Merge remote-tracking branch 'origin/minimalInterface' into st_dh_min…

…imalInterface_admin_search

microsetta_private_api/LEGACY/locale_data/english_gut.py

@@ -141,7 +141,7 @@
 your mom or dad to prick your finger so that we can get a little bit of your blood.</p>
 
 <p>Sometimes kids don’t feel good while being in this study. You might feel a little bit sore where
-your skin is rubbed with the Q-tip and you will feel it when they prick your finger to get blood. 
+your skin is rubbed with the Q-tip and you will feel it when they prick your finger to get blood.
 Most people don’t mind these feelings.</p>
 
 <p>If you feel any of these things, or other things, be sure to tell your mom or dad.</p>

microsetta_private_api/api/implementation.py

@@ -49,10 +49,10 @@
 AUTHROCKET_PUB_KEY = pkg_resources.read_text(
     'microsetta_private_api',
     "authrocket.pubkey")
+JWT_ISS_CLAIM_KEY = 'iss'
+JWT_SUB_CLAIM_KEY = 'sub'
 
-
-def not_yet_implemented():
-    return {'message': 'functionality not yet implemented'}
+ACCT_NOT_FOUND_MSG = "Account not found"
 
 
 def find_accounts_for_login(token_info):
@@ -61,8 +61,9 @@ def find_accounts_for_login(token_info):
     with Transaction() as t:
         acct_repo = AccountRepo(t)
         acct = acct_repo.find_linked_account(
-            token_info['iss'],
-            token_info['sub'])
+            token_info[JWT_ISS_CLAIM_KEY],
+            token_info[JWT_SUB_CLAIM_KEY])
+
         if acct is None:
             return jsonify([]), 200
         return jsonify([acct.to_api()]), 200
@@ -72,7 +73,8 @@ def register_account(body, token_info):
     # First register with AuthRocket, then come here to make the account
     new_acct_id = str(uuid.uuid4())
     body["id"] = new_acct_id
-    account_obj = Account.from_dict(body, token_info['iss'], token_info['sub'])
+    account_obj = Account.from_dict(body, token_info[JWT_ISS_CLAIM_KEY],
+                                    token_info[JWT_SUB_CLAIM_KEY])
 
     with Transaction() as t:
         kit_repo = KitRepo(t)
@@ -124,8 +126,10 @@ def update_account(account_id, body, token_info):
             body['address']['country_code']
         )
 
+        # 422 handling is done inside acct_repo
         acct_repo.update_account(acc)
         t.commit()
+
         return jsonify(acc.to_api()), 200
 
 

microsetta_private_api/api/microsetta_private_api.yaml

@@ -11,21 +11,21 @@ paths:
       operationId: microsetta_private_api.api.implementation.find_accounts_for_login
       tags:
         - Account
-      summary: Identify linked account(s)
-      description: Retrieve ids of linked account(s)
+      summary: Retrieve an array of accounts accessible to the provided login
+      description: Retrieve an array of accounts accessible to the provided login
       parameters:
         - $ref: '#/components/parameters/language_tag'
       responses:
         '200':
-          description: Array of linked account(s)
+          description: Array of accessible accounts
           content:
             application/json:
               schema:
                 type: array
                 items:
                   $ref: '#/components/schemas/account'
-
-    # NB: Not including a get of all accounts: seems like seeing all accounts is an extension for the future (for admin?)
+        '401':
+          $ref: '#/components/responses/401Unauthorized'
     post:
       operationId: microsetta_private_api.api.implementation.register_account
       tags:
@@ -813,6 +813,7 @@ paths:
           $ref: '#/components/responses/404NotFound'
         '422':
           $ref: '#/components/responses/422UnprocessableEntity'
+
   # START ADMINISTRATOR PATHS
   '/admin/search/sample/{sample_barcode}':
     get:

microsetta_private_api/api/tests/test_api.py

@@ -388,10 +388,12 @@ def test_accounts_create_fail_422(self):
         # NB: I would rather do this with an email already in use in the
         # test db, but it appears the test db emails have been randomized
         # into strings that won't pass the api's email format validation :(
+
+        # create a dummy account with email 1
         create_dummy_acct(create_dummy_1=True)
 
         # Now try to create a new account that is different in all respects
-        # from the first dummy one EXCEPT that it has the same email
+        # from the dummy made with email 1 EXCEPT that it has the same email
         test_acct_info = copy.deepcopy(DUMMY_ACCT_INFO_2)
         test_acct_info["email"] = TEST_EMAIL
 
@@ -408,7 +410,7 @@ def test_accounts_create_fail_422(self):
 
         # check response code
         self.assertEqual(422, response.status_code)
-        # endregion accounts create/post tests
+    # endregion accounts create/post tests
 
 
 @pytest.mark.usefixtures("client")
@@ -538,20 +540,23 @@ def test_account_update_fail_404(self):
         # 404: It's definitely missing
         self.assertIn(response.status_code, [401, 404])
 
-    def test_accounts_update_fail_422(self):
+    def test_account_update_fail_422(self):
         """Return 422 if provided email is in use in db."""
 
         # NB: I would rather do this with an email already in use in the
         # test db, but it appears the test db emails have been randomized
         # into strings that won't pass the api's email format validation :(
-        create_dummy_acct(create_dummy_1=False)
-
-        dummy_acct_id = create_dummy_acct(create_dummy_1=True,
-                                          iss=ACCT_MOCK_ISS_2,
-                                          sub=ACCT_MOCK_SUB_2)
-        # Now try to update the account with info that is the same in
-        # all respects from the dummy one EXCEPT that it has
-        # an email that is already in use by ANOTHER account
+
+        # create an account with email 1
+        dummy_acct_id = create_dummy_acct(create_dummy_1=True)
+
+        # create an account with email 2
+        create_dummy_acct(create_dummy_1=False, iss=ACCT_MOCK_ISS_2,
+                          sub=ACCT_MOCK_SUB_2)
+
+        # Now try to update the account made with email 1 with info that is
+        # the same in all respects as those it was made with EXCEPT that it has
+        # an email that is now in use by the account with email 2:
         changed_dummy_acct = copy.deepcopy(DUMMY_ACCT_INFO)
         changed_dummy_acct["email"] = TEST_EMAIL_2
 
@@ -561,7 +566,7 @@ def test_accounts_update_fail_422(self):
         response = self.client.put(
             '/api/accounts/%s?%s' %
             (dummy_acct_id, self.default_lang_querystring),
-            headers=MOCK_HEADERS_2,
+            headers=MOCK_HEADERS,
             content_type='application/json',
             data=input_json)
 

microsetta_private_api/model/account.py

@@ -48,7 +48,7 @@ def to_api(self):
             "first_name": self.first_name,
             "last_name": self.last_name,
             "email": self.email,
-            "address": self.address,
+            "address": self.address.to_api(),
             "account_type": self.account_type,
             "creation_time": self.creation_time,
             "update_time": self.update_time

microsetta_private_api/repo/account_repo.py

@@ -2,6 +2,7 @@
 
 from microsetta_private_api.repo.base_repo import BaseRepo
 from microsetta_private_api.model.account import Account
+from microsetta_private_api.model.address import Address
 from microsetta_private_api.exceptions import RepoException
 
 
@@ -22,13 +23,8 @@ def __init__(self, transaction):
 
     @staticmethod
     def _row_to_addr(r):
-        return {
-            "street": r["street"],
-            "city": r["city"],
-            "state": r["state"],
-            "post_code": r["post_code"],
-            "country_code": r["country_code"]
-        }
+        return Address(r["street"], r["city"], r["state"], r["post_code"],
+                       r["country_code"])
 
     @staticmethod
     def _addr_to_row(addr):