Merge branch 'master' into pipeline

diegotony · web-flow · commit 65d85ca0645f · 2021-02-25T15:47:10.000-05:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,17 @@
 
 <!--next-version-placeholder-->
 
+## v0.29.0 (2021-02-19)
+### Feature
+* TT-154 add is user member of a group endpoint ([#259](https://github.com/ioet/time-tracker-backend/issues/259)) ([`2381cf2`](https://github.com/ioet/time-tracker-backend/commit/2381cf2a76f6bdcc174ae8433a63d4121ac4acd5))
+
+## v0.28.0 (2021-02-11)
+### Feature
+* TT-147 user endpoint ([#257](https://github.com/ioet/time-tracker-backend/issues/257)) ([`6abc3c2`](https://github.com/ioet/time-tracker-backend/commit/6abc3c24dfa1bfadd9c23558260dba14949fea22))
+
+### Documentation
+* TT-137: Create-Feature Toggles dictionary ([`5b0deaf`](https://github.com/ioet/time-tracker-backend/commit/5b0deaf4ebad89bdf9730ca3e5faf10761ae67e5))
+
 ## v0.27.1 (2021-01-27)
 ### Fix
 * TT-131 remove feature toggle for user role field ([#255](https://github.com/ioet/time-tracker-backend/issues/255)) ([`a3439c3`](https://github.com/ioet/time-tracker-backend/commit/a3439c3b0a2c3b6007f87b1157e38773968fc00d))
diff --git a/commons/feature_toggles/feature_toggle_manager.py b/commons/feature_toggles/feature_toggle_manager.py
@@ -2,19 +2,11 @@
 import json
 from time_tracker_api.security import current_user_email
 from azure.appconfiguration import AzureAppConfigurationClient
+from utils.environment_variables import check_variables_are_defined
 
 
 class FeatureToggleConfig:
-    def check_variables_are_defined():
-        azure_app_variable = 'AZURE_APP_CONFIGURATION_CONNECTION_STRING'
-        if azure_app_variable not in os.environ:
-            raise EnvironmentError(
-                "{} is not defined in the environment".format(
-                    azure_app_variable
-                )
-            )
-
-    check_variables_are_defined()
+    check_variables_are_defined(['AZURE_APP_CONFIGURATION_CONNECTION_STRING'])
     AZURE_APP_CONFIGURATION_CONNECTION_STRING = os.environ.get(
         'AZURE_APP_CONFIGURATION_CONNECTION_STRING'
     )
diff --git a/requirements/time_tracker_api/dev.txt b/requirements/time_tracker_api/dev.txt
@@ -15,4 +15,4 @@ pytest-mock==2.0.0
 coverage==4.5.1
 
 # Git hooks
-pre-commit==2.2.0
+pre-commit==2.2.0
diff --git a/tests/time_tracker_api/users/users_namespace_test.py b/tests/time_tracker_api/users/users_namespace_test.py
@@ -1,18 +1,45 @@
 from unittest.mock import Mock, patch
 from flask import json
+from faker import Faker
 from flask.testing import FlaskClient
 from flask_restplus._http import HTTPStatus
 from pytest import mark
 
 
+@patch('utils.azure_users.AzureConnection.get_msal_client', Mock())
+@patch('utils.azure_users.AzureConnection.get_token', Mock())
+@patch('utils.azure_users.AzureConnection.get_user')
+def test_get_user_response_contains_expected_props(
+    get_user_mock,
+    client: FlaskClient,
+    valid_header: dict,
+):
+    get_user_mock.return_value = {
+        'name': 'dummy',
+        'email': 'dummy',
+        'roles': ['dummy-role'],
+    }
+    user_id = (Faker().uuid4(),)
+    response = client.get(f'/users/{user_id}', headers=valid_header)
+
+    get_user_mock.assert_called()
+    assert HTTPStatus.OK == response.status_code
+    assert 'name' in json.loads(response.data)
+    assert 'email' in json.loads(response.data)
+    assert 'roles' in json.loads(response.data)
+    assert ['dummy-role'] == json.loads(response.data)['roles']
+
+
 @patch('utils.azure_users.AzureConnection.get_msal_client', Mock())
 @patch('utils.azure_users.AzureConnection.get_token', Mock())
 @patch(
     'utils.azure_users.AzureConnection.is_test_user', Mock(return_value=True)
 )
 @patch('utils.azure_users.AzureConnection.users')
 def test_users_response_contains_expected_props(
-    users_mock, client: FlaskClient, valid_header: dict,
+    users_mock,
+    client: FlaskClient,
+    valid_header: dict,
 ):
     users_mock.return_value = [
         {'name': 'dummy', 'email': 'dummy', 'roles': ['dummy-role']}
@@ -31,7 +58,8 @@ def test_users_response_contains_expected_props(
 @patch('utils.azure_users.AzureConnection.get_token', Mock())
 @patch('utils.azure_users.AzureConnection.update_role')
 @mark.parametrize(
-    'role_id,action', [('test', 'grant'), ('admin', 'revoke')],
+    'role_id,action',
+    [('test', 'grant'), ('admin', 'revoke')],
 )
 def test_update_role_response_contains_expected_props(
     update_role_mock,
@@ -47,7 +75,8 @@ def test_update_role_response_contains_expected_props(
         'roles': [],
     }
     response = client.post(
-        f'/users/{user_id}/roles/{role_id}/{action}', headers=valid_header,
+        f'/users/{user_id}/roles/{role_id}/{action}',
+        headers=valid_header,
     )
     assert HTTPStatus.OK == response.status_code
     assert 'name' in json.loads(response.data)
@@ -78,10 +107,34 @@ def test_update_role_is_called_properly_on_each_action(
 ):
     update_role_mock.return_value = {}
     response = client.post(
-        f'/users/{user_id}/roles/{role_id}/{action}', headers=valid_header,
+        f'/users/{user_id}/roles/{role_id}/{action}',
+        headers=valid_header,
     )
 
     assert HTTPStatus.OK == response.status_code
     update_role_mock.assert_called_once_with(
         user_id, role_id, is_grant=is_grant
     )
+
+
+@patch('utils.azure_users.AzureConnection.get_msal_client', Mock())
+@patch('utils.azure_users.AzureConnection.get_token', Mock())
+@patch('utils.azure_users.AzureConnection.is_user_in_group')
+@mark.parametrize(
+    'group_name, expected_value', [('admin', True), ('admin', False)]
+)
+def test_if_user_is_in_group(
+    is_user_in_group_mock,
+    client: FlaskClient,
+    valid_header: dict,
+    user_id: str,
+    group_name,
+    expected_value,
+):
+    is_user_in_group_mock.return_value = {'value': expected_value}
+    response = client.get(
+        f'/users/{user_id}/groups/{group_name}/is-member-of',
+        headers=valid_header,
+    )
+    assert HTTPStatus.OK == response.status_code
+    assert 'value' in json.loads(response.data)
diff --git a/tests/utils/azure_users_test.py b/tests/utils/azure_users_test.py
@@ -14,7 +14,10 @@
     ],
 )
 def test_azure_connection_is_test_user(
-    get_mock, field_name, field_value, is_test_user_expected_value,
+    get_mock,
+    field_name,
+    field_value,
+    is_test_user_expected_value,
 ):
     response_mock = Mock()
     response_mock.status_code = 200
@@ -33,7 +36,12 @@ def test_azure_connection_get_test_user_ids(get_mock):
     response_mock = Mock()
     response_mock.status_code = 200
     response_mock.json = Mock(
-        return_value={'value': [{'objectId': 'ID1'}, {'objectId': 'ID2'},]}
+        return_value={
+            'value': [
+                {'objectId': 'ID1'},
+                {'objectId': 'ID2'},
+            ]
+        }
     )
     get_mock.return_value = response_mock
 
@@ -56,3 +64,42 @@ def test_azure_connection_get_non_test_users(
     non_test_users = [non_test_user]
     az_conn = AzureConnection()
     assert az_conn.get_non_test_users() == non_test_users
+
+
+@patch('utils.azure_users.AzureConnection.get_msal_client', Mock())
+@patch('utils.azure_users.AzureConnection.get_token', Mock())
+@patch('requests.get')
+def test_azure_connection_get_group_id_by_group_name(get_mock):
+    response_mock = Mock()
+    response_mock.status_code = 200
+    response_mock.json = Mock(return_value={'value': [{'objectId': 'ID1'}]})
+    get_mock.return_value = response_mock
+
+    group_id = 'ID1'
+    azure_connection = AzureConnection()
+    assert (
+        azure_connection.get_group_id_by_group_name('group_name') == group_id
+    )
+
+
+@patch('utils.azure_users.AzureConnection.get_msal_client', Mock())
+@patch('utils.azure_users.AzureConnection.get_token', Mock())
+@patch('utils.azure_users.AzureConnection.get_group_id_by_group_name')
+@patch('requests.post')
+@mark.parametrize('expected_value', [True, False])
+def test_is_user_in_group(
+    post_mock, get_group_id_by_group_name_mock, expected_value
+):
+    response_expected = {'value': expected_value}
+    response_mock = Mock()
+    response_mock.status_code = 200
+    response_mock.json = Mock(return_value=response_expected)
+    post_mock.return_value = response_mock
+
+    get_group_id_by_group_name_mock.return_value = 'group_id'
+
+    azure_connection = AzureConnection()
+    assert (
+        azure_connection.is_user_in_group('user_id', 'group_name')
+        == response_expected
+    )
diff --git a/time_tracker_api/users/users_namespace.py b/time_tracker_api/users/users_namespace.py
@@ -31,7 +31,12 @@
                 description='List of the roles assigned to the user by the tenant',
             ),
             example=Faker().words(
-                3, ['time-tracker-admin', 'test-user', 'guest',],
+                3,
+                [
+                    'time-tracker-admin',
+                    'test-user',
+                    'guest',
+                ],
             ),
         ),
     },
@@ -40,6 +45,16 @@
 user_response_fields.update(common_fields)
 
 
+@ns.route('/<string:id>')
+@ns.param('id', 'The unique identifier of the user')
+class User(Resource):
+    @ns.doc('get_user')
+    @ns.marshal_list_with(user_response_fields)
+    def get(self, id):
+        """Get an user"""
+        return AzureConnection().get_user(id)
+
+
 @ns.route('')
 class Users(Resource):
     @ns.doc('list_users')
@@ -84,3 +99,13 @@ class RevokeRole(Resource):
     def post(self, user_id, role_id):
         """Revoke role to user"""
         return AzureConnection().update_role(user_id, role_id, is_grant=False)
+
+
+@ns.route('/<string:user_id>/groups/<string:group_id>/is-member-of')
+@ns.param('user_id', 'The user identifier')
+@ns.param('group_id', 'The group name identifier')
+class UserInGroup(Resource):
+    @ns.doc('user_in_group')
+    def get(self, user_id, group_id):
+        """Is User in the Group"""
+        return AzureConnection().is_user_in_group(user_id, group_id)
diff --git a/time_tracker_api/version.py b/time_tracker_api/version.py
@@ -1 +1 @@
-__version__ = '0.27.1'
+__version__ = '0.29.0'
diff --git a/utils/azure_users.py b/utils/azure_users.py
@@ -3,24 +3,20 @@
 import requests
 import json
 from typing import List
+from utils.environment_variables import check_variables_are_defined
 
 
 class MSConfig:
-    def check_variables_are_defined():
-        auth_variables = [
-            'MS_CLIENT_ID',
-            'MS_AUTHORITY',
-            'MS_SECRET',
-            'MS_SCOPE',
-            'MS_ENDPOINT',
-        ]
-        for var in auth_variables:
-            if var not in os.environ:
-                raise EnvironmentError(
-                    "{} is not defined in the environment".format(var)
-                )
+    ms_variables = [
+        'MS_CLIENT_ID',
+        'MS_AUTHORITY',
+        'MS_SECRET',
+        'MS_SCOPE',
+        'MS_ENDPOINT',
+    ]
+
+    check_variables_are_defined(ms_variables)
 
-    check_variables_are_defined()
     CLIENT_ID = os.environ.get('MS_CLIENT_ID')
     AUTHORITY = os.environ.get('MS_AUTHORITY')
     SECRET = os.environ.get('MS_SECRET')
@@ -86,6 +82,14 @@ def get_token(self):
             error_info = f"{response['error']} {response['error_description']}"
             raise ValueError(error_info)
 
+    def get_user(self, user_id) -> AzureUser:
+        endpoint = "{endpoint}/users/{user_id}?api-version=1.6".format(
+            endpoint=self.config.ENDPOINT, user_id=user_id
+        )
+        response = requests.get(endpoint, auth=BearerAuth(self.access_token))
+        assert 200 == response.status_code
+        return self.to_azure_user(response.json())
+
     def users(self) -> List[AzureUser]:
         role_fields_params = ','.join(
             [field_name for field_name, _ in ROLE_FIELD_VALUES.values()]
@@ -165,3 +169,35 @@ def get_test_user_ids(self):
         assert 200 == response.status_code
         assert 'value' in response.json()
         return [item['objectId'] for item in response.json()['value']]
+
+    def get_group_id_by_group_name(self, group_name):
+        endpoint = "{endpoint}/groups?api-version=1.6&$select=objectId&$filter=displayName eq '{group_name}'".format(
+            endpoint=self.config.ENDPOINT, group_name=group_name
+        )
+
+        response = requests.get(endpoint, auth=BearerAuth(self.access_token))
+
+        assert 200 == response.status_code
+
+        return response.json()['value'][0]['objectId']
+
+    def is_user_in_group(self, user_id, group_name):
+        group_id = self.get_group_id_by_group_name(group_name=group_name)
+
+        endpoint = "{endpoint}/isMemberOf?api-version=1.6".format(
+            endpoint=self.config.ENDPOINT
+        )
+
+        data = {"groupId": group_id, "memberId": user_id}
+
+        response = requests.post(
+            endpoint,
+            auth=BearerAuth(self.access_token),
+            data=json.dumps(data),
+            headers=HTTP_PATCH_HEADERS,
+        )
+
+        assert 200 == response.status_code
+
+        item = response.json()['value']
+        return {'value': item}
diff --git a/utils/environment_variables.py b/utils/environment_variables.py
@@ -0,0 +1,9 @@
+import os
+
+
+def check_variables_are_defined(variables):
+    for var in variables:
+        if var not in os.environ:
+            raise EnvironmentError(
+                "{} is not defined in the environment".format(var)
+            )

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-__version__ = '0.27.1'`
	`1`	`+__version__ = '0.29.0'`