Add inbound sms permission check

app/notifications/receive_notifications.py

@@ -9,7 +9,7 @@ from app.celery import tasks
 from app.config import QueueNames
 from app.dao.services_dao import dao_fetch_services_by_sms_sender
 from app.dao.inbound_sms_dao import dao_create_inbound_sms
-from app.models import InboundSms
+from app.models import InboundSms, INBOUND_SMS_TYPE, SMS_TYPE
 from app.errors import register_errors
 from app.utils import convert_bst_to_utc
 
@@ -34,8 +34,8 @@ def receive_mmg_sms():
 
     potential_services = fetch_potential_services(inbound_number, 'mmg')
     if not potential_services:
-        # since this is an issue with our service <-> number mapping, we should still tell MMG that we received
-        # successfully
+        # since this is an issue with our service <-> number mapping, or no inbound_sms service permission
+        # we should still tell MMG that we received it successfully
         return 'RECEIVED', 200
 
     statsd_client.incr('inbound.mmg.successful')
@@ -128,6 +128,13 @@ def fetch_potential_services(inbound_number, provider_name):
         ))
         statsd_client.incr('inbound.{}.failed'.format(provider_name))
         return False
+
+    str_permissions = [p.permission for p in potential_services[0].permissions]
+    if set([INBOUND_SMS_TYPE, SMS_TYPE]).issubset(set(str_permissions)) is False:
+        current_app.logger.error(
+            'Service "{}" does not allow inbound SMS'.format(potential_services[0].id))
+        return False
+
     return potential_services
 
 

tests/app/conftest.py

@@ -27,7 +27,8 @@ from app.models import (
     NotificationStatistics,
     ServiceWhitelist,
     KEY_TYPE_NORMAL, KEY_TYPE_TEST, KEY_TYPE_TEAM,
-    MOBILE_TYPE, EMAIL_TYPE, SMS_TYPE, LETTER_TYPE, NOTIFICATION_STATUS_TYPES_COMPLETED, ScheduledNotification)
+    MOBILE_TYPE, EMAIL_TYPE, SMS_TYPE, LETTER_TYPE, NOTIFICATION_STATUS_TYPES_COMPLETED, ScheduledNotification,
+    SERVICE_PERMISSION_TYPES)
 from app.dao.users_dao import (create_user_code, create_secret_code)
 from app.dao.services_dao import (dao_create_service, dao_add_user_to_service)
 from app.dao.templates_dao import dao_create_template
@@ -151,6 +152,11 @@ def sample_service(
     return service
 
 
+@pytest.fixture(scope='function')
+def sample_service_full_permissions(notify_db, notify_db_session):
+    return sample_service(notify_db, notify_db_session, permissions=SERVICE_PERMISSION_TYPES)
+
+
 @pytest.fixture(scope='function')
 def sample_template(
     notify_db,

tests/app/notifications/test_receive_notification.py

@@ -12,11 +12,12 @@ from app.notifications.receive_notifications import (
     strip_leading_forty_four
 )
 
-from app.models import InboundSms
+from app.models import InboundSms, EMAIL_TYPE, SMS_TYPE, INBOUND_SMS_TYPE
 from tests.app.db import create_service
+from tests.app.conftest import sample_service
 
 
-def test_receive_notification_returns_received_to_mmg(client, sample_service, mocker):
+def test_receive_notification_returns_received_to_mmg(client, mocker, sample_service_full_permissions):
     mocked = mocker.patch("app.notifications.receive_notifications.tasks.send_inbound_sms_to_service.apply_async")
     data = {"ID": "1234",
             "MSISDN": "447700900855",
@@ -33,7 +34,34 @@ def test_receive_notification_returns_received_to_mmg(client, sample_service, mo
     assert response.status_code == 200
     assert response.get_data(as_text=True) == 'RECEIVED'
     inbound_sms_id = InboundSms.query.all()[0].id
-    mocked.assert_called_once_with([str(inbound_sms_id), str(sample_service.id)], queue="notify-internal-tasks")
+    mocked.assert_called_once_with(
+        [str(inbound_sms_id), str(sample_service_full_permissions.id)], queue="notify-internal-tasks")
+
+
+@pytest.mark.parametrize('permissions', [
+    ([SMS_TYPE]),
+    ([INBOUND_SMS_TYPE]),
+])
+def test_receive_notification_without_permissions_does_not_create_inbound(
+        client, mocker, notify_db, notify_db_session, permissions):
+    service = sample_service(notify_db, notify_db_session, permissions=permissions)
+    mocked = mocker.patch("app.notifications.receive_notifications.tasks.send_inbound_sms_to_service.apply_async")
+    data = {"ID": "1234",
+            "MSISDN": "447700900855",
+            "Message": "Some message to notify",
+            "Trigger": "Trigger?",
+            "Number": "testing",
+            "Channel": "SMS",
+            "DateRecieved": "2012-06-27 12:33:00"
+            }
+    response = client.post(path='/notifications/sms/receive/mmg',
+                           data=json.dumps(data),
+                           headers=[('Content-Type', 'application/json')])
+
+    assert response.status_code == 200
+    assert response.get_data(as_text=True) == 'RECEIVED'
+    assert len(InboundSms.query.all()) == 0
+    assert mocked.called is False
 
 
 @pytest.mark.parametrize('message, expected_output', [
@@ -55,8 +83,8 @@ def test_format_mmg_datetime(provider_date, expected_output):
     assert format_mmg_datetime(provider_date) == expected_output
 
 
-def test_create_inbound_mmg_sms_object(sample_service):
-    sample_service.sms_sender = 'foo'
+def test_create_inbound_mmg_sms_object(sample_service_full_permissions):
+    sample_service_full_permissions.sms_sender = 'foo'
     data = {
         'Message': 'hello+there+%F0%9F%93%A9',
         'Number': 'foo',
@@ -65,10 +93,10 @@ def test_create_inbound_mmg_sms_object(sample_service):
         'ID': 'bar',
     }
 
-    inbound_sms = create_inbound_sms_object(sample_service, format_mmg_message(data["Message"]),
+    inbound_sms = create_inbound_sms_object(sample_service_full_permissions, format_mmg_message(data["Message"]),
                                             data["MSISDN"], data["ID"], data["DateRecieved"], "mmg")
 
-    assert inbound_sms.service_id == sample_service.id
+    assert inbound_sms.service_id == sample_service_full_permissions.id
     assert inbound_sms.notify_number == 'foo'
     assert inbound_sms.user_number == '447700900001'
     assert inbound_sms.provider_date == datetime(2017, 1, 2, 3, 4, 5)
@@ -80,8 +108,8 @@ def test_create_inbound_mmg_sms_object(sample_service):
 
 @pytest.mark.parametrize('notify_number', ['foo', 'baz'], ids=['two_matching_services', 'no_matching_services'])
 def test_receive_notification_error_if_not_single_matching_service(client, notify_db_session, notify_number):
-    create_service(service_name='a', sms_sender='foo')
-    create_service(service_name='b', sms_sender='foo')
+    create_service(service_name='a', sms_sender='foo', service_permissions=[EMAIL_TYPE, SMS_TYPE, INBOUND_SMS_TYPE])
+    create_service(service_name='b', sms_sender='foo', service_permissions=[EMAIL_TYPE, SMS_TYPE, INBOUND_SMS_TYPE])
 
     data = {
         'Message': 'hello',
@@ -104,7 +132,8 @@ def test_receive_notification_returns_received_to_firetext(notify_db_session, cl
     mocked = mocker.patch("app.notifications.receive_notifications.tasks.send_inbound_sms_to_service.apply_async")
     mock = mocker.patch('app.notifications.receive_notifications.statsd_client.incr')
 
-    service = create_service(service_name='b', sms_sender='07111111111')
+    service = create_service(
+        service_name='b', sms_sender='07111111111', service_permissions=[EMAIL_TYPE, SMS_TYPE, INBOUND_SMS_TYPE])
 
     data = "source=07999999999&destination=07111111111&message=this is a message&time=2017-01-01 12:00:00"
 
@@ -127,7 +156,8 @@ def test_receive_notification_from_firetext_persists_message(notify_db_session,
     mocked = mocker.patch("app.notifications.receive_notifications.tasks.send_inbound_sms_to_service.apply_async")
     mocker.patch('app.notifications.receive_notifications.statsd_client.incr')
 
-    service = create_service(service_name='b', sms_sender='07111111111')
+    service = create_service(
+        service_name='b', sms_sender='07111111111', service_permissions=[EMAIL_TYPE, SMS_TYPE, INBOUND_SMS_TYPE])
 
     data = "source=07999999999&destination=07111111111&message=this is a message&time=2017-01-01 12:00:00"
 
@@ -155,7 +185,8 @@ def test_receive_notification_from_firetext_persists_message_with_normalized_pho
     mocker.patch("app.notifications.receive_notifications.tasks.send_inbound_sms_to_service.apply_async")
     mock = mocker.patch('app.notifications.receive_notifications.statsd_client.incr')
 
-    create_service(service_name='b', sms_sender='07111111111')
+    create_service(
+        service_name='b', sms_sender='07111111111', service_permissions=[EMAIL_TYPE, SMS_TYPE, INBOUND_SMS_TYPE])
 
     data = "source=(+44)7999999999&destination=07111111111&message=this is a message&time=2017-01-01 12:00:00"
 
@@ -177,7 +208,8 @@ def test_returns_ok_to_firetext_if_mismatched_sms_sender(notify_db_session, clie
     mocked = mocker.patch("app.notifications.receive_notifications.tasks.send_inbound_sms_to_service.apply_async")
     mock = mocker.patch('app.notifications.receive_notifications.statsd_client.incr')
 
-    create_service(service_name='b', sms_sender='07111111199')
+    create_service(
+        service_name='b', sms_sender='07111111199', service_permissions=[EMAIL_TYPE, SMS_TYPE, INBOUND_SMS_TYPE])
 
     data = "source=(+44)7999999999&destination=07111111111&message=this is a message&time=2017-01-01 12:00:00"