centralcloud/oncall-engine
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
oncall-engine/engine/apps/twilioapp/views.py
Vadim Stepanov b2f4ffb98a
apps.get_model -> import (#2619) 
# What this PR does

Remove
[`apps.get_model`](https://docs.djangoproject.com/en/3.2/ref/applications/#django.apps.apps.get_model)
invocations and use inline `import` statements in places where models
are imported within functions/methods to avoid circular imports.

I believe `import` statements are more appropriate for most use cases as
they allow for better static code analysis & formatting, and solve the
issue of circular imports without being unnecessarily dynamic as
`apps.get_model`. With `import` statements, it's possible to:

- Jump to model definitions in most IDEs
- Automatically sort inline imports with `isort`
- Find import errors faster/easier (most IDEs highlight broken imports)
- Have more consistency across regular & inline imports when importing
models

This PR also adds a flake8 rule to ban imports of `django.apps.apps`, so
it's harder to use `apps.get_model` by mistake (it's possible to ignore
this rule by using `# noqa: I251`). The rule is not enforced on
directories with migration files, because `apps.get_model` is often used
to get a historical state of a model, which is useful when writing
migrations ([see this SO answer for more
details](https://stackoverflow.com/a/37769213)). So `apps.get_model` is
considered OK in migrations (even necessary in some cases).

## Checklist

- [x] Unit, integration, and e2e (if applicable) tests updated
- [x] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
2023-07-25 09:43:23 +00:00

85 lines
3 KiB
Python
Raw Blame History

import logging
from django.http import HttpResponse
from rest_framework import status
from rest_framework.permissions import BasePermission
from rest_framework.response import Response
from rest_framework.views import APIView
from twilio.request_validator import RequestValidator
from apps.base.utils import live_settings
from common.api_helpers.utils import create_engine_url
from .gather import process_gather_data
from .status_callback import update_twilio_call_status, update_twilio_sms_status
logger = logging.getLogger(__name__)
class AllowOnlyTwilio(BasePermission):
# https://www.twilio.com/docs/usage/tutorials/how-to-secure-your-django-project-by-validating-incoming-twilio-requests
# https://www.django-rest-framework.org/api-guide/permissions/
def has_permission(self, request, view):
request_account_sid = request.data.get("AccountSid")
if not request_account_sid:
return False
from apps.twilioapp.models import TwilioAccount
account = TwilioAccount.objects.filter(account_sid=request_account_sid).first()
if account:
return self.validate_request(request, account.account_sid, account.auth_token)
return self.validate_request(request, live_settings.TWILIO_ACCOUNT_SID, live_settings.TWILIO_AUTH_TOKEN)
def validate_request(self, request, expected_account_sid, auth_token):
if auth_token:
validator = RequestValidator(auth_token)
location = create_engine_url(request.get_full_path())
request_valid = validator.validate(
request.build_absolute_uri(location=location),
request.POST,
request.META.get("HTTP_X_TWILIO_SIGNATURE", ""),
)
return request_valid
else:
return expected_account_sid == request.data["AccountSid"]
class HealthCheckView(APIView):
def get(self, request):
return Response("OK")
class GatherView(APIView):
permission_classes = [AllowOnlyTwilio]
def post(self, request):
call_sid = request.POST.get("CallSid")
digit = request.POST.get("Digits")
response = process_gather_data(call_sid, digit)
return HttpResponse(str(response), content_type="application/xml; charset=utf-8")
# Receive SMS Status Update from Twilio
class SMSStatusCallback(APIView):
permission_classes = [AllowOnlyTwilio]
def post(self, request):
message_sid = request.POST.get("MessageSid")
message_status = request.POST.get("MessageStatus")
update_twilio_sms_status(message_sid=message_sid, message_status=message_status)
return Response(data="", status=status.HTTP_204_NO_CONTENT)
# Receive Call Status Update from Twilio
class CallStatusCallback(APIView):
permission_classes = [AllowOnlyTwilio]
def post(self, request):
call_sid = request.POST.get("CallSid")
call_status = request.POST.get("CallStatus")
update_twilio_call_status(call_sid=call_sid, call_status=call_status)
return Response(data="", status=status.HTTP_204_NO_CONTENT)
Reference in a new issue View git blame Copy permalink