Prefill schedule timezone (#769)

* Fix a weird issue with other libraries pulling in secrets.py * Add data migration to fill and fix any null schedule.timezone values.
thunderbird · Nov 25, 2024 · 6369d86 · 6369d86
1 parent f57569d
commit 6369d86
Show file tree

Hide file tree

Showing 5 changed files with 121 additions and 84 deletions.
diff --git a/backend/src/appointment/main.py b/backend/src/appointment/main.py
@@ -17,8 +17,6 @@
 from .middleware.l10n import L10n
 from .middleware.SanitizeMiddleware import SanitizeMiddleware
 
-from .secrets import normalize_secrets
-
 from google.auth.exceptions import RefreshError, DefaultCredentialsError
 from .exceptions.google_api import APIGoogleRefreshError
 import os
@@ -40,6 +38,8 @@
 
 import sentry_sdk
 
+from .utils import normalize_secrets
+
 
 def _common_setup():
     # load any available .env into env

diff --git a/backend/src/appointment/migrations/env.py b/backend/src/appointment/migrations/env.py
@@ -9,7 +9,7 @@
 from appointment.defines import APP_ENV_DEV
 
 # This is ran from src/ so ignore the errors
-from appointment.secrets import normalize_secrets
+from appointment.utils import normalize_secrets
 
 import sentry_sdk
 

diff --git a/.../appointment/migrations/versions/2024_11_25_1715-e1519cfdc484_fix_timezone_in_schedule.py b/.../appointment/migrations/versions/2024_11_25_1715-e1519cfdc484_fix_timezone_in_schedule.py
@@ -0,0 +1,40 @@
+"""fix timezone in schedule
+
+Revision ID: e1519cfdc484
+Revises: 71cf5d3ee14b
+Create Date: 2024-11-25 17:15:13.027568
+
+"""
+
+from alembic import op
+from sqlalchemy.orm import Session
+
+from appointment.database import models
+
+# revision identifiers, used by Alembic.
+revision = 'e1519cfdc484'
+down_revision = '71cf5d3ee14b'
+branch_labels = None
+depends_on = None
+
+
+def upgrade() -> None:
+    session = Session(op.get_bind())
+    schedules: list[models.Schedule] = session.query(models.Schedule).where(models.Schedule.timezone.is_(None)).all()
+    for schedule in schedules:
+        if schedule.owner.timezone:
+            schedule.timezone = schedule.owner.timezone
+        else:
+            # Handle any cases where user timezone may be null
+            owner = schedule.owner
+            owner.timezone = 'UTC'
+            session.add(owner)
+            schedule.timezone = owner.timezone
+
+        # Add the schedule to the database session and commit (update) it
+        session.add(schedule)
+        session.commit()
+
+
+def downgrade() -> None:
+    pass
diff --git a/backend/src/appointment/secrets.py b/backend/src/appointment/secrets.py
diff --git a/backend/src/appointment/utils.py b/backend/src/appointment/utils.py
@@ -1,4 +1,5 @@
 import json
+import os
 import re
 import urllib.parse
 from urllib import parse
@@ -77,3 +78,80 @@ def retrieve_user_url_data(url):
 
     # Return the username and signature decoded, but ensure the clean_url is encoded.
     return urllib.parse.unquote_plus(username), urllib.parse.unquote_plus(signature), clean_url
+
+def normalize_secrets():
+    """Normalizes AWS secrets for Appointment"""
+    database_secrets = os.getenv('DATABASE_SECRETS')
+
+    if database_secrets:
+        secrets = json.loads(database_secrets)
+
+        host = secrets['host']
+        port = secrets['port']
+
+        # If port is not already in the host var, then append it to hostname
+        hostname = host
+        if f':{port}' not in host:
+            hostname = f'{hostname}:{port}'
+
+        os.environ['DATABASE_URL'] = (
+            f"mysql+mysqldb://{secrets['username']}:{secrets['password']}@{hostname}/appointment"
+        )
+
+    database_enc_secret = os.getenv('DB_ENC_SECRET')
+
+    if database_enc_secret:
+        secrets = json.loads(database_enc_secret)
+
+        os.environ['DB_SECRET'] = secrets.get('secret')
+        # Technically not db related...might rename this item later.
+        os.environ['SIGNED_SECRET'] = secrets.get('signed_secret')
+        os.environ['SESSION_SECRET'] = secrets.get('session_secret')
+        os.environ['JWT_SECRET'] = secrets.get('jwt_secret')
+
+    smtp_secrets = os.getenv('SMTP_SECRETS')
+
+    if smtp_secrets:
+        secrets = json.loads(smtp_secrets)
+
+        os.environ['SMTP_SECURITY'] = 'STARTTLS'
+        os.environ['SMTP_URL'] = secrets.get('url')
+        os.environ['SMTP_PORT'] = secrets.get('port')
+        os.environ['SMTP_USER'] = secrets.get('username')
+        os.environ['SMTP_PASS'] = secrets.get('password')
+        os.environ['SUPPORT_EMAIL'] = secrets.get('support')
+
+    google_oauth_secrets = os.getenv('GOOGLE_OAUTH_SECRETS')
+
+    if google_oauth_secrets:
+        secrets = json.loads(google_oauth_secrets)
+
+        os.environ['GOOGLE_AUTH_CLIENT_ID'] = secrets.get('client_id')
+        os.environ['GOOGLE_AUTH_SECRET'] = secrets.get('secret')
+        os.environ['GOOGLE_AUTH_PROJECT_ID'] = secrets.get('project_id')
+        os.environ['GOOGLE_AUTH_CALLBACK'] = secrets.get('callback_url')
+
+    zoom_secrets = os.getenv('ZOOM_SECRETS')
+
+    if zoom_secrets:
+        secrets = json.loads(zoom_secrets)
+
+        os.environ['ZOOM_AUTH_CLIENT_ID'] = secrets.get('client_id')
+        os.environ['ZOOM_AUTH_SECRET'] = secrets.get('secret')
+        os.environ['ZOOM_API_SECRET'] = secrets.get('api_secret')
+        os.environ['ZOOM_API_NEW_APP'] = secrets.get('api_new_app', 'False')
+
+    fxa_secrets = os.getenv('FXA_SECRETS')
+
+    if fxa_secrets:
+        secrets = json.loads(fxa_secrets)
+
+        os.environ['FXA_OPEN_ID_CONFIG'] = secrets.get('open_id_config')
+        os.environ['FXA_CLIENT_ID'] = secrets.get('client_id')
+        os.environ['FXA_SECRET'] = secrets.get('secret')
+        os.environ['FXA_CALLBACK'] = secrets.get('callback_url')
+        os.environ['FXA_ALLOW_LIST'] = secrets.get('allow_list')
+        os.environ['APP_ADMIN_ALLOW_LIST'] = secrets.get('admin_list')
+        # Need to stuff these somewhere
+        os.environ['POSTHOG_PROJECT_KEY'] = secrets.get('posthog_project_key')
+        os.environ['POSTHOG_HOST'] = secrets.get('posthog_host')