create API endpoint for posting comm emails (bug 896044)

Author: dash1291

apps/comm/tasks.py

@@ -8,7 +8,7 @@
 
 
 @task
-def consume_email(email_text):
+def consume_email(email_text, **kwargs):
     """Parse emails and save notes."""
     res = save_from_email_reply(email_text)
     if not res:

lib/settings_base.py

@@ -1564,3 +1564,7 @@ def read_only_mode(env):
 
 # Cache timeout on the /search/featured API.
 CACHE_SEARCH_FEATURED_API_TIMEOUT = 60 * 60  # 1 hour.
+
+# Whitelist IP addresses of the allowed clients that can post email
+# through the API.
+WHITELISTED_CLIENTS_EMAIL_API = []

mkt/comm/api.py

@@ -1,8 +1,10 @@
+from django.conf import settings
 from django.db.models import Q
 from django.http import Http404
 from django.shortcuts import get_object_or_404
 
-from rest_framework.exceptions import PermissionDenied
+from rest_framework.decorators import api_view, permission_classes
+from rest_framework.exceptions import PermissionDenied, ParseError
 from rest_framework.fields import CharField
 from rest_framework.filters import OrderingFilter
 from rest_framework.mixins import (CreateModelMixin, DestroyModelMixin,
@@ -14,11 +16,13 @@
 from addons.models import Addon
 from users.models import UserProfile
 from comm.models import CommunicationNote, CommunicationThread
+from comm.tasks import consume_email
 from comm.utils import ThreadObjectPermission
 from mkt.api.authentication import (RestOAuthAuthentication,
                                     RestSharedSecretAuthentication)
 from mkt.api.base import CORSViewSet
 from mkt.webpay.forms import PrepareForm
+from rest_framework.response import Response
 
 
 class AuthorSerializer(ModelSerializer):
@@ -190,3 +194,22 @@ def get_serializer(self, instance=None, data=None,
 
         return super(NoteViewSet, self).get_serializer(data=data_dict,
             files=files, instance=instance, many=many, partial=partial)
+
+
+class EmailCreationPermission(object):
+    def has_permission(self, request, view):
+        remote_ip = request.META.get('REMOTE_ADDR')
+        return remote_ip and (
+            remote_ip in settings.WHITELISTED_CLIENTS_EMAIL_API)
+
+
+@api_view(['POST'])
+@permission_classes((EmailCreationPermission,))
+def post_email(request):
+    email_body = request.POST.get('email_body')
+    if not email_body:
+        raise ParseError(
+            detail='email_body not present in the POST data.')
+
+    consume_email.apply_async((email_body,))
+    return Response(status=201)

mkt/comm/tests/test_api.py

@@ -1,15 +1,17 @@
 import json
 
+from django.conf import settings
 from django.core.urlresolvers import reverse
 
+import mock
 from nose.tools import eq_
 from test_utils import RequestFactory
 
 from amo.tests import addon_factory
 from comm.models import (CommunicationNote, CommunicationThread,
                          CommunicationThreadCC)
 from mkt.api.tests.test_oauth import RestOAuth
-from mkt.comm.api import ThreadPermission
+from mkt.comm.api import ThreadPermission, EmailCreationPermission, post_email
 from mkt.site.fixtures import fixture
 from mkt.webapps.models import Webapp
 
@@ -185,3 +187,44 @@ def test_creation_denied(self):
     def test_cors_allowed(self):
         res = self.client.get(self.list_url)
         self.assertCORS(res, 'get', 'post', 'delete')
+
+
+class TestEmailApi(RestOAuth):
+
+    def setUp(self):
+        super(TestEmailApi, self).setUp()
+        settings.WHITELISTED_CLIENTS_EMAIL_API = ['10.10.10.10']
+        self.mock_request = RequestFactory().get(reverse('post-email-api'))
+        mock.patch.object(settings, 'WHITELISTED_CLIENTS_EMAIL_API',
+                          ['10.10.10.10'])
+
+    def get_request(self, data):
+        req = self.mock_request
+        req.META['REMOTE_ADDR'] = '10.10.10.10'
+        req.POST = dict(data)
+        req.method = 'POST'
+        req.user = self.user
+        req.amo_user = self.profile
+        req.groups = req.amo_user.groups.all()
+        return req
+
+    def test_allowed(self):
+        self.mock_request.META['REMOTE_ADDR'] = '10.10.10.10'
+        assert EmailCreationPermission().has_permission(self.mock_request,
+                                                        None)
+
+    def test_denied(self):
+        self.mock_request.META['REMOTE_ADDR'] = '10.10.10.1'
+        assert not EmailCreationPermission().has_permission(self.mock_request,
+                                                            None)
+
+    @mock.patch('comm.tasks.consume_email.apply_async')
+    def test_response(self, _mock):
+        res = post_email(self.get_request({'email_body': 'something'}))
+        _mock.assert_called_with(('something',))
+        eq_(res.status_code, 201)
+
+    def test_bad_request(self):
+        """Test with no email body."""
+        res = post_email(self.get_request({}))
+        eq_(res.status_code, 400)

mkt/comm/urls.py

@@ -2,7 +2,7 @@
 
 from rest_framework.routers import DefaultRouter
 
-from mkt.comm.api import NoteViewSet, ThreadViewSet
+from mkt.comm.api import NoteViewSet, ThreadViewSet, post_email
 
 
 api_thread = DefaultRouter()
@@ -11,5 +11,6 @@
                     base_name='comm-note')
 
 api_patterns = patterns('',
-    url(r'^comm/', include(api_thread.urls))
+    url(r'^comm/', include(api_thread.urls)),
+    url(r'^comm/email/', post_email, name='post-email-api')
 )