMAIL_TYPE, KEY_TYPE_NORMAL, InvitedOrganizationUser
+from app.notifications.process_notifications import (
+    persist_notification,
+    send_notification_to_queue,
+)
+from app.organization.organization_schema import (
+    post_create_invited_org_user_status_schema,
+    post_update_invited_org_user_status_schema,
+)
+from app.schema_validation import validate
+
+organization_invite_blueprint = Blueprint('organization_invite', __name__)
+
+register_errors(organization_invite_blueprint)
+
+
+@organization_invite_blueprint.route('/organization/<uuid:organization_id>/invite', methods=['POST'])
+def invite_user_to_org(organization_id):
+    data = request.get_json()
+    validate(data, post_create_invited_org_user_status_schema)
+
+    invited_org_user = InvitedOrganizationUser(
+        email_address=data['email_address'],
+        invited_by_id=data['invited_by'],
+        organization_id=organization_id
+    )
+    save_invited_org_user(invited_org_user)
+
+    template = dao_get_template_by_id(current_app.config['ORGANIZATION_INVITATION_EMAIL_TEMPLATE_ID'])
+
+    saved_notification = persist_notification(
+        template_id=template.id,
+        template_version=template.version,
+        recipient=invited_org_user.email_address,
+        service=template.service,
+        personalisation={
+            'user_name': (
+                'The GOV.UK Notify team'
+                if invited_org_user.invited_by.platform_admin
+                else invited_org_user.invited_by.name
+            ),
+            'organization_name': invited_org_user.organization.name,
+            'url': invited_org_user_url(
+                invited_org_user.id,
+                data.get('invite_link_host'),
+            ),
+        },
+        notification_type=EMAIL_TYPE,
+        api_key_id=None,
+        key_type=KEY_TYPE_NORMAL,
+        reply_to_text=invited_org_user.invited_by.email_address
+    )
+
+    send_notification_to_queue(saved_notification, research_mode=False, queue=QueueNames.NOTIFY)
+
+    return jsonify(data=invited_org_user.serialize()), 201
+
+
+@organization_invite_blueprint.route('/organization/<uuid:organization_id>/invite', methods=['GET'])
+def get_invited_org_users_by_organization(organization_id):
+    invited_org_users = get_invited_org_users_for_organization(organization_id)
+    return jsonify(data=[x.serialize() for x in invited_org_users]), 200
+
+
+@organization_invite_blueprint.route(
+    '/organization/<uuid:organization_id>/invite/<invited_org_user_id>',
+    methods=['GET']
+)
+def get_invited_org_user_by_organization(organization_id, invited_org_user_id):
+    invited_org_user = dao_get_invited_org_user(organization_id, invited_org_user_id)
+    return jsonify(data=invited_org_user.serialize()), 200
+
+
+@organization_invite_blueprint.route(
+    '/organization/<uuid:organization_id>/invite/<invited_org_user_id>',
+    methods=['POST']
+)
+def update_org_invite_status(organization_id, invited_org_user_id):
+    fetched = dao_get_invited_org_user(organization_id=organization_id, invited_org_user_id=invited_org_user_id)
+
+    data = request.get_json()
+    validate(data, post_update_invited_org_user_status_schema)
+
+    fetched.status = data['status']
+    save_invited_org_user(fetched)
+
+    return jsonify(data=fetched.serialize()), 200
+
+
+def invited_org_user_url(invited_org_user_id, invite_link_host=None):
+    token = generate_token(
+        str(invited_org_user_id),
+        current_app.config['SECRET_KEY'],
+        current_app.config['DANGEROUS_SALT']
+    )
+
+    if invite_link_host is None:
+        invite_link_host = current_app.config['ADMIN_BASE_URL']
+
+    return '{0}/organization-invitation/{1}'.format(invite_link_host, token)
+
+
+@organization_invite_blueprint.route('/invite/organization/<uuid:invited_org_user_id>', methods=['GET'])
+def get_invited_org_user(invited_org_user_id):
+    invited_user = get_invited_org_user_by_id(invited_org_user_id)
+    return jsonify(data=invited_user.serialize()), 200
+
+
+@organization_invite_blueprint.route('/invite/organization/<token>', methods=['GET'])
+@organization_invite_blueprint.route('/invite/organization/check/<token>', methods=['GET'])
+def validate_invitation_token(token):
+
+    max_age_seconds = 60 * 60 * 24 * current_app.config['INVITATION_EXPIRATION_DAYS']
+
+    try:
+        invited_user_id = check_token(token,
+                                      current_app.config['SECRET_KEY'],
+                                      current_app.config['DANGEROUS_SALT'],
+                                      max_age_seconds)
+    except SignatureExpired:
+        errors = {'invitation':
+                  'Your invitation to GOV.UK Notify has expired. '
+                  'Please ask the person that invited you to send you another one'}
+        raise InvalidRequest(errors, status_code=400)
+    except BadData:
+        errors = {'invitation': 'Something’s wrong with this link. Make sure you’ve copied the whole thing.'}
+        raise InvalidRequest(errors, status_code=400)
+
+    invited_user = get_invited_org_user_by_id(invited_user_id)
+    return jsonify(data=invited_user.serialize()), 200

app/organization/organization_schema.py

@@ -0,0 +1,60 @@
+from app.models import INVITED_USER_STATUS_TYPES, ORGANIZATION_TYPES
+from app.schema_validation.definitions import uuid
+
+post_create_organization_schema = {
+    "$schema": "http://json-schema.org/draft-07/schema#",
+    "description": "POST organization schema",
+    "type": "object",
+    "properties": {
+        "name": {"type": "string"},
+        "active": {"type": ["boolean", "null"]},
+        "organization_type": {"enum": ORGANIZATION_TYPES},
+    },
+    "required": ["name", "organization_type"]
+}
+
+post_update_organization_schema = {
+    "$schema": "http://json-schema.org/draft-07/schema#",
+    "description": "POST organization schema",
+    "type": "object",
+    "properties": {
+        "name": {"type": ["string", "null"]},
+        "active": {"type": ["boolean", "null"]},
+        "organization_type": {"enum": ORGANIZATION_TYPES},
+    },
+    "required": []
+}
+
+post_link_service_to_organization_schema = {
+    "$schema": "http://json-schema.org/draft-07/schema#",
+    "description": "POST link service to organization schema",
+    "type": "object",
+    "properties": {
+        "service_id": uuid
+    },
+    "required": ["service_id"]
+}
+
+
+post_create_invited_org_user_status_schema = {
+    "$schema": "http://json-schema.org/draft-07/schema#",
+    "description": "POST create organization invite schema",
+    "type": "object",
+    "properties": {
+        "email_address": {"type": "string", "format": "email_address"},
+        "invited_by": uuid,
+        "invite_link_host": {"type": "string"}
+    },
+    "required": ["email_address", "invited_by"]
+}
+
+
+post_update_invited_org_user_status_schema = {
+    "$schema": "http://json-schema.org/draft-07/schema#",
+    "description": "POST update organization invite schema",
+    "type": "object",
+    "properties": {
+        "status": {"enum": INVITED_USER_STATUS_TYPES}
+    },
+    "required": ["status"]
+}

app/organization/rest.py

@@ -0,0 +1,239 @@
+
+from flask import Blueprint, abort, current_app, jsonify, request
+from sqlalchemy.exc import IntegrityError
+
+from app.config import QueueNames
+from app.dao.annual_billing_dao import set_default_free_allowance_for_service
+from app.dao.dao_utils import transaction
+from app.dao.fact_billing_dao import fetch_usage_year_for_organization
+from app.dao.organization_dao import (
+    dao_add_service_to_organization,
+    dao_add_user_to_organization,
+    dao_create_organization,
+    dao_get_organization_by_email_address,
+    dao_get_organization_by_id,
+    dao_get_organization_services,
+    dao_get_organizations,
+    dao_get_users_for_organization,
+    dao_remove_user_from_organization,
+    dao_update_organization,
+)
+from app.dao.services_dao import dao_fetch_service_by_id
+from app.dao.templates_dao import dao_get_template_by_id
+from app.dao.users_dao import get_user_by_id
+from app.errors import InvalidRequest, register_errors
+from app.models import KEY_TYPE_NORMAL, Organization
+from app.notifications.process_notifications import (
+    persist_notification,
+    send_notification_to_queue,
+)
+from app.organization.organization_schema import (
+    post_create_organization_schema,
+    post_link_service_to_organization_schema,
+    post_update_organization_schema,
+)
+from app.schema_validation import validate
+
+organization_blueprint = Blueprint('organization', __name__)
+register_errors(organization_blueprint)
+
+
+@organization_blueprint.errorhandler(IntegrityError)
+def handle_integrity_error(exc):
+    """
+    Handle integrity errors caused by the unique constraint on ix_organization_name
+    """
+    if 'ix_organization_name' in str(exc):
+        return jsonify(result="error",
+                       message="Organization name already exists"), 400
+    if 'duplicate key value violates unique constraint "domain_pkey"' in str(exc):
+        return jsonify(result='error',
+                       message='Domain already exists'), 400
+
+    current_app.logger.exception(exc)
+    return jsonify(result='error', message="Internal server error"), 500
+
+
+@organization_blueprint.route('', methods=['GET'])
+def get_organizations():
+    organizations = [
+        org.serialize_for_list() for org in dao_get_organizations()
+    ]
+
+    return jsonify(organizations)
+
+
+@organization_blueprint.route('/<uuid:organization_id>', methods=['GET'])
+def get_organization_by_id(organization_id):
+    organization = dao_get_organization_by_id(organization_id)
+    return jsonify(organization.serialize())
+
+
+@organization_blueprint.route('/by-domain', methods=['GET'])
+def get_organization_by_domain():
+
+    domain = request.args.get('domain')
+
+    if not domain or '@' in domain:
+        abort(400)
+
+    organization = dao_get_organization_by_email_address(
+        'example@{}'.format(request.args.get('domain'))
+    )
+
+    if not organization:
+        abort(404)
+
+    return jsonify(organization.serialize())
+
+
+@organization_blueprint.route('', methods=['POST'])
+def create_organization():
+    data = request.get_json()
+    validate(data, post_create_organization_schema)
+    organization = Organization(**data)
+    dao_create_organization(organization)
+    return jsonify(organization.serialize()), 201
+
+
+@organization_blueprint.route('/<uuid:organization_id>', methods=['POST'])
+def update_organization(organization_id):
+    data = request.get_json()
+    validate(data, post_update_organization_schema)
+
+    result = dao_update_organization(organization_id, **data)
+
+    if data.get('agreement_signed') is True:
+        # if a platform admin has manually adjusted the organization, don't tell people
+        if data.get('agreement_signed_by_id'):
+            send_notifications_on_mou_signed(organization_id)
+
+    if result:
+        return '', 204
+    else:
+        raise InvalidRequest("Organization not found", 404)
+
+
+@organization_blueprint.route('/<uuid:organization_id>/service', methods=['POST'])
+def link_service_to_organization(organization_id):
+    data = request.get_json()
+    validate(data, post_link_service_to_organization_schema)
+    service = dao_fetch_service_by_id(data['service_id'])
+    service.organization = None
+
+    with transaction():
+        dao_add_service_to_organization(service, organization_id)
+        set_default_free_allowance_for_service(service, year_start=None)
+
+    return '', 204
+
+
+@organization_blueprint.route('/<uuid:organization_id>/services', methods=['GET'])
+def get_organization_services(organization_id):
+    services = dao_get_organization_services(organization_id)
+    sorted_services = sorted(services, key=lambda s: (-s.active, s.name))
+    return jsonify([s.serialize_for_org_dashboard() for s in sorted_services])
+
+
+@organization_blueprint.route('/<uuid:organization_id>/services-with-usage', methods=['GET'])
+def get_organization_services_usage(organization_id):
+    try:
+        year = int(request.args.get('year', 'none'))
+    except ValueError:
+        return jsonify(result='error', message='No valid year provided'), 400
+    services = fetch_usage_year_for_organization(organization_id, year)
+    list_services = services.values()
+    sorted_services = sorted(list_services, key=lambda s: (-s['active'], s['service_name'].lower()))
+    return jsonify(services=sorted_services)
+
+
+@organization_blueprint.route('/<uuid:organization_id>/users/<uuid:user_id>', methods=['POST'])
+def add_user_to_organization(organization_id, user_id):
+    new_org_user = dao_add_user_to_organization(organization_id, user_id)
+    return jsonify(data=new_org_user.serialize())
+
+
+@organization_blueprint.route('/<uuid:organization_id>/users/<uuid:user_id>', methods=['DELETE'])
+def remove_user_from_organization(organization_id, user_id):
+    organization = dao_get_organization_by_id(organization_id)
+    user = get_user_by_id(user_id=user_id)
+
+    if user not in organization.users:
+        error = 'User not found'
+        raise InvalidRequest(error, status_code=404)
+
+    dao_remove_user_from_organization(organization, user)
+
+    return {}, 204
+
+
+@organization_blueprint.route('/<uuid:organization_id>/users', methods=['GET'])
+def get_organization_users(organization_id):
+    org_users = dao_get_users_for_organization(organization_id)
+    return jsonify(data=[x.serialize() for x in org_users])
+
+
+def check_request_args(request):
+    org_id = request.args.get('org_id')
+    name = request.args.get('name', None)
+    errors = []
+    if not org_id:
+        errors.append({'org_id': ["Can't be empty"]})
+    if not name:
+        errors.append({'name': ["Can't be empty"]})
+    if errors:
+        raise InvalidRequest(errors, status_code=400)
+    return org_id, name
+
+
+def send_notifications_on_mou_signed(organization_id):
+    organization = dao_get_organization_by_id(organization_id)
+    notify_service = dao_fetch_service_by_id(current_app.config['NOTIFY_SERVICE_ID'])
+
+    def _send_notification(template_id, recipient, personalisation):
+        template = dao_get_template_by_id(template_id)
+
+        saved_notification = persist_notification(
+            template_id=template.id,
+            template_version=template.version,
+            recipient=recipient,
+            service=notify_service,
+            personalisation=personalisation,
+            notification_type=template.template_type,
+            api_key_id=None,
+            key_type=KEY_TYPE_NORMAL,
+            reply_to_text=notify_service.get_default_reply_to_email_address()
+        )
+        send_notification_to_queue(saved_notification, research_mode=False, queue=QueueNames.NOTIFY)
+
+    personalisation = {
+        'mou_link': '{}/agreement/agreement.pdf'.format(
+            current_app.config['ADMIN_BASE_URL']
+        ),
+        'org_name': organization.name,
+        'org_dashboard_link': '{}/organizations/{}'.format(
+            current_app.config['ADMIN_BASE_URL'],
+            organization.id
+        ),
+        'signed_by_name': organization.agreement_signed_by.name,
+        'on_behalf_of_name': organization.agreement_signed_on_behalf_of_name
+    }
+
+    if not organization.agreement_signed_on_behalf_of_email_address:
+        signer_template_id = 'MOU_SIGNER_RECEIPT_TEMPLATE_ID'
+    else:
+        signer_template_id = 'MOU_SIGNED_ON_BEHALF_SIGNER_RECEIPT_TEMPLATE_ID'
+
+        # let the person who has been signed on behalf of know.
+        _send_notification(
+            current_app.config['MOU_SIGNED_ON_BEHALF_ON_BEHALF_RECEIPT_TEMPLATE_ID'],
+            organization.agreement_signed_on_behalf_of_email_address,
+            personalisation
+        )
+
+    # let the person who signed know - the template is different depending on if they signed on behalf of someone
+    _send_notification(
+        current_app.config[signer_template_id],
+        organization.agreement_signed_by.email_address,
+        personalisation
+    )