Merge pull request #4656 from communitybridge/unicron-4639-add-is_sanctioned-to-v4-company-external

Support isSanctioned flag in all APIs + util scripts

Author: lukaszgryglicki

cla-backend-go/auth/authorizer.go

@@ -60,6 +60,7 @@ func (a Authorizer) SecurityAuth(token string, scopes []string) (*user.CLAUser,
 	// the list of scopes mentioned by the spec for this route.
 
 	// Verify the token is valid
+	// LG:to skip verification
 	log.WithFields(f).Debug("verifying token...")
 	claims, err := a.authValidator.VerifyToken(token)
 	if err != nil {
@@ -73,6 +74,7 @@ func (a Authorizer) SecurityAuth(token string, scopes []string) (*user.CLAUser,
 
 	// Get the username from the token claims
 	// LG: for V3 endpoints comment this out and set: username, name and email manually for local testing.
+	// username, name, email := "user", "Name Surname", "[email protected]"
 	usernameClaim, ok := claims[a.authValidator.usernameClaim]
 	if !ok {
 		log.WithFields(f).Warnf("username not found in claims with key: %s", a.authValidator.usernameClaim)
@@ -111,6 +113,7 @@ func (a Authorizer) SecurityAuth(token string, scopes []string) (*user.CLAUser,
 		return nil, errors.New("invalid email")
 	}
 	f["email"] = email
+	// LG:end
 
 	// Get User by LFID
 	log.WithFields(f).Debugf("loading user and profiles by LFID: %s", username)

utils/get_companies_go.sh

@@ -0,0 +1,42 @@
+#!/bin/bash
+# API_URL=https://[xyz].ngrok-free.app (defaults to localhost:5000)
+# API_URL=https://api.lfcla.dev.platform.linuxfoundation.org
+# Note: To run manually see cla-backend-go/auth/authorizer.go:SecurityAuth() and update accordingly 'LG:'
+
+if [ -z "$TOKEN" ]
+then
+  # source ./auth0_token.secret
+  TOKEN="$(cat ./auth0.token.secret)"
+fi
+
+if [ -z "$TOKEN" ]
+then
+  echo "$0: TOKEN not specified and unable to obtain one"
+  exit 1
+fi
+
+if [ -z "$XACL" ]
+then
+  XACL="$(cat ./x-acl.secret)"
+fi
+
+if [ -z "$XACL" ]
+then
+  echo "$0: XACL not specified and unable to obtain one"
+  exit 2
+fi
+
+if [ -z "$API_URL" ]
+then
+  export API_URL="http://localhost:5000"
+fi
+
+API="${API_URL}/v3/company"
+
+if [ ! -z "$DEBUG" ]
+then
+  echo "curl -s -XGET -H \"Content-Type: application/json\" \"${API}\" -H \"X-ACL: ${XACL}\" -H \"Authorization: Bearer ${TOKEN}\""
+  curl -s -XGET -H "Content-Type: application/json" -H "X-ACL: ${XACL}" -H "Authorization: Bearer ${TOKEN}" "${API}"
+else
+  curl -s -XGET -H "Content-Type: application/json" -H "X-ACL: ${XACL}" -H "Authorization: Bearer ${TOKEN}" "${API}" | jq -r '.'
+fi

utils/get_company_by_external_id_go.sh

@@ -0,0 +1,54 @@
+#!/bin/bash
+# API_URL=https://[xyz].ngrok-free.app (defaults to localhost:5000)
+# API_URL=https://api.lfcla.dev.platform.linuxfoundation.org
+# V=v3|v4
+# Note: To run manually see cla-backend-go/auth/authorizer.go:SecurityAuth() and update accordingly 'LG:'
+if [ -z "$1" ]
+then
+  echo "$0: you need to specify company_sfid as a 1st parameter, example '0014100000Te0yqAAB', '0016s000006UKKqAAO'"
+  exit 1
+fi
+export company_sfid="$1"
+
+if [ -z "$TOKEN" ]
+then
+  # source ./auth0_token.secret
+  TOKEN="$(cat ./auth0.token.secret)"
+fi
+
+if [ -z "$TOKEN" ]
+then
+  echo "$0: TOKEN not specified and unable to obtain one"
+  exit 1
+fi
+
+if [ -z "$XACL" ]
+then
+  XACL="$(cat ./x-acl.secret)"
+fi
+
+if [ -z "$XACL" ]
+then
+  echo "$0: XACL not specified and unable to obtain one"
+  exit 2
+fi
+
+if [ -z "$API_URL" ]
+then
+  export API_URL="http://localhost:5000"
+fi
+
+if [ -z "${V}" ]
+then
+  export V=v4
+fi
+
+API="${API_URL}/${V}/company/external/${company_sfid}"
+
+if [ ! -z "$DEBUG" ]
+then
+  echo "curl -s -XGET -H \"Content-Type: application/json\" \"${API}\" -H \"X-ACL: ${XACL}\" -H \"Authorization: Bearer ${TOKEN}\""
+  curl -s -XGET -H "Content-Type: application/json" -H "X-ACL: ${XACL}" -H "Authorization: Bearer ${TOKEN}" "${API}"
+else
+  curl -s -XGET -H "Content-Type: application/json" -H "X-ACL: ${XACL}" -H "Authorization: Bearer ${TOKEN}" "${API}" | jq -r '.'
+fi

utils/get_company_go.sh

@@ -2,9 +2,10 @@
 # API_URL=https://[xyz].ngrok-free.app (defaults to localhost:5000)
 # API_URL=https://api.lfcla.dev.platform.linuxfoundation.org
 # Note: To run manually see cla-backend-go/auth/authorizer.go:SecurityAuth() and update accordingly 'LG:'
+# V=v3|v4
 if [ -z "$1" ]
 then
-  echo "$0: you need to specify company_id as a 1st parameter, example '0ca30016-6457-466c-bc41-a09560c1f9bf'"
+  echo "$0: you need to specify company_id as a 1st parameter, example '0ca30016-6457-466c-bc41-a09560c1f9bf', '10bde6b1-3061-4972-9c6a-17dd9a175a5c'"
   exit 1
 fi
 export company_id="$1"

utils/get_company_py.sh

@@ -3,7 +3,7 @@
 # API_URL=https://api.lfcla.dev.platform.linuxfoundation.org
 if [ -z "$1" ]
 then
-  echo "$0: you need to specify company_id as a 1st parameter, example '0ca30016-6457-466c-bc41-a09560c1f9bf'"
+  echo "$0: you need to specify company_id as a 1st parameter, example '0ca30016-6457-466c-bc41-a09560c1f9bf', '10bde6b1-3061-4972-9c6a-17dd9a175a5c'"
   exit 1
 fi
 export company_id="$1"

utils/request_corporate_signature_go_post.sh

@@ -8,6 +8,7 @@
 # XACL='...' - X-ACL
 # DEBUG=1 XACL="$(cat ./x-acl.secret)" TOKEN="$(cat ./auth0.token.secret)" ./utils/request_corporate_signature_go_post.sh 0016s000006Uq9VAAS a092h000004wx1DAAQ github 'http://localhost'
 # DEBUG=1 XACL="$(cat ./x-acl.secret)" TOKEN="$(cat ./auth0.token.secret)" ./utils/request_corporate_signature_go_post.sh 0014100000Te0yqAAB lfbrdgbVFK7QngqnzD github 'http://localhost'
+# DEBUG=1 XACL="$(cat ./x-acl.secret)" TOKEN="$(cat ./auth0.token.secret)" ./utils/request_corporate_signature_go_post.sh 0016s000006UKKqAAO lfbrdgbVFK7QngqnzD github 'http://localhost'
 # select distinct data:user_external_id from fivetran_ingest.dynamodb_product_us_east_1.cla_prod_users
 # select distinct data:company_external_id from fivetran_ingest.dynamodb_product_us_east_1.cla_prod_companies
 # select user_id, data:user_external_id from fivetran_ingest.dynamodb_product_us_east1_dev.cla_dev_users where data:lf_username = 'uname'

utils/request_corporate_signature_py_post.sh

@@ -6,6 +6,7 @@
 # return_url='http://localhost'
 # DEBUG=1 ./utils/request_corporate_signature_py_post.sh 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost'
 # ./utils/request_corporate_signature_py_post.sh 0ca30016-6457-466c-bc41-a09560c1f9bf 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost'
+# ./utils/request_corporate_signature_py_post.sh 10bde6b1-3061-4972-9c6a-17dd9a175a5c 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost'
 # Note: this is only for internal usage, it requires 'check_auth' function update in cla-backend/cla/routes.py (see LG:) and can only be tested locally (LG:)
 
 if [ -z "$1" ]

utils/search_company_go.sh

@@ -0,0 +1,49 @@
+#!/bin/bash
+# API_URL=https://[xyz].ngrok-free.app (defaults to localhost:5000)
+# API_URL=https://api.lfcla.dev.platform.linuxfoundation.org
+# Note: To run manually see cla-backend-go/auth/authorizer.go:SecurityAuth() and update accordingly 'LG:'
+if [ -z "$1" ]
+then
+  echo "$0: you need to specify search term as a 1st parameter, example 'Linux Foundation'"
+  exit 1
+fi
+export search="$1"
+export encoded_search=$(jq -rn --arg x "$search" '$x|@uri')
+
+if [ -z "$TOKEN" ]
+then
+  # source ./auth0_token.secret
+  TOKEN="$(cat ./auth0.token.secret)"
+fi
+
+if [ -z "$TOKEN" ]
+then
+  echo "$0: TOKEN not specified and unable to obtain one"
+  exit 1
+fi
+
+if [ -z "$XACL" ]
+then
+  XACL="$(cat ./x-acl.secret)"
+fi
+
+if [ -z "$XACL" ]
+then
+  echo "$0: XACL not specified and unable to obtain one"
+  exit 2
+fi
+
+if [ -z "$API_URL" ]
+then
+  export API_URL="http://localhost:5000"
+fi
+
+API="${API_URL}/v3/company/search?companyName=${encoded_search}"
+
+if [ ! -z "$DEBUG" ]
+then
+  echo "curl -s -XGET -H \"Content-Type: application/json\" \"${API}\" -H \"X-ACL: ${XACL}\" -H \"Authorization: Bearer ${TOKEN}\""
+  curl -s -XGET -H "Content-Type: application/json" -H "X-ACL: ${XACL}" -H "Authorization: Bearer ${TOKEN}" "${API}"
+else
+  curl -s -XGET -H "Content-Type: application/json" -H "X-ACL: ${XACL}" -H "Authorization: Bearer ${TOKEN}" "${API}" | jq -r '.'
+fi

utils/test_sanctioned_flag.sh

@@ -1,4 +1,8 @@
 #!/bin/bash
+# 10bde6b1-3061-4972-9c6a-17dd9a175a5c - dev LF
+# 0ca30016-6457-466c-bc41-a09560c1f9bf - dev CNCF
+# 0016s000006UKKqAAO - dev LF SFID
+# 0014100000Te0yqAAB - dev CNCF SFID
 ./utils/update_company_is_sanctioned.sh 0ca30016-6457-466c-bc41-a09560c1f9bf true
 # Python APIs
 ./utils/get_company_py.sh 0ca30016-6457-466c-bc41-a09560c1f9bf

utils/update_company_is_sanctioned.sh

@@ -8,7 +8,7 @@ then
 fi
 if [ -z "$1" ]
 then
-  echo "$0: you need to specify company_id, for example: '0ca30016-6457-466c-bc41-a09560c1f9bf'"
+  echo "$0: you need to specify company_id, for example: '0ca30016-6457-466c-bc41-a09560c1f9bf', '10bde6b1-3061-4972-9c6a-17dd9a175a5c'"
   exit 1
 fi
 if [ -z "$2" ]