Skip to content

Commit

Permalink
feat: add validation on subsidy uuid
Browse files Browse the repository at this point in the history
  • Loading branch information
@muhammad-ammar
muhammad-ammar committed Dec 9, 2024
1 parent 24873c3 commit ea29748
Show file tree
Hide file tree
Showing 4 changed files with 57 additions and 9 deletions.
8 changes: 7 additions & 1 deletion enterprise_access/apps/subsidy_access_policy/admin/__init__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@
SubsidyAccessPolicySetLateRedemptionView
)

from .forms import ForcedPolicyRedemptionForm
from .forms import ForcedPolicyRedemptionForm, SubsidyAccessPolicyForm

logger = logging.getLogger(__name__)

Expand Down Expand Up @@ -199,6 +199,8 @@ class PerLearnerEnrollmentCreditAccessPolicy(DjangoQLSearchMixin, BaseSubsidyAcc
"""
Admin configuration for PerLearnerEnrollmentCreditAccessPolicy.
"""
form = SubsidyAccessPolicyForm

list_display = BaseSubsidyAccessPolicyMixin.list_display + (
'per_learner_enrollment_limit',
)
Expand Down Expand Up @@ -250,6 +252,8 @@ class PerLearnerSpendCreditAccessPolicy(DjangoQLSearchMixin, BaseSubsidyAccessPo
"""
Admin configuration for PerLearnerSpendCreditAccessPolicy.
"""
form = SubsidyAccessPolicyForm

list_display = BaseSubsidyAccessPolicyMixin.list_display + (
'per_learner_spend_limit_dollars',
)
Expand Down Expand Up @@ -313,6 +317,8 @@ class LearnerContentAssignmentAccessPolicy(DjangoQLSearchMixin, BaseSubsidyAcces
"""
Admin configuration for AssignedLearnerCreditAccessPolicy.
"""
form = SubsidyAccessPolicyForm

search_fields = (
'uuid',
'display_name',
Expand Down
33 changes: 32 additions & 1 deletion enterprise_access/apps/subsidy_access_policy/admin/forms.py
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,15 @@
"""
Forms to be used for subsidy_access_policy django admin.
"""
import requests
from django import forms
from django.conf import settings
from django.core.exceptions import ValidationError
from django.utils.translation import gettext as _

from ..models import ForcedPolicyRedemption
from enterprise_access.apps.subsidy_access_policy.utils import get_versioned_subsidy_client

from ..models import ForcedPolicyRedemption, SubsidyAccessPolicy


class LateRedemptionDaysFromNowChoices:
Expand Down Expand Up @@ -92,3 +96,30 @@ class ForcedPolicyRedemptionForm(forms.ModelForm):
class Meta:
model = ForcedPolicyRedemption
fields = '__all__'


class SubsidyAccessPolicyForm(forms.ModelForm):
"""
Admin form for the SubsidyAccessPolicy model.
"""
def clean_subsidy_uuid(self):
"""
Validate that the subsidy exists and is assigned to the same enterprise customer as the budget.
"""
# 1. check if the subsidy_uuid actually exists
# 2. subsidy is assigned to the same enterprise customer as the budget
# if any of these checks fail, raise a ValidationError
client = get_versioned_subsidy_client(version=1)
try:
subsidy = client.retrieve_subsidy(self.cleaned_data["subsidy_uuid"])
except requests.exceptions.HTTPError as exc:
raise ValidationError("Subsidy does not exist") from exc

if str(subsidy["enterprise_customer_uuid"]) != str(self.cleaned_data["enterprise_customer_uuid"]):
raise ValidationError("Subsidy is not assigned to the same enterprise customer as the budget") from exc

return self.cleaned_data["subsidy_uuid"]

class Meta:
model = SubsidyAccessPolicy
fields = '__all__'
6 changes: 3 additions & 3 deletions enterprise_access/settings/base.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -285,8 +285,8 @@ def root(*path_fragments):
SOCIAL_AUTH_EDX_OAUTH2_SECRET = 'replace-me'
SOCIAL_AUTH_EDX_OAUTH2_URL_ROOT = 'replace-me'
SOCIAL_AUTH_EDX_OAUTH2_LOGOUT_URL = 'replace-me'
BACKEND_SERVICE_EDX_OAUTH2_KEY = 'replace-me'
BACKEND_SERVICE_EDX_OAUTH2_SECRET = 'replace-me'
BACKEND_SERVICE_EDX_OAUTH2_KEY = 'enterprise-backend-service-key'
BACKEND_SERVICE_EDX_OAUTH2_SECRET = 'enterprise-backend-service-secret'

JWT_AUTH = {
'JWT_AUTH_HEADER_PREFIX': 'JWT',
Expand Down Expand Up @@ -464,7 +464,7 @@ def root(*path_fragments):
ENTERPRISE_ADMIN_PORTAL_URL = ''
DISCOVERY_URL = ''
ENTERPRISE_CATALOG_URL = ''
ENTERPRISE_SUBSIDY_URL = ''
ENTERPRISE_SUBSIDY_URL = 'http://localhost:19001/'
ENTERPRISE_ACCESS_URL = ''

# API Client timeouts
Expand Down
19 changes: 15 additions & 4 deletions enterprise_access/settings/local.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,10 +52,21 @@
OAUTH2_PROVIDER_URL = 'http://localhost:18000/oauth2'

JWT_AUTH.update({
'JWT_ALGORITHM': 'HS256',
'JWT_SECRET_KEY': SOCIAL_AUTH_EDX_OAUTH2_SECRET,
'JWT_ISSUER': OAUTH2_PROVIDER_URL,
'JWT_AUDIENCE': SOCIAL_AUTH_EDX_OAUTH2_KEY,
'JWT_SECRET_KEY': 'lms-secret',
'JWT_ISSUER': 'http://localhost:18000/oauth2',
'JWT_AUDIENCE': None,
'JWT_VERIFY_AUDIENCE': False,
'JWT_PUBLIC_SIGNING_JWK_SET': (
'{"keys": [{"kid": "devstack_key", "e": "AQAB", "kty": "RSA", "n": "smKFSYowG6nNUAdeqH1jQQnH1PmIHphzBmwJ5vRf1vu'
'48BUI5VcVtUWIPqzRK_LDSlZYh9D0YFL0ZTxIrlb6Tn3Xz7pYvpIAeYuQv3_H5p8tbz7Fb8r63c1828wXPITVTv8f7oxx5W3lFFgpFAyYMmROC'
'4Ee9qG5T38LFe8_oAuFCEntimWxN9F3P-FJQy43TL7wG54WodgiM0EgzkeLr5K6cDnyckWjTuZbWI-4ffcTgTZsL_Kq1owa_J2ngEfxMCObnzG'
'y5ZLcTUomo4rZLjghVpq6KZxfS6I1Vz79ZsMVUWEdXOYePCKKsrQG20ogQEkmTf9FT_SouC6jPcHLXw"}]}'
),
'JWT_ISSUERS': [{
'AUDIENCE': 'lms-key',
'ISSUER': 'http://localhost:18000/oauth2',
'SECRET_KEY': 'lms-secret',
}],
})

ENABLE_AUTO_AUTH = True
Expand Down

0 comments on commit ea29748

Please sign in to comment.