feat: update project with changes from bettermarks licencing

Author: cl3m0

.github/workflows/pytest.yml

@@ -0,0 +1,52 @@
+name: "Python tests"
+
+on:
+  pull_request:
+    branches: ["main"]
+
+env:
+  SEGMENT: loc00
+  DB_HOST: localhost
+  DB_PORT: 5432
+  DB_USER: postgres
+  DB_PASSWORD: postgres
+  DB_NAME: test_licensing
+
+jobs:
+  pytest:
+    runs-on: ubuntu-latest
+
+    services:
+      postgres:
+        image: postgres:17
+        env:
+          POSTGRES_USER: postgres
+          POSTGRES_PASSWORD: postgres
+          POSTGRES_DB: test_licensing
+        ports: ["5432:5432"]
+        options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v5
+        with:
+          # Install a specific version of uv.
+          version: "0.6.3"
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version-file: ".python-version"
+
+      - run: uv sync --dev --frozen
+      - run: uv run pytest --cov bm.ucm
+
+      - uses: actions/upload-artifact@v4
+        if: always()
+        with:
+          name: coverage
+          path: htmlcov

.gitignore

@@ -80,9 +80,6 @@ target/
 profile_default/
 ipython_config.py
 
-# pyenv
-.python-version
-
 # pipenv
 #   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
 #   However, in case of collaboration, if having platform-specific dependencies or dependencies

.python-version

@@ -0,0 +1 @@
+3.12.9

k8s/Dockerfile.dev

@@ -30,6 +30,10 @@ RUN uv sync --extra export --frozen --no-editable --no-dev
 # INFO: final image only with virtual env
 FROM python:${python_version}-slim-bookworm
 ENV PYTHONUNBUFFERED 1
+ENV PATH="/venv/bin:$PATH"
 COPY --from=build /venv /venv
+COPY ./alembic.ini .
+COPY ./uvicorn_disable_logging.json .
+COPY ./src/services/licensing/data/sqlalchemy/migrations ./src/services/licensing/data/sqlalchemy/migrations
 
 CMD ["uvicorn", "services.licensing.main:app", "--host", "0.0.0.0", "--port", "8000", "--workers", "1", "--log-config", "uvicorn_disable_logging.json", "--timeout-keep-alive", "0"]

pyproject.toml

@@ -32,7 +32,9 @@ dependencies = [
 
 [project.optional-dependencies]
 export = ["motor==3.6.0", "paramiko==3.5.0", "sshtunnel==0.4.0"]
-tests = [
+
+[dependency-groups]
+dev = [
 	"black==25.1.0",
 	"bump2version==1.0.1",
 	"commitizen==4.1.0",

src/services/licensing/api/endpoints.py

@@ -0,0 +1,52 @@
+import functools
+import os
+
+from fastapi import APIRouter
+from fastapi import status as http_status
+
+from services.licensing import settings
+from services.licensing.business.service import LicensingService
+from services.licensing.exceptions import HTTPException
+from services.licensing.logging import LogLevel
+from services.licensing import __version__
+from services.licensing.settings import transaction_manager, repository
+
+router = APIRouter()
+
+
+@router.get("/livez", status_code=http_status.HTTP_200_OK)
+async def get_livez() -> dict:
+    return {
+        "status": "OK",
+    }
+
+
+@router.get("/status", status_code=http_status.HTTP_200_OK)
+async def get_status() -> dict:
+    async with transaction_manager() as tm:
+        if await LicensingService(repository(tm.session)).is_db_alive():
+            return {"status": "OK"}
+    raise HTTPException(
+        status_code=http_status.HTTP_500_INTERNAL_SERVER_ERROR,
+        message="Database not reachable",
+    )
+
+
+@router.get("/version", status_code=http_status.HTTP_200_OK)
+async def get_version() -> dict:
+    return {
+        "debug": True if settings.log_level == LogLevel.DEBUG else False,
+        "version": __version__,
+        "git:sha": get_version_sha(),
+        "segment": settings.segment,
+    }
+
+
+@functools.cache
+def get_version_sha():
+    if os.path.exists("./SHA.txt"):
+        with open("./SHA.txt", "r") as f:
+            sha = f.read().strip("\n")
+    else:
+        sha = "NO_GIT_SHA_FILE"
+    return sha

src/services/licensing/api/v1/api.py

@@ -1,18 +1,9 @@
 from fastapi import APIRouter
 
-from services.licensing.api.v1.endpoints import (
-    admin,
-    hierarchy,
-    member,
-    status,
-    order,
-    shop,
-)
+from services.licensing.api.v1.endpoints import admin, hierarchy, member, order
 
 api_router = APIRouter()
-
 api_router.include_router(admin.router, prefix="/admin", tags=["Admin"])
-api_router.include_router(status.router, prefix="/status", tags=["Status"])
 api_router.include_router(member.router, prefix="/member", tags=["Member"])
 api_router.include_router(hierarchy.router, prefix="/hierarchy", tags=["Hierarchy"])
 api_router.include_router(order.router, prefix="/order", tags=["Order"])

src/services/licensing/api/v1/endpoints/admin.py

@@ -104,7 +104,7 @@ async def create_license(
               message in case of an error
     """
     async with transaction_manager() as tm:
-        license_ = await LicensingService(repository(tm.session)).create_license(
+        license_dict = await LicensingService(repository(tm.session)).create_license(
             hierarchy_provider_uri=data.hierarchy_provider_uri,
             manager_eid=data.manager_eid,
             product_eid=data.product_eid,
@@ -123,10 +123,10 @@ async def create_license(
             logger.info(
                 "Successfully created license",
                 is_trial=False,
-                uuid=license_["uuid"],
-                product=license_["product_eid"],
-                owner_type=license_["owner_type"],
-                nof_seats=license_["nof_seats"],
+                uuid=license_dict["uuid"],
+                product=license_dict["product_eid"],
+                owner_type=license_dict["owner_type"],
+                nof_seats=license_dict["nof_seats"],
             )
         except DuplicateEntryException:
             raise HTTPException(
@@ -137,7 +137,7 @@ async def create_license(
                     "already exists"
                 ),
             )
-        return LicenseCreatedSchema.parse_obj(license_) if license_ else None
+        return LicenseCreatedSchema.parse_obj(license_dict)
 
 
 @router.get("/licenses/{license_uuid}", status_code=http_status.HTTP_200_OK)
@@ -180,3 +180,13 @@ async def update_license(
             payload["filter_restrictions"],
             **license_update.dict(exclude_unset=True)
         )
+
+
+@router.delete("/licenses/{license_uuid}", status_code=http_status.HTTP_200_OK)
+async def delete_license(
+    license_uuid: str,
+    token_data: Tuple[str, Dict[str, Any]] = Depends(authorize_with_admin_token),
+) -> None:
+    async with transaction_manager() as tm:
+        await LicensingService(repository(tm.session)).delete_license(license_uuid)
+        await tm.commit()

src/services/licensing/api/v1/endpoints/hierarchy.py

@@ -165,3 +165,53 @@ async def get_licenses_for_entity(
                 payload["iss"], data.entity_type, data.entity_eid, hierarchies
             )
         ]
+
+
+@router.post("/licenses/{license_id}", status_code=http_status.HTTP_200_OK)
+async def get_managed_license_by_uuid(
+    license_id: str,
+    _: HierarchiesSchema = Body(default_factory=HierarchiesSchema),
+    token_data: Tuple[str, Dict[str, Any]] = Depends(authorize_with_hierarchies_token),
+) -> LicenseManagedSchema | None:
+    """
+    Route for getting all the licenses in the hierarchy of a given user that they have
+    created.
+
+    ### Example Bearer Token structure
+    ```
+    {
+        "iss": "https://acc.bettermarks.com/ucm",
+        "exp": 1701789570.99798,
+        "sub": "12@EN_test",
+        "iat": 1701788970.99799,
+        "jti": "2b47ca46-28b9-4b8d-bd1c-a893acb9de29",
+        "hashes": {
+            "memberships": {
+                "alg": "SHA256",
+                "hash": "86f8b8313c183b3f9ee74b9c042ee440b894f690e9f6308de3da63fd4a6b8"
+            }
+        }
+    }
+    ```
+    \f
+    :param license_id: License ID
+        :param _: a list of hierarchies of a user (is not used right now)
+    :param token_data: info gotten from hierarchies token
+    :return: a JSON object
+    """
+    _, payload = token_data
+
+    async with transaction_manager() as tm:
+        license_item = await LicensingService(
+            repository(tm.session)
+        ).get_managed_licenses_by_id(
+            license_id,
+            payload["iss"],
+            payload["sub"],
+        )
+        item = (
+            LicenseManagedSchema.parse_obj(asdict(license_item))
+            if license_item
+            else None
+        )
+        return item

src/services/licensing/api/v1/endpoints/member.py

@@ -86,7 +86,25 @@ async def get_accessible_products(
     )
 
 
-@router.post("/licenses/trial", status_code=http_status.HTTP_201_CREATED)
+@router.post(
+    "/licenses/trial",
+    status_code=http_status.HTTP_201_CREATED,
+    responses={
+        409: {
+            "description": "Duplicate Error",
+            "content": {
+                "application/json": {
+                    "example": {
+                        "detail": (
+                            "Trial license creation failed:"
+                            " A trial license for this entity already exists"
+                        ),
+                    },
+                },
+            },
+        },
+    },
+)
 async def create_trial_license(
     data: LicenseTrialSchema,
     token_data: Tuple[str, Dict[str, Any]] = Depends(authorize_with_memberships_token),
@@ -112,6 +130,11 @@ async def create_trial_license(
 
     # Do the actual check, if the owner EID is part of the memberships.
     if Entity(type_=data.owner_type, eid=data.owner_eid) not in memberships:
+        logger.warn(
+            "license owner does not match any users membership",
+            owner_type=data.owner_type,
+            owner_eid=data.owner_eid,
+        )
         raise HTTPException(
             status_code=http_status.HTTP_422_UNPROCESSABLE_ENTITY,
             message=(
@@ -140,7 +163,7 @@ async def create_trial_license(
                     "A trial license for this entity already exists"
                 ),
             )
-        license_ = await LicensingService(repository(tm.session)).create_license(
+        license_dict = await LicensingService(repository(tm.session)).create_license(
             hierarchy_provider_uri=payload["iss"],
             manager_eid=payload["sub"],
             product_eid=data.product_eid,
@@ -158,10 +181,10 @@ async def create_trial_license(
             logger.info(
                 "Successfully created license",
                 is_trial=True,
-                uuid=license_["uuid"],
-                product=license_["product_eid"],
-                owner_type=license_["owner_type"],
-                nof_seats=license_["nof_seats"],
+                uuid=license_dict["uuid"],
+                product=license_dict["product_eid"],
+                owner_type=license_dict["owner_type"],
+                nof_seats=license_dict["nof_seats"],
             )
         except DuplicateEntryException:
             raise HTTPException(
@@ -171,7 +194,7 @@ async def create_trial_license(
                     "A license with these properties already exists"
                 ),
             )
-    return license_
+    return LicenseCreatedSchema.parse_obj(license_dict)
 
 
 @router.post("/licenses", status_code=http_status.HTTP_200_OK)
@@ -187,9 +210,9 @@ async def get_available_licenses(
     ### Example Bearer Token structure
     ```
     {
-        "iss": "https://your-domain.com/ucm",
+        "iss": "https://acc.bettermarks.com/ucm",
         "exp": 1701799583.393268,
-        "sub": "3@DE_tesyt",
+        "sub": "3@DE_bettermarks",
         "iat": 1701798983.393283,
         "jti": "77ab5b01-83a0-44f3-a086-d25162aae84e",
         "hashes": {