darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2026-02-02 09:26:08 -05:00
Code Issues Packages Projects Releases Wiki Activity

Reject unapproved broadcast upon cancel API request

Browse Source 
When a service sends us a cancel broadcast XML via API, if that
broadcast was not approved yet, reject it.
This commit is contained in:
Pea Tyczynska
2022-01-19 15:41:38 +00:00
parent 5cd6fcbb4f
commit 940126abfb
7 changed files with 155 additions and 140 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
app/broadcast_message/rest.py
View File

@@ -42,10 +42,10 @@ def _parse_nullable_datetime(dt):
return dt
def _update_broadcast_message(broadcast_message, new_status, updating_user):
def validate_and_update_broadcast_message_status(broadcast_message, new_status, updating_user, from_api=False):
if updating_user not in broadcast_message.service.users:
# we allow platform admins to cancel broadcasts
if not (new_status == BroadcastStatusType.CANCELLED and updating_user.platform_admin):
# we allow platform admins to cancel broadcasts, and we don't check user if request was done via API
if not from_api and not (new_status == BroadcastStatusType.CANCELLED and updating_user.platform_admin):
raise InvalidRequest(
f'User {updating_user.id} cannot update broadcast_message {broadcast_message.id} from other service',
status_code=400
@@ -82,6 +82,11 @@ def _update_broadcast_message(broadcast_message, new_status, updating_user):
)
broadcast_message.status = new_status
dao_save_object(broadcast_message)
if new_status in {BroadcastStatusType.BROADCASTING, BroadcastStatusType.CANCELLED}:
_create_broadcast_event(broadcast_message)
@broadcast_message_blueprint.route('', methods=['GET'])
def get_broadcast_messages_for_service(service_id):
@@ -201,11 +206,7 @@ def update_broadcast_message_status(service_id, broadcast_message_id):
new_status = data['status']
updating_user = get_user_by_id(data['created_by'])
_update_broadcast_message(broadcast_message, new_status, updating_user)
dao_save_object(broadcast_message)
if new_status in {BroadcastStatusType.BROADCASTING, BroadcastStatusType.CANCELLED}:
_create_broadcast_event(broadcast_message)
validate_and_update_broadcast_message_status(broadcast_message, new_status, updating_user)
return jsonify(broadcast_message.serialize()), 200

1
app/broadcast_message/translators.py
View File

@@ -7,6 +7,7 @@ def cap_xml_to_dict(cap_xml):
return {
"msgType": cap.alert.msgType.text,
"reference": cap.alert.identifier.text,
"references": cap.alert.references.text, # references to previous events belonging to the same alert
"cap_event": cap.alert.info.event.text,
"category": cap.alert.info.category.text,
"expires": cap.alert.info.expires.text,