def sample_service(notify_db, notify_db_session, service_name="Sample service", user=None, active=True, restricted=False, limit=1000, email_from=None): if user is None: user = sample_user(notify_db, notify_db_session) if email_from is None: email_from = service_name.lower().replace(' ', '.') data = { 'name': service_name, 'message_limit': limit, 'active': active, 'restricted': restricted, 'email_from': email_from, 'created_by': user } service = Service.query.filter_by(name=service_name).first() if not service: service = Service(**data) dao_create_service(service, user) else: if user not in service.users: dao_add_user_to_service(service, user) return service
def test_send_notification_to_service_users_sends_to_active_users_only( notify_db, notify_db_session, mocker): mocker.patch("app.service.sender.send_notification_to_queue") create_notify_service(notify_db, notify_db_session) first_active_user = create_user(email="*****@*****.**", state="active") second_active_user = create_user(email="*****@*****.**", state="active") pending_user = create_user(email="*****@*****.**", state="pending") service = create_sample_service(notify_db, notify_db_session, user=first_active_user) dao_add_user_to_service(service, second_active_user) dao_add_user_to_service(service, pending_user) template = create_template(service, template_type=EMAIL_TYPE) send_notification_to_service_users(service_id=service.id, template_id=template.id) notifications = Notification.query.all() notifications_recipients = [ notification.to for notification in notifications ] assert Notification.query.count() == 2 assert pending_user.email_address not in notifications_recipients assert first_active_user.email_address in notifications_recipients assert second_active_user.email_address in notifications_recipients
def setup_service(db_session, service_name="Sample service", user=None, restricted=False, limit=1000, email_from=None, permissions=None, research_mode=None): if user is None: user = create_user() if email_from is None: email_from = service_name.lower().replace(' ', '.') data = { 'name': service_name, 'message_limit': limit, 'restricted': restricted, 'email_from': email_from, 'created_by': user, 'crown': True } service = Service.query.filter_by(name=service_name).first() if not service: service = Service(**data) dao_create_service(service, user, service_permissions=permissions) if research_mode: service.research_mode = research_mode else: if user not in service.users: dao_add_user_to_service(service, user) return service
def sample_broadcast_service(notify_db_session, broadcast_organisation): user = create_user() service_name = 'Sample broadcast service' email_from = service_name.lower().replace(' ', '.') data = { 'name': service_name, 'message_limit': 1000, 'restricted': False, 'email_from': email_from, 'created_by': user, 'crown': True, 'count_as_live': False, } service = Service.query.filter_by(name=service_name).first() if not service: service = Service(**data) dao_create_service(service, user, service_permissions=[BROADCAST_TYPE]) insert_or_update_service_broadcast_settings(service, channel="severe") dao_add_service_to_organisation(service, current_app.config['BROADCAST_ORGANISATION_ID']) else: if user not in service.users: dao_add_user_to_service(service, user) return service
def test_dao_fetch_active_users_for_service_returns_active_only(notify_db_session): active_user = create_user(email='*****@*****.**', state='active') pending_user = create_user(email='*****@*****.**', state='pending') service = create_service(user=active_user) dao_add_user_to_service(service, pending_user) users = dao_fetch_active_users_for_service(service.id) assert len(users) == 1
def create_service( user=None, service_name="Sample service", service_id=None, restricted=False, count_as_live=True, service_permissions=None, research_mode=False, active=True, email_from=None, prefix_sms=True, message_limit=1000, organisation_type='central', check_if_service_exists=False, go_live_user=None, go_live_at=None, crown=True, organisation=None, purchase_order_number=None, billing_contact_names=None, billing_contact_email_addresses=None, billing_reference=None, ): if check_if_service_exists: service = Service.query.filter_by(name=service_name).first() if (not check_if_service_exists) or (check_if_service_exists and not service): service = Service( name=service_name, message_limit=message_limit, restricted=restricted, email_from=email_from if email_from else service_name.lower().replace(' ', '.'), created_by=user if user else create_user(email='{}@digital.cabinet-office.gov.uk'.format(uuid.uuid4())), prefix_sms=prefix_sms, organisation_type=organisation_type, organisation=organisation, go_live_user=go_live_user, go_live_at=go_live_at, crown=crown, purchase_order_number=purchase_order_number, billing_contact_names=billing_contact_names, billing_contact_email_addresses=billing_contact_email_addresses, billing_reference=billing_reference, ) dao_create_service( service, service.created_by, service_id, service_permissions=service_permissions, ) service.active = active service.research_mode = research_mode service.count_as_live = count_as_live else: if user and user not in service.users: dao_add_user_to_service(service, user) return service
def test_add_existing_user_to_another_service_doesnot_change_old_permissions( notify_db_session, ): user = create_user() service_one = Service( name="service_one", email_from="service_one", message_limit=1000, restricted=False, created_by=user, ) dao_create_service(service_one, user) assert user.id == service_one.users[0].id test_user_permissions = Permission.query.filter_by(service=service_one, user=user).all() assert len(test_user_permissions) == 8 other_user = User( name="Other Test User", email_address="*****@*****.**", password="******", mobile_number="+447700900987", ) save_model_user(other_user) service_two = Service( name="service_two", email_from="service_two", message_limit=1000, restricted=False, created_by=other_user, ) dao_create_service(service_two, other_user) assert other_user.id == service_two.users[0].id other_user_permissions = Permission.query.filter_by(service=service_two, user=other_user).all() assert len(other_user_permissions) == 8 other_user_service_one_permissions = Permission.query.filter_by( service=service_one, user=other_user).all() assert len(other_user_service_one_permissions) == 0 # adding the other_user to service_one should leave all other_user permissions on service_two intact permissions = [] for p in ["send_emails", "send_texts", "send_letters"]: permissions.append(Permission(permission=p)) dao_add_user_to_service(service_one, other_user, permissions=permissions) other_user_service_one_permissions = Permission.query.filter_by( service=service_one, user=other_user).all() assert len(other_user_service_one_permissions) == 3 other_user_service_two_permissions = Permission.query.filter_by( service=service_two, user=other_user).all() assert len(other_user_service_two_permissions) == 8
def add_user_to_service(service_id, user_id): service = dao_fetch_service_by_id(service_id) user = get_user_by_id(user_id=user_id) if user in service.users: error = 'User id: {} already part of service id: {}'.format(user_id, service_id) raise InvalidRequest(error, status_code=400) permissions = permission_schema.load(request.get_json(), many=True).data dao_add_user_to_service(service, user, permissions) data = service_schema.dump(service).data return jsonify(data=data), 201
def test_dao_add_user_to_service_ignores_folders_which_do_not_exist_when_setting_permissions( sample_user, sample_service, fake_uuid): valid_folder = create_template_folder(sample_service) folder_permissions = [fake_uuid, str(valid_folder.id)] dao_add_user_to_service(sample_service, sample_user, folder_permissions=folder_permissions) service_user = dao_get_service_user(sample_user.id, sample_service.id) assert service_user.folders == [valid_folder]
def create_service( user=None, service_name="Sample service", service_id=None, restricted=False, count_as_live=True, service_permissions=[EMAIL_TYPE, SMS_TYPE], research_mode=False, active=True, email_from=None, prefix_sms=True, message_limit=1000, organisation_type="central", check_if_service_exists=False, go_live_user=None, go_live_at=None, crown=True, organisation=None, ): if check_if_service_exists: service = Service.query.filter_by(name=service_name).first() if (not check_if_service_exists) or (check_if_service_exists and not service): service = Service( name=service_name, message_limit=message_limit, restricted=restricted, email_from=email_from if email_from else service_name.lower().replace(" ", "."), created_by=user if user else create_user( email="{}@digital.cabinet-office.gov.uk".format(uuid.uuid4())), prefix_sms=prefix_sms, organisation_type=organisation_type, go_live_user=go_live_user, go_live_at=go_live_at, crown=crown, ) dao_create_service( service, service.created_by, service_id, service_permissions=service_permissions, ) service.active = active service.research_mode = research_mode service.count_as_live = count_as_live else: if user and user not in service.users: dao_add_user_to_service(service, user) return service
def test_should_add_user_to_service(sample_user): service = Service( name="service_name", email_from="email_from", message_limit=1000, restricted=False, created_by=sample_user ) dao_create_service(service, sample_user) assert sample_user in Service.query.first().users new_user = User( name="Test User", email_address="*****@*****.**", password="******", mobile_number="+447700900986", ) save_model_user(new_user) dao_add_user_to_service(service, new_user) assert new_user in Service.query.first().users
def test_dao_add_user_to_service_sets_folder_permissions(sample_user, sample_service): folder_1 = create_template_folder(sample_service) folder_2 = create_template_folder(sample_service) assert not folder_1.users assert not folder_2.users folder_permissions = [str(folder_1.id), str(folder_2.id)] dao_add_user_to_service(sample_service, sample_user, folder_permissions=folder_permissions) service_user = dao_get_service_user(user_id=sample_user.id, service_id=sample_service.id) assert len(service_user.folders) == 2 assert folder_1 in service_user.folders assert folder_2 in service_user.folders
def test_should_add_user_to_service(notify_db_session): user = create_user() service = Service(name="service_name", email_from="email_from", message_limit=1000, restricted=False, created_by=user) dao_create_service(service, user) assert user in Service.query.first().users new_user = User(name='Test User', email_address='*****@*****.**', password='******', mobile_number='+16502532222') save_model_user(new_user) dao_add_user_to_service(service, new_user) assert new_user in Service.query.first().users
def test_dao_add_user_to_service_raises_error_if_adding_folder_permissions_for_a_different_service( sample_service, ): user = create_user() other_service = create_service(service_name='other service') other_service_folder = create_template_folder(other_service) folder_permissions = [str(other_service_folder.id)] assert ServiceUser.query.count() == 2 with pytest.raises(IntegrityError) as e: dao_add_user_to_service(sample_service, user, folder_permissions=folder_permissions) db.session.rollback() assert 'insert or update on table "user_folder_permissions" violates foreign key constraint' in str(e.value) assert ServiceUser.query.count() == 2
def test_get_all_only_services_user_has_access_to(service_factory, sample_user): service_factory.get("service 1", sample_user, email_from="service.1") service_factory.get("service 2", sample_user, email_from="service.2") service_3 = service_factory.get("service 3", sample_user, email_from="service.3") new_user = User( name="Test User", email_address="*****@*****.**", password="******", mobile_number="+447700900986", ) save_model_user(new_user) dao_add_user_to_service(service_3, new_user) assert len(dao_fetch_all_services_by_user(sample_user.id)) == 3 assert dao_fetch_all_services_by_user(sample_user.id)[0].name == "service 1" assert dao_fetch_all_services_by_user(sample_user.id)[1].name == "service 2" assert dao_fetch_all_services_by_user(sample_user.id)[2].name == "service 3" assert len(dao_fetch_all_services_by_user(new_user.id)) == 1 assert dao_fetch_all_services_by_user(new_user.id)[0].name == "service 3"
def test_get_all_user_services_only_returns_services_user_has_access_to(notify_db_session): user = create_user() create_service(service_name='service 1', user=user, email_from='service.1') create_service(service_name='service 2', user=user, email_from='service.2') service_3 = create_service(service_name='service 3', user=user, email_from='service.3') new_user = User( name='Test User', email_address='*****@*****.**', password='******', mobile_number='+447700900986' ) save_model_user(new_user, validated_email_access=True) dao_add_user_to_service(service_3, new_user) assert len(dao_fetch_all_services_by_user(user.id)) == 3 assert dao_fetch_all_services_by_user(user.id)[0].name == 'service 1' assert dao_fetch_all_services_by_user(user.id)[1].name == 'service 2' assert dao_fetch_all_services_by_user(user.id)[2].name == 'service 3' assert len(dao_fetch_all_services_by_user(new_user.id)) == 1 assert dao_fetch_all_services_by_user(new_user.id)[0].name == 'service 3'
def test_add_existing_user_to_another_service_doesnot_change_old_permissions(sample_user): service_one = Service( name="service_one", email_from="service_one", message_limit=1000, restricted=False, created_by=sample_user ) dao_create_service(service_one, sample_user) assert sample_user.id == service_one.users[0].id test_user_permissions = Permission.query.filter_by(service=service_one, user=sample_user).all() assert len(test_user_permissions) == 8 other_user = User( name="Other Test User", email_address="*****@*****.**", password="******", mobile_number="+447700900987", ) save_model_user(other_user) service_two = Service( name="service_two", email_from="service_two", message_limit=1000, restricted=False, created_by=other_user ) dao_create_service(service_two, other_user) assert other_user.id == service_two.users[0].id other_user_permissions = Permission.query.filter_by(service=service_two, user=other_user).all() assert len(other_user_permissions) == 8 other_user_service_one_permissions = Permission.query.filter_by(service=service_one, user=other_user).all() assert len(other_user_service_one_permissions) == 0 # adding the other_user to service_one should leave all other_user permissions on service_two intact permissions = [] for p in ["send_emails", "send_texts", "send_letters"]: permissions.append(Permission(permission=p)) dao_add_user_to_service(service_one, other_user, permissions=permissions) other_user_service_one_permissions = Permission.query.filter_by(service=service_one, user=other_user).all() assert len(other_user_service_one_permissions) == 3 other_user_service_two_permissions = Permission.query.filter_by(service=service_two, user=other_user).all() assert len(other_user_service_two_permissions) == 8
def add_user_to_service(service_id, user_id): service = dao_fetch_service_by_id(service_id) user = get_user_by_id(user_id=user_id) if user in service.users: error = 'User id: {} already part of service id: {}'.format(user_id, service_id) raise InvalidRequest(error, status_code=400) data = request.get_json() validate(data, post_set_permissions_schema) permissions = [ Permission(service_id=service_id, user_id=user_id, permission=p['permission']) for p in data['permissions'] ] folder_permissions = data.get('folder_permissions', []) dao_add_user_to_service(service, user, permissions, folder_permissions) data = service_schema.dump(service).data return jsonify(data=data), 201
def sample_service(notify_db, notify_db_session, service_name="Sample service", user=None, restricted=False, limit=1000, email_from=None, permissions=None, research_mode=None): if user is None: user = create_user() if email_from is None: email_from = service_name.lower().replace(' ', '.') data = { 'name': service_name, 'message_limit': limit, 'restricted': restricted, 'email_from': email_from, 'created_by': user, 'crown': True } service = Service.query.filter_by(name=service_name).first() if not service: service = Service(**data) dao_create_service(service, user, service_permissions=permissions) if research_mode: service.research_mode = research_mode else: if user not in service.users: dao_add_user_to_service(service, user) if permissions and INBOUND_SMS_TYPE in permissions: create_inbound_number('12345', service_id=service.id) if permissions and INBOUND_SMS_KEYWORD_TYPE in permissions: create_inbound_shortnumber('12345', service_id=service.id) return service
def test_rejects_jwt_without_permission_for_service( self, client, db_session): @requires_admin_auth_or_user_in_service( required_permission='some-required-permission') def endpoint_that_requires_admin_auth_or_permission_for_service(): pass user = create_user() service = create_service(service_name='some-service') dao_add_user_to_service(service, user, permissions=[]) token = create_access_token(identity=user) request.view_args['service_id'] = service.id request.headers = {'Authorization': 'Bearer {}'.format(token)} with pytest.raises(AuthError) as error: endpoint_that_requires_admin_auth_or_permission_for_service() assert error.value.code == 403
def test_should_remove_user_from_service(notify_db_session): user = create_user() service = Service( name="service_name", email_from="email_from", message_limit=1000, restricted=False, created_by=user, ) dao_create_service(service, user) new_user = User( name="Test User", email_address="*****@*****.**", password="******", mobile_number="+16502532222", ) save_model_user(new_user) dao_add_user_to_service(service, new_user) assert new_user in Service.query.first().users dao_remove_user_from_service(service, new_user) assert new_user not in Service.query.first().users
def sample_service( notify_db, notify_db_session, service_name="Sample service", user=None, restricted=False, limit=1000, email_from=None, permissions=None, research_mode=None, ): if user is None: user = create_user() if email_from is None: email_from = service_name.lower().replace(" ", ".") data = { "name": service_name, "message_limit": limit, "restricted": restricted, "email_from": email_from, "created_by": user, "crown": True, } service = Service.query.filter_by(name=service_name).first() if not service: service = Service(**data) dao_create_service(service, user, service_permissions=permissions) if research_mode: service.research_mode = research_mode else: if user not in service.users: dao_add_user_to_service(service, user) if permissions and INBOUND_SMS_TYPE in permissions: create_inbound_number("12345", service_id=service.id) return service
def sample_broadcast_service(notify_db_session): user = create_user() service_name = 'Sample broadcast service' email_from = service_name.lower().replace(' ', '.') data = { 'name': service_name, 'message_limit': 1000, 'restricted': False, 'email_from': email_from, 'created_by': user, 'crown': True } service = Service.query.filter_by(name=service_name).first() if not service: service = Service(**data) dao_create_service(service, user, service_permissions=[BROADCAST_TYPE]) else: if user not in service.users: dao_add_user_to_service(service, user) return service
def test_get_all_user_services_only_returns_services_user_has_access_to( notify_db_session, ): user = create_user() create_service(service_name="service 1", user=user, email_from="service.1") create_service(service_name="service 2", user=user, email_from="service.2") service_3 = create_service(service_name="service 3", user=user, email_from="service.3") new_user = User( name="Test User", email_address="*****@*****.**", password="******", mobile_number="+16502532222", ) save_model_user(new_user) dao_add_user_to_service(service_3, new_user) assert len(dao_fetch_all_services_by_user(user.id)) == 3 assert dao_fetch_all_services_by_user(user.id)[0].name == "service 1" assert dao_fetch_all_services_by_user(user.id)[1].name == "service 2" assert dao_fetch_all_services_by_user(user.id)[2].name == "service 3" assert len(dao_fetch_all_services_by_user(new_user.id)) == 1 assert dao_fetch_all_services_by_user(new_user.id)[0].name == "service 3"
def test_accepts_jwt_with_permission_for_service(self, client, db_session, required_permission): @requires_user_in_service(required_permission=required_permission) def endpoint_that_requires_permission_for_service(): pass user = create_user() service = create_service(service_name='some-service') dao_add_user_to_service(service, user, permissions=[ Permission(service=service, user=user, permission=required_permission) ]) token = create_access_token(identity=user) request.view_args['service_id'] = service.id request.headers = {'Authorization': 'Bearer {}'.format(token)} endpoint_that_requires_permission_for_service()