From 8ff3fd28f75ab21026872d6db1b13bebf2954a0e Mon Sep 17 00:00:00 2001 From: "Qian (Jim) Fu" <135686833+JFU-NAVA-PBC@users.noreply.github.com> Date: Mon, 6 Jan 2025 16:44:41 -0800 Subject: [PATCH] Jimmyfagan/bb2-3549-Remove feature flag calls from web-server (#1278) * Initial pass at removing logic for waffle switch limit_data_access * fix a pre-exist typo in command help. * fix linting --------- Co-authored-by: jimmyfagan --- apps/authorization/models.py | 24 +- .../tests/test_data_access_grant.py | 94 +------ .../test_data_access_grant_permissions.py | 233 +----------------- .../commands/create_test_feature_switches.py | 1 - apps/dot_ext/models.py | 7 +- apps/dot_ext/tests/test_authorization.py | 11 +- apps/dot_ext/tests/test_models.py | 12 +- apps/dot_ext/views/authorization.py | 47 ++-- apps/logging/loggers.py | 6 +- .../commands/log_global_state_metrics.py | 2 +- .../tests/test_loggers_management_command.py | 7 +- 11 files changed, 40 insertions(+), 404 deletions(-) diff --git a/apps/authorization/models.py b/apps/authorization/models.py index 91720a387..f3761d176 100644 --- a/apps/authorization/models.py +++ b/apps/authorization/models.py @@ -8,7 +8,6 @@ from django.utils import timezone from oauth2_provider.settings import oauth2_settings from oauth2_provider.models import get_access_token_model -from waffle import get_waffle_flag_model class DataAccessGrant(models.Model): @@ -41,22 +40,17 @@ def user(self): def update_expiration_date(self): # For THIRTEEN_MONTH type update expiration_date - if self.application: - flag = get_waffle_flag_model().get("limit_data_access") - if flag.rollout or (flag.id is not None and flag.is_active_for_user(self.application.user)): - if self.application.data_access_type == "THIRTEEN_MONTH": - self.expiration_date = datetime.now().replace( - tzinfo=pytz.UTC - ) + relativedelta(months=+13) - self.save() + if self.application and self.application.data_access_type == "THIRTEEN_MONTH": + self.expiration_date = datetime.now().replace( + tzinfo=pytz.UTC + ) + relativedelta(months=+13) + self.save() def has_expired(self): - flag = get_waffle_flag_model().get("limit_data_access") - if flag.rollout or (flag.id is not None and flag.is_active_for_user(self.application.user)): - if self.application.data_access_type == "THIRTEEN_MONTH": - if self.expiration_date: - if self.expiration_date < datetime.now().replace(tzinfo=pytz.UTC): - return True + if self.application.data_access_type == "THIRTEEN_MONTH": + if self.expiration_date: + if self.expiration_date < datetime.now().replace(tzinfo=pytz.UTC): + return True return False diff --git a/apps/authorization/tests/test_data_access_grant.py b/apps/authorization/tests/test_data_access_grant.py index b7a83bc1b..6f0a82df2 100644 --- a/apps/authorization/tests/test_data_access_grant.py +++ b/apps/authorization/tests/test_data_access_grant.py @@ -18,15 +18,14 @@ get_access_token_model, ) -from apps.test import BaseApiTest, flag_is_active +from apps.test import BaseApiTest from apps.authorization.models import ( DataAccessGrant, ArchivedDataAccessGrant, check_grants, update_grants, ) -from waffle import get_waffle_flag_model -from waffle.testutils import override_flag, override_switch +from waffle.testutils import override_switch Application = get_application_model() AccessToken = get_access_token_model() @@ -95,56 +94,7 @@ def test_create_update_delete(self): # Verify expiration_date copied OK. self.assertEqual("2030-01-15 00:00:00+00:00", str(arch_dag.expiration_date)) - @override_flag("limit_data_access", active=False) - def test_thirteen_month_app_type_without_switch_limit_data_access(self): - assert not flag_is_active("limit_data_access") - - # 1. Create bene and app for tests - dev_user = self._create_user("developer_test", "123456") - bene_user = self._create_user("test_beneficiary", "123456") - test_app = self._create_application( - "test_app", user=dev_user, data_access_type="THIRTEEN_MONTH" - ) - - flag = get_waffle_flag_model().get("limit_data_access") - assert flag.id is None or flag.is_active_for_user(dev_user) is False - - # 2. Create grant with expiration date in future. - dag = DataAccessGrant.objects.create( - application=test_app, beneficiary=bene_user - ) - - # 3. Test expiration_date not set - self.assertEqual(dag.expiration_date, None) - # Test has_expired() with None is false - self.assertEqual(dag.has_expired(), False) - - # 4. Test has_expired() true for -1 hour ago is false w/o switch enabled - dag.expiration_date = datetime.now().replace(tzinfo=pytz.UTC) + relativedelta( - hours=-1 - ) - self.assertEqual(dag.has_expired(), False) - - # 5. Test has_expired() false for +1 hour in future. - dag.expiration_date = datetime.now().replace(tzinfo=pytz.UTC) + relativedelta( - hours=+1 - ) - self.assertEqual(dag.has_expired(), False) - - # 6. Test has_expired() false for ONE_TIME type - test_app.data_access_type = "ONE_TIME" - test_app.save() - self.assertEqual(dag.has_expired(), False) - - # 7. Test has_expired() false for RESEARCH_STUDY type - test_app.data_access_type = "RESEARCH_STUDY" - test_app.save() - self.assertEqual(dag.has_expired(), False) - - @override_flag("limit_data_access", active=True) def test_thirteen_month_app_type_with_switch_limit_data_access(self): - assert flag_is_active("limit_data_access") - # 1. Create bene and app for tests dev_user = self._create_user("developer_test", "123456") bene_user = self._create_user("test_beneficiary", "123456") @@ -152,9 +102,6 @@ def test_thirteen_month_app_type_with_switch_limit_data_access(self): "test_app", user=dev_user, data_access_type="THIRTEEN_MONTH" ) - flag = get_waffle_flag_model().get("limit_data_access") - assert flag.id is not None and flag.is_active_for_user(dev_user) - # 2. Create grant with expiration date in future. dag = DataAccessGrant.objects.create( application=test_app, beneficiary=bene_user @@ -463,40 +410,3 @@ def test_permission_deny_on_app_or_org_disabled(self): # set back app and user to active - not to affect other tests application.active = True application.save() - - def test_thirteen_month_app_needs_limit_data_access_set(self): - - # 1. Create benes - dev_user = self._create_user("developer_test", "123456") - bene_user = self._create_user("test_beneficiary", "123456") - flag_bene_user = self._create_user("flag_beneficiary", "123456") - test_app = self._create_application( - "test_app", user=dev_user, data_access_type="THIRTEEN_MONTH" - ) - - # 2. Create flag and show is not set for dev_user - flag = get_waffle_flag_model().objects.create(name="limit_data_access") - assert flag.id is not None - assert not flag.is_active_for_user(dev_user) - - # 3. Create grant and expire expiration to show it doesn't matter - dag = DataAccessGrant.objects.create( - application=test_app, beneficiary=bene_user - ) - # 4. Test has_expired() true for -1 hour ago - dag.expiration_date = datetime.now().replace(tzinfo=pytz.UTC) + relativedelta( - hours=-1 - ) - self.assertEqual(dag.has_expired(), False) - - # 4. Add dev_user to flag - flag.users.add(dev_user) - - # 5. Create new grant and show expiration is working - flag_dag = DataAccessGrant.objects.create( - application=test_app, beneficiary=flag_bene_user - ) - flag_dag.expiration_date = datetime.now().replace( - tzinfo=pytz.UTC - ) + relativedelta(hours=-1) - self.assertEqual(dag.has_expired(), True) diff --git a/apps/authorization/tests/test_data_access_grant_permissions.py b/apps/authorization/tests/test_data_access_grant_permissions.py index 657cb959e..d2c326e1f 100644 --- a/apps/authorization/tests/test_data_access_grant_permissions.py +++ b/apps/authorization/tests/test_data_access_grant_permissions.py @@ -7,9 +7,8 @@ from httmock import HTTMock, urlmatch from oauth2_provider.models import get_access_token_model, get_refresh_token_model from unittest import mock -from waffle.testutils import override_flag -from apps.test import BaseApiTest, flag_is_active +from apps.test import BaseApiTest from apps.authorization.models import ( DataAccessGrant, ) @@ -257,18 +256,12 @@ def _assert_call_token_refresh_endpoint( ) return content - @override_flag("limit_data_access", active=False) - def test_revoked_data_access_grant_without_flag_limit_data_access(self): + def test_revoked_data_access_grant(self): """ Test data access grant deleted / revoked - Test data access for FHIR and profile end points - with limit_data_access flag False. - - This will be the flag setting in Sandbox. + Test data access for FHIR and profile end points. """ - assert not flag_is_active("limit_data_access") - # 1. Use helper method to create app, user, authorized grant & access token. user, app, ac = self._create_user_app_token_grant( first_name="first", @@ -277,10 +270,11 @@ def test_revoked_data_access_grant_without_flag_limit_data_access(self): app_name="test_app1", app_username="devuser1", app_user_organization="org1", + app_data_access_type="RESEARCH_STUDY", ) # 2. Test application data access type - self.assertEqual(app.data_access_type, "THIRTEEN_MONTH") + self.assertEqual(app.data_access_type, "RESEARCH_STUDY") # 3. Test grant obj created OK. dag = DataAccessGrant.objects.get(beneficiary=user, application=app) @@ -329,116 +323,12 @@ def test_revoked_data_access_grant_without_flag_limit_data_access(self): expected_response_detail_mesg="Authentication credentials were not provided.", ) - @override_flag("limit_data_access", active=False) - def test_research_study_app_type_without_flag_limit_data_access(self): + def test_research_study_app_type(self): """ Test Application.data_access_type="RESEARCH_STUDY". Test data access for FHIR and profile end points - with limit_data_access flag False. - - This will be the flag setting in Sandbox. """ - assert not flag_is_active("limit_data_access") - - # 1. Use helper method to create app, user, authorized grant & access token. - user, app, ac = self._create_user_app_token_grant( - first_name="first", - last_name="last1", - fhir_id="-20140000008325", - app_name="test_app1", - app_username="devuser1", - app_user_organization="org1", - app_data_access_type="RESEARCH_STUDY", - ) - self.assertEqual(app.data_access_type, "RESEARCH_STUDY") - - # Test grant exists. - self.assertTrue( - DataAccessGrant.objects.filter( - beneficiary=user, - application=app, - ).exists() - ) - - # 2. Test that all calls are successful (response_code=200) - self._assert_call_all_fhir_endpoints( - access_token=ac["access_token"], expected_response_code=200 - ) - - # 3. Test token refresh is successful (response_code=200) - ac = self._assert_call_token_refresh_endpoint( - application=app, - refresh_token=ac["refresh_token"], - expected_response_code=200, - ) - - # 4. Set application to in-active/disabled - app.active = False - app.save() - - # 5. Test FHIR end point while app in-active/disabled (response_code=401) - self._assert_call_all_fhir_endpoints( - access_token=ac["access_token"], - expected_response_code=401, - expected_response_detail_mesg=settings.APPLICATION_TEMPORARILY_INACTIVE.format( - app.name - ), - ) - - # 6. Test token refresh after applciation in-active/disabled (response_code=401) - self._assert_call_token_refresh_endpoint( - application=app, - refresh_token=ac["refresh_token"], - expected_response_code=401, - expected_response_error_mesg="invalid_client", - expected_response_error_description_mesg=settings.APPLICATION_TEMPORARILY_INACTIVE.format( - app.name - ), - ) - - # 7. Set application to active/endabled - app.active = True - app.save() - - self._assert_call_all_fhir_endpoints( - access_token=ac["access_token"], expected_response_code=200 - ) - - # 9. Test app not expired token refresh (response_code=200) - ac = self._assert_call_token_refresh_endpoint( - application=app, - refresh_token=ac["refresh_token"], - expected_response_code=200, - ) - - # 10. Test with RESEARCH_STUDY application end_date IS expired w/o feature flag (response_code=200) - app.data_access_type = "RESEARCH_STUDY" - app.save() - - self._assert_call_all_fhir_endpoints( - access_token=ac["access_token"], expected_response_code=200 - ) - - # 11. Test app expired token refresh (response_code=200) - ac = self._assert_call_token_refresh_endpoint( - application=app, - refresh_token=ac["refresh_token"], - expected_response_code=200, - ) - - @override_flag("limit_data_access", active=True) - def test_research_study_app_type_with_flag_limit_data_access(self): - """ - Test Application.data_access_type="RESEARCH_STUDY". - - Test data access for FHIR and profile end points - with limit_data_access flag True. - - This will be the flag setting in PROD. - """ - assert flag_is_active("limit_data_access") - # 1. Use helper method to create app, user, authorized grant & access token. user, app, ac = self._create_user_app_token_grant( first_name="first", @@ -514,66 +404,12 @@ def test_research_study_app_type_with_flag_limit_data_access(self): expected_response_code=200, ) - @override_flag("limit_data_access", active=False) - def test_one_time_app_type_without_flag_limit_data_access(self): + def test_one_time_app_type(self): """ Test Application.data_access_type="ONE_TIME" - with limit_data_access flag False. - - This will be the flag setting in Sandbox. NOTE: This type of application does not allow token refreshes - when the feature flag is enabled. """ - assert not flag_is_active("limit_data_access") - - # 1. Use helper method to create app, user, authorized grant & access token. - user, app, ac = self._create_user_app_token_grant( - first_name="first", - last_name="last1", - fhir_id="-20140000008325", - app_name="test_app1", - app_username="devuser1", - app_user_organization="org1", - app_data_access_type="ONE_TIME", - ) - - # Test application default data access type - self.assertEqual(app.data_access_type, "ONE_TIME") - - # Test grant exists. - self.assertTrue( - DataAccessGrant.objects.filter( - beneficiary=user, - application=app, - ).exists() - ) - - # 2. Test token refresh is working OK (response_code=200) - ac = self._assert_call_token_refresh_endpoint( - application=app, - refresh_token=ac["refresh_token"], - expected_response_code=200, - ) - - # 3. Test that all calls are successful (response_code=200) - self._assert_call_all_fhir_endpoints( - access_token=ac["access_token"], expected_response_code=200 - ) - - @override_flag("limit_data_access", active=True) - def test_one_time_app_type_with_flag_limit_data_access(self): - """ - Test Application.data_access_type="ONE_TIME" - with limit_data_access flag True - - This will be the flag setting in PROD. - - NOTE: This type of application does not allow token refreshes - when the feature flag is enabled. - """ - assert flag_is_active("limit_data_access") - # 1. Use helper method to create app, user, authorized grant & access token. user, app, ac = self._create_user_app_token_grant( first_name="first", @@ -610,62 +446,11 @@ def test_one_time_app_type_with_flag_limit_data_access(self): access_token=ac["access_token"], expected_response_code=200 ) - @override_flag("limit_data_access", active=False) @mock.patch("apps.authorization.models.datetime", StubDate) - def test_thirteen_month_app_type_without_flag_limit_data_access(self): + def test_thirteen_month_app_type(self): """ Test Application.data_access_type="THIRTEEN_MONTH" - with limit_data_access flag False - - This will be the flag setting in Sandbox. """ - assert not flag_is_active("limit_data_access") - - # 1. Use helper method to create app, user, authorized grant & access token. - user, app, ac = self._create_user_app_token_grant( - first_name="first", - last_name="last1", - fhir_id="-20140000008325", - app_name="test_app1", - app_username="devuser1", - app_user_organization="org1", - app_data_access_type="THIRTEEN_MONTH", - ) - - # 2. Test application data access type - self.assertEqual(app.data_access_type, "THIRTEEN_MONTH") - - # 3. Test grant obj created OK. - dag = DataAccessGrant.objects.get(beneficiary=user, application=app) - # Assert is not None - self.assertNotEqual(dag, None) - - # Assert expiration date has NOT been set - self.assertEqual(dag.expiration_date, None) - - # 4. Test token refresh is enabled for app (response_code=200) - ac = self._assert_call_token_refresh_endpoint( - application=app, - refresh_token=ac["refresh_token"], - expected_response_code=200, - ) - - # 5. Test that all calls are successful (response_code=200) - self._assert_call_all_fhir_endpoints( - access_token=ac["access_token"], expected_response_code=200 - ) - - @override_flag("limit_data_access", active=True) - @mock.patch("apps.authorization.models.datetime", StubDate) - def test_thirteen_month_app_type_with_flag_limit_data_access(self): - """ - Test Application.data_access_type="THIRTEEN_MONTH" - with limit_data_access flag True - - This will be the flag setting in SBX. - """ - assert flag_is_active("limit_data_access") - # 1. Use helper method to create app, user, authorized grant & access token. user, app, ac = self._create_user_app_token_grant( first_name="first", @@ -780,7 +565,6 @@ def test_thirteen_month_app_type_with_flag_limit_data_access(self): access_token=ac["access_token"], expected_response_code=200 ) - @override_flag("limit_data_access", active=False) def test_data_access_grant_permissions_has_permission(self): """ Test edge case bug fix for BB2-2130 @@ -791,7 +575,6 @@ def test_data_access_grant_permissions_has_permission(self): DataAccessGrant.DoesNotExist: DataAccessGrant matching query does not exist. """ - # 1. Use helper method to create app, user, authorized grant & access token. user, app, ac = self._create_user_app_token_grant( first_name="first", diff --git a/apps/core/management/commands/create_test_feature_switches.py b/apps/core/management/commands/create_test_feature_switches.py index 65b45c85b..690ad192a 100644 --- a/apps/core/management/commands/create_test_feature_switches.py +++ b/apps/core/management/commands/create_test_feature_switches.py @@ -17,7 +17,6 @@ ) WAFFLE_FEATURE_FLAGS = ( - ("limit_data_access", ['fred']), ) diff --git a/apps/dot_ext/models.py b/apps/dot_ext/models.py index e8ffbaa10..ea167ede5 100644 --- a/apps/dot_ext/models.py +++ b/apps/dot_ext/models.py @@ -28,7 +28,6 @@ ) from oauth2_provider.settings import oauth2_settings from urllib.parse import urlparse -from waffle import get_waffle_flag_model from apps.capabilities.models import ProtectedCapability @@ -228,11 +227,7 @@ def store_media_file(self, file, filename): # Has one time only type data access? def has_one_time_only_data_access(self): - if self.data_access_type == "ONE_TIME": - flag = get_waffle_flag_model().get("limit_data_access") - if flag.rollout or (flag.id is not None and flag.is_active_for_user(self.user)): - return True - return False + return self.data_access_type == "ONE_TIME" # Save override to restrict invalid field combos. def save(self, *args, **kwargs): diff --git a/apps/dot_ext/tests/test_authorization.py b/apps/dot_ext/tests/test_authorization.py index c60fdf111..2937c3bb1 100644 --- a/apps/dot_ext/tests/test_authorization.py +++ b/apps/dot_ext/tests/test_authorization.py @@ -12,9 +12,7 @@ from django.urls import reverse from django.test import Client -from waffle.testutils import override_flag - -from apps.test import BaseApiTest, flag_is_active +from apps.test import BaseApiTest from ..models import Application, ArchivedToken from apps.authorization.models import DataAccessGrant, ArchivedDataAccessGrant @@ -338,7 +336,6 @@ def test_refresh_with_expired_token(self): response = self.client.post(reverse('oauth2_provider:token'), data=refresh_request_data) self.assertEqual(response.status_code, 400) - @override_flag('limit_data_access', active=True) def test_refresh_13_month_with_expired_grant(self): redirect_uri = 'http://localhost' # create a user @@ -403,9 +400,7 @@ def test_refresh_13_month_with_expired_grant(self): response = self.client.post(reverse('oauth2_provider:token'), data=refresh_request_data) self.assertEqual(response.status_code, 400) - @override_flag('limit_data_access', active=True) def test_refresh_with_one_time_access_retrieve_app_using_refresh_token(self): - assert flag_is_active('limit_data_access') redirect_uri = 'http://localhost' # create a user self._create_user('anna', '123456') @@ -460,9 +455,7 @@ def test_refresh_with_one_time_access_retrieve_app_using_refresh_token(self): response = self.client.post(reverse('oauth2_provider:token'), data=refresh_request_data) self.assertEqual(response.status_code, 401) - @override_flag('limit_data_access', active=True) def test_refresh_with_one_time_access_retrieve_app_from_auth_header(self): - assert flag_is_active('limit_data_access') redirect_uri = 'http://localhost' # create a user self._create_user('anna', '123456') @@ -522,9 +515,7 @@ def test_refresh_with_one_time_access_retrieve_app_from_auth_header(self): ) self.assertEqual(response.status_code, 400) - @override_flag('limit_data_access', active=True) def test_dag_expiration_exists(self): - assert flag_is_active('limit_data_access') redirect_uri = 'http://localhost' # create a user diff --git a/apps/dot_ext/tests/test_models.py b/apps/dot_ext/tests/test_models.py index 04bbda443..c6d70ce7f 100644 --- a/apps/dot_ext/tests/test_models.py +++ b/apps/dot_ext/tests/test_models.py @@ -4,7 +4,6 @@ from django.contrib.auth.models import User from oauth2_provider.models import get_application_model -from waffle.testutils import override_flag from apps.authorization.models import DataAccessGrant, ArchivedDataAccessGrant from apps.dot_ext.models import ( @@ -12,7 +11,7 @@ get_application_require_demographic_scopes_count, ) from apps.logging.utils import redirect_loggers, cleanup_logger, get_log_content -from apps.test import BaseApiTest, flag_is_active +from apps.test import BaseApiTest class TestDotExtModels(BaseApiTest): @@ -22,14 +21,11 @@ def setUp(self): def tearDown(self): cleanup_logger(self.logger_registry) - @override_flag('limit_data_access', active=True) def test_application_data_access_fields(self): """ Test the CRUD operations & validation on new data access fields from apps.dot_ext.models """ - assert flag_is_active('limit_data_access') - # Create dev user for tests. dev_user = self._create_user("john", "123456") @@ -69,13 +65,10 @@ def test_application_data_access_fields(self): test_app.data_access_type = "BAD_DATA_ACCESS_TYPE" test_app.save() - @override_flag('limit_data_access', active=True) def test_application_data_access_type_change(self): """ Test the application.data_access_type change, make sure the change is logged """ - assert flag_is_active('limit_data_access') - # Create dev user for tests. dev_user = self._create_user("john", "123456") @@ -113,13 +106,10 @@ def test_application_data_access_type_change(self): self.assertEqual(log_entry_json['data_access_type_old'], "THIRTEEN_MONTH") self.assertEqual(log_entry_json['data_access_type_new'], "RESEARCH_STUDY") - @override_flag('limit_data_access', active=False) def test_application_data_access_type_change_switch_off(self): """ Test the application.data_access_type change, access grants will not be affected """ - assert (not flag_is_active('limit_data_access')) - # Create dev user for tests. dev_user = self._create_user("john", "123456") diff --git a/apps/dot_ext/views/authorization.py b/apps/dot_ext/views/authorization.py index 847bd1a99..0e09478cf 100644 --- a/apps/dot_ext/views/authorization.py +++ b/apps/dot_ext/views/authorization.py @@ -3,9 +3,6 @@ from datetime import datetime, timedelta from time import strftime -import waffle -from waffle import get_waffle_flag_model - from django.http.response import HttpResponse, HttpResponseBadRequest from django.template.response import TemplateResponse from django.utils.decorators import method_decorator @@ -117,19 +114,8 @@ def sensitive_info_check(self, request): break return result - # TODO: Clean up use of the require-scopes feature flag and multiple templates, when no longer required. def get_template_names(self): - flag = get_waffle_flag_model().get("limit_data_access") - if waffle.switch_is_active('require-scopes'): - if flag.rollout or (flag.id is not None and self.application and flag.is_active_for_user(self.application.user)): - return ["design_system/new_authorize_v2.html"] - else: - return ["design_system/authorize_v2.html"] - else: - if flag.rollout or (flag.id is not None and self.user and flag.is_active_for_user(self.user)): - return ["design_system/new_authorize_v2.html"] - else: - return ["design_system/authorize.html"] + return ["design_system/new_authorize_v2.html"] def get_initial(self): initial_data = super().get_initial() @@ -322,24 +308,21 @@ def post(self, request, *args, **kwargs): sender=self, request=request, token=token) - flag = get_waffle_flag_model().get("limit_data_access") - if flag.rollout or (flag.id is not None and flag.is_active_for_user(app.user)): - if app.data_access_type == "THIRTEEN_MONTH": - try: - dag = DataAccessGrant.objects.get( - beneficiary=token.user, - application=app - ) - if dag.expiration_date is not None: - dag_expiry = strftime('%Y-%m-%dT%H:%M:%SZ', dag.expiration_date.timetuple()) - except DataAccessGrant.DoesNotExist: - dag_expiry = "" - - elif app.data_access_type == "ONE_TIME": - expires_at = datetime.utcnow() + timedelta(seconds=body['expires_in']) - dag_expiry = expires_at.strftime('%Y-%m-%dT%H:%M:%SZ') - elif app.data_access_type == "RESEARCH_STUDY": + if app.data_access_type == "THIRTEEN_MONTH": + try: + dag = DataAccessGrant.objects.get( + beneficiary=token.user, + application=app + ) + if dag.expiration_date is not None: + dag_expiry = strftime('%Y-%m-%dT%H:%M:%SZ', dag.expiration_date.timetuple()) + except DataAccessGrant.DoesNotExist: dag_expiry = "" + elif app.data_access_type == "ONE_TIME": + expires_at = datetime.utcnow() + timedelta(seconds=body['expires_in']) + dag_expiry = expires_at.strftime('%Y-%m-%dT%H:%M:%SZ') + elif app.data_access_type == "RESEARCH_STUDY": + dag_expiry = "" body['access_grant_expiration'] = dag_expiry body = json.dumps(body) diff --git a/apps/logging/loggers.py b/apps/logging/loggers.py index f94054f0d..15446198f 100644 --- a/apps/logging/loggers.py +++ b/apps/logging/loggers.py @@ -20,7 +20,6 @@ from apps.accounts.models import get_developer_counts from apps.logging.utils import format_timestamp -from waffle import get_waffle_flag_model """ Logger functions for logging module @@ -340,9 +339,6 @@ def log_global_state_metrics(group_timestamp=None, report_flag=True): grant_counts = get_grant_bene_counts(application=app) - flag = get_waffle_flag_model().get("limit_data_access") - user_limit_data_access = flag.rollout or (flag.is_active_for_user(app.user) if flag.id is not None else None) - log_dict = { "type": "global_state_metrics_per_app", "group_timestamp": group_timestamp, @@ -390,7 +386,7 @@ def log_global_state_metrics(group_timestamp=None, report_flag=True): "user_date_joined": format_timestamp(app.user.date_joined), "user_last_login": format_timestamp(app.user.last_login), "user_organization": getattr(user_profile, "organization_name", None), - "user_limit_data_access": user_limit_data_access + "user_limit_data_access": True } logger.info(log_dict, cls=DjangoJSONEncoder) diff --git a/apps/logging/management/commands/log_global_state_metrics.py b/apps/logging/management/commands/log_global_state_metrics.py index a4c08d0ce..7f3f306c6 100644 --- a/apps/logging/management/commands/log_global_state_metrics.py +++ b/apps/logging/management/commands/log_global_state_metrics.py @@ -7,7 +7,7 @@ class Command(BaseCommand): help = ( - "Managment command to log global state type metrics when called on a schedule." + "Management command to log global state type metrics when called on a schedule." ) def add_arguments(self, parser): diff --git a/apps/logging/tests/test_loggers_management_command.py b/apps/logging/tests/test_loggers_management_command.py index e7458914d..4d95ee70b 100644 --- a/apps/logging/tests/test_loggers_management_command.py +++ b/apps/logging/tests/test_loggers_management_command.py @@ -16,9 +16,7 @@ from apps.fhir.bluebutton.models import Crosswalk, ArchivedCrosswalk import apps.logging.request_logger as logging from apps.logging.utils import redirect_loggers, cleanup_logger, get_log_content -from apps.test import BaseApiTest, flag_is_active -# waffle override_flag decorator make flag true or false for everyone -from waffle.testutils import override_flag +from apps.test import BaseApiTest from .audit_logger_schemas import ( GLOBAL_STATE_METRICS_LOG_SCHEMA, @@ -316,10 +314,7 @@ def _validate_global_state_per_app_metrics_log(self, validate_apps_dict): ) ) - @override_flag('limit_data_access', active=True) def test_management_command_logging(self): - assert flag_is_active('limit_data_access') - """ Setup variety of real/synth users, apps and grants for testing global state metrics logging. """