diff --git a/oxauth/functions.py b/oxauth/functions.py index 4359144df..7f46b9dff 100644 --- a/oxauth/functions.py +++ b/oxauth/functions.py @@ -37,6 +37,24 @@ def get_logged_in_user_id(request, bypass_sso_cookie_check=settings.BYPASS_SSO_C else: return -1 +def get_logged_in_user_uuid(request, bypass_sso_cookie_check=settings.BYPASS_SSO_COOKIE_CHECK): + """ + This simplifies getting the logged in user id - since this happens often. + Requires SSO_COOKIE_NAME to be set in settings file. + Takes an optional bypass_cookie_check param to bypass cookie checking for local dev / testing + which returns -1 (a never valid user id) + :param request: + :return: user_id from SSO cookie + """ + if not bypass_sso_cookie_check: + decrypted_cookie = decrypt_cookie(request.COOKIES.get(settings.SSO_COOKIE_NAME)) + if decrypted_cookie: + return decrypted_cookie.user_uuid + else: + return None + else: + return -1 + def get_token(): client = BackendApplicationClient(client_id=settings.SOCIAL_AUTH_OPENSTAX_KEY) oauth = OAuth2Session(client=client) diff --git a/salesforce/management/commands/sync_reviews.py b/salesforce/management/commands/sync_reviews.py index a86efe869..7a0a3cd9c 100644 --- a/salesforce/management/commands/sync_reviews.py +++ b/salesforce/management/commands/sync_reviews.py @@ -11,7 +11,7 @@ def handle(self, *args, **options): with Salesforce() as sf: # To update the existing reviews with Partner responses and approved reviews. - command = "Select Id, Status__c, Approved_Customer_Review__c, Pending_Customer_Review__c, Partner_Response__c, Partner_Response_Date__c, Partner__c, Contact__c, Score__c, OS_Accounts_ID__c FROM Partner_Review__c WHERE Status__c = 'Approved' OR Status__c = 'Responded'" + command = "Select Id, Status__c, Approved_Customer_Review__c, Pending_Customer_Review__c, Partner_Response__c, Partner_Response_Date__c, Partner__c, Contact__c, Score__c, OS_Accounts_UUID__c FROM Partner_Review__c WHERE Status__c = 'Approved' OR Status__c = 'Responded'" response = sf.query_all(command) sf_reviews = response['records'] @@ -48,7 +48,7 @@ def handle(self, *args, **options): 'Status__c': 'New', 'Pending_Customer_Review__c': review.review, 'Partner__c': review.partner.salesforce_id, - 'OS_Accounts_ID__c': review.submitted_by_account_id, + 'OS_Accounts_UUID__c': review.submitted_by_account_uuid, 'Score__c': review.rating, } try: @@ -66,7 +66,7 @@ def handle(self, *args, **options): data = { 'Status__c': 'New', 'Pending_Customer_Review__c': review.review, - 'OS_Accounts_ID__c': review.submitted_by_account_id, + 'OS_Accounts_UUID__c': review.submitted_by_account_uuid, 'Score__c': review.rating, } try: diff --git a/salesforce/management/commands/update_partner_reviews_to_use_uuid.py b/salesforce/management/commands/update_partner_reviews_to_use_uuid.py new file mode 100644 index 000000000..6a859ec80 --- /dev/null +++ b/salesforce/management/commands/update_partner_reviews_to_use_uuid.py @@ -0,0 +1,19 @@ +from django.core.management.base import BaseCommand +from django.db import transaction +from salesforce.models import PartnerReview +from oxauth.functions import get_user_info + +class Command(BaseCommand): + help = "update partner reviews to store the uuid instead of the id" + + def handle(self, *args, **options): + reviews = PartnerReview.objects.filter(submitted_by_account_uuid__isnull=True) + + self.stdout.write(self.style.NOTICE("Updating {} records. This might take a while.".format(reviews.count()))) + + for review in reviews: + review.submitted_by_account_uuid = get_user_info(review.submitted_by_account_id)['uuid'] + review.submitted_by_account_id = None + review.save() + + self.stdout.write(self.style.SUCCESS("Updated UUID fields on {} resource download records.".format(reviews.count()))) diff --git a/salesforce/migrations/0093_partnerreview_submitted_by_account_uuid.py b/salesforce/migrations/0093_partnerreview_submitted_by_account_uuid.py new file mode 100644 index 000000000..9c92635f3 --- /dev/null +++ b/salesforce/migrations/0093_partnerreview_submitted_by_account_uuid.py @@ -0,0 +1,18 @@ +# Generated by Django 3.2.4 on 2021-11-03 21:53 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('salesforce', '0092_auto_20211018_1152'), + ] + + operations = [ + migrations.AddField( + model_name='partnerreview', + name='submitted_by_account_uuid', + field=models.UUIDField(null=True), + ), + ] diff --git a/salesforce/migrations/0094_alter_partnerreview_submitted_by_account_id.py b/salesforce/migrations/0094_alter_partnerreview_submitted_by_account_id.py new file mode 100644 index 000000000..5dcdff526 --- /dev/null +++ b/salesforce/migrations/0094_alter_partnerreview_submitted_by_account_id.py @@ -0,0 +1,18 @@ +# Generated by Django 3.2.4 on 2021-11-03 22:44 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('salesforce', '0093_partnerreview_submitted_by_account_uuid'), + ] + + operations = [ + migrations.AlterField( + model_name='partnerreview', + name='submitted_by_account_id', + field=models.IntegerField(blank=True, null=True), + ), + ] diff --git a/salesforce/models.py b/salesforce/models.py index 7f024f012..0e5526971 100644 --- a/salesforce/models.py +++ b/salesforce/models.py @@ -318,7 +318,8 @@ class PartnerReview(models.Model): partner_response = models.TextField(null=True, blank=True) partner_response_date = models.DateField(null=True, blank=True) submitted_by_name = models.CharField(max_length=255) - submitted_by_account_id = models.IntegerField() + submitted_by_account_id = models.IntegerField(null=True, blank=True) # TODO: remove this field after migrating data and FE sending UUID instead of id + submitted_by_account_uuid = models.UUIDField(null=True) user_faculty_status = models.CharField(max_length=255, choices=FACULTY_STATUS_OPTIONS, default='No Faculty Info') status = models.CharField(max_length=255, choices=STATUS_OPTIONS, default='New') created = models.DateField(auto_now_add=True) diff --git a/salesforce/serializers.py b/salesforce/serializers.py index 161c637f3..476ee1ff9 100644 --- a/salesforce/serializers.py +++ b/salesforce/serializers.py @@ -135,6 +135,6 @@ class Meta: class PartnerReviewSerializer(serializers.ModelSerializer): class Meta: model = PartnerReview - fields = ('id', 'status', 'partner', 'partner_response', 'partner_response_date', 'review', 'rating', 'submitted_by_name', 'submitted_by_account_id', 'user_faculty_status', 'created', 'updated') + fields = ('id', 'status', 'partner', 'partner_response', 'partner_response_date', 'review', 'rating', 'submitted_by_name', 'submitted_by_account_uuid', 'user_faculty_status', 'created', 'updated') read_only_fields = ('partner_response', 'partner_response_date', 'created', 'updated', 'status') diff --git a/salesforce/tests.py b/salesforce/tests.py index 40c591b3a..6879b32e1 100644 --- a/salesforce/tests.py +++ b/salesforce/tests.py @@ -66,7 +66,7 @@ def test_can_add_review(self): rating=5, review="This is a great resource.", submitted_by_name="Test McTester", - submitted_by_account_id=2) + submitted_by_account_uuid='aaa560a1-e828-48fb-b9a8-d01e9aec71d0') self.assertEqual(review.review, "This is a great resource.") def test_partners_include_review_data(self): @@ -84,12 +84,12 @@ def test_all_partners_no_reviews(self): def test_can_only_submit_one_review_per_user(self): random_partner = Partner.objects.order_by("?").first() - data = {"partner": random_partner.id, "rating": 4, "submitted_by_name": "Some User", "submitted_by_account_id": 2} + data = {"partner": random_partner.id, "rating": 4, "submitted_by_name": "Some User", "submitted_by_account_uuid": 'aaa560a1-e828-48fb-b9a8-d01e9aec71d0'} response = self.client.post('/apps/cms/api/salesforce/reviews/', data, format='json') self.assertEqual(response.status_code, status.HTTP_201_CREATED) data = {"partner": random_partner.id, "rating": 4, "submitted_by_name": "Some User", - "submitted_by_account_id": 2} + "submitted_by_account_uuid": 'aaa560a1-e828-48fb-b9a8-d01e9aec71d0'} response = self.client.post('/apps/cms/api/salesforce/reviews/', data, format='json') self.assertEqual(response.status_code, status.HTTP_200_OK) @@ -98,7 +98,7 @@ def test_can_delete_review(self): partner=Partner.objects.order_by("?").first(), rating=5, submitted_by_name="O. Staxly", - submitted_by_account_id=2 + submitted_by_account_uuid='aaa560a1-e828-48fb-b9a8-d01e9aec71d0' # accounts dev admin user uuid - special case to bypass SSO cookie check ) data = { "id": review.id } response = self.client.delete('/apps/cms/api/salesforce/reviews/', data, format='json') diff --git a/salesforce/views.py b/salesforce/views.py index 239905cbd..5763abd12 100644 --- a/salesforce/views.py +++ b/salesforce/views.py @@ -13,7 +13,7 @@ from salesforce.salesforce import Salesforce from books.models import Book -from oxauth.functions import get_logged_in_user_id +from oxauth.functions import get_logged_in_user_uuid from global_settings.functions import invalidate_cloudfront_caches @@ -49,9 +49,9 @@ def list(self, request): """ # for a review to show up in the API, the partner should be visible and the review approved queryset = PartnerReview.objects.filter(partner__visible_on_website=True) - user_id = self.request.query_params.get('user_id', None) + user_uuid = self.request.query_params.get('user_uuid', None) if user_id is not None: - queryset = queryset.filter(submitted_by_account_id=user_id) + queryset = queryset.filter(submitted_by_account_uuid=user_uuid) serializer = PartnerReviewSerializer(queryset, many=True) return Response(serializer.data) @@ -61,11 +61,11 @@ def post(self, request): try: try: review_object = PartnerReview.objects.get(partner=request.data['partner'], - submitted_by_account_id=request.data['submitted_by_account_id']) + submitted_by_account_uuid=request.data['submitted_by_account_uuid']) except MultipleObjectsReturned: # just in case they somehow were able to create more than 1 review_object = PartnerReview.objects.filter(partner=request.data['partner'], - submitted_by_account_id=request.data[ - 'submitted_by_account_id']).first() + submitted_by_account_uuid=request.data[ + 'submitted_by_account_uuid']).first() serializer = PartnerReviewSerializer(review_object) return Response(serializer.data) except PartnerReview.DoesNotExist: @@ -92,10 +92,11 @@ def patch(self, request): @action(method=['delete'], detail=True) def delete(self, request): - user_id = get_logged_in_user_id(request) - if user_id: + user_uuid = get_logged_in_user_uuid(request) + print(user_uuid) + if user_uuid: review_object = PartnerReview.objects.get(id=request.data['id']) - if (user_id == review_object.submitted_by_account_id) or user_id == -1: + if (user_uuid == review_object.submitted_by_account_uuid) or user_uuid == -1: # -1 is returned by get_logged_in_user_uuid when bypass_sso_cookie_check = True review_object.status = 'Deleted' review_object.save() invalidate_cloudfront_caches()