10680 - Changes to allow account fees to be removed all at once. (#1324)

* Changes to allow account fees to be removed all at once.

* Small fix for CORS

* Fix options cross_origin

* Fix a unit test

* Add in delete method for base_model, update create_activity

* remove space for delete

pay-api/src/pay_api/models/base_model.py

@@ -46,6 +46,13 @@ def save(self):
         db.session.commit()
         return self
 
+    def delete(self):
+        """Delete and commit."""
+        db.session.delete(self)
+        db.session.flush()
+        self.create_activity(self, is_delete=True)
+        db.session.commit()
+
     @staticmethod
     def rollback():
         """RollBack."""
@@ -57,10 +64,15 @@ def find_by_id(cls, identifier: int):
         return cls.query.get(identifier)
 
     @classmethod
-    def create_activity(cls, obj):
+    def create_activity(cls, obj, is_delete=False):
         """Create activity records if the model is versioned."""
         if isinstance(obj, VersionedModel) and not current_app.config.get('DISABLE_ACTIVITY_LOGS'):
-            activity = activity_plugin.activity_cls(verb='update', object=obj, data={
+            if is_delete:
+                verb = 'delete'
+            else:
+                verb = 'update'
+
+            activity = activity_plugin.activity_cls(verb=verb, object=obj, data={
                 'user_name': cls._get_user_name(),
                 'remote_addr': fetch_remote_addr()
             })

pay-api/src/pay_api/resources/v1/account.py

@@ -142,7 +142,7 @@ def delete_account(account_number: str):
 
 
 @bp.route('/<string:account_number>/fees', methods=['GET', 'OPTIONS'])
-@cross_origin(origins='*', methods=['GET', 'POST'])
+@cross_origin(origins='*', methods=['GET', 'POST', 'DELETE'])
 @_jwt.requires_auth
 @_jwt.has_one_of_roles([Role.MANAGE_ACCOUNTS.value])
 def get_account_fees(account_number: str):
@@ -174,6 +174,18 @@ def post_account_fees(account_number: str):
     return jsonify(response), status
 
 
+@bp.route('/<string:account_number>/fees', methods=['DELETE'])
+@cross_origin(origins='*')
+@_jwt.requires_auth
+@_jwt.has_one_of_roles([Role.MANAGE_ACCOUNTS.value])
+def delete_account_fees(account_number: str):
+    """Remove the account fee settings."""
+    current_app.logger.info('<delete_account_fees')
+    PaymentAccountService.delete_account_fees(account_number)
+    current_app.logger.debug('>delete_account_fees')
+    return jsonify({}), HTTPStatus.NO_CONTENT
+
+
 @bp.route('/<string:account_number>/fees/<string:product>', methods=['PUT', 'OPTIONS'])
 @cross_origin(origins='*', methods=['PUT'])
 @_jwt.requires_auth
@@ -195,6 +207,7 @@ def put_account_fee_product(account_number: str, product: str):
     current_app.logger.debug('>put_account_fee_product')
     return jsonify(response), status
 
+
 #########################################################################################################
 # Note this route is used by CSO for reconciliation, so be careful if making any changes to the response.
 #########################################################################################################

pay-api/src/pay_api/services/payment_account.py

@@ -476,6 +476,12 @@ def save_account_fee(cls, auth_account_id: str, product: str, account_fee_reques
         cls._create_or_update_account_fee(account_fee_request, payment_account, product)
         return AccountFeeSchema().dump(AccountFeeModel.find_by_account_id_and_product(payment_account.id, product))
 
+    @classmethod
+    def delete_account_fees(cls, auth_account_id: str):
+        """Remove all account fees for the account."""
+        payment_account: PaymentAccountModel = PaymentAccountModel.find_by_auth_account_id(auth_account_id)
+        _ = [account_fee.delete() for account_fee in AccountFeeModel.find_by_account_id(payment_account.id)]
+
     @classmethod
     def _create_or_update_account_fee(cls, fee: dict, payment_account: PaymentAccountModel, product: str):
         # Save or update the fee, first lookup and see if the fees exist.

pay-api/tests/unit/api/test_account.py

@@ -569,7 +569,7 @@ def test_create_gov_accounts(session, client, jwt, app):
     assert rv.status_code == 201
 
 
-def test_create_gov_accounts_with_account_fee(session, client, jwt, app):
+def test_create_and_delete_gov_accounts_with_account_fee(session, client, jwt, app):
     """Assert that the endpoint returns 200."""
     token = jwt.create_jwt(get_claims(role=Role.SYSTEM.value), token_header)
     headers = {'Authorization': f'Bearer {token}', 'content-type': 'application/json'}
@@ -601,6 +601,12 @@ def test_create_gov_accounts_with_account_fee(session, client, jwt, app):
     assert not rv.json.get('accountFees')[0]['applyFilingFees']
     assert rv.json.get('accountFees')[0]['serviceFeeCode'] == 'TRF01'
 
+    rv = client.delete(f'/api/v1/accounts/{account_id}/fees', headers=headers)
+    assert rv.status_code == 204
+
+    rv = client.get(f'/api/v1/accounts/{account_id}/fees', headers=headers)
+    assert len(rv.json.get('accountFees')) == 0
+
 
 def test_update_gov_accounts_with_account_fee(session, client, jwt, app):
     """Assert that the endpoint returns 200."""

pay-api/tests/unit/api/test_cors_preflight.py

@@ -79,7 +79,7 @@ def test_preflight_account(app, client, jwt, session):
     rv = client.options('/api/v1/accounts/1/fees',
                         headers={'Access-Control-Request-Method': 'GET'})
     assert rv.status_code == 200
-    assert_access_control_headers(rv, '*', 'GET, POST')
+    assert_access_control_headers(rv, '*', 'DELETE, GET, POST')
 
     rv = client.options('/api/v1/accounts/1/fees/PRODUCT_CODE',
                         headers={'Access-Control-Request-Method': 'PUT'})