Merge pull request #2561 from ohcnetwork/develop

Staging Release - October Week 3 Release (v24.44.0)

Pipfile

@@ -29,7 +29,7 @@ gunicorn = "==23.0.0"
 healthy-django = "==0.1.0"
 jsonschema = "==4.23.0"
 jwcrypto = "==1.5.6"
-newrelic = "==10.0.0"
+newrelic = "==10.1.0"
 pillow = "==10.4.0"
 psycopg = { extras = ["c"], version = "==3.2.2" }
 pycryptodome = "==3.20.0"

care/facility/api/serializers/bed.py

@@ -111,6 +111,10 @@ def validate(self, attrs):
                 not facilities.filter(id=asset.current_location.facility.id).exists()
             ) or (not facilities.filter(id=bed.facility.id).exists()):
                 raise PermissionError
+            if AssetBed.objects.filter(asset=asset, bed=bed).exists():
+                raise ValidationError(
+                    {"non_field_errors": "Asset is already linked to bed"}
+                )
             if asset.asset_class not in [
                 AssetClasses.HL7MONITOR.name,
                 AssetClasses.ONVIF.name,
@@ -123,18 +127,15 @@ def validate(self, attrs):
                     {"asset": "Should be in the same facility as the bed"}
                 )
             if (
-                asset.asset_class
-                in [
-                    AssetClasses.HL7MONITOR.name,
-                    AssetClasses.ONVIF.name,
-                ]
+                asset.asset_class == AssetClasses.HL7MONITOR.name
+                and AssetBed.objects.filter(
+                    bed=bed, asset__asset_class=asset.asset_class
+                ).exists()
             ) and AssetBed.objects.filter(
                 bed=bed, asset__asset_class=asset.asset_class
             ).exists():
                 raise ValidationError(
-                    {
-                        "asset": "Bed is already in use by another asset of the same class"
-                    }
+                    {"asset": "Another HL7 Monitor is already linked to this bed."}
                 )
         else:
             raise ValidationError(

care/facility/tests/test_asset_bed_api.py

@@ -21,9 +21,21 @@ def setUpTestData(cls):
         )
         cls.asset_location = cls.create_asset_location(cls.facility)
         cls.asset = cls.create_asset(cls.asset_location)
+        cls.monitor_asset_1 = cls.create_asset(
+            cls.asset_location, asset_class=AssetClasses.HL7MONITOR.name
+        )
+        cls.monitor_asset_2 = cls.create_asset(
+            cls.asset_location, asset_class=AssetClasses.HL7MONITOR.name
+        )
         cls.camera_asset = cls.create_asset(
             cls.asset_location, asset_class=AssetClasses.ONVIF.name
         )
+        cls.camera_asset_1 = cls.create_asset(
+            cls.asset_location, asset_class=AssetClasses.ONVIF.name, name="Camera 1"
+        )
+        cls.camera_asset_2 = cls.create_asset(
+            cls.asset_location, asset_class=AssetClasses.ONVIF.name, name="Camera 2"
+        )
         cls.bed = cls.create_bed(cls.facility, cls.asset_location)
 
     def test_link_disallowed_asset_class_asset_to_bed(self):
@@ -49,6 +61,30 @@ def test_link_asset_to_bed_and_attempt_duplicate_linking(self):
         self.assertEqual(res.status_code, status.HTTP_200_OK)
         self.assertEqual(res.data["count"], 1)
 
+    def test_linking_multiple_cameras_to_a_bed(self):
+        data = {
+            "asset": self.camera_asset_1.external_id,
+            "bed": self.bed.external_id,
+        }
+        res = self.client.post("/api/v1/assetbed/", data)
+        self.assertEqual(res.status_code, status.HTTP_201_CREATED)
+        # Attempt linking another camera to same bed.
+        data["asset"] = self.camera_asset_2.external_id
+        res = self.client.post("/api/v1/assetbed/", data)
+        self.assertEqual(res.status_code, status.HTTP_201_CREATED)
+
+    def test_linking_multiple_hl7_monitors_to_a_bed(self):
+        data = {
+            "asset": self.monitor_asset_1.external_id,
+            "bed": self.bed.external_id,
+        }
+        res = self.client.post("/api/v1/assetbed/", data)
+        self.assertEqual(res.status_code, status.HTTP_201_CREATED)
+        # Attempt linking another hl7 monitor to same bed.
+        data["asset"] = self.monitor_asset_2.external_id
+        res = self.client.post("/api/v1/assetbed/", data)
+        self.assertEqual(res.status_code, status.HTTP_400_BAD_REQUEST)
+
 
 class AssetBedCameraPresetViewSetTestCase(TestUtils, APITestCase):
     @classmethod

care/users/reset_password_views.py

@@ -208,6 +208,20 @@ def post(self, request, *args, **kwargs):
                 status=status.HTTP_429_TOO_MANY_REQUESTS,
             )
 
+        if settings.IS_PRODUCTION and (
+            not settings.EMAIL_HOST
+            or not settings.EMAIL_HOST_USER
+            or not settings.EMAIL_HOST_PASSWORD
+        ):
+            raise exceptions.ValidationError(
+                {
+                    "detail": [
+                        _(
+                            "There was a problem resetting your password. Please contact the administrator."
+                        )
+                    ]
+                }
+            )
         # before we continue, delete all existing expired tokens
         password_reset_token_validation_time = get_password_reset_token_expiry_time()
 

care/users/tests/test_auth.py

@@ -1,5 +1,6 @@
 from datetime import timedelta
 
+from django.core import mail
 from django.test import override_settings
 from django.utils.timezone import now
 from django_rest_passwordreset.models import ResetPasswordToken
@@ -99,7 +100,7 @@ def test_auth_verify_with_invalid_token(self):
         self.assertEqual(response.data["detail"], "Token is invalid or expired")
 
 
-@override_settings(DISABLE_RATELIMIT=True)
+@override_settings(DISABLE_RATELIMIT=True, IS_PRODUCTION=False)
 class TestPasswordReset(TestUtils, APITestCase):
     @classmethod
     def setUpTestData(cls) -> None:
@@ -118,13 +119,55 @@ def create_reset_password_token(
             token.save()
         return token
 
+    @override_settings(
+        EMAIL_BACKEND="django.core.mail.backends.locmem.EmailBackend",
+    )
     def test_forgot_password_with_valid_input(self):
+        mail.outbox = []
+        response = self.client.post(
+            "/api/v1/password_reset/",
+            {"username": self.user.username},
+        )
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(len(mail.outbox), 1)
+        self.assertEqual("Password Reset for Care", mail.outbox[0].subject)
+        self.assertEqual(mail.outbox[0].to, [self.user.email])
+        self.assertTrue(ResetPasswordToken.objects.filter(user=self.user).exists())
+        self.assertTrue(ResetPasswordToken.objects.filter(user=self.user).exists())
+
+    @override_settings(IS_PRODUCTION=True)
+    def test_forgot_password_without_email_configration(self):
+        response = self.client.post(
+            "/api/v1/password_reset/",
+            {"username": self.user.username},
+        )
+
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+        self.assertEqual(
+            response.json()["detail"][0],
+            "There was a problem resetting your password. Please contact the administrator.",
+        )
+
+    @override_settings(
+        IS_PRODUCTION=True,
+        EMAIL_BACKEND="django.core.mail.backends.locmem.EmailBackend",
+        EMAIL_HOST="dummy.smtp.server",
+        EMAIL_HOST_USER="dummy-email@example.com",
+        EMAIL_HOST_PASSWORD="dummy-password",
+    )
+    def test_forgot_password_with_email_configuration(self):
+        mail.outbox = []
+
         response = self.client.post(
             "/api/v1/password_reset/",
             {"username": self.user.username},
         )
 
         self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(len(mail.outbox), 1)
+        self.assertEqual("Password Reset for Care", mail.outbox[0].subject)
+        self.assertEqual(mail.outbox[0].to, [self.user.email])
         self.assertTrue(ResetPasswordToken.objects.filter(user=self.user).exists())
 
     def test_forgot_password_with_missing_fields(self):