Commit Graph

596 Commits

Author SHA1 Message Date
stvnrlly
c34b24014a remove service letter contact model 2023-02-17 22:56:54 -05:00
stvnrlly
007741fe44 remove some letter upload code 2023-02-17 14:28:43 -05:00
stvnrlly
7d6fb2c645 remove letters from /service 2023-02-17 14:19:04 -05:00
stvnrlly
7d29342c5d update default permissions 2023-02-17 13:00:43 -05:00
stvnrlly
91ece7576d remove SEND_LETTERS 2023-02-17 11:42:30 -05:00
stvnrlly
518e2264a6 carving out precompile, almost completely 2023-02-15 16:45:40 -05:00
stvnrlly
36e730221d more work on postage migration 2023-02-12 21:55:24 -05:00
stvnrlly
ff3f2c06c0 progress on removing postage 2023-02-10 15:06:11 -05:00
stvnrlly
5a15390336 remove most letter branding 2023-02-09 22:14:11 -05:00
stvnrlly
6f6353e0f2 delete a variety of pdf-related things 2023-02-09 13:18:28 -05:00
stvnrlly
8b75424e29 Merge branch 'main' into stvnrlly-paperless-api 2023-02-06 12:28:10 -05:00
Ryan Ahearn
8a0535fa03 Save normalized phone format to DB 2023-01-06 11:06:23 -05:00
Ryan Ahearn
82df01653f Update tests to focus on US numbers 2023-01-05 11:06:12 -05:00
stvnrlly
33bd3b3a31 try deactivating some letter routes 2022-12-08 09:55:21 -05:00
stvnrlly
4260576fb2 remove pdf sanitize tasks 2022-12-07 11:55:24 -05:00
stvnrlly
0252391c88 remove get-pdf-for-templated-letter 2022-12-07 11:46:26 -05:00
stvnrlly
9e7ee1c0f8 migrate bst_date to local_date 2022-11-21 11:49:59 -05:00
stvnrlly
213f699c99 time adjustments in tests 2022-11-14 14:23:54 -05:00
stvnrlly
3528bd37e1 update time handling for more tests 2022-11-10 16:54:48 -05:00
stvnrlly
637fbdb891 broadcast flake8 cleanup 2022-10-25 11:53:24 -04:00
stvnrlly
d4e156e8ae Merge branch 'main' into stvnrlly-remove-broadcasts 2022-10-20 19:44:20 -04:00
stvnrlly
b0ed88e7a3 update tests 2022-10-12 16:39:17 +00:00
stvnrlly
57f4df8ed1 remove broadcast-related code, except migrations 2022-10-04 15:28:27 +00:00
Ryan Ahearn
e3ad01119d Replace celery[sqs] with celery[redis] 2022-09-29 08:59:17 -04:00
Ryan Ahearn
cb4036b1b0 Disable letter-based S3 buckets 2022-09-21 11:22:55 -04:00
Christa Hartsock
c4cdaed683 Skip tests that fail because of timezone handling 2022-07-07 15:41:16 -07:00
Christa Hartsock
af6495cd4c Get tests passing locally
When we cloned the repository and started making modifications, we
didn't initially keep tests in step. This commit tries to get us to a
clean test run by skipping tests that are failing and removing some
that we no longer expect to use (MMG, Firetext), with the intention that
we will come back in future and update or remove them as appropriate.

To find all tests skipped, search for `@pytest.mark.skip(reason="Needs
updating for TTS:`. There will be a brief description of the work that
needs to be done to get them passing, if known. Delete that line to make
them run in a standard test run (`make test`).
2022-07-07 15:41:15 -07:00
Katie Smith
21c943484d Change test that was failing due to new Marshmallow behaviour
Boolean fields in marshmallow have various values that get changed to
True or False. The value 'Yes' now gets changed to True,  which was
causing a test to start failing. We could change the schemas to stop
'Yes' from being changed to True, but the data for boolean fields comes
from admin, where it is only allowed to have certain values anyway so
this just fixes the test.
2022-05-25 11:35:44 +01:00
Leo Hemsted
6181c60f75 remove usage of notify_db fixture in unit tests
* notify_db fixture creates the database connection and ensures the test
  db exists and has migrations applied etc. It will run once per session
  (test run).
* notify_db_session fixture runs after your test finishes and deletes
  all non static (eg type table) data.

In unit tests that hit the database (ie: most of them), 99% of the time
we will need to use notify_db_session to ensure everything is reset. The
only time we don't need to use it is when we're querying things such as
"ensure get X works when database is empty". This is such a low
percentage of tests that it's easier for us to just use
notify_db_session every time, and ensure that all our tests run much
more consistently, at the cost of a small bit of performance when
running tests.

We used to use notify_db to access the session object for manually
adding, committing, etc. To dissuade usage of that fixture I've moved
that to the `notify_db_session`. I've then removed all uses of notify_db
that I could find in the codebase.

As a note, if you're writing a test that uses a `sample_x` fixture, all
of those fixtures rely on notify_db_session so you'll get the teardown
functionality for free. If you're just calling eg `create_x` db.py
functions, then you'll need to make you add notify_db_session fixture to
your test, even if you aren't manually accessing the session.
2022-05-04 11:36:54 +01:00
Ben Thorner
70430f10ea Co-locate tests for sending a notification
I found the send letter tests hard to find as the name of the file
didn't match the name of the one containing the code under test.
2022-04-08 17:37:33 +01:00
Ben Thorner
fa10ec77ab DRY-up test send letter test data into fixture
This makes it easier to see what's different in each test.
2022-04-08 17:37:31 +01:00
Ben Thorner
5810d46d35 Don't error sending a letter that's sent already
Fixes this error (in Admin):

      File "/home/vcap/app/app/notify_client/notification_api_client.py", line 74, in send_precompiled_letter
        return self.post(url='/service/{}/send-pdf-letter'.format(service_id), data=data)
      File "/home/vcap/app/app/notify_client/__init__.py", line 59, in post
        return super().post(*args, **kwargs)
      File "/home/vcap/deps/0/python/lib/python3.9/site-packages/notifications_python_client/base.py", line 48, in post
        return self.request("POST", url, data=data)
      File "/home/vcap/deps/0/python/lib/python3.9/site-packages/notifications_python_client/base.py", line 64, in request
        response = self._perform_request(method, url, kwargs)
      File "/home/vcap/deps/0/python/lib/python3.9/site-packages/notifications_python_client/base.py", line 118, in _perform_request
        raise api_error
    notifications_python_client.errors.HTTPError: 500 - Internal server error

Due to this error (in API):

      File "/home/vcap/app/app/service/send_notification.py", line 178, in send_pdf_letter_notification
        raise e
      File "/home/vcap/app/app/service/send_notification.py", line 173, in send_pdf_letter_notification
        letter = utils_s3download(current_app.config['TRANSIENT_UPLOADED_LETTERS'], file_location)
      File "/home/vcap/deps/0/python/lib/python3.9/site-packages/notifications_utils/s3.py", line 53, in s3download
        raise S3ObjectNotFound(error.response, error.operation_name)
    notifications_utils.s3.S3ObjectNotFound: An error occurred (NoSuchKey) when calling the GetObject operation: The specified key does not exist.

I checked the DB to verify the letter does actually exist i.e. it
is an instance of the problem we're fixing here.
2022-04-08 17:20:44 +01:00
Chris Hill-Scott
a4347a5165 Remove endpoints for checking name uniqueness
The code which called these endpoints was removed:
- for services in https://github.com/alphagov/notifications-admin/pull/4084/files
- for organisations in https://github.com/alphagov/notifications-admin/pull/4128/files

Therefore these endpoints are no longer needed.
2022-01-13 17:12:40 +00:00
Katie Smith
3530d26ba3 Use client fixture everywhere
There were a few tests which weren't using the `client` fixture but were
using the code it contains. This simplifies them to use the fixture.
2022-01-04 14:04:03 +00:00
Katie Smith
0b7410818e Allow get_all_notifications_for_service to accept POST requests
We want admin to send a POST request to this route if the data contains
a message recipient (a phone number or email address) so that this does
not show in the logs. This changes the route to accept both GET and POST
requests.
2022-01-04 14:04:03 +00:00
David McDonald
edadeb9131 Use get_prev_next_pagination_links when searching by to field
The only change in behaviour is that we are no longer including a
`last` pagination link.

This is OK because the frontend doesnt use it, just the prev and
next links as per
https://github.com/alphagov/notifications-admin/blob/master/app/main/views/jobs.py#L248
2021-12-10 12:29:55 +00:00
David McDonald
6ac4e67f78 Add test for pagination behaviour
We already have a test case for over 50 results, but this adds
one for 50 (ie a single page of results or less)
2021-12-10 12:29:12 +00:00
David McDonald
989ef9c21a Remove last and total keys from pagination links
These don't appear to be used anywhere in the admin app and this
route is only used by the admin app. Therefore it is safe to remove
them.

We remove them because the calculate the total number of notifications
or the final page number of results can be particularly slow for
services with many many notifications, for example 100 seconds
for a service with 500k notifications sent in the past 7 days.

Given neither are being used, this will give us the potential in
the next commit to reduce the number of slow queries and improve
page load times.

Note, I've kept the scope small by only introducing the new
pagination function for this one endpoint but there could be scope
in future to get all pagination using the next function if
appropriate.
2021-12-03 17:26:49 +00:00
David McDonald
a62e63fcef Add tests for existing pagination behaviour
No functionality change, just documenting what already exists
2021-12-03 17:21:14 +00:00
Leo Hemsted
33ca817e17 return contact list created_at in UTC, not BST
make sure timestamps returned from the api are always consistent.

The only place in models where we're serializing a BST timestamp is on
the Notification.serialize_for_csv method now, which at least is a bit
different as this is user-facing (it also returns a formatted
human-readable notification_status for example).
2021-09-14 12:41:52 +01:00
Ben Thorner
0312e2a528 Split generating authorization headers by type
In response to [1].

[1]: https://github.com/alphagov/notifications-api/pull/3300#discussion_r681653248
2021-08-04 15:13:52 +01:00
Pea Tyczynska
82e7724c56 Merge pull request #3296 from alphagov/separate_error_for_cancelling_cancelled_letters
Show separate error for when user tries to cancel letter
2021-08-03 10:29:47 +01:00
Chris Hill-Scott
132411be24 Don’t re-expire old keys
If a key has already been expired we don’t want to lose the information
about when that happened by giving it a new expiry date.
2021-07-30 11:56:51 +01:00
Pea Tyczynska
0c8dd247f9 Show separate error for when user tries to cancel letter
that is already cancelled vs when it is too late to
cancel letter vs when we don't know what's the cause
of failure.

This is so we could show useful error messages to the users
and also for better debugging.
2021-07-29 11:32:49 +01:00
Chris Hill-Scott
43bcb56ff4 Revoke API keys when changing broadcast settings
On a regular Notify service anyone with permission can create an API
key. If this service then is given permission to send emergency alerts
it will have an API key which can create emergency alerts. This feels
dangerous.

Secondly, if a service which legitimately has an API key for sending
alerts in training mode is changed to live mode you now have an API key
which people will think isn’t going to create a real alert but actually
will. This feels really dangerous.

Neither of these scenarios are things we should be doing, but having
them possible still makes me feel uncomfortable.

This commit revokes all API keys for a service when its broadcast
settings change, same way we remove all permissions for its users.
2021-07-29 10:11:38 +01:00
Katie Smith
0c7982fd84 Always keep view_activity permissions for broadcast users
We made a change to remove all permissions from users and invited users
when the broadcast service settings form is submitted
(https://github.com/alphagov/notifications-api/pull/3284). However, when the
form is submitted, notifications-admin always adds the `view_activity`
permission even if no permission boxes are ticked, so we don't want to
remove that one permission
(256c840b46/app/main/forms.py (L1042))
2021-07-14 16:39:38 +01:00
Katie Smith
fc0b9736eb Remove user permissions if service becomes a broadcast service
The "normal" service permissions and broadcast service permissions are
going to be different with no overlap. This means that if you were
viewing the team members page, there might be permissions in the
database that are not visible on the frontend if a service has changed
type. For example, someone could have the 'manage_api_keys' permission,
which would not show up on the team members page of a broadcast service.
To avoid people having permissions which aren't visible in admin, we now
remove all permissions from users when their service is converted to a
broadcast service.

Permisions for invited users are also removed.

It's not possible to convert a broadcast service to a normal service, so
we don't need to cover for this scenario.
2021-07-07 16:13:35 +01:00
Ben Thorner
2b292ebd16 Refactor "notify_service" function into a fixture
This means we can use it in the next commit. Also, it was surprising
for the function to be returning a tuple of values, instead of just
the service object. Since the consumers of the function only needed
the user as auditing data, it's fine to use the first team member.
2021-06-25 17:46:07 +01:00
Katie Smith
0f42b4dbec Fix the endpoint for the monthly status report
This wasn't working - the error given when trying to access it was
`TypeError: Object of type 'Row' is not JSON serializable` when we tried
to serialize a SQLAlchemy Row.

I haven't looked too far into what has changed to stop this from
working, but have just changed the endpoint to return a nested list instead.
2021-06-23 16:03:58 +01:00
David McDonald
be035664c4 Add operator channel to broadcast settings route
Looks identical to the government channel in terms of the interface
2021-06-09 13:49:06 +01:00