From 86458fe1a0a0bc7e5429c70b8962a5633b4255cc Mon Sep 17 00:00:00 2001
From: Alex Janousek <alex.janousek@gsa.gov>
Date: Mon, 25 Aug 2025 16:28:54 -0400
Subject: [PATCH] Added changes to support extra day in activity chart (#1928)

---
 app/dao/jobs_dao.py                           |  3 +-
 app/service/rest.py                           |  4 +-
 app/template_statistics/rest.py               |  6 +--
 .../test_template_folder_rest.py              |  6 ++-
 tests/app/template_statistics/test_rest.py    |  3 +-
 tests/app/test_security_headers.py            | 40 ++++++++++++-------
 6 files changed, 39 insertions(+), 23 deletions(-)

diff --git a/app/dao/jobs_dao.py b/app/dao/jobs_dao.py
index 64d2b100d..f75dbd6bf 100644
--- a/app/dao/jobs_dao.py
+++ b/app/dao/jobs_dao.py
@@ -66,7 +66,8 @@ def dao_get_jobs_by_service_id(
     if limit_days is not None:
         if use_processing_time:
             query_filter.append(
-                func.coalesce(Job.processing_started, Job.created_at) >= midnight_n_days_ago(limit_days)
+                func.coalesce(Job.processing_started, Job.created_at)
+                >= midnight_n_days_ago(limit_days)
             )
         else:
             query_filter.append(Job.created_at >= midnight_n_days_ago(limit_days))
diff --git a/app/service/rest.py b/app/service/rest.py
index f50e7afcc..a708c51de 100644
--- a/app/service/rest.py
+++ b/app/service/rest.py
@@ -230,7 +230,7 @@ def get_service_notification_statistics(service_id):
         data=get_service_statistics(
             service_id,
             request.args.get("today_only") == "True",
-            int(request.args.get("limit_days", 7)),
+            int(request.args.get("limit_days", 8)),
         )
     )
 
@@ -794,7 +794,7 @@ def get_detailed_service(service_id, today_only=False):
     return detailed_service_schema.dump(service)
 
 
-def get_service_statistics(service_id, today_only, limit_days=7):
+def get_service_statistics(service_id, today_only, limit_days=8):
     check_suspicious_id(service_id)
     # today_only flag is used by the send page to work out if the service will exceed their daily usage by sending a job
     if today_only:
diff --git a/app/template_statistics/rest.py b/app/template_statistics/rest.py
index 314373e73..bf8390a99 100644
--- a/app/template_statistics/rest.py
+++ b/app/template_statistics/rest.py
@@ -20,7 +20,7 @@ register_errors(template_statistics)
 @template_statistics.route("")
 def get_template_statistics_for_service_by_day(service_id):
     check_suspicious_id(service_id)
-    whole_days = request.args.get("whole_days", request.args.get("limit_days", ""))
+    whole_days = request.args.get("whole_days", request.args.get("limit_days", "8"))
     try:
         whole_days = int(whole_days)
     except ValueError:
@@ -28,9 +28,9 @@ def get_template_statistics_for_service_by_day(service_id):
         message = {"whole_days": [error]}
         raise InvalidRequest(message, status_code=400)
 
-    if whole_days < 0 or whole_days > 7:
+    if whole_days < 0 or whole_days > 8:
         raise InvalidRequest(
-            {"whole_days": ["whole_days must be between 0 and 7"]}, status_code=400
+            {"whole_days": ["whole_days must be between 0 and 8"]}, status_code=400
         )
     data = fetch_notification_status_for_service_for_today_and_7_previous_days(
         service_id, by_template=True, limit_days=whole_days
diff --git a/tests/app/template_folder/test_template_folder_rest.py b/tests/app/template_folder/test_template_folder_rest.py
index b894279f8..105e8f49b 100644
--- a/tests/app/template_folder/test_template_folder_rest.py
+++ b/tests/app/template_folder/test_template_folder_rest.py
@@ -138,7 +138,11 @@ def test_create_template_folder_with_creator_id_grants_permission_to_creator(
     resp = admin_request.post(
         "template_folder.create_template_folder",
         service_id=sample_service.id,
-        _data={"name": "creator folder", "parent_id": None, "created_by_id": str(user_1.id)},
+        _data={
+            "name": "creator folder",
+            "parent_id": None,
+            "created_by_id": str(user_1.id),
+        },
         _expected_status=201,
     )
 
diff --git a/tests/app/template_statistics/test_rest.py b/tests/app/template_statistics/test_rest.py
index 958a2df6c..605a1ae29 100644
--- a/tests/app/template_statistics/test_rest.py
+++ b/tests/app/template_statistics/test_rest.py
@@ -15,9 +15,8 @@ from tests.app.db import create_ft_notification_status, create_notification
 @pytest.mark.parametrize(
     "query_string",
     [
-        {},
         {"whole_days": -1},
-        {"whole_days": 8},
+        {"whole_days": 9},
         {"whole_days": 3.5},
         {"whole_days": "blurk"},
     ],
diff --git a/tests/app/test_security_headers.py b/tests/app/test_security_headers.py
index c96ce9fac..8c41d22a9 100644
--- a/tests/app/test_security_headers.py
+++ b/tests/app/test_security_headers.py
@@ -1,30 +1,42 @@
 import pytest
 
 
-@pytest.mark.usefixtures('notify_db_session')
+@pytest.mark.usefixtures("notify_db_session")
 class TestSecurityHeaders:
     """Test security headers for ZAP scan compliance."""
 
     def test_options_request_returns_204_with_cors_headers(self, client):
         """Test that OPTIONS requests return 204 with proper CORS headers."""
-        response = client.options('/')
+        response = client.options("/")
 
         assert response.status_code == 204
-        assert response.headers.get('Access-Control-Allow-Origin') == '*'
-        assert response.headers.get('Access-Control-Allow-Methods') == 'GET, POST, PUT, DELETE, OPTIONS'
-        assert response.headers.get('Access-Control-Allow-Headers') == 'Content-Type, Authorization'
-        assert response.headers.get('Access-Control-Max-Age') == '3600'
+        assert response.headers.get("Access-Control-Allow-Origin") == "*"
+        assert (
+            response.headers.get("Access-Control-Allow-Methods")
+            == "GET, POST, PUT, DELETE, OPTIONS"
+        )
+        assert (
+            response.headers.get("Access-Control-Allow-Headers")
+            == "Content-Type, Authorization"
+        )
+        assert response.headers.get("Access-Control-Max-Age") == "3600"
 
-    @pytest.mark.parametrize("endpoint", [
-        '/_status',
-        '/_status?simple=1',
-        '/_status/live-service-and-organization-counts'
-    ])
+    @pytest.mark.parametrize(
+        "endpoint",
+        [
+            "/_status",
+            "/_status?simple=1",
+            "/_status/live-service-and-organization-counts",
+        ],
+    )
     def test_status_endpoints_have_cache_control_headers(self, client, endpoint):
         """Test that all status endpoints have proper cache-control headers."""
         response = client.get(endpoint)
 
         assert response.status_code == 200
-        assert response.headers.get('Cache-Control') == 'no-cache, no-store, must-revalidate'
-        assert response.headers.get('Pragma') == 'no-cache'
-        assert response.headers.get('Expires') == '0'
+        assert (
+            response.headers.get("Cache-Control")
+            == "no-cache, no-store, must-revalidate"
+        )
+        assert response.headers.get("Pragma") == "no-cache"
+        assert response.headers.get("Expires") == "0"