parse reviewer/developer emails and save notes (bug 879412)

Author: dash1291

apps/addons/models.py

@@ -1394,6 +1394,9 @@ def get_localepicker(self):
                 pass
         return ''
 
+    def get_mozilla_contacts(self):
+        return [x.strip() for x in self.mozilla_contact.split(',')]
+
     @amo.cached_property
     def upsell(self):
         """Return the upsell or add-on, or None if there isn't one."""

apps/comm/tasks.py

@@ -0,0 +1,15 @@
+import logging
+from celeryutils import task
+
+from comm.utils import save_from_email_reply
+
+
+log = logging.getLogger('z.task')
+
+
+@task
+def consume_email(email_text):
+    """Parse emails and save notes."""
+    res = save_from_email_reply(email_text)
+    if not res:
+        log.error('Failed to save email.')

apps/comm/tests/email.txt

@@ -0,0 +1,5 @@
+To: reply+%[email protected]
+
+This is the body
+
+> this is the reply text

apps/comm/tests/test_utils_.py

@@ -0,0 +1,63 @@
+import os.path
+
+from django.conf import settings
+
+from nose.tools import eq_
+
+import amo
+from amo.tests import app_factory, TestCase
+from comm.utils import CommEmailParser, save_from_email_reply
+from comm.models import CommunicationThread, CommunicationThreadToken
+from mkt.site.fixtures import fixture
+from users.models import UserProfile
+
+
+sample_email = os.path.join(settings.ROOT, 'apps', 'comm', 'tests',
+                            'email.txt')
+
+
+class TestEmailReplySaving(TestCase):
+    fixtures = fixture('user_999')
+
+    def setUp(self):
+        app = app_factory(name='Antelope', status=amo.STATUS_PENDING)
+        self.profile = UserProfile.objects.get(pk=999)
+        t = CommunicationThread.objects.create(addon=app,
+            version=app.current_version, read_permission_reviewer=True)
+
+        self.token = CommunicationThreadToken.objects.create(thread=t,
+            user=self.profile)
+        self.email_template = open(sample_email).read()
+
+    def test_successful_save(self):
+        self.grant_permission(self.profile, 'Apps:Review')
+        email_text = self.email_template % self.token.uuid
+        note = save_from_email_reply(email_text)
+        assert note
+        eq_(note.body, 'This is the body')
+
+    def test_invalid_token_deletion(self):
+        """Test when the token's user does not have a permission on thread."""
+        email_text = self.email_template % self.token.uuid
+        assert not save_from_email_reply(email_text)
+
+    def test_non_existent_token(self):
+        email_text = self.email_template % (self.token.uuid + 'junk')
+        assert not save_from_email_reply(email_text)
+
+    def test_with_junk_body(self):
+        email_text = 'this is junk'
+        assert not save_from_email_reply(email_text)
+
+
+class TestEmailParser(TestCase):
+
+    def setUp(self):
+        email_text = open(sample_email).read() % 'someuuid'
+        self.parser = CommEmailParser(email_text)
+
+    def test_uuid(self):
+        eq_(self.parser.get_uuid(), 'someuuid')
+
+    def test_body(self):
+        eq_(self.parser.get_body(), 'This is the body')

apps/comm/utils.py

@@ -0,0 +1,124 @@
+from email import message_from_string
+from email.utils import parseaddr
+
+import commonware.log
+from email_reply_parser import EmailReplyParser
+
+from access import acl
+from comm.models import (CommunicationNote, CommunicationThreadCC,
+                         CommunicationThreadToken)
+from mkt.constants import comm
+
+
+log = commonware.log.getLogger('comm')
+
+
+class ThreadObjectPermission(object):
+    """
+    Class for determining user permissions on a thread.
+    """
+
+    def check_acls(self, acl_type):
+        """Check ACLs."""
+        user = self.user_profile
+        obj = self.thread_obj
+        if acl_type == 'moz_contact':
+            return user.email in obj.addon.get_mozilla_contacts()
+        elif acl_type == 'admin':
+            return acl.action_allowed_user(user, 'Admin', '%')
+        elif acl_type == 'reviewer':
+            return acl.action_allowed_user(user, 'Apps', 'Review')
+        elif acl_type == 'senior_reviewer':
+            return acl.action_allowed_user(user, 'Apps', 'ReviewEscalated')
+        else:
+            raise 'Invalid ACL lookup.'
+
+        return False
+
+    def user_has_permission(self, thread, profile):
+        """
+        Check if the user has read/write permissions on the given thread.
+
+        Developers of the add-on used in the thread, users in the CC list,
+        and users who post to the thread are allowed to access the object.
+
+        Moreover, other object permissions are also checked agaisnt the ACLs
+        of the user.
+        """
+        self.thread_obj = thread
+        self.user_profile = profile
+        user_post = CommunicationNote.objects.filter(author=profile,
+            thread=thread)
+        user_cc = CommunicationThreadCC.objects.filter(user=profile,
+            thread=thread)
+
+        if user_post.exists() or user_cc.exists():
+            return True
+
+        # User is a developer of the add-on and has the permission to read.
+        user_is_author = profile.addons.filter(pk=thread.addon_id)
+        if thread.read_permission_developer and user_is_author.exists():
+            return True
+
+        if thread.read_permission_reviewer and self.check_acls('reviewer'):
+            return True
+
+        if (thread.read_permission_senior_reviewer and
+            self.check_acls('senior_reviewer')):
+            return True
+
+        if (thread.read_permission_mozilla_contact and
+            self.check_acls('moz_contact')):
+            return True
+
+        if thread.read_permission_staff and self.check_acls('admin'):
+            return True
+
+        return False
+
+
+class CommEmailParser(object):
+    """Utility to parse email replies."""
+
+    address_prefix = 'reply+'
+
+    def __init__(self, email_text):
+        self.email = message_from_string(email_text)
+        self.reply_text = EmailReplyParser.read(self.email.get_payload()).reply
+
+    def _get_address_line(self):
+        return parseaddr(self.email['to'])
+
+    def get_uuid(self):
+        name, addr = self._get_address_line()
+        if addr.startswith(self.address_prefix):
+            # Strip everything between "reply+" and the "@" sign.
+            uuid = addr.lstrip(self.address_prefix).split('@')[0]
+        else:
+            return False
+
+        return uuid
+
+    def get_body(self):
+        return self.reply_text
+
+
+def save_from_email_reply(reply_text):
+    parser = CommEmailParser(reply_text)
+    uuid = parser.get_uuid()
+
+    if not uuid:
+        return False
+    try:
+        tok = CommunicationThreadToken.objects.get(uuid=uuid)
+    except CommunicationThreadToken.DoesNotExist:
+        log.error('An email was skipped with non-existing uuid %s' % uuid)
+        return False
+
+    if ThreadObjectPermission().user_has_permission(tok.thread, tok.user):
+        n = CommunicationNote.objects.create(note_type=comm.NO_ACTION,
+            thread=tok.thread, author=tok.user, body=parser.get_body())
+        log.info('A new note has been created (from %s using tokenid %s)' %
+                 (tok.user.id, uuid))
+        return n
+    return False

mkt/comm/api.py

@@ -1,5 +1,3 @@
-from functools import partial
-
 from django.db.models import Q
 from django.http import Http404
 from django.shortcuts import get_object_or_404
@@ -10,14 +8,13 @@
 from rest_framework.mixins import (CreateModelMixin, DestroyModelMixin,
                                    ListModelMixin, RetrieveModelMixin)
 from rest_framework.permissions import BasePermission
-from rest_framework.relations import HyperlinkedRelatedField, RelatedField
+from rest_framework.relations import RelatedField
 from rest_framework.serializers import ModelSerializer, SerializerMethodField
 
-from access import acl
 from addons.models import Addon
 from users.models import UserProfile
-from comm.models import (CommunicationNote, CommunicationThread,
-                         CommunicationThreadCC, CommunicationThreadToken)
+from comm.models import CommunicationNote, CommunicationThread
+from comm.utils import ThreadObjectPermission
 from mkt.api.authentication import (RestOAuthAuthentication,
                                     RestSharedSecretAuthentication)
 from mkt.api.base import CORSViewSet
@@ -70,24 +67,12 @@ def get_notes_count(self, obj):
         return obj.notes.count()
 
 
-class ThreadPermission(BasePermission):
+class ThreadPermission(BasePermission, ThreadObjectPermission):
     """
     Permission wrapper for checking if the authenticated user has the
     permission to view the thread.
     """
 
-    def check_acls(self, request, obj, acl_type):
-        if acl_type == 'moz_contact':
-            return request.user.email == obj.addon.mozilla_contact
-        elif acl_type == 'admin':
-            return acl.action_allowed(request, 'Admin', '%')
-        elif acl_type == 'reviewer':
-            return acl.action_allowed(request, 'Apps', 'Review')
-        elif acl_type == 'senior_reviewer':
-            return acl.action_allowed(request, 'Apps', 'ReviewEscalated')
-        else:
-            raise 'Invalid ACL lookup.'
-
     def has_permission(self, request, view):
         # Let `has_object_permission` handle the permissions when we retrieve
         # an object.
@@ -101,47 +86,12 @@ def has_permission(self, request, view):
     def has_object_permission(self, request, view, obj):
         """
         Make sure we give correct permissions to read/write the thread.
-
-        Developers of the add-on used in the thread, users in the CC list,
-        and users who post to the thread are allowed to access the object.
-
-        Moreover, other object permissions are also checked agaisnt the ACLs
-        of the user.
         """
         if not request.user.is_authenticated() or obj.read_permission_public:
             return obj.read_permission_public
 
         profile = request.amo_user
-        user_post = CommunicationNote.objects.filter(author=profile,
-            thread=obj)
-        user_cc = CommunicationThreadCC.objects.filter(user=profile,
-            thread=obj)
-
-        if user_post.exists() or user_cc.exists():
-            return True
-
-        check_acls = partial(self.check_acls, request, obj)
-
-        # User is a developer of the add-on and has the permission to read.
-        user_is_author = profile.addons.filter(pk=obj.addon_id)
-        if obj.read_permission_developer and user_is_author.exists():
-            return True
-
-        if obj.read_permission_reviewer and check_acls('reviewer'):
-            return True
-
-        if (obj.read_permission_senior_reviewer and check_acls(
-            'senior_reviewer')):
-            return True
-
-        if (obj.read_permission_mozilla_contact and check_acls(
-            'moz_contact')):
-            return True
-
-        if obj.read_permission_staff and check_acls('admin'):
-            return True
-
-        return False
+        return self.user_has_permission(obj, profile)
 
 
 class NotePermission(ThreadPermission):

mkt/comm/tests/test_api.py

@@ -7,10 +7,9 @@
 
 from amo.tests import addon_factory
 from comm.models import (CommunicationNote, CommunicationThread,
-                         CommunicationThreadCC, CommunicationThreadToken)
+                         CommunicationThreadCC)
 from mkt.api.tests.test_oauth import RestOAuth
 from mkt.comm.api import ThreadPermission
-from mkt.constants import comm as const
 from mkt.site.fixtures import fixture
 from mkt.webapps.models import Webapp
 
@@ -75,7 +74,7 @@ def test_read_public(self):
     def test_read_moz_contact(self):
         thread = CommunicationThread.objects.create(addon=self.addon,
             read_permission_mozilla_contact=True)
-        thread.addon.mozilla_contact = self.user.email
+        thread.addon.mozilla_contact = self.profile.email
         thread.addon.save()
         self.thread = thread
         assert self.check_permissions()
@@ -139,7 +138,6 @@ def test_addon_filter(self):
         eq_(res.status_code, 404)
 
     def test_creation(self):
-        thread = CommunicationThread.objects.create(addon=self.addon)
         version = self.addon.current_version
         res = self.client.post(self.list_url, data=json.dumps(
             {'addon': self.addon.id, 'version': version.id}))

requirements/prod.txt

@@ -40,6 +40,7 @@ django-tastypie==0.9.11
 django-waffle==0.9.1
 easy-thumbnails==1.1
 elasticutils==0.7
+email-reply-parser==0.1.9
 fastchardet==0.2.0
 feedparser==5.0.1
 fudge==1.0.3