feat: API to retrieve active email addrs (#7035)

* feat: API to retrieve active email addrs * test: Test active_email_list view * chore: Remove debug statement * fix: Return 405 on non-GET requests
2024-02-20 18:38:36 -04:00 · 2024-02-20 18:38:36 -04:00 · 89d2a0c012
parent 65cf001ecf
commit 89d2a0c012
3 changed files with 38 additions and 2 deletions
--- a/ietf/api/tests.py
+++ b/ietf/api/tests.py
@ -32,8 +32,8 @@ from ietf.meeting.factories import MeetingFactory, SessionFactory
 from ietf.meeting.models import Session
 from ietf.nomcom.models import Volunteer, NomCom
 from ietf.nomcom.factories import NomComFactory, nomcom_kwargs_for_year
-from ietf.person.factories import PersonFactory, random_faker
-from ietf.person.models import User
+from ietf.person.factories import PersonFactory, random_faker, EmailFactory
+from ietf.person.models import Email, User
 from ietf.person.models import PersonalApiKey
 from ietf.stats.models import MeetingRegistration
 from ietf.utils.mail import outbox, get_payload_text
@ -853,6 +853,28 @@ class CustomApiTests(TestCase):
            405,
        )

+    @override_settings(APP_API_TOKENS={"ietf.api.views.active_email_list": ["valid-token"]})
+    def test_active_email_list(self):
+        EmailFactory(active=True)  # make sure there's at least one active email...
+        EmailFactory(active=False)  # ... and at least one non-active emai
+        url = urlreverse("ietf.api.views.active_email_list")
+        r = self.client.post(url, headers={})
+        self.assertEqual(r.status_code, 403)
+        r = self.client.get(url, headers={})
+        self.assertEqual(r.status_code, 403)
+        r = self.client.get(url, headers={"X-Api-Key": "not-the-valid-token"})
+        self.assertEqual(r.status_code, 403)
+        r = self.client.post(url, headers={"X-Api-Key": "not-the-valid-token"})
+        self.assertEqual(r.status_code, 403)
+        r = self.client.post(url, headers={"X-Api-Key": "valid-token"})
+        self.assertEqual(r.status_code, 405)
+        r = self.client.get(url, headers={"X-Api-Key": "valid-token"})
+        self.assertEqual(r.status_code, 200)
+        self.assertEqual(r.headers["Content-Type"], "application/json")
+        result = json.loads(r.content)
+        self.assertCountEqual(result.keys(), ["addresses"])
+        self.assertCountEqual(result["addresses"], Email.objects.filter(active=True).values_list("address", flat=True))
+

 class DirectAuthApiTests(TestCase):

--- a/ietf/api/urls.py
+++ b/ietf/api/urls.py
@ -49,6 +49,8 @@ urlpatterns = [
    # OpenID authentication provider
    url(r'^openid/$', TemplateView.as_view(template_name='api/openid-issuer.html'), name='ietf.api.urls.oidc_issuer'),
    url(r'^openid/', include('oidc_provider.urls', namespace='oidc_provider')),
+    # Email alias listing
+    url(r'^person/email/$', api_views.active_email_list),
    # Draft submission API
    url(r'^submit/?$', submit_views.api_submit),
    # Draft upload API
--- a/ietf/api/views.py
+++ b/ietf/api/views.py
@ -488,3 +488,15 @@ def group_aliases(request):
            }
        )
    return HttpResponse(status=405)
+
+
+@requires_api_token
+@csrf_exempt
+def active_email_list(request):
+    if request.method == "GET":
+        return JsonResponse(
+            {
+                "addresses": list(Email.objects.filter(active=True).values_list("address", flat=True)),
+            }
+        )
+    return HttpResponse(status=405)