Merge remote-tracking branch 'origin/master' into jimfuqian/BB2-3566-…

…web-based-sample-app-POC

Dockerfiles/Dockerfile.selenium-jenkins-python311-plus-chromedriver

@@ -0,0 +1,27 @@
+FROM --platform=linux/amd64 python:3.11
+# For build CBC Jenkins job ECR image
+ENV PYTHONUNBUFFERED 1
+
+RUN mkdir /code
+ADD . /code/
+WORKDIR /code
+
+RUN pip install --upgrade pip
+RUN apt-get update && apt-get install -yq git unzip curl
+
+# Install Chrome for Selenium
+RUN curl https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb -o /chrome.deb \
+    && dpkg -i /chrome.deb || apt-get install -yf \
+    && rm /chrome.deb
+
+# Install chromedriver for Selenium: keep the previous chrome driver install code for reference
+# RUN wget -O /tmp/chromedriver.zip http://chromedriver.storage.googleapis.com/`curl -sS chromedriver.storage.googleapis.com/LATEST_RELEASE`/chromedriver_linux64.zip \
+#     && unzip /tmp/chromedriver.zip chromedriver -d /usr/local/bin/ \
+#     && chmod +x /usr/local/bin/chromedriver
+
+# hard code the zip URL here since `curl -sS chromedriver.storage.googleapis.com/LATEST_RELEASE` still points to 114 which is out of date
+# this is the current way google publish the chrome drivers, going forward, need to make changes to keep up with the way google publish the
+# drivers.
+RUN wget -O /tmp/chromedriver.zip https://storage.googleapis.com/chrome-for-testing-public/131.0.6778.108/linux64/chromedriver-linux64.zip \
+    && unzip -p /tmp/chromedriver.zip chromedriver-linux64/chromedriver > /usr/local/bin/chromedriver \
+    && chmod +x /usr/local/bin/chromedriver

Dockerfiles/readme.md

@@ -1,13 +1,11 @@
-# Build, Tag, and Publish integration and selenium tests ECR iamge
+# Build, Tag, and Publish integration and selenium tests ECR image - used by github CI check
 
 Go to BB2 local repo base directory and do the followings (assume aws cli installed and configured properly):
 
 ```
-
 aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/f5g8o1y9
 cd <bb2-local-repo-base-dir>/Dockerfiles
-docker build -f Dockerfile.selenium-jenkins -t bb2-cbc-build-selenium .
-docker tag bb2-cbc-build-selenium:latest public.ecr.aws/f5g8o1y9/bb2-cbc-build-selenium:latest
-docker push public.ecr.aws/f5g8o1y9/bb2-cbc-build-selenium:latest
-
-```
+docker build -f Dockerfile.selenium-jenkins-python311-plus-chromedriver -t bb2-cbc-build-selenium-python311-chromium .
+docker tag bb2-cbc-build-selenium-python311-chromium:latest public.ecr.aws/f5g8o1y9/bb2-cbc-build-selenium-python311-chromium:latest
+docker push public.ecr.aws/f5g8o1y9/bb2-cbc-build-selenium-python311-chromium:latest
+```

apps/authorization/models.py

@@ -8,7 +8,6 @@
 from django.utils import timezone
 from oauth2_provider.settings import oauth2_settings
 from oauth2_provider.models import get_access_token_model
-from waffle import get_waffle_flag_model
 
 
 class DataAccessGrant(models.Model):
@@ -41,22 +40,17 @@ def user(self):
 
     def update_expiration_date(self):
         # For THIRTEEN_MONTH type update expiration_date
-        if self.application:
-            flag = get_waffle_flag_model().get("limit_data_access")
-            if flag.rollout or (flag.id is not None and flag.is_active_for_user(self.application.user)):
-                if self.application.data_access_type == "THIRTEEN_MONTH":
-                    self.expiration_date = datetime.now().replace(
-                        tzinfo=pytz.UTC
-                    ) + relativedelta(months=+13)
-                    self.save()
+        if self.application and self.application.data_access_type == "THIRTEEN_MONTH":
+            self.expiration_date = datetime.now().replace(
+                tzinfo=pytz.UTC
+            ) + relativedelta(months=+13)
+            self.save()
 
     def has_expired(self):
-        flag = get_waffle_flag_model().get("limit_data_access")
-        if flag.rollout or (flag.id is not None and flag.is_active_for_user(self.application.user)):
-            if self.application.data_access_type == "THIRTEEN_MONTH":
-                if self.expiration_date:
-                    if self.expiration_date < datetime.now().replace(tzinfo=pytz.UTC):
-                        return True
+        if self.application.data_access_type == "THIRTEEN_MONTH":
+            if self.expiration_date:
+                if self.expiration_date < datetime.now().replace(tzinfo=pytz.UTC):
+                    return True
 
         return False
 

apps/authorization/tests/test_data_access_grant.py

@@ -18,15 +18,14 @@
     get_access_token_model,
 )
 
-from apps.test import BaseApiTest, flag_is_active
+from apps.test import BaseApiTest
 from apps.authorization.models import (
     DataAccessGrant,
     ArchivedDataAccessGrant,
     check_grants,
     update_grants,
 )
-from waffle import get_waffle_flag_model
-from waffle.testutils import override_flag, override_switch
+from waffle.testutils import override_switch
 
 Application = get_application_model()
 AccessToken = get_access_token_model()
@@ -95,66 +94,14 @@ def test_create_update_delete(self):
         #    Verify expiration_date copied OK.
         self.assertEqual("2030-01-15 00:00:00+00:00", str(arch_dag.expiration_date))
 
-    @override_flag("limit_data_access", active=False)
-    def test_thirteen_month_app_type_without_switch_limit_data_access(self):
-        assert not flag_is_active("limit_data_access")
-
-        # 1. Create bene and app for tests
-        dev_user = self._create_user("developer_test", "123456")
-        bene_user = self._create_user("test_beneficiary", "123456")
-        test_app = self._create_application(
-            "test_app", user=dev_user, data_access_type="THIRTEEN_MONTH"
-        )
-
-        flag = get_waffle_flag_model().get("limit_data_access")
-        assert flag.id is None or flag.is_active_for_user(dev_user) is False
-
-        # 2. Create grant with expiration date in future.
-        dag = DataAccessGrant.objects.create(
-            application=test_app, beneficiary=bene_user
-        )
-
-        # 3. Test expiration_date not set
-        self.assertEqual(dag.expiration_date, None)
-        #    Test has_expired() with None is false
-        self.assertEqual(dag.has_expired(), False)
-
-        # 4. Test has_expired() true for -1 hour ago is false w/o switch enabled
-        dag.expiration_date = datetime.now().replace(tzinfo=pytz.UTC) + relativedelta(
-            hours=-1
-        )
-        self.assertEqual(dag.has_expired(), False)
-
-        # 5. Test has_expired() false for +1 hour in future.
-        dag.expiration_date = datetime.now().replace(tzinfo=pytz.UTC) + relativedelta(
-            hours=+1
-        )
-        self.assertEqual(dag.has_expired(), False)
-
-        # 6. Test has_expired() false for ONE_TIME type
-        test_app.data_access_type = "ONE_TIME"
-        test_app.save()
-        self.assertEqual(dag.has_expired(), False)
-
-        # 7. Test has_expired() false for RESEARCH_STUDY type
-        test_app.data_access_type = "RESEARCH_STUDY"
-        test_app.save()
-        self.assertEqual(dag.has_expired(), False)
-
-    @override_flag("limit_data_access", active=True)
     def test_thirteen_month_app_type_with_switch_limit_data_access(self):
-        assert flag_is_active("limit_data_access")
-
         # 1. Create bene and app for tests
         dev_user = self._create_user("developer_test", "123456")
         bene_user = self._create_user("test_beneficiary", "123456")
         test_app = self._create_application(
             "test_app", user=dev_user, data_access_type="THIRTEEN_MONTH"
         )
 
-        flag = get_waffle_flag_model().get("limit_data_access")
-        assert flag.id is not None and flag.is_active_for_user(dev_user)
-
         # 2. Create grant with expiration date in future.
         dag = DataAccessGrant.objects.create(
             application=test_app, beneficiary=bene_user
@@ -463,40 +410,3 @@ def test_permission_deny_on_app_or_org_disabled(self):
         # set back app and user to active - not to affect other tests
         application.active = True
         application.save()
-
-    def test_thirteen_month_app_needs_limit_data_access_set(self):
-
-        # 1. Create benes
-        dev_user = self._create_user("developer_test", "123456")
-        bene_user = self._create_user("test_beneficiary", "123456")
-        flag_bene_user = self._create_user("flag_beneficiary", "123456")
-        test_app = self._create_application(
-            "test_app", user=dev_user, data_access_type="THIRTEEN_MONTH"
-        )
-
-        # 2. Create flag and show is not set for dev_user
-        flag = get_waffle_flag_model().objects.create(name="limit_data_access")
-        assert flag.id is not None
-        assert not flag.is_active_for_user(dev_user)
-
-        # 3. Create grant and expire expiration to show it doesn't matter
-        dag = DataAccessGrant.objects.create(
-            application=test_app, beneficiary=bene_user
-        )
-        # 4. Test has_expired() true for -1 hour ago
-        dag.expiration_date = datetime.now().replace(tzinfo=pytz.UTC) + relativedelta(
-            hours=-1
-        )
-        self.assertEqual(dag.has_expired(), False)
-
-        # 4. Add dev_user to flag
-        flag.users.add(dev_user)
-
-        # 5. Create new grant and show expiration is working
-        flag_dag = DataAccessGrant.objects.create(
-            application=test_app, beneficiary=flag_bene_user
-        )
-        flag_dag.expiration_date = datetime.now().replace(
-            tzinfo=pytz.UTC
-        ) + relativedelta(hours=-1)
-        self.assertEqual(dag.has_expired(), True)