schemas: add GET/PATCH for notifications config

Signed-off-by: Parth Shandilya <parth.shandilya@cern.ch>

Author: ParthS007

cap/modules/schemas/utils.py

@@ -24,7 +24,11 @@
 """Utils for Schemas module."""
 
 import re
-
+from functools import wraps
+from flask import abort
+from .permissions import AdminSchemaPermission
+from .models import Schema
+from invenio_jsonschemas.errors import JSONSchemaNotFound
 from jsonpatch import JsonPatchConflict
 
 
@@ -135,3 +139,29 @@ def get_default_mapping(name, version):
     }
     default_mapping["mappings"][mapping_name] = collectiion_mapping
     return default_mapping
+
+
+def get_schema(f):
+    """Decorator to check if schema exists by name and/or version."""
+    @wraps(f)
+    def wrapper(name=None, version=None, schema=None, *args, **kwargs):
+        if name:
+            try:
+                if version:
+                    schema = Schema.get(name, version)
+                else:
+                    schema = Schema.get_latest(name)
+            except JSONSchemaNotFound:
+                abort(404)
+        return f(name=name, version=version, schema=schema, *args, **kwargs)
+    return wrapper
+
+
+def schema_admin_permission(f):
+    """Decorator to check if user has admin permission."""
+    @wraps(f)
+    def wrapper(name=None, version=None, schema=None, *args, **kwargs):
+        if not AdminSchemaPermission(schema).can():
+            abort(403)
+        return f(name=name, version=version, schema=schema, *args, **kwargs)
+    return wrapper

cap/modules/schemas/views.py

@@ -53,6 +53,8 @@
     check_allowed_patch_operation,
     check_allowed_patch_path,
     get_default_mapping,
+    get_schema,
+    schema_admin_permission,
 )
 
 blueprint = Blueprint(
@@ -115,6 +117,62 @@ def permissions(name=None, version=None):
         return jsonify({}), 204
 
 
+@blueprint.route(
+    '/<string:name>/notifications', methods=['GET', 'PATCH']
+)
+@blueprint.route(
+    '/<string:name>/<string:version>/notifications',
+    methods=['GET', 'PATCH'],
+)
+@get_schema
+@schema_admin_permission
+@super_admin_permission.require(http_exception=403)
+def notifications_config(name=None, version=None, schema=None, *args, **kwargs):
+    """CRUD operations for schema configuration."""
+    serialized_config = schema.config_serialize()
+    notifications_config = serialized_config.get("config", {}).get("notifications", {})
+    if request.method == "PATCH":
+        try:
+            data = request.get_json()
+            patched_notifications_config = apply_patch(notifications_config, data)
+            patched_object = {'config': {'notifications': patched_notifications_config}}
+            schema.update(**patched_object)
+            db.session.commit()
+            return jsonify(schema.config_serialize()), 201
+        except (
+                JsonPatchException,
+                JsonPatchConflict,
+                JsonPointerException,
+                TypeError,
+            ) as err:
+                return (
+                    jsonify(
+                        {
+                            'message': 'Could not apply '
+                            'json-patch to object: {}'.format(err)
+                        }
+                    ),
+                    400,
+                )
+        except IntegrityError:
+            return (
+                jsonify(
+                    {
+                        'message': 'Error occured during '
+                        'saving schema in the db.'
+                    }
+                ),
+                500,
+            )
+        except ValidationError as err:
+            return (
+                jsonify({'message': err.description, 'errors': err.errors}),
+                400,
+            )
+
+    return jsonify(notifications_config), 200
+
+
 class SchemaAPI(MethodView):
     """CRUD views for Schema model."""
 

tests/integration/schemas/test_schemas_views.py

@@ -1620,3 +1620,115 @@ def test_patch_when_operation_undefined_returns_400(
 
     assert resp.status_code == 400
     assert 'Invalid/No patch data provided.' in resp.json['message']
+
+
+########################
+# api/jsonschemas/<string:name>/notifications  [PATCH]
+# api/jsonschemas/<string:name>/<string:version>/notifications  [PATCH]
+########################
+def test_patch_notifications_config_when_user_not_logged_in_returns_401(
+        client, schema, users, json_headers):
+    resp = client.patch(
+        '/jsonschemas/{}/{}/notifications'.format(schema.name, schema.version),
+        headers=json_headers)
+
+    assert resp.status_code == 403
+
+
+def test_patch_notifications_config(
+    client, schema, auth_headers_for_user, users, json_headers):
+    owner = users['superuser']
+    schema = dict(
+        name='new-schema',
+        version='1.0.0',
+        deposit_schema={'title': 'deposit_schema'},
+        config={
+            'reviewable': True,
+            'notifications': {
+                'actions': {
+                    'review': [
+                        {
+                            "subject": {
+                            "template": "Questionnaire for {{ cadi_id }} - New Review on Analysis | CERN Analysis Preservation",
+                            "ctx": [{
+                                "name": "cadi_id",
+                                "path": "analysis_context.cadi_id"
+                            }]
+                            },
+                            "body": {
+                                "template_file": "mail/body/experiments/cms/questionnaire_message_review.html",
+                                "ctx": [{
+                                    "name": "cadi_id",
+                                    "path": "analysis_context.cadi_id"
+                                }, {
+                                    "name": "title",
+                                    "path": "general_title"
+                                },{
+                                    "method": "working_url"
+                                }, {
+                                    "method": "creator_email"
+                                }, {
+                                    "method": "submitter_email"
+                                }]
+                            },
+                            "recipients": {
+                                "bcc": [{
+                                    "method": "get_owner"
+                                }, {
+                                    "method": "get_submitter"
+                                }]
+                            }
+                        }
+                    ]
+                },
+            }
+        },
+        is_indexed=True,
+        use_deposit_as_record=True,
+    )
+    client.post(
+        '/jsonschemas/',
+        data=json.dumps(schema),
+        headers=json_headers + auth_headers_for_user(owner),
+    )
+
+    valid_patch = [
+        {
+            "op": "replace",
+            "path": "/actions/review/0/body/ctx/0/name",
+            "value": "cadi_identification"
+        }
+    ]
+    resp = client.patch(
+        '/jsonschemas/new-schema/notifications',
+        data=json.dumps(valid_patch),
+        headers=json_headers + auth_headers_for_user(owner),
+    )
+    assert resp.status_code == 201
+
+    invalid_patch = [
+        {
+            "op": "remove",
+            "path": "/actions/review/0/body/ctx/0/name"
+        }
+    ]
+    resp = client.patch(
+        '/jsonschemas/new-schema/notifications',
+        data=json.dumps(invalid_patch),
+        headers=json_headers + auth_headers_for_user(owner),
+    )
+    assert resp.status_code == 400
+    assert resp.json['message'] == 'Schema configuration validation error'
+
+    invalid_patch_test = {
+        "op": "remove",
+        "path": "/actions/review/0/body/ctx/0/name",
+        "value": "cadi_id",
+    }
+    resp = client.patch(
+        '/jsonschemas/new-schema/notifications',
+        data=json.dumps(invalid_patch_test),
+        headers=json_headers + auth_headers_for_user(owner),
+    )
+    assert resp.status_code == 400
+    assert resp.json['message'] == 'Could not apply json-patch to object: string indices must be integers'