Use service_id in the query to make it safer, also use named parameters

app/dao/notifications_dao.py

@@ -179,8 +179,8 @@ def get_notifications_for_job(service_id, job_id, filter_dict=None, page=1, page
 
 
 @statsd(namespace="dao")
-def dao_get_notification_count_for_job_id(job_id):
-    return Notification.query.filter_by(job_id=job_id).count()
+def dao_get_notification_count_for_job_id(*, service_id, job_id):
+    return Notification.query.filter_by(service_id=service_id, job_id=job_id).count()
 
 
 @statsd(namespace="dao")