From 76eb5281cf7d2e6a7b06391373a04abcdd35564c Mon Sep 17 00:00:00 2001
From: Kenneth Kehl <@kkehl@flexion.us>
Date: Tue, 1 Oct 2024 07:31:51 -0700
Subject: [PATCH 1/3] add documentation for how to rotate DANGEROUS_SALT

---
 docs/all.md | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/docs/all.md b/docs/all.md
index 3e576b0f2..530c7ca43 100644
--- a/docs/all.md
+++ b/docs/all.md
@@ -1242,6 +1242,17 @@ Notify.gov DNS records are maintained within [the 18f/dns repository](https://gi
 - Rename to `api_static_scan_DATE.zip` and add it to 🔒 https://drive.google.com/drive/folders/1dSe9H7Ag_hLfi5hmQDB2ktWaDwWSf4_R
 - Repeat for https://github.com/GSA/notifications-admin/actions/workflows/daily_checks.yml
 
+## Rotating the DANGEROUS_SALT
+
+
+  1. Start API locally `make run-procfile`
+  2. In a separate terminal tab, navigate to the API project and run `poetry run flask command generate-salt`
+  3. A random secret will appear in the tab
+  4. Go to github->settings->secrets and variables->actions in the admin project and find the DANGEROUS_SALT secret for the admin project for    staging.   Open it and paste the result of #3 into the secret and save.  Repeat for the API project, for staging.
+  5. Repeat #3 and #4 but do it for demo
+  6. Repeat #3 and #4 but do it for production
+
+The important thing is to use the same secret for Admin and API on each tier--i.e. you only generate three secrets.
 
 ## <a name="gotcha"></a> Known Gotchas
 

From f720b48d0d27b10af299e407b9d8f65d1169d8ec Mon Sep 17 00:00:00 2001
From: Kenneth Kehl <@kkehl@flexion.us>
Date: Wed, 2 Oct 2024 09:54:18 -0700
Subject: [PATCH 2/3] Bug: Invites expiring immediately

---
 app/service_invite/rest.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/service_invite/rest.py b/app/service_invite/rest.py
index dd76ad2bd..f6d9627da 100644
--- a/app/service_invite/rest.py
+++ b/app/service_invite/rest.py
@@ -86,7 +86,7 @@ def _create_service_invite(invited_user, invite_link_host):
     redis_store.set(
         f"email-personalisation-{saved_notification.id}",
         json.dumps(personalisation),
-        ex=1800,
+        ex=2*24*60*60,
     )
     send_notification_to_queue(saved_notification, queue=QueueNames.NOTIFY)
 

From 4abd54094dd7f6d035264cbbb22b80832595fc1b Mon Sep 17 00:00:00 2001
From: Kenneth Kehl <@kkehl@flexion.us>
Date: Thu, 3 Oct 2024 07:00:07 -0700
Subject: [PATCH 3/3] debug s3 partitioning

---
 app/aws/s3.py    | 9 +++++++++
 app/job/rest.py  | 1 +
 app/user/rest.py | 1 -
 3 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/app/aws/s3.py b/app/aws/s3.py
index bd0301d78..a3cd35811 100644
--- a/app/aws/s3.py
+++ b/app/aws/s3.py
@@ -264,6 +264,9 @@ def file_exists(file_location):
 
 
 def get_job_location(service_id, job_id):
+    current_app.logger.info(
+        f"#s3-partitioning NEW JOB_LOCATION: {NEW_FILE_LOCATION_STRUCTURE.format(service_id, job_id)}"
+    )
     return (
         current_app.config["CSV_UPLOAD_BUCKET"]["bucket"],
         NEW_FILE_LOCATION_STRUCTURE.format(service_id, job_id),
@@ -279,6 +282,9 @@ def get_old_job_location(service_id, job_id):
     but it will take a few days where we have to support both formats.
     Remove this when everything works with the NEW_FILE_LOCATION_STRUCTURE.
     """
+    current_app.logger.info(
+        f"#s3-partitioning OLD JOB LOCATION: {FILE_LOCATION_STRUCTURE.format(service_id, job_id)}"
+    )
     return (
         current_app.config["CSV_UPLOAD_BUCKET"]["bucket"],
         FILE_LOCATION_STRUCTURE.format(service_id, job_id),
@@ -486,6 +492,9 @@ def get_personalisation_from_s3(service_id, job_id, job_row_number):
 
 
 def get_job_metadata_from_s3(service_id, job_id):
+    current_app.logger.info(
+        f"#s3-partitioning CALLING GET_JOB_METADATA with {service_id}, {job_id}"
+    )
     obj = get_s3_object(*get_job_location(service_id, job_id))
     return obj.get()["Metadata"]
 
diff --git a/app/job/rest.py b/app/job/rest.py
index 85414a29c..8b3965061 100644
--- a/app/job/rest.py
+++ b/app/job/rest.py
@@ -175,6 +175,7 @@ def create_job(service_id):
     original_file_name = data.get("original_file_name")
     data.update({"service": service_id})
     try:
+        current_app.logger.info(f"#s3-partitioning DATA IN CREATE_JOB: {data}")
         data.update(**get_job_metadata_from_s3(service_id, data["id"]))
     except KeyError:
         raise InvalidRequest(
diff --git a/app/user/rest.py b/app/user/rest.py
index 847c4ca07..f4f4db947 100644
--- a/app/user/rest.py
+++ b/app/user/rest.py
@@ -599,7 +599,6 @@ def fetch_user_by_email():
         fetched_user = get_user_by_email(email["email"])
         debug_not_production(hilite(f"fetched user is {fetched_user}"))
         result = fetched_user.serialize()
-        debug_not_production(hilite(f"result is serialized to {result}"))
         return jsonify(data=result)
     except Exception as e:
         debug_not_production(hilite(f"Failed with {e}!!"))