Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue 486: Signed Signature Endpoint #499

Closed
wants to merge 27 commits into from
Closed

Issue 486: Signed Signature Endpoint #499

wants to merge 27 commits into from

Conversation

riatzukiza
Copy link

@riatzukiza riatzukiza commented Jan 4, 2021
edited by carltonsmith
Loading

Summary of Changes

Add an endpoint for the frontend to perform get_object and put_object operations on s3 buckets

In order for the frontend to get permission to upload or download files from S3, the backend must create a presigned url. These presigned URLs are valid to anyone who has them for a limited amount of time. This is done so the frontend does not need access to secret information for s3 (API key and secret).

Addresses issue #457

How to Test

SESSION_ID="<SESSION_ID>"

CSRF_TOKEN=$(curl 'https://tdp-backend.app.cloud.gov/v1/auth_check' \
                  -H "Cookie: sessionid=$SESSION_ID; id_token=None" \
                  -H 'Sec-GPC: 1' 2>/dev/null | jq -r .csrf)

# Create a report so we can retrieve it

curl 'https://tdp-backend.app.cloud.gov/v1/reports/signed_url/' \
     -X 'POST' \
     -H "Cookie: csrftoken=$CSRF_TOKEN; sessionid=$SESSION_ID; id_token=None" \
     -H 'Accept: application/json, text/plain, */*' \
     -H 'Content-Type: application/json;charset=utf-8' \
     -H "X-CSRFToken: $CSRF_TOKEN" \
     -H 'Sec-GPC: 1' \
     --data '{ "file_type":"text", "file_name":"28b98dc2-80ec-11eb-9439-0242ac130002", "client_method":"put_object" }' > test.html

# Open resulting file (Mac)

open test.html

# Open resulting file (Windows)

start "chrome" test.html

The test.html should have a result similar to this:

{"signed_url":"https://cg-f073b546-cf1c-4960-845f-746318ebc15e.s3.us-gov-west-1.amazonaws.com/28b98dc2-80ec-11eb-9439-0242ac130002?AWSAccessKeyId=AKIAR7FXZINYNGDGPPZ5&Signature=6pAg9%2BwoCfOH%2FlAIlUYu1OksFV8%3D&content-type=text&Expires=1615305483"}

Documentations

Documentation can be seen at http://<BACKEND_DOMAIN>/swagger/

Deliverable 1: Accepted Features

Performance Standard(s): At the beginning of each sprint, the Product Owner and development team will collaborate to define a set of user stories to be completed during the sprint. Acceptance criteria for each story will also be defined. The development team will deliver code and functionality to satisfy these user stories.

Acceptable Quality Level: Delivered code meets the acceptance criteria for each user story. Incomplete stories will be assessed and considered for inclusion in the next sprint.

  • The frontend is able to obtain a signed URL from the backend that allows it to post files to S3
  • Documentation of endpoint and security features

As facilitator/product manager, @kniz-raft will decide if ACs are met from Raft's perspective.

Deliverable 2: Tested Code

Performance Standard(s): Code delivered under the order must have substantial test code coverage. Version-controlled HHS GitHub repository of code that comprises products that will remain in the government domain.

Acceptable Quality Level: Minimum of 90% test coverage of all code. All areas of code are meaningfully tested.

  • Are all areas of code introduced in this PR meaningfully tested?
    • If this PR introduces backend code changes, are they meaningfully tested?
  • Are code coverage minimums met?

Deliverable 3: Properly Styled Code

Performance Standard(s): GSA 18F Front- End Guide

Acceptable Quality Level: 0 linting errors and 0 warnings

  • Are backend code style checks passing on CircleCI?
  • Are frontend code style checks passing on CircleCI?
  • Does this PR change any linting or CI settings? No

Deliverable 4: Accessible

This is a backend ticket with no accessibility changes

Deliverable 5: Deployed

Performance Standard(s): Code must successfully build and deploy into the staging environment.

Acceptable Quality Level: Successful build with a single command

NOTE: until we have a proper staging environment this may not be satisfiable prior to merging

  • Was the code successfully deployed via automated CircleCI process to development on Cloud.gov?

Deliverable 6: Documented

Performance Standard(s): Summary of user stories completed every two weeks. All dependencies are listed and the licenses are documented. Major functionality in the software/source code is documented, including system diagram. Individual methods are documented inline in a format that permits the use of tools such as JSDoc. All non-inherited 800-53 system security controls are documented in the Open Control or OSCAL format and HHS Section 508 Product Assessment Template (PAT) are updated as appropriate.

Acceptable Quality Level: Combination of manual review and automated testing, if available

  • If this PR introduces backend code, is that code documented both inline and overall?

Deliverable 7: Secure

Performance Standard(s): Open Web Application Security Project (OWASP) Application Security Verification Standard 3.0

Acceptable Quality Level: Code submitted must be free of medium- and high-level static and dynamic security vulnerabilities

  • Does the OWASP Scan pass on CircleCI?
  • Do manual code review and manual testing detect any security issues?

No security issues detected

@codecov
Copy link

codecov bot commented Jan 19, 2021
edited
Loading

Codecov Report

❗ No coverage uploaded for pull request base (epics/398/backend/485/get-files@9a81d33). Click here to learn what that means.
The diff coverage is n/a.

Impacted file tree graph

@@                        Coverage Diff                         @@
##             epics/398/backend/485/get-files     #499   +/-   ##
==================================================================
  Coverage                                   ?   99.87%           
==================================================================
  Files                                      ?       55           
  Lines                                      ?      819           
  Branches                                   ?       65           
==================================================================
  Hits                                       ?      818           
  Misses                                     ?        0           
  Partials                                   ?        1
Flag Coverage Δ
dev-backend 100.00% <0.00%> (?)
dev-frontend 99.67% <0.00%> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 9a81d33...89d8e60. Read the comment docs.

@riatzukiza riatzukiza closed this Feb 3, 2021
@riatzukiza riatzukiza reopened this Feb 23, 2021
@riatzukiza riatzukiza changed the base branch from epics/398/backend/485/get-files to raft-tdp-main February 23, 2021 15:33
@riatzukiza riatzukiza changed the base branch from raft-tdp-main to epics/398/backend/431-4-7 February 23, 2021 15:33
@carltonsmith carltonsmith added Blocked Label for Pull Requests that are currently blocked by a dependency WIP labels Feb 23, 2021
@carltonsmith carltonsmith changed the title Epics/398/backend/486/signed get s3 WIP: Epics/398/backend/486/signed get s3 Feb 23, 2021
@riatzukiza riatzukiza force-pushed the epics/398/backend/486/signed-get-s3 branch from 89d8e60 to 6d2d682 Compare March 1, 2021 21:43
jtwillis92
jtwillis92 reviewed Mar 1, 2021
View reviewed changes
.gitignore Outdated Show resolved Hide resolved
@riatzukiza riatzukiza force-pushed the epics/398/backend/486/signed-get-s3 branch from 39b74d9 to fbe4196 Compare March 3, 2021 17:51
@carltonsmith carltonsmith changed the base branch from epics/398/backend/431-4-7 to raft-tdp-main March 8, 2021 20:54
@carltonsmith carltonsmith changed the title WIP: Epics/398/backend/486/signed get s3 Epics/398/backend/486/signed get s3 Mar 8, 2021
@carltonsmith carltonsmith added raft review This issue is ready for raft review and removed Blocked Label for Pull Requests that are currently blocked by a dependency WIP labels Mar 8, 2021
@carltonsmith carltonsmith changed the title Epics/398/backend/486/signed get s3 Issue 486: Signed Signature Endpoint Mar 19, 2021
@ADPennington
Copy link
Collaborator

I'm getting an error trying to get to the backend after deploying to dev site. Checked the logs in cloud.gov and noticed this:

16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 1006, in _gcd_import
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 983, in _find_and_load
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 967, in _find_and_load_unlocked
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 677, in _load_unlocked
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap_external>", line 728, in exec_module
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 219, in _call_with_frames_removed
16:12:40.832: [APP/PROC/WEB.0]   File "/tdpapp/tdpservice/urls.py", line 29, in <module>
16:12:40.832: [APP/PROC/WEB.0]     path("", include("tdpservice.users.urls")),
16:12:40.832: [APP/PROC/WEB.0]   File "/usr/local/lib/python3.7/site-packages/django/urls/conf.py", line 34, in include
16:12:40.832: [APP/PROC/WEB.0]     urlconf_module = import_module(urlconf_module)
16:12:40.832: [APP/PROC/WEB.0]   File "/usr/local/lib/python3.7/importlib/__init__.py", line 127, in import_module
16:12:40.832: [APP/PROC/WEB.0]     return _bootstrap._gcd_import(name[level:], package, level)
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 1006, in _gcd_import
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 983, in _find_and_load
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 967, in _find_and_load_unlocked
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 677, in _load_unlocked
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap_external>", line 728, in exec_module
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 219, in _call_with_frames_removed
16:12:40.832: [APP/PROC/WEB.0]   File "/tdpapp/tdpservice/users/urls.py", line 5, in <module>
16:12:40.832: [APP/PROC/WEB.0]     from . import views
16:12:40.832: [APP/PROC/WEB.0]   File "/tdpapp/tdpservice/users/views.py", line 9, in <module>
16:12:40.832: [APP/PROC/WEB.0]     from .permissions import IsAdmin, IsUser
16:12:40.832: [APP/PROC/WEB.0]   File "/tdpapp/tdpservice/users/permissions.py", line 8
16:12:40.832: [APP/PROC/WEB.0]     if (requested_stt := request.data.get('stt')) is None:
16:12:40.832: [APP/PROC/WEB.0]                       ^
16:12:40.832: [APP/PROC/WEB.0] SyntaxError: invalid syntax
16:12:40.832: [APP/PROC/WEB.0] During handling of the above exception, another exception occurred:

which is pointing to the walrus operator. this operator is introduced in python version 3.8. we noticed that dockerfile.dev referenced python version 3.7. is it possible that this is source of the trouble getting to the backend site?

cc: @carltonsmith

@riatzukiza
Copy link
Author

I'm getting an error trying to get to the backend after deploying to dev site. Checked the logs in cloud.gov and noticed this:

16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 1006, in _gcd_import
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 983, in _find_and_load
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 967, in _find_and_load_unlocked
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 677, in _load_unlocked
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap_external>", line 728, in exec_module
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 219, in _call_with_frames_removed
16:12:40.832: [APP/PROC/WEB.0]   File "/tdpapp/tdpservice/urls.py", line 29, in <module>
16:12:40.832: [APP/PROC/WEB.0]     path("", include("tdpservice.users.urls")),
16:12:40.832: [APP/PROC/WEB.0]   File "/usr/local/lib/python3.7/site-packages/django/urls/conf.py", line 34, in include
16:12:40.832: [APP/PROC/WEB.0]     urlconf_module = import_module(urlconf_module)
16:12:40.832: [APP/PROC/WEB.0]   File "/usr/local/lib/python3.7/importlib/__init__.py", line 127, in import_module
16:12:40.832: [APP/PROC/WEB.0]     return _bootstrap._gcd_import(name[level:], package, level)
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 1006, in _gcd_import
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 983, in _find_and_load
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 967, in _find_and_load_unlocked
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 677, in _load_unlocked
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap_external>", line 728, in exec_module
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 219, in _call_with_frames_removed
16:12:40.832: [APP/PROC/WEB.0]   File "/tdpapp/tdpservice/users/urls.py", line 5, in <module>
16:12:40.832: [APP/PROC/WEB.0]     from . import views
16:12:40.832: [APP/PROC/WEB.0]   File "/tdpapp/tdpservice/users/views.py", line 9, in <module>
16:12:40.832: [APP/PROC/WEB.0]     from .permissions import IsAdmin, IsUser
16:12:40.832: [APP/PROC/WEB.0]   File "/tdpapp/tdpservice/users/permissions.py", line 8
16:12:40.832: [APP/PROC/WEB.0]     if (requested_stt := request.data.get('stt')) is None:
16:12:40.832: [APP/PROC/WEB.0]                       ^
16:12:40.832: [APP/PROC/WEB.0] SyntaxError: invalid syntax
16:12:40.832: [APP/PROC/WEB.0] During handling of the above exception, another exception occurred:

which is pointing to the walrus operator. this operator is introduced in python version 3.8. we noticed that dockerfile.dev referenced python version 3.7. is it possible that this is source of the trouble getting to the backend site?

cc: @carltonsmith

This seems very likely. We can either factor out the walrus operator, or update the version in the dockerfile.

@jtwillis92 jtwillis92 mentioned this pull request Mar 22, 2021
Closed
6 tasks
@jtwillis92
Copy link

I'm getting an error trying to get to the backend after deploying to dev site. Checked the logs in cloud.gov and noticed this:

16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 1006, in _gcd_import
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 983, in _find_and_load
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 967, in _find_and_load_unlocked
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 677, in _load_unlocked
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap_external>", line 728, in exec_module
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 219, in _call_with_frames_removed
16:12:40.832: [APP/PROC/WEB.0]   File "/tdpapp/tdpservice/urls.py", line 29, in <module>
16:12:40.832: [APP/PROC/WEB.0]     path("", include("tdpservice.users.urls")),
16:12:40.832: [APP/PROC/WEB.0]   File "/usr/local/lib/python3.7/site-packages/django/urls/conf.py", line 34, in include
16:12:40.832: [APP/PROC/WEB.0]     urlconf_module = import_module(urlconf_module)
16:12:40.832: [APP/PROC/WEB.0]   File "/usr/local/lib/python3.7/importlib/__init__.py", line 127, in import_module
16:12:40.832: [APP/PROC/WEB.0]     return _bootstrap._gcd_import(name[level:], package, level)
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 1006, in _gcd_import
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 983, in _find_and_load
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 967, in _find_and_load_unlocked
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 677, in _load_unlocked
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap_external>", line 728, in exec_module
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 219, in _call_with_frames_removed
16:12:40.832: [APP/PROC/WEB.0]   File "/tdpapp/tdpservice/users/urls.py", line 5, in <module>
16:12:40.832: [APP/PROC/WEB.0]     from . import views
16:12:40.832: [APP/PROC/WEB.0]   File "/tdpapp/tdpservice/users/views.py", line 9, in <module>
16:12:40.832: [APP/PROC/WEB.0]     from .permissions import IsAdmin, IsUser
16:12:40.832: [APP/PROC/WEB.0]   File "/tdpapp/tdpservice/users/permissions.py", line 8
16:12:40.832: [APP/PROC/WEB.0]     if (requested_stt := request.data.get('stt')) is None:
16:12:40.832: [APP/PROC/WEB.0]                       ^
16:12:40.832: [APP/PROC/WEB.0] SyntaxError: invalid syntax
16:12:40.832: [APP/PROC/WEB.0] During handling of the above exception, another exception occurred:

which is pointing to the walrus operator. this operator is introduced in python version 3.8. we noticed that dockerfile.dev referenced python version 3.7. is it possible that this is source of the trouble getting to the backend site?
cc: @carltonsmith

This seems very likely. We can either factor out the walrus operator, or update the version in the dockerfile.

I'd recommend that we rollback the usage of that operator and opened a separate ticket to track upgrading Python: #782

@ADPennington
Copy link
Collaborator

I'm getting an error trying to get to the backend after deploying to dev site. Checked the logs in cloud.gov and noticed this:

16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 1006, in _gcd_import
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 983, in _find_and_load
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 967, in _find_and_load_unlocked
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 677, in _load_unlocked
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap_external>", line 728, in exec_module
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 219, in _call_with_frames_removed
16:12:40.832: [APP/PROC/WEB.0]   File "/tdpapp/tdpservice/urls.py", line 29, in <module>
16:12:40.832: [APP/PROC/WEB.0]     path("", include("tdpservice.users.urls")),
16:12:40.832: [APP/PROC/WEB.0]   File "/usr/local/lib/python3.7/site-packages/django/urls/conf.py", line 34, in include
16:12:40.832: [APP/PROC/WEB.0]     urlconf_module = import_module(urlconf_module)
16:12:40.832: [APP/PROC/WEB.0]   File "/usr/local/lib/python3.7/importlib/__init__.py", line 127, in import_module
16:12:40.832: [APP/PROC/WEB.0]     return _bootstrap._gcd_import(name[level:], package, level)
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 1006, in _gcd_import
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 983, in _find_and_load
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 967, in _find_and_load_unlocked
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 677, in _load_unlocked
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap_external>", line 728, in exec_module
16:12:40.832: [APP/PROC/WEB.0]   File "<frozen importlib._bootstrap>", line 219, in _call_with_frames_removed
16:12:40.832: [APP/PROC/WEB.0]   File "/tdpapp/tdpservice/users/urls.py", line 5, in <module>
16:12:40.832: [APP/PROC/WEB.0]     from . import views
16:12:40.832: [APP/PROC/WEB.0]   File "/tdpapp/tdpservice/users/views.py", line 9, in <module>
16:12:40.832: [APP/PROC/WEB.0]     from .permissions import IsAdmin, IsUser
16:12:40.832: [APP/PROC/WEB.0]   File "/tdpapp/tdpservice/users/permissions.py", line 8
16:12:40.832: [APP/PROC/WEB.0]     if (requested_stt := request.data.get('stt')) is None:
16:12:40.832: [APP/PROC/WEB.0]                       ^
16:12:40.832: [APP/PROC/WEB.0] SyntaxError: invalid syntax
16:12:40.832: [APP/PROC/WEB.0] During handling of the above exception, another exception occurred:

which is pointing to the walrus operator. this operator is introduced in python version 3.8. we noticed that dockerfile.dev referenced python version 3.7. is it possible that this is source of the trouble getting to the backend site?
cc: @carltonsmith

This seems very likely. We can either factor out the walrus operator, or update the version in the dockerfile.

I'd recommend that we rollback the usage of that operator and opened a separate ticket to track upgrading Python: #782

this sounds good to me! @riatzukiza @jtwillis92

@kniz-raft kniz-raft requested a review from ADPennington March 24, 2021 14:41
@alexsoble alexsoble requested review from alexsoble and removed request for ADPennington March 25, 2021 19:49
@alexsoble
Copy link

alexsoble commented Mar 25, 2021
edited
Loading

Since I'm picking up some of the QASP reviewing from @ADPennington this week, I met up with @riatzukiza and we looked at the PR together.

We decided we want to make a couple of changes:

  • Test all the logical paths in the API permissions tests, including the "negative" tests to make sure unauthorized users can't call the endpoint.
  • Mock or stub out AWS S3 in the test suite, because I am unable to run the test suite locally as-is. I would need AWS S3 keys of some sort to run the tests as-is, stubbing or mocking will let us decouple our code from AWS and reduce risk of any accidental key leakage etc.
  • Possibly add a separate permissions class for the S3 pre-signed URL creation as opposed to the metadata DataFile record creation, since those two have slightly different permissions features.

alexsoble
alexsoble suggested changes Mar 25, 2021
View reviewed changes
Copy link

@alexsoble alexsoble left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(See comment above.)

@jtwillis92 jtwillis92 mentioned this pull request Mar 26, 2021
Closed
7 tasks
@jtwillis92
Copy link

  • Mock or stub out AWS S3 in the test suite, because I am unable to run the test suite locally as-is. I would need AWS S3 keys of some sort to run the tests as-is, stubbing or mocking will let us decouple our code from AWS and reduce risk of any accidental key leakage etc.

Opened this issue #793 to get us moved over to localstack for dev and CI instead of using the real AWS. We can either address this later or as part of this PR.

@alexsoble
Copy link

Thanks for tracking #793 as a separate ticket @jtwillis92!

One thing I'm wondering about @jtwillis92 @riatzukiza: If we choose to address simulating AWS later instead of addressing as part of this PR, what would be the best way to test the permissions logic around the Pre-Signed URLs? Test with live AWS S3 instances for now? Shift to more of a unit testing strategy?

@jtwillis92
Copy link

Opened #805 to address the need for a simulated AWS for local and CI environments.

@jtwillis92 jtwillis92 mentioned this pull request Mar 30, 2021
Merged
18 tasks
jtwillis92
jtwillis92 suggested changes Mar 31, 2021
View reviewed changes
tdrs-backend/tdpservice/reports/views.py
Comment on lines +52 to +56
s3_client = client(
's3',
aws_access_key_id=settings.AWS_S3_ACCESS_KEY_ID,
aws_secret_access_key=settings.AWS_S3_SECRET_ACCESS_KEY,
region_name=settings.AWS_REGION_NAME)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
s3_client = client(
's3',
aws_access_key_id=settings.AWS_S3_ACCESS_KEY_ID,
aws_secret_access_key=settings.AWS_S3_SECRET_ACCESS_KEY,
region_name=settings.AWS_REGION_NAME)
s3_client = get_s3_client()

tdrs-backend/tdpservice/reports/views.py
@@ -1,27 +1,73 @@
"""Check if user is authorized."""
import logging
from boto3 import client
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
from boto3 import client

tdrs-backend/tdpservice/reports/views.py
from .serializers import ReportFileSerializer

from rest_framework.decorators import action

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
from tdpservice.clients import get_s3_client

tdrs-backend/tdpservice/reports/views.py
from .models import User
from .serializers import ReportFileSerializer

from rest_framework.decorators import action
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: import organization

From PEP8:

Imports should be grouped in the following order:

Standard library imports.
Related third party imports.
Local application/library specific imports.
You should put a blank line between each group of imports.

Absolute imports are recommended, as they are usually more readable and tend to be better behaved (or at least give better error messages) if the import system is incorrectly configured

Additionally, alphabetization by module name is a bonus :D

@jtwillis92 jtwillis92 mentioned this pull request Apr 1, 2021
Closed
9 tasks
@jtwillis92
Copy link

Closing this one since we are moving forward with doing both downloads and uploads from the backend as opposed to pre-signed URLs.

Relevant ADRs:
#821
#813

@jtwillis92 jtwillis92 closed this Apr 7, 2021
@andrew-jameson andrew-jameson deleted the epics/398/backend/486/signed-get-s3 branch July 27, 2021 15:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ADPennington ADPennington ADPennington left review comments

@carltonsmith carltonsmith carltonsmith approved these changes

@jtwillis92 jtwillis92 jtwillis92 requested changes

@alexsoble alexsoble alexsoble requested changes

@lfrohlich lfrohlich Awaiting requested review from lfrohlich

Assignees
No one assigned
Labels
backend dev
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@riatzukiza @carltonsmith @ADPennington @jtwillis92 @alexsoble