release v1.0.46

release v1.0.46

Author: joeyorlando

CHANGELOG.md

@@ -1,9 +1,9 @@
 # Change Log
 
-
-## v1.0.46 (2022-10-27)
+## v1.0.46 (2022-10-28)
 
 - Bug fixes
+- remove `POST /api/internal/v1/custom_buttons/{id}/action` endpoint
 
 ## v1.0.45 (2022-10-27)
 

engine/apps/api/tests/test_custom_button.py

@@ -447,39 +447,6 @@ def test_custom_button_delete_permissions(
     assert response.status_code == expected_status
 
 
-@pytest.mark.django_db
-@pytest.mark.parametrize(
-    "role,expected_status",
-    [
-        (Role.ADMIN, status.HTTP_200_OK),
-        (Role.EDITOR, status.HTTP_200_OK),
-        (Role.VIEWER, status.HTTP_403_FORBIDDEN),
-    ],
-)
-def test_custom_button_action_permissions(
-    make_organization_and_user_with_plugin_token,
-    make_custom_action,
-    make_user_auth_headers,
-    role,
-    expected_status,
-):
-    organization, user, token = make_organization_and_user_with_plugin_token(role)
-    custom_button = make_custom_action(organization=organization)
-    client = APIClient()
-
-    url = reverse("api-internal:custom_button-action", kwargs={"pk": custom_button.public_primary_key})
-
-    with patch(
-        "apps.api.views.custom_button.CustomButtonView.action",
-        return_value=Response(
-            status=status.HTTP_200_OK,
-        ),
-    ):
-        response = client.post(url, format="json", **make_user_auth_headers(user, token))
-
-    assert response.status_code == expected_status
-
-
 @pytest.mark.django_db
 def test_get_custom_button_from_other_team_with_flag(
     make_organization_and_user_with_plugin_token,

engine/apps/api/views/custom_button.py

@@ -1,17 +1,12 @@
 from django.core.exceptions import ObjectDoesNotExist
-from rest_framework import status
-from rest_framework.decorators import action
 from rest_framework.exceptions import NotFound
 from rest_framework.permissions import IsAuthenticated
-from rest_framework.response import Response
 from rest_framework.viewsets import ModelViewSet
 
-from apps.alerts.models import AlertGroup, CustomButton
-from apps.alerts.tasks.custom_button_result import custom_button_result
-from apps.api.permissions import MODIFY_ACTIONS, READ_ACTIONS, ActionPermission, AnyRole, IsAdmin, IsAdminOrEditor
+from apps.alerts.models import CustomButton
+from apps.api.permissions import MODIFY_ACTIONS, READ_ACTIONS, ActionPermission, AnyRole, IsAdmin
 from apps.api.serializers.custom_button import CustomButtonSerializer
 from apps.auth_token.auth import PluginAuthentication
-from common.api_helpers.exceptions import BadRequest
 from common.api_helpers.mixins import PublicPrimaryKeyMixin, TeamFilteringMixin
 from common.insight_log import EntityEvent, write_resource_insight_log
 
@@ -21,7 +16,6 @@ class CustomButtonView(TeamFilteringMixin, PublicPrimaryKeyMixin, ModelViewSet):
     permission_classes = (IsAuthenticated, ActionPermission)
     action_permissions = {
         IsAdmin: MODIFY_ACTIONS,
-        IsAdminOrEditor: ("action",),
         AnyRole: READ_ACTIONS,
     }
 
@@ -85,19 +79,3 @@ def perform_destroy(self, instance):
             event=EntityEvent.DELETED,
         )
         instance.delete()
-
-    @action(detail=True, methods=["post"])
-    def action(self, request, pk):
-        alert_group_id = request.query_params.get("alert_group", None)
-        if alert_group_id is not None:
-            custom_button = self.get_object()
-            try:
-                alert_group = AlertGroup.unarchived_objects.get(
-                    public_primary_key=alert_group_id, channel=custom_button.alert_receive_channel
-                )
-                custom_button_result.apply_async((custom_button.pk, alert_group.pk, self.request.user.pk))
-            except AlertGroup.DoesNotExist:
-                raise BadRequest(detail="AlertGroup does not exist or archived")
-            return Response(status=status.HTTP_200_OK)
-        else:
-            raise BadRequest(detail="AlertGroup is required")

grafana-plugin/src/models/alert_receive_channel/alert_receive_channel.ts

@@ -314,13 +314,6 @@ export class AlertReceiveChannelStore extends BaseStore {
     });
   }
 
-  async doCustomButtonAction(actionId: ActionDTO['id'], alertId: Alert['pk']) {
-    return await makeRequest(`/custom_buttons/${actionId}/action/`, {
-      method: 'POST',
-      params: { alert_group: alertId },
-    });
-  }
-
   async getAccessLogs(alertReceiveChannelId: AlertReceiveChannel['id']) {
     const { integration_log } = await makeRequest(`/alert_receive_channel_access_log/${alertReceiveChannelId}/`, {});