-
-
Notifications
You must be signed in to change notification settings - Fork 185
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(accessLogsExport): create new endpoints TASK-1147 #5304
Conversation
…ate csv files for access logs, and added tests
…t_email_subject to the ProjectView and AccessLog export tasks
…access-logs-export
…/kpi into endpoints-for-access-logs-export
This reverts commit dd5650d.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We can make this more declarative/django-y if we use 2 different endpoints (like we do for viewing access logs).
We can use filter_backends and permission_classes like we do in the AllAccessLogViewSet and AccessLogViewSet to handle filtering down to the correct user and only allowing super users. That should allow us to get rid of a lot of the if-elses and having to check the request path, which is a little brittle (sometimes we might want to change the url of something without changing its functionality).
Also the endpoints need documentation :)
kobo/apps/audit_log/views.py
Outdated
return Response( | ||
{'uid': task.uid, 'status': task.status}, status=status.HTTP_200_OK | ||
) | ||
else: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No 404 here. An empty list is not an error response
…f export tasks for the list endpoint, fix bug in export test
…access-logs-export
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Couple small things
kobo/apps/audit_log/views.py
Outdated
) | ||
|
||
def list_tasks(self, request): | ||
tasks = AccessLogExportTask.objects.filter(user=request.user).order_by( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Doesn't this mean we'll only get a superuser's tasks even if they hit the all
endpoint? Not a huge deal if that ends up being the functionality since it's optional anyway but we should make sure we document the correct behavior
response = self.client.post(self.url) | ||
assert response.status_code == status.HTTP_401_UNAUTHORIZED | ||
|
||
def test_export_for_user_commences(self): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
non-blocking nit, since this doesn't technically test that the task started, only that the request suceeded
def test_export_for_user_commences(self): | |
def test_export_for_user_returns_success(self): |
response = self.client.post(self.url) | ||
self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED) | ||
|
||
def test_export_for_superuser_commences(self): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
same as above
.first() | ||
) | ||
self.assertIsNotNone(task) | ||
self.assertEqual(task.status, 'complete') |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is a tiny bit risky since we don't know exactly when the task will finish. Maybe test status in ['created', 'processing', 'complete']?
|
||
def test_get_status_of_tasks(self): | ||
self.force_login_user(User.objects.get(username='anotheruser')) | ||
response = self.client.post(self.url) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
to make this test more unit-y, I think we should manually create a task with AccessLogExportTask.objects.create(...). That way, we're only testing the list functionality and not the create functionality as well, since that's already tested.
response = self.client.post(self.url) | ||
self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED) | ||
|
||
def test__superuser_create_export_task_on_post(self): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
def test__superuser_create_export_task_on_post(self): | |
def test_superuser_create_export_task_on_post(self): |
.first() | ||
) | ||
self.assertIsNotNone(task) | ||
self.assertEqual(task.status, 'complete') |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
same as previous test, the test should pass if the status is 'processing' or 'created'
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
error message suggestions and one thing on a test
Co-authored-by: Rebecca Graber <[email protected]>
Co-authored-by: Rebecca Graber <[email protected]>
Co-authored-by: Rebecca Graber <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
) | ||
self.assertIsNotNone(task) | ||
self.assertIn(task.status, ['created', 'processing', 'complete']) | ||
self.assertEqual(task.get_all_logs, False) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit (nonblocking)
self.assertEqual(task.get_all_logs, False) | |
self.assertFalse(task.get_all_logs) |
👷 Description for instance maintainers
Create two new endpoints for access log exports which will return the status of the export job. One endpoint is restricted for superusers and allows them to access all logs while the other endpoint is for regular users to access their own logs.
👀 Preview steps
Test
/api/v2/access-logs/export
[ "status: created" ]
with this response:
Test
/api/v2/access-logs/me/export
Follow the same testing instructions above but skip number 7 as both superusers and regular users have the same access to the endpoint.
🟢 Also verify that making a POST request on both endpoints should now generate an email with the follow format: