def test_get_signed_url(base_url, expected):
mock_bucket = mock.Mock()
mock_bucket.get_signed_url.return_value = "http://example/foo?after"
with patch('botocore.signers.generate_presigned_url'):
url = get_signed_url(mock_bucket, 'foo', base_url)
assert url == expected
def test_get_signed_url(base_url, expected):
mock_bucket = mock.Mock()
mock_bucket.get_signed_url.return_value = "http://example/foo?after"
url = get_signed_url(mock_bucket, 'foo', base_url)
assert url == expected
def test_get_signed_url(base_url, expected):
mock_bucket = mock.Mock()
mock_bucket.get_signed_url.return_value = "http://example/foo?after"
url = get_signed_url(mock_bucket, 'foo', base_url)
assert url == expected
def view_signed_agreement(supplier_id, framework_slug):
# not properly validating this - all we do is pass it through
next_status = request.args.get("next_status")
supplier = data_api_client.get_supplier(supplier_id)['suppliers']
framework = data_api_client.get_framework(framework_slug)['frameworks']
if not framework.get('frameworkAgreementVersion'):
abort(404)
supplier_framework = data_api_client.get_supplier_framework_info(
supplier_id, framework_slug)['frameworkInterest']
if not supplier_framework.get('agreementReturned'):
abort(404)
lot_names = []
if framework["status"] in ("live", "expired"):
# If the framework is live or expired we don't need to filter drafts, we only care about successful services
service_iterator = data_api_client.find_services_iter(
supplier_id=supplier_id, framework=framework_slug)
for service in service_iterator:
if service['lotName'] not in lot_names:
lot_names.append(service['lotName'])
else:
# If the framework has not yet become live we need to filter out unsuccessful services
service_iterator = data_api_client.find_draft_services_iter(
supplier_id=supplier_id, framework=framework_slug)
for service in service_iterator:
if service["status"] == "submitted" and service[
'lotName'] not in lot_names:
lot_names.append(service['lotName'])
agreements_bucket = s3.S3(current_app.config['DM_AGREEMENTS_BUCKET'])
if framework_slug in OLD_COUNTERSIGNING_FLOW_FRAMEWORKS:
is_e_signature_flow = False
# Fetch path to supplier's signature page
path = supplier_framework['agreementPath']
template = "suppliers/view_signed_agreement.html"
else:
is_e_signature_flow = True
# Fetch path to combined countersigned agreement, if available
path = supplier_framework.get('countersignedPath')
template = "suppliers/view_esignature_agreement.html"
url = get_signed_url(agreements_bucket, path,
current_app.config['DM_ASSETS_URL']) if path else ""
agreement_ext = get_extension(path) if path else ""
if not url:
current_app.logger.info(f'No agreement file found for {path}')
return render_template(
template,
company_details=get_company_details_from_supplier(supplier),
supplier=supplier,
framework=framework,
supplier_framework=supplier_framework,
lot_names=list(sorted(lot_names)),
agreement_url=url,
agreement_ext=agreement_ext,
next_status=next_status,
is_e_signature_flow=is_e_signature_flow)
def download_supplier_user_research_report(framework_slug):
reports_bucket = s3.S3(current_app.config['DM_REPORTS_BUCKET'])
path = "{framework_slug}/reports/user-research-suppliers-on-{framework_slug}.csv"
url = get_signed_url(reports_bucket,
path.format(framework_slug=framework_slug),
current_app.config['DM_ASSETS_URL'])
if not url:
abort(404)
return redirect(url)
def download_agreement_file(framework_slug, document_name):
supplier_framework_info = get_supplier_framework_info(data_api_client, framework_slug)
if supplier_framework_info is None or not supplier_framework_info.get("declaration"):
abort(404)
agreements_bucket = s3.S3(current_app.config['DM_AGREEMENTS_BUCKET'])
path = get_agreement_document_path(framework_slug, current_user.supplier_code, document_name)
url = get_signed_url(agreements_bucket, path, current_app.config['DM_ASSETS_URL'])
if not url:
abort(404)
return redirect(url)
def download_agreement_file(supplier_id, framework_slug, document_name):
supplier_framework = data_api_client.get_supplier_framework_info(supplier_id, framework_slug)['frameworkInterest']
if supplier_framework is None or not supplier_framework.get("declaration"):
abort(404)
agreements_bucket = s3.S3(
current_app.config['DM_AGREEMENTS_BUCKET'], endpoint_url=current_app.config.get("DM_S3_ENDPOINT_URL")
)
path = get_document_path(framework_slug, supplier_id, 'agreements', document_name)
url = get_signed_url(agreements_bucket, path, current_app.config['DM_ASSETS_URL'])
if not url:
abort(404)
return redirect(url)
def download_agreement_file(supplier_id, framework_slug, document_name):
supplier_framework = data_api_client.get_supplier_framework_info(supplier_id, framework_slug)['frameworkInterest']
if not supplier_framework.get('declaration'):
abort(404)
agreements_bucket = s3.S3(current_app.config['DM_AGREEMENTS_BUCKET'])
prefix = get_agreement_document_path(framework_slug, supplier_id, document_name)
agreement_documents = agreements_bucket.list(prefix=prefix)
if not len(agreement_documents):
abort(404)
path = agreement_documents[-1]['path']
url = get_signed_url(agreements_bucket, path, current_app.config['DM_ASSETS_URL'])
if not url:
abort(404)
return redirect(url)
def download_communication(framework_slug, comm_type, filepath):
if comm_type not in _comm_types:
abort(404)
# ensure this is a real framework
get_framework_or_404(data_api_client, framework_slug)
bucket = s3.S3(current_app.config['DM_COMMUNICATIONS_BUCKET'])
full_path = _get_comm_type_root(framework_slug, comm_type) / filepath
url = get_signed_url(bucket, str(full_path),
current_app.config["DM_ASSETS_URL"])
if not url:
abort(404)
return redirect(url)
def download_agreement_file(framework_slug, document_name):
supplier_framework_info = get_supplier_framework_info(
data_api_client, framework_slug)
if supplier_framework_info is None or not supplier_framework_info.get(
"declaration"):
abort(404)
agreements_bucket = s3.S3(current_app.config['DM_AGREEMENTS_BUCKET'])
path = get_document_path(framework_slug, current_user.supplier_id,
'agreements', document_name)
url = get_signed_url(agreements_bucket, path,
current_app.config['DM_ASSETS_URL'])
if not url:
abort(404)
return redirect(url)
def download_supplier_user_list_report(framework_slug, report_type):
reports_bucket = s3.S3(current_app.config['DM_REPORTS_BUCKET'])
if report_type == 'official':
path = f"{framework_slug}/reports/official-details-for-suppliers-{framework_slug}.csv"
elif report_type == 'accounts':
path = f"{framework_slug}/reports/all-email-accounts-for-suppliers-{framework_slug}.csv"
else:
abort(404)
url = get_signed_url(reports_bucket, path,
current_app.config['DM_ASSETS_URL'])
if not url:
abort(404)
return redirect(url)
def download_brief_response_attachment(framework_slug, lot_slug, brief_id, response_id, attachment_id):
get_framework_and_lot(framework_slug, lot_slug, data_api_client, status='live', must_allow_brief=True)
brief = data_api_client.get_brief(brief_id)["briefs"]
if not is_brief_correct(
brief, framework_slug, lot_slug, current_user.id, data_api_client
):
abort(404)
if brief['status'] != "closed":
abort(404)
response = data_api_client.get_brief_response(response_id)
if not response or not response.get('briefResponses', {}).get('attachedDocumentURL'):
abort(404)
try:
slug = response['briefResponses']['attachedDocumentURL'][attachment_id]
except IndexError:
abort(404)
if slug is None:
abort(404)
try:
# try newer file storage
mimetype = mimetypes.guess_type(slug)[0] or 'binary/octet-stream'
return Response(
s3_download_file(
current_app.config.get('S3_BUCKET_NAME', None),
slug,
os.path.join(
brief['frameworkSlug'],
'documents',
'brief-' + str(brief_id),
'supplier-' + str(response['briefResponses']['supplierCode'])
)
),
mimetype=mimetype
)
except botocore.exceptions.ClientError:
url = get_signed_url(current_app.config['S3_BUCKET_NAME'], slug, None)
if not url:
abort(404)
return redirect(url)
def download_dos_outcomes():
# get the slug for the latest DOS framework iteration
framework_slug = (sorted(
filter(
lambda fw: (fw["family"] == "digital-outcomes-and-specialists" and
fw["status"] == "live"),
data_api_client.find_frameworks()["frameworks"]),
key=lambda fw: fw["frameworkLiveAtUTC"],
reverse=True,
)[0]["slug"])
reports_bucket = s3.S3(
current_app.config["DM_REPORTS_BUCKET"],
endpoint_url=current_app.config.get("DM_S3_ENDPOINT_URL"))
url = get_signed_url(reports_bucket,
f"{framework_slug}/reports/opportunity-data.csv",
current_app.config["DM_ASSETS_URL"])
if not url:
abort(404)
return redirect(url)
def download_brief_response_attachment(framework_slug, lot_slug, brief_id, response_id, attachment_id):
get_framework_and_lot(framework_slug, lot_slug, data_api_client, status='live', must_allow_brief=True)
brief = data_api_client.get_brief(brief_id)["briefs"]
if not is_brief_correct(
brief, framework_slug, lot_slug, current_user.id
):
abort(404)
if brief['status'] != "closed":
abort(404)
response = data_api_client.get_brief_response(response_id)
if not response or not response.get('briefResponses', {}).get('attachedDocumentURL'):
abort(404)
try:
slug = response['briefResponses']['attachedDocumentURL'][attachment_id]
except IndexError:
abort(404)
if slug is None:
abort(404)
try:
# try newer file storage
file = s3_download_file(slug, os.path.join(brief['frameworkSlug'], 'documents',
'brief-' + str(brief_id),
'supplier-' + str(response['briefResponses']['supplierCode'])))
mimetype = mimetypes.guess_type(slug)[0] or 'binary/octet-stream'
return Response(file, mimetype=mimetype)
except botocore.exceptions.ClientError:
url = get_signed_url(current_app.config['S3_BUCKET_NAME'], slug, None)
if not url:
abort(404)
return redirect(url)
