Merge remote-tracking branch 'origin/cn-develop' into develop

server/cp/auth.py

@@ -4,6 +4,7 @@
 import google.oauth2.id_token
 
 from flask_babel import gettext
+from flask import current_app as app
 from google.auth.transport import requests
 
 from newsroom.types import AuthProviderType
@@ -32,7 +33,7 @@ def token():
         try:
             claims = google.oauth2.id_token.verify_firebase_token(
                 token,
-                audience="cp-identity-dev" if "cp-dev" in flask.request.base_url else "cp-identity",
+                audience=app.config["AUTH_FIREBASE_AUDIENCE"],
                 request=firebase_request_adapter,
             )
         except ValueError as err:

server/cp/cem.py

@@ -13,8 +13,10 @@ def send_notification(_type, user, id_key: Literal["_id", "email"] = "_id"):
     url = app.config.get("CEM_URL", "")
     apikey = app.config.get("CEM_APIKEY", "")
     if not url or not apikey:
+        logger.warning("CEM is not configured")
         return
-    headers = {"x-api-key": apikey}
+    logger.info("Sending notification to CEM for %s", _type)
+    headers = {"x-api-key": apikey, "Content-Type": "application/json"}
     payload = {
         "type": _type,
         "object_id": str(user[id_key]),
@@ -23,14 +25,15 @@ def send_notification(_type, user, id_key: Literal["_id", "email"] = "_id"):
     if user.get("company") and id_key == "_id":
         payload["company"] = str(user["company"])
     try:
-        session.patch(
+        resp = session.patch(
             url,
             json=payload,
             headers=headers,
             timeout=int(app.config.get("CEM_TIMEOUT", 10)),
             verify=bool(app.config.get("CEM_VERIFY_TLS", True)),
         )
+        resp.raise_for_status()
     except requests.exceptions.RequestException as err:
         logger.error(err)
-        return
-    logger.info("Notification sent to CEM")
+    else:
+        logger.info("Notification sent to CEM for %s", _type)

server/cp/mgmt_api/companies.py

@@ -1,13 +1,14 @@
 from bson.objectid import ObjectId
 from flask import request, current_app as app
+from cp.mgmt_api.utils import validate_product_refs
 
 import newsroom
+import superdesk
 from newsroom.companies import CompaniesResource, CompaniesService
 from newsroom.companies.views import get_errors_company
 from newsroom.products.products import ProductsResource
 from newsroom.products.views import get_product_ref
 from newsroom.utils import find_one
-import superdesk
 from superdesk.errors import SuperdeskApiError
 
 
@@ -42,13 +43,17 @@ def on_create(self, docs):
                 raise SuperdeskApiError.badRequestError(
                     message=message, payload=message
                 )
+            if doc.get("products"):
+                validate_product_refs(doc["products"])
 
     def on_created(self, docs):
         super().on_created(docs)
         for doc in docs:
             app.cache.set(str(doc["_id"]), doc)
 
     def on_update(self, updates, original):
+        if updates.get("products"):
+            validate_product_refs(updates["products"])
         super().on_update(updates, original)
         app.cache.delete(str(original["_id"]))
 

server/cp/mgmt_api/users.py

@@ -2,9 +2,11 @@
 import superdesk
 
 from bson.objectid import ObjectId
+from flask import current_app as app
 from newsroom.users import UsersResource, UsersService
 from superdesk.errors import SuperdeskApiError
-from flask import current_app as app
+
+from cp.mgmt_api.utils import validate_product_refs
 
 
 class CPUsersResource(newsroom.Resource):
@@ -20,6 +22,10 @@ def init_app(app):
 
 
 class CPUsersService(UsersService):
+    def check_permissions(self, doc, updates=None):
+        """Avoid testing if user has permissions."""
+        pass
+
     def on_create(self, docs):
         super().on_create(docs)
         for doc in docs:
@@ -32,7 +38,9 @@ def on_create(self, docs):
                 raise SuperdeskApiError.badRequestError(message=message, payload=message)
             if doc.get('company'):
                 doc['company'] = ObjectId(doc.get('company'))
+            if doc.get("products"):
+                validate_product_refs(doc["products"])
 
-    def check_permissions(self, doc, updates=None):
-        """Avoid testing if user has permissions."""
-        pass
+    def on_update(self, updates, original):
+        if updates.get("products"):
+            validate_product_refs(updates["products"])

server/cp/mgmt_api/utils.py

@@ -0,0 +1,14 @@
+import superdesk
+
+
+def validate_product_refs(products):
+    products_service = superdesk.get_resource_service("products")
+    for product_spec in products:
+        product = products_service.find_one(req=None, _id=product_spec["_id"])
+        assert product is not None and product["product_type"] == product_spec.get(
+            "section"
+        ), (
+            f"invalid product type for product {product_spec['_id']}, should be {product['product_type']}"
+            if product
+            else f"unknown product {product_spec['_id']}"
+        )

server/data/ui_config.json

@@ -115,13 +115,14 @@
     },
     {
         "_id": "agenda",
-        "init_version": 7,
+        "init_version": 8,
         "multi_select_topics": false,
         "open_coverage_content_in_same_page": true,
         "enable_global_topics": true,
         "subnav": {
             "filters": [
                 "item_type",
+                "location",
                 "coverage_type",
                 "coverage_status"
             ]

server/features/mgmt_api_companies.feature

@@ -81,4 +81,62 @@ Feature: Management API - Companies
             ]
         }
         """
-
+
+    Scenario: Validate company products section
+        Given "products"
+        """
+        [
+            {"name": "test", "query": "test", "product_type": "agenda"}
+        ]
+        """
+
+        When we post to "/companies"
+        """
+        {
+            "name": "zzz company",
+            "contact_name": "zzz company",
+            "contact_email": "[email protected]",
+            "phone": "99999999",
+            "products": [
+                {"_id": "#products._id#", "section": "wire"}
+            ]
+        }
+        """
+        Then we get error 400
+        """
+        {"code": 400, "message": "invalid product type for product #products._id#, should be agenda"}
+        """
+
+        When we post to "/companies"
+        """
+        {
+            "name": "zzz company",
+            "contact_name": "zzz company",
+            "contact_email": "[email protected]",
+            "phone": "99999999",
+            "products": [
+                {"_id": "#products._id#", "section": "agenda"}
+            ]
+        }
+        """
+        Then we get response code 201
+
+        When we patch "/companies/#companies._id#"
+        """
+        {
+            "products": [
+                {"_id": "#products._id#", "section": "wire"}
+            ]
+        }
+        """
+        Then we get error 400
+
+        When we patch "/companies/#companies._id#"
+        """
+        {
+            "products": [
+                {"_id": "#products._id#", "section": "agenda"}
+            ]
+        }
+        """
+        Then we get response code 200

server/features/mgmt_api_products.feature

@@ -14,7 +14,7 @@ Feature: Management API - Products
             "name": "A fishy Product",
             "description": "a product for those interested in fish",
             "query": "fish",
-            "product_type": "news_api"
+            "product_type": "agenda"
         }]
         """
         Then we get response code 201
@@ -52,7 +52,7 @@ Feature: Management API - Products
                 "name": "A fishy Product",
                 "description": "new description",
                 "query": "fish",
-                "product_type": "news_api",
+                "product_type": "agenda",
                 "seats": 5
             }
         ]}
@@ -62,7 +62,7 @@ Feature: Management API - Products
         Then we get existing resource
         """
         {"products": [
-            {"_id": "#products._id#", "section": "news_api", "seats": 5}
+            {"_id": "#products._id#", "section": "agenda", "seats": 5}
         ]}
         """
 

server/features/mgmt_api_topics.feature

@@ -117,3 +117,42 @@ Feature: Management API - Topics
         """
         When we get "/topics"
         Then we get list with 1 items
+
+    Scenario: Validate if navigation exists
+        When we post to "/topics"
+        """
+        {
+            "label": "topic1",
+            "company": "#companies._id#",
+            "topic_type": "wire",
+            "query": "topic1",
+            "is_global": true,
+            "user": "#users._id#",
+            "navigation": ["619277ef8bbbbfac6034aab7"]
+        }
+        """
+        Then we get response code 400
+
+        When we post to "navigations"
+        """
+        {
+            "name": "navigation1",
+            "description": "navigation1",
+            "order": 1
+        }
+        """
+        Then we get response code 201
+
+        When we post to "/topics"
+        """
+        {
+            "label": "topic1",
+            "company": "#companies._id#",
+            "topic_type": "wire",
+            "query": "topic1",
+            "is_global": true,
+            "user": "#users._id#",
+            "navigation": ["#navigations._id#"]
+        }
+        """
+        Then we get response code 201

server/features/mgmt_api_users.feature

@@ -110,3 +110,74 @@ Feature: Management API - Users
         """
         When we delete latest
         Then we get ok response
+
+    Scenario: Validate product type
+        Scenario: Create a user
+        Given empty "users"
+        And "products"
+        """
+        [
+            {"name": "test", "query": "test", "product_type": "agenda"}
+        ]
+        """
+        And "companies"
+        """
+        [{"name": "zzz company"}]
+        """
+
+        When we post to "/users"
+        """
+        {
+            "first_name": "John",
+            "last_name": "Cena",
+            "email": "[email protected]",
+            "company": "#companies._id#",
+            "sections": {
+                "agenda": true
+            },
+            "products": [
+                {"_id": "#products._id#", "section": "wire"}
+            ]
+        }
+        """
+        Then we get error 400
+        """
+        {"code": 400, "message": "invalid product type for product #products._id#, should be agenda"}
+        """
+
+        When we post to "/users"
+        """
+        {
+            "first_name": "John",
+            "last_name": "Cena",
+            "email": "[email protected]",
+            "company": "#companies._id#",
+            "sections": {
+                "agenda": true
+            },
+            "products": [
+                {"section": "agenda", "_id": "#products._id#"}
+            ]
+        }
+        """
+        Then we get response code 201
+
+        When we patch "/users/#users._id#"
+        """
+        {
+            "products": [
+                {"section": "wire", "_id": "#products._id#"}
+            ]
+        }
+        """
+        Then we get error 400
+
+        When we patch "/users/#users._id#"
+        """
+        {
+            "products": [
+                {"section": "agenda", "_id": "#products._id#"}
+            ]
+        }
+        """
+        Then we get response code 200

server/requirements.txt

@@ -34,9 +34,9 @@ blinker==1.4
     #   raven
     #   sentry-sdk
     #   superdesk-core
-boto3==1.28.79
+boto3==1.28.72
     # via superdesk-core
-botocore==1.31.79
+botocore==1.31.72
     # via
     #   boto3
     #   s3transfer
@@ -64,7 +64,7 @@ cffi==1.16.0
     #   cryptography
 chardet==3.0.4
     # via superdesk-core
-charset-normalizer==3.3.2
+charset-normalizer==3.3.1
     # via requests
 ciso8601==1.0.8
     # via eve-elastic