Merge pull request #116 from VineetBala-AOT/main

Adding cors allowed origin to api end points

Author: VineetBala-AOT

condition-api/src/condition_api/resources/amendment.py

@@ -15,15 +15,16 @@
 
 from http import HTTPStatus
 
-from flask_restx import Namespace, Resource, cors
+from flask_cors import cross_origin
+from flask_restx import Namespace, Resource
 
 from marshmallow import ValidationError
 
 from condition_api.models.document import Document
 from condition_api.schemas.amendment import AmendmentSchema
 from condition_api.services.amendment_service import AmendmentService
 from condition_api.utils.roles import EpicConditionRole
-from condition_api.utils.util import cors_preflight
+from condition_api.utils.util import allowedorigins, cors_preflight
 
 from .apihelper import Api as ApiHelper
 from ..auth import auth
@@ -47,7 +48,7 @@ class AmendmentsResource(Resource):
     @API.response(code=HTTPStatus.OK, model=amendment_model, description="Create amendments")
     @API.response(HTTPStatus.BAD_REQUEST, "Bad Request")
     @auth.has_one_of_roles([EpicConditionRole.VIEW_CONDITIONS.value])
-    @cors.crossdomain(origin="*")
+    @cross_origin(origins=allowedorigins())
     def post(document_id):
         """Create a new amendment."""
         try:

condition-api/src/condition_api/resources/attribute_key.py

@@ -17,14 +17,15 @@
 
 from flask import request
 
-from flask_restx import Namespace, Resource, cors
+from flask_cors import cross_origin
+from flask_restx import Namespace, Resource
 
 from marshmallow import ValidationError
 
 from condition_api.schemas.attribute_key import AttributeKeySchema
 from condition_api.services.attribute_key_service import AttributeKeyService
 from condition_api.utils.roles import EpicConditionRole
-from condition_api.utils.util import cors_preflight
+from condition_api.utils.util import allowedorigins, cors_preflight
 
 from .apihelper import Api as ApiHelper
 from ..auth import auth
@@ -48,7 +49,7 @@ class AttributeKeyResource(Resource):
     @API.response(code=HTTPStatus.CREATED, model=attributes_model, description="Get attribute keys")
     @API.response(HTTPStatus.BAD_REQUEST, "Bad Request")
     @auth.has_one_of_roles([EpicConditionRole.VIEW_CONDITIONS.value])
-    @cors.crossdomain(origin="*")
+    @cross_origin(origins=allowedorigins())
     def get(condition_id):
         """Fetch attribute keys."""
         management_plan_id = request.args.get("management_plan_id", type=int)

condition-api/src/condition_api/resources/condition.py

@@ -16,8 +16,8 @@
 from http import HTTPStatus
 
 from flask import request
-
-from flask_restx import Namespace, Resource, cors
+from flask_cors import cross_origin
+from flask_restx import Namespace, Resource
 
 from marshmallow import ValidationError
 
@@ -28,7 +28,7 @@
     ProjectDocumentConditionDetailSchema, ProjectDocumentConditionSchema
 from condition_api.services.condition_service import ConditionService
 from condition_api.utils.roles import EpicConditionRole
-from condition_api.utils.util import cors_preflight
+from condition_api.utils.util import allowedorigins, cors_preflight
 
 from .apihelper import Api as ApiHelper
 from ..auth import auth
@@ -53,7 +53,7 @@ class ConditionDetailsResource(Resource):
     @API.response(code=HTTPStatus.CREATED, model=condition_model, description="Get conditions")
     @API.response(HTTPStatus.BAD_REQUEST, "Bad Request")
     @auth.has_one_of_roles([EpicConditionRole.VIEW_CONDITIONS.value])
-    @cors.crossdomain(origin="*")
+    @cross_origin(origins=allowedorigins())
     def get(project_id, document_id, condition_id):
         """Fetch conditions and condition attributes by project ID."""
         try:
@@ -82,7 +82,7 @@ class ConditionDetailsPatchResource(Resource):
         code=HTTPStatus.OK, model=condition_model, description="Edit conditions"
     )
     @API.response(HTTPStatus.BAD_REQUEST, "Bad Request")
-    @cors.crossdomain(origin="*")
+    @cross_origin(origins=allowedorigins())
     @auth.has_one_of_roles([EpicConditionRole.VIEW_CONDITIONS.value])
     def patch(condition_id):
         """Edit condition data."""
@@ -117,7 +117,7 @@ class ConditionDetailResource(Resource):
     @API.response(code=HTTPStatus.CREATED, model=condition_model, description="Get conditions")
     @API.response(HTTPStatus.BAD_REQUEST, "Bad Request")
     @auth.has_one_of_roles([EpicConditionRole.VIEW_CONDITIONS.value])
-    @cors.crossdomain(origin="*")
+    @cross_origin(origins=allowedorigins())
     def get(project_id, document_id):
         """Fetch conditions and condition attributes by project ID."""
         try:
@@ -140,7 +140,7 @@ def get(project_id, document_id):
     @API.response(code=HTTPStatus.OK, model=condition_model, description="Create condition")
     @API.response(HTTPStatus.BAD_REQUEST, "Bad Request")
     @auth.has_one_of_roles([EpicConditionRole.VIEW_CONDITIONS.value])
-    @cors.crossdomain(origin="*")
+    @cross_origin(origins=allowedorigins())
     def post(project_id, document_id):
         """Create a new condition."""
         try:
@@ -165,7 +165,7 @@ class ConditionResource(Resource):
     @API.response(code=HTTPStatus.CREATED, model=condition_model, description="Get conditions")
     @API.response(HTTPStatus.BAD_REQUEST, "Bad Request")
     @auth.has_one_of_roles([EpicConditionRole.VIEW_CONDITIONS.value])
-    @cors.crossdomain(origin="*")
+    @cross_origin(origins=allowedorigins())
     def get(condition_id):
         """Fetch conditions and condition attributes by condition ID."""
         try:
@@ -187,7 +187,7 @@ def get(condition_id):
         code=HTTPStatus.OK, model=condition_model, description="Edit conditions"
     )
     @API.response(HTTPStatus.BAD_REQUEST, "Bad Request")
-    @cors.crossdomain(origin="*")
+    @cross_origin(origins=allowedorigins())
     @auth.has_one_of_roles([EpicConditionRole.VIEW_CONDITIONS.value])
     def patch(condition_id):
         """Edit condition data."""
@@ -219,7 +219,7 @@ def patch(condition_id):
         code=HTTPStatus.OK, model=condition_model, description="Delete conditions"
     )
     @API.response(HTTPStatus.BAD_REQUEST, "Bad Request")
-    @cors.crossdomain(origin="*")
+    @cross_origin(origins=allowedorigins())
     @auth.has_one_of_roles([EpicConditionRole.VIEW_CONDITIONS.value])
     def delete(condition_id):
         """Remove condition data."""

condition-api/src/condition_api/resources/condition_attribute.py

@@ -16,14 +16,15 @@
 from http import HTTPStatus
 
 from flask import request
-from flask_restx import Namespace, Resource, cors
+from flask_cors import cross_origin
+from flask_restx import Namespace, Resource
 
 from marshmallow import ValidationError
 
 from condition_api.schemas.condition_attribute import ConditionAttributesSchema
 from condition_api.services.condition_attribute_service import ConditionAttributeService
 from condition_api.utils.roles import EpicConditionRole
-from condition_api.utils.util import cors_preflight
+from condition_api.utils.util import allowedorigins, cors_preflight
 
 from .apihelper import Api as ApiHelper
 from ..auth import auth
@@ -48,7 +49,7 @@ class ConditionAttributeaResource(Resource):
         code=HTTPStatus.OK, model=condition_model, description="Edit condition attributes"
     )
     @API.response(HTTPStatus.BAD_REQUEST, "Bad Request")
-    @cors.crossdomain(origin="*")
+    @cross_origin(origins=allowedorigins())
     @auth.has_one_of_roles([EpicConditionRole.VIEW_CONDITIONS.value])
     def patch(condition_id):
         """Edit condition attributes data."""
@@ -68,7 +69,7 @@ def patch(condition_id):
         code=HTTPStatus.OK, model=condition_model, description="Delete condition attributes"
     )
     @API.response(HTTPStatus.BAD_REQUEST, "Bad Request")
-    @cors.crossdomain(origin="*")
+    @cross_origin(origins=allowedorigins())
     @auth.has_one_of_roles([EpicConditionRole.VIEW_CONDITIONS.value])
     def delete(condition_id):
         """Remove condition attribute data."""

condition-api/src/condition_api/resources/consolidated_condition.py

@@ -16,14 +16,14 @@
 from http import HTTPStatus
 
 from flask import request
-
-from flask_restx import Namespace, Resource, cors
+from flask_cors import cross_origin
+from flask_restx import Namespace, Resource
 
 from marshmallow import ValidationError
 
 from condition_api.services import authorization
 from condition_api.services.condition_service import ConditionService
-from condition_api.utils.util import cors_preflight
+from condition_api.utils.util import allowedorigins, cors_preflight
 
 from .apihelper import Api as ApiHelper
 from ..auth import auth
@@ -42,7 +42,7 @@ class ConditionResource(Resource):
     @ApiHelper.swagger_decorators(API, endpoint_description="Get consolidated conditions by project id")
     @API.response(HTTPStatus.BAD_REQUEST, "Bad Request")
     @auth.optional
-    @cors.crossdomain(origin="*")
+    @cross_origin(origins=allowedorigins())
     def get(project_id):
         """Fetch consolidated conditions and condition attributes by project ID."""
         try:

condition-api/src/condition_api/resources/document.py

@@ -16,8 +16,8 @@
 from http import HTTPStatus
 
 from flask import request
-
-from flask_restx import Namespace, Resource, cors
+from flask_cors import cross_origin
+from flask_restx import Namespace, Resource
 
 from marshmallow import ValidationError
 
@@ -26,7 +26,7 @@
 from condition_api.schemas.document import DocumentSchema, DocumentTypeSchema
 from condition_api.services.document_service import DocumentService
 from condition_api.utils.roles import EpicConditionRole
-from condition_api.utils.util import cors_preflight
+from condition_api.utils.util import allowedorigins, cors_preflight
 
 from .apihelper import Api as ApiHelper
 from ..auth import auth
@@ -50,7 +50,7 @@ class DocumentsResource(Resource):
     @API.response(code=HTTPStatus.OK, model=document_model, description="Create documents")
     @API.response(HTTPStatus.BAD_REQUEST, "Bad Request")
     @auth.has_one_of_roles([EpicConditionRole.VIEW_CONDITIONS.value])
-    @cors.crossdomain(origin="*")
+    @cross_origin(origins=allowedorigins())
     def post(project_id):
         """Create a new document."""
         try:
@@ -71,7 +71,7 @@ def post(project_id):
     @API.response(code=HTTPStatus.OK, model=document_model, description="Get all documents")
     @API.response(HTTPStatus.BAD_REQUEST, "Bad Request")
     @auth.has_one_of_roles([EpicConditionRole.VIEW_CONDITIONS.value])
-    @cors.crossdomain(origin="*")
+    @cross_origin(origins=allowedorigins())
     def get(project_id):
         """Get all documents."""
         try:
@@ -94,7 +94,7 @@ class DocumentTypeResource(Resource):
     @API.response(code=HTTPStatus.OK, model=document_model, description="Get all document type")
     @API.response(HTTPStatus.BAD_REQUEST, "Bad Request")
     @auth.has_one_of_roles([EpicConditionRole.VIEW_CONDITIONS.value])
-    @cors.crossdomain(origin="*")
+    @cross_origin(origins=allowedorigins())
     def get():
         """Get all document type."""
         try:
@@ -117,7 +117,7 @@ class DocumentResource(Resource):
     @API.response(code=HTTPStatus.CREATED, model=document_model, description="Get document details")
     @API.response(HTTPStatus.BAD_REQUEST, "Bad Request")
     @auth.has_one_of_roles([EpicConditionRole.VIEW_CONDITIONS.value])
-    @cors.crossdomain(origin="*")
+    @cross_origin(origins=allowedorigins())
     def get(document_id):
         """Fetch document details by document ID."""
         try:
@@ -136,7 +136,7 @@ def get(document_id):
         code=HTTPStatus.OK, model=document_model, description="Edit document"
     )
     @API.response(HTTPStatus.BAD_REQUEST, "Bad Request")
-    @cors.crossdomain(origin="*")
+    @cross_origin(origins=allowedorigins())
     @auth.has_one_of_roles([EpicConditionRole.VIEW_CONDITIONS.value])
     def patch(document_id):
         """Edit document label."""

condition-api/src/condition_api/resources/document_category.py

@@ -15,14 +15,15 @@
 
 from http import HTTPStatus
 
-from flask_restx import Namespace, Resource, cors
+from flask_cors import cross_origin
+from flask_restx import Namespace, Resource
 
 from marshmallow import ValidationError
 
 from condition_api.schemas.document_category import DocumentCategorySchema
 from condition_api.services.document_service import DocumentService
 from condition_api.utils.roles import EpicConditionRole
-from condition_api.utils.util import cors_preflight
+from condition_api.utils.util import allowedorigins, cors_preflight
 
 from .apihelper import Api as ApiHelper
 from ..auth import auth
@@ -46,7 +47,7 @@ class DocumentCategoryResource(Resource):
     @API.response(code=HTTPStatus.OK, model=document_model, description="Get documents")
     @API.response(HTTPStatus.BAD_REQUEST, "Bad Request")
     @auth.has_one_of_roles([EpicConditionRole.VIEW_CONDITIONS.value])
-    @cors.crossdomain(origin="*")
+    @cross_origin(origins=allowedorigins())
     def get(project_id, category_id):
         """Fetch all documents for a specific document category."""
         try:

condition-api/src/condition_api/resources/management_plan.py

@@ -15,15 +15,16 @@
 
 from http import HTTPStatus
 
-from flask_restx import Namespace, Resource, cors
+from flask_cors import cross_origin
+from flask_restx import Namespace, Resource
 
 from marshmallow import ValidationError
 
 from condition_api.models.management_plan import ManagementPlan
 from condition_api.schemas.management_plan import ManagementPlanSchema
 from condition_api.services.management_plan import ManagementPlanService
 from condition_api.utils.roles import EpicConditionRole
-from condition_api.utils.util import cors_preflight
+from condition_api.utils.util import allowedorigins, cors_preflight
 
 from .apihelper import Api as ApiHelper
 from ..auth import auth
@@ -48,7 +49,7 @@ class ManagementPlanResource(Resource):
         code=HTTPStatus.OK, model=management_plan_model, description="Edit management plan"
     )
     @API.response(HTTPStatus.BAD_REQUEST, "Bad Request")
-    @cors.crossdomain(origin="*")
+    @cross_origin(origins=allowedorigins())
     @auth.has_one_of_roles([EpicConditionRole.VIEW_CONDITIONS.value])
     def patch(plan_id):
         """Edit management plan data."""
@@ -66,7 +67,7 @@ def patch(plan_id):
         code=HTTPStatus.OK, model=management_plan_model, description="Delete management plans"
     )
     @API.response(HTTPStatus.BAD_REQUEST, "Bad Request")
-    @cors.crossdomain(origin="*")
+    @cross_origin(origins=allowedorigins())
     @auth.has_one_of_roles([EpicConditionRole.VIEW_CONDITIONS.value])
     def delete(plan_id):
         """Remove management plan data."""

condition-api/src/condition_api/resources/project.py

@@ -15,14 +15,15 @@
 
 from http import HTTPStatus
 
-from flask_restx import Namespace, Resource, cors
+from flask_cors import cross_origin
+from flask_restx import Namespace, Resource
 
 from marshmallow import ValidationError
 
 from condition_api.schemas.project import ProjectSchema
 from condition_api.services.project_service import ProjectService
 from condition_api.utils.roles import EpicConditionRole
-from condition_api.utils.util import cors_preflight
+from condition_api.utils.util import allowedorigins, cors_preflight
 
 from .apihelper import Api as ApiHelper
 from ..auth import auth
@@ -46,7 +47,7 @@ class ProjectsResource(Resource):
     @API.response(code=HTTPStatus.OK, model=projects_model, description="Get projects")
     @API.response(HTTPStatus.BAD_REQUEST, "Bad Request")
     @auth.has_one_of_roles([EpicConditionRole.VIEW_CONDITIONS.value])
-    @cors.crossdomain(origin="*")
+    @cross_origin(origins=allowedorigins())
     def get():
         """Fetch projects and related documents."""
         try:
@@ -60,3 +61,28 @@ def get():
             return projects_schema.dump(project_data), HTTPStatus.OK
         except ValidationError as err:
             return {"message": str(err)}, HTTPStatus.BAD_REQUEST
+
+
+@cors_preflight("GET, OPTIONS")
+@API.route("/with-approved-conditions", methods=["GET", "OPTIONS"])
+class ApprovedProjectsResource(Resource):
+    """Resource for fetching all projects with approved conditions."""
+
+    @staticmethod
+    @ApiHelper.swagger_decorators(API, endpoint_description="Get all projects with approved conditions")
+    @API.response(code=HTTPStatus.OK, model=projects_model, description="Get projects with approved conditions")
+    @API.response(HTTPStatus.BAD_REQUEST, "Bad Request")
+    @auth.require
+    @cross_origin(origins=allowedorigins())
+    def get():
+        """Fetch projects with approved conditions."""
+        try:
+            project_data = ProjectService.get_projects_with_approved_conditions()
+            if not project_data:
+                return {"message": "No projects found"}, HTTPStatus.NOT_FOUND
+
+            results = [{"epic_guid": pid[0]} for pid in project_data]
+
+            return results, HTTPStatus.OK
+        except ValidationError as err:
+            return {"message": str(err)}, HTTPStatus.BAD_REQUEST