Merge pull request #1034 from alphagov/push-inbound-sms

Push inbound sms

tests/app/dao/test_api_key_dao.py

@@ -4,7 +4,7 @@ import pytest
 from sqlalchemy.exc import IntegrityError
 from sqlalchemy.orm.exc import NoResultFound
 
-from app.authentication.utils import get_secret
+from app import encryption
 from app.dao.api_key_dao import (save_model_api_key,
                                  get_model_api_keys,
                                  get_unsigned_secrets,
@@ -63,14 +63,14 @@ def test_should_return_api_key_for_service(notify_api, notify_db, notify_db_sess
 def test_should_return_unsigned_api_keys_for_service_id(sample_api_key):
     unsigned_api_key = get_unsigned_secrets(sample_api_key.service_id)
     assert len(unsigned_api_key) == 1
-    assert sample_api_key.secret != unsigned_api_key[0]
-    assert unsigned_api_key[0] == get_secret(sample_api_key.secret)
+    assert sample_api_key._secret != unsigned_api_key[0]
+    assert unsigned_api_key[0] == sample_api_key.secret
 
 
 def test_get_unsigned_secret_returns_key(sample_api_key):
     unsigned_api_key = get_unsigned_secret(sample_api_key.id)
-    assert sample_api_key.secret != unsigned_api_key
-    assert unsigned_api_key == get_secret(sample_api_key.secret)
+    assert sample_api_key._secret != unsigned_api_key
+    assert unsigned_api_key == sample_api_key.secret
 
 
 def test_should_not_allow_duplicate_key_names_per_service(sample_api_key, fake_uuid):

tests/app/dao/test_service_inbound_api_dao.py

@@ -0,0 +1,117 @@
+import uuid
+
+import pytest
+from sqlalchemy.exc import SQLAlchemyError
+
+from app import encryption
+from app.dao.service_inbound_api_dao import (
+    save_service_inbound_api,
+    reset_service_inbound_api,
+    get_service_inbound_api
+)
+from app.models import ServiceInboundApi
+
+
+def test_save_service_inbound_api(sample_service):
+    service_inbound_api = ServiceInboundApi(
+        service_id=sample_service.id,
+        url="https://some_service/inbound_messages",
+        bearer_token="some_unique_string",
+        updated_by_id=sample_service.users[0].id
+    )
+
+    save_service_inbound_api(service_inbound_api)
+
+    results = ServiceInboundApi.query.all()
+    assert len(results) == 1
+    inbound_api = results[0]
+    assert inbound_api.id is not None
+    assert inbound_api.service_id == sample_service.id
+    assert inbound_api.updated_by_id == sample_service.users[0].id
+    assert inbound_api.url == "https://some_service/inbound_messages"
+    assert inbound_api.bearer_token == "some_unique_string"
+    assert inbound_api._bearer_token != "some_unique_string"
+    assert inbound_api.updated_at is None
+
+    versioned = ServiceInboundApi.get_history_model().query.filter_by(id=inbound_api.id).one()
+    assert versioned.id == inbound_api.id
+    assert versioned.service_id == sample_service.id
+    assert versioned.updated_by_id == sample_service.users[0].id
+    assert versioned.url == "https://some_service/inbound_messages"
+    assert encryption.decrypt(versioned._bearer_token) == "some_unique_string"
+    assert versioned.updated_at is None
+    assert versioned.version == 1
+
+
+def test_save_service_inbound_api_fails_if_service_does_not_exist(notify_db, notify_db_session):
+    service_inbound_api = ServiceInboundApi(
+        service_id=uuid.uuid4(),
+        url="https://some_service/inbound_messages",
+        bearer_token="some_unique_string",
+        updated_by_id=uuid.uuid4()
+    )
+
+    with pytest.raises(SQLAlchemyError):
+        save_service_inbound_api(service_inbound_api)
+
+
+def test_update_service_inbound_api(sample_service):
+    service_inbound_api = ServiceInboundApi(
+        service_id=sample_service.id,
+        url="https://some_service/inbound_messages",
+        bearer_token="some_unique_string",
+        updated_by_id=sample_service.users[0].id
+    )
+
+    save_service_inbound_api(service_inbound_api)
+    results = ServiceInboundApi.query.all()
+    assert len(results) == 1
+    saved_inbound_api = results[0]
+
+    reset_service_inbound_api(saved_inbound_api, updated_by_id=sample_service.users[0].id,
+                              url="https://some_service/changed_url")
+    updated_results = ServiceInboundApi.query.all()
+    assert len(updated_results) == 1
+    updated = updated_results[0]
+    assert updated.id is not None
+    assert updated.service_id == sample_service.id
+    assert updated.updated_by_id == sample_service.users[0].id
+    assert updated.url == "https://some_service/changed_url"
+    assert updated.bearer_token == "some_unique_string"
+    assert updated._bearer_token != "some_unique_string"
+    assert updated.updated_at is not None
+
+    versioned_results = ServiceInboundApi.get_history_model().query.filter_by(id=saved_inbound_api.id).all()
+    assert len(versioned_results) == 2
+    for x in versioned_results:
+        if x.version == 1:
+            assert x.url == "https://some_service/inbound_messages"
+            assert not x.updated_at
+        elif x.version == 2:
+            assert x.url == "https://some_service/changed_url"
+            assert x.updated_at
+        else:
+            pytest.fail("version should not exist")
+        assert x.id is not None
+        assert x.service_id == sample_service.id
+        assert x.updated_by_id == sample_service.users[0].id
+        assert encryption.decrypt(x._bearer_token) == "some_unique_string"
+
+
+def test_get_service_inbound_api(sample_service):
+    service_inbound_api = ServiceInboundApi(
+        service_id=sample_service.id,
+        url="https://some_service/inbound_messages",
+        bearer_token="some_unique_string",
+        updated_by_id=sample_service.users[0].id
+    )
+    save_service_inbound_api(service_inbound_api)
+
+    inbound_api = get_service_inbound_api(service_inbound_api.id, sample_service.id)
+    assert inbound_api.id is not None
+    assert inbound_api.service_id == sample_service.id
+    assert inbound_api.updated_by_id == sample_service.users[0].id
+    assert inbound_api.url == "https://some_service/inbound_messages"
+    assert inbound_api.bearer_token == "some_unique_string"
+    assert inbound_api._bearer_token != "some_unique_string"
+    assert inbound_api.updated_at is None