[FIX] - don't produce random credential id in method (#3307)

* data typing issues and clean up * better logging * better logging of errors * list of tuples * add celery decorator * rename var to match envvar * credential per mine_party_appt produces duplicates. * wrong class * don't invoke if being used by celery * query must excluded deleted permit_amendments * add check if cred not created * improve logging of problem states * make date a date, formatting * revered received date, update issue_Date validator * all datetimes, never dates * typo * names are important * only use datetime objects, no date objects * better typing ensure factory is producing a datetime and not a date * ensure second is non-zero for datetime * oops * brackets matter * what is happening? * scoping * factories making dates, should be datetimes. i have no idea anymore * idk why that today generator suck * pass callable * what * use jank * use work * huh? * typing dates as dates. some db columns are dates, others aren' * dates * handling incoming datetime for date column * probably failing on date comparison * type hinting is good * clean up logging * columns are dates * received date is parsed to datetime * expand on type hinting * pass function, not value * do not produce id until after hashing * didn't save and commit this file. oops * type checking would have caught this. * enable basic type checking in vscode. slow on startup with MDS being large. it might be indexing package files from other language
bcgov · Nov 15, 2024 · e48bf3c · e48bf3c
1 parent 7670a16
commit e48bf3c
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 16 deletions.
diff --git a/.vscode/settings.json b/.vscode/settings.json
@@ -22,6 +22,7 @@
   "python.testing.pytestArgs": ["tests"],
   "python.testing.unittestEnabled": false,
   "python.testing.pytestEnabled": true,
+  "python.analysis.typeCheckingMode": "basic",
   "yapf.args": [
     "--style={column_limit:100, spaces_before_comment:'15,30,50', SPLIT_BEFORE_EXPRESSION_AFTER_OPENING_PAREN:TRUE}"
   ]

diff --git a/services/core-api/app/api/verifiable_credentials/manager.py b/services/core-api/app/api/verifiable_credentials/manager.py
@@ -40,6 +40,8 @@ class UNTPCCMinesActPermit(cc.ConformityAttestation):
     permitNumber: str
 
 
+W3C_CRED_ID_PREFIX = f"{Config.ORGBOOK_PUBLISHER_BASE_URL}/credentials/"
+
 permit_amendments_for_orgbook_query = """
     select pa.permit_amendment_guid, poe.party_guid
 
@@ -74,7 +76,7 @@ class W3CCred(BaseModel):
             Config.UNTP_DIGITAL_CONFORMITY_CREDENTIAL_CONTEXT,
             Config.UNTP_BC_MINES_ACT_PERMIT_CONTEXT,
         ])
-    id: str
+    id: str | None
     type: List[str]
     issuer: Union[str, dict[str, str]]
     # TODO: update to `validFrom` for vcdm 2.0 once available in aca-py/traction, which is an optional property
@@ -182,12 +184,12 @@ def process_all_untp_map_for_orgbook():
             task_logger.warning(f"Permit Amendment not found for permit_amendment_guid={row[0]}")
             continue
 
-        pa_cred, new_id = VerifiableCredentialManager.produce_untp_cc_map_payload(public_did, pa)
+        pa_cred = VerifiableCredentialManager.produce_untp_cc_map_payload_without_id(public_did, pa)
         if not pa_cred:
             task_logger.warning(f"pa_cred could not be created")
             continue
 
-        payload_hash = md5(pa_cred.json(by_alias=True).encode('utf-8')).hexdigest()
+        payload_hash = md5(pa_cred.model_dump_json(by_alias=True).encode('utf-8')).hexdigest()
         existing_paob = PermitAmendmentOrgBookPublish.find_by_unsigned_payload_hash(
             payload_hash, unsafe=True)
 
@@ -196,13 +198,16 @@ def process_all_untp_map_for_orgbook():
             #this assumes acapy is not changing the result if the payload is unchanged
             continue
 
+        new_credential_id = f"{Config.ORGBOOK_PUBLISHER_BASE_URL}/credentials/{new_credential_id}"
+        pa_cred.id = new_credential_id
+
         paob = PermitAmendmentOrgBookPublish(
             permit_amendment_guid=row[0],
             party_guid=row[1],
             unsigned_payload_hash=payload_hash,
             permit_number=pa_cred.credentialSubject.permitNumber,
             orgbook_entity_id=pa_cred.credentialSubject.issuedToParty.registeredId,
-            orgbook_credential_id=new_id,
+            orgbook_credential_id=new_credential_id,
         )
         records.append((pa_cred, paob))
 
@@ -272,7 +277,7 @@ def push_untp_map_data_to_publisher():
 
     for row in permit_amendment_query_results:
         pa = PermitAmendment.find_by_permit_amendment_guid(row[0], unsafe=True)
-        pa_cred, new_id = VerifiableCredentialManager.produce_untp_cc_map_payload(
+        pa_cred = VerifiableCredentialManager.produce_untp_cc_map_payload_without_id(
             Config.CHIEF_PERMITTING_OFFICER_DID_WEB, pa)
         if not pa_cred:
             task_logger.warning(f"pa_cred could not be created for permit_amendment_guid={row[0]}")
@@ -300,8 +305,10 @@ def push_untp_map_data_to_publisher():
                 ],
             }
         }
+
         current_app.logger.warning(f"publishing record={publish_payload}")
         payload_hash = md5(json.dumps(publish_payload).encode('utf-8')).hexdigest()
+        current_app.logger.warning(f"payload hash={payload_hash}")
 
         publish_record = PermitAmendmentOrgBookPublish(
             unsigned_payload_hash=payload_hash,
@@ -311,7 +318,7 @@ def push_untp_map_data_to_publisher():
             publish_state=None,
             permit_number=pa_cred.credentialSubject.permitNumber,
             orgbook_entity_id=pa_cred.credentialSubject.issuedToParty.registeredId,
-            orgbook_credential_id=new_id,
+            orgbook_credential_id=None,
             error_msg=None)
 
         try:
@@ -324,14 +331,16 @@ def push_untp_map_data_to_publisher():
 
             publish_record.publish_state = post_resp.ok
             publish_record.error_msg = post_resp.text if not post_resp.ok else None
+            publish_record.orgbook_credential_id = post_resp.json()["credentialId"]
+
             publish_record.save()
 
         except IntegrityError:
-            task_logger.info(
+            current_app.logger.info(
                 f"credential hash collision, skipping cred for permit_amendment={row[0]}")
 
         if publish_record.error_msg:
-            task_logger.warning(
+            current_app.logger.warning(
                 f"failed to publish unsigned_payload_id={publish_record.unsigned_payload_hash} error={publish_record.error_msg}"
             )
         else:
@@ -447,8 +456,8 @@ def produce_map_01_credential_payload(cls, did: str, permit_amendment: PermitAme
         return credential
 
     @classmethod
-    def produce_untp_cc_map_payload(cls, did: str,
-                                    permit_amendment: PermitAmendment) -> Tuple[W3CCred, UUID]:
+    def produce_untp_cc_map_payload_without_id(cls, did: str,
+                                               permit_amendment: PermitAmendment) -> W3CCred:
         """Produce payload for Mines Act Permit UNTP Conformity Credential from permit amendment and did."""
 
         #attributes in anoncreds but not in untp
@@ -498,7 +507,7 @@ def produce_untp_cc_map_payload(cls, did: str,
                 current_app.logger.error(
                     f"No party for mine_party_appointment_id={curr_appt.mine_party_appt_id}, that shouldn't be possible"
                 )
-            return None, None
+            return None
 
         untp_party_cpo = base.Identifier(
             id="did:web:untp.traceability.site:parties:regulators:CHIEF-PERMITTING-OFFICER",
@@ -568,9 +577,8 @@ def produce_untp_cc_map_payload(cls, did: str,
             issuedToParty=untp_party_business,
             assessment=[untp_assessment])
 
-        new_credential_id = uuid4()
         w3c_cred = W3CCred(
-            id=f"{Config.ORGBOOK_PUBLISHER_BASE_URL}/credentials/{new_credential_id}",
+            id=None,                                                                                # to be populated after hashing.
             type=[
                 "VerifiableCredential", "DigitalConformityCredential", "BCMinesActPermitCredential"
             ],
@@ -583,4 +591,4 @@ def produce_untp_cc_map_payload(cls, did: str,
                 "type": "JsonSchema"
             }])
 
-        return w3c_cred, new_credential_id
+        return w3c_cred
diff --git a/services/core-api/tests/verifiable_credentials/test_manager.py b/services/core-api/tests/verifiable_credentials/test_manager.py
@@ -78,7 +78,7 @@ def test_produce_untp_cc_map_payload_happy(self, db_session):
         poe = PartyOrgBookEntityFactory(party_guid=permittee_appt.party_guid)
         permittee_appt.party.party_orgbook_entity = poe
 
-        pa_cred, new_id = VerifiableCredentialManager.produce_untp_cc_map_payload(
+        pa_cred = VerifiableCredentialManager.produce_untp_cc_map_payload_without_id(
             "did:test:10230123", permit.permit_amendments[0])
 
         pa = permit.permit_amendments[0]
@@ -90,7 +90,7 @@ def test_produce_untp_cc_map_payload_null_if_no_orgbook(self, db_session):
         mine, permit = create_mine_and_permit()
         permittee_appt = MinePartyAppointmentFactory(permittee=True, permit_id=permit.permit_id)
 
-        pa_cred, new_id = VerifiableCredentialManager.produce_untp_cc_map_payload(
+        pa_cred = VerifiableCredentialManager.produce_untp_cc_map_payload_without_id(
             "did:test:10230123", permit.permit_amendments[0])
 
         assert not pa_cred