Coding done, working on some unit tests

ORCID · Dec 13, 2024 · 6bbe5d8 · 6bbe5d8
1 parent 653cb2f
commit 6bbe5d8
Show file tree

Hide file tree

Showing 5 changed files with 85 additions and 19 deletions.
diff --git a/orcid-core/src/main/resources/org/orcid/core/template/papi_rate_limit_email.ftl b/orcid-core/src/main/resources/org/orcid/core/template/papi_rate_limit_email.ftl
@@ -1,18 +1,19 @@
 <#import "email_macros.ftl" as emailMacros />
 Dear ${emailName},
 
-This is an important message to let you know that you have exceeded our daily Public API usage limit with your integration:
+This is an important message to let you know that you have exceeded your daily Public API usage limit with your integration (https://info.orcid.org/ufaqs/what-are-the-api-limits/):
 
 Client Name: ${clientName}
 Client ID: ${clientId}
 
-Please remember that the ORCID Public API is free for non-commercial use by individuals as stated in the Public APIs Terms of Service (https://info.orcid.org/public-client-terms-of-service/). By “non-commercial” we mean that you may not charge any re-use fees for the Public API, and you may not make use of the Public API in connection with any revenue-generating product or service
+Please remember that the ORCID Public API is free for non-commercial use by individuals as stated in the Public APIs Terms of Service (https://info.orcid.org/public-client-terms-of-service). By “non-commercial” we mean that you may not charge any re-use fees for the Public API, and you may not make use of the Public API in connection with any revenue-generating product or service.
 
-If you need access to an ORCID API for commercial use, need a higher usage quota, organizational administration of your API credentials, or the ability to write data to or access Trusted Party data in ORCID records, our Member API (https://info.orcid.org/documentation/features/member-api/) is available to ORCID member organizations.
+Based on your API usage, we highly recommend you consider becoming an ORCID member for access to our Member API (https://info.orcid.org/documentation/features/member-api/). Not only will it allow you to access a higher Rate Limits and an unrestricted Usage Quota, but you will be able to access Trusted Party data in ORCID records and contribute data to ORCID records from your institutional systems.
 
-To minimize any disruption to your ORCID integration in the future, we would recommend that you reach out to our Engagement Team by replying to this email to discuss our ORCID membership options. 
+To minimize any disruption to your ORCID integration in the future, we would recommend that you reach out to our Engagement Team by replying to this email to discuss our ORCID membership options.
 
-Warm Regards, 
+
+Warm Regards,
 ORCID Support Team 
 https://support.orcid.org
 

diff --git a/orcid-core/src/main/resources/org/orcid/core/template/papi_rate_limit_email_html.ftl b/orcid-core/src/main/resources/org/orcid/core/template/papi_rate_limit_email_html.ftl
@@ -10,12 +10,12 @@
 			<img src="https://orcid.org/sites/all/themes/orcid/img/orcid-logo.png" alt="ORCID.org"/>
 		    <hr />
 		    <span style="font-family: arial, helvetica, sans-serif; font-size: 15px; color: #494A4C; font-weight: bold;">Dear ${emailName},</span>
-		    <p style="font-family: arial,  helvetica, sans-serif;font-size: 15px;color: #494A4C; white-space: pre;">This is an important message to let you know that you have exceeded our daily Public API usage limit with your integration:</p>
+		    <p style="font-family: arial,  helvetica, sans-serif;font-size: 15px;color: #494A4C; white-space: pre;">This is an important message to let you know that you have exceeded your <a href="https://info.orcid.org/ufaqs/what-are-the-api-limits/" target="_blank">daily Public API usage limit</a> with your integration:</p>
 		    <p style="font-family: arial,  helvetica, sans-serif;font-size: 15px;color: #494A4C; white-space: pre;">Client Name: ${clientName}</p>
 			<p style="font-family: arial,  helvetica, sans-serif;font-size: 15px;color: #494A4C; white-space: pre;">Client ID: ${clientId}</p>
 			<br/>
-            <p style="font-family: arial,  helvetica, sans-serif;font-size: 15px;color: #494A4C; white-space: pre;">Please remember that the ORCID Public API is free for non-commercial use by individuals as stated in the Public APIs Terms of Service (https://info.orcid.org/public-client-terms-of-service/). By “non-commercial” we mean that you may not charge any re-use fees for the Public API, and you may not make use of the Public API in connection with any revenue-generating product or service.</p>
-            <p style="font-family: arial,  helvetica, sans-serif;font-size: 15px;color: #494A4C; white-space: pre;">If you need access to an ORCID API for commercial use, need a higher usage quota, organizational administration of your API credentials, or the ability to write data to or access Trusted Party data in ORCID records, our Member API (https://info.orcid.org/documentation/features/member-api/) is available to ORCID member organizations.</p>
+            <p style="font-family: arial,  helvetica, sans-serif;font-size: 15px;color: #494A4C; white-space: pre;">Please remember that the ORCID Public API is free for non-commercial use by individuals as stated in the <a href="https://info.orcid.org/public-client-terms-of-service/" target="_blank">Public APIs Terms of Service</a>. By “non-commercial” we mean that you may not charge any re-use fees for the Public API, and you may not make use of the Public API in connection with any revenue-generating product or service.</p>
+            <p style="font-family: arial,  helvetica, sans-serif;font-size: 15px;color: #494A4C; white-space: pre;">Based on your API usage, we highly recommend you consider becoming an ORCID member for access to our <a href="https://info.orcid.org/documentation/features/member-api/" target="_blank">Member API</a>. Not only will it allow you to access a higher Rate Limits and an unrestricted Usage Quota, but you will be able to access Trusted Party data in ORCID records and contribute data to ORCID records from your institutional systems.</p>
 			<p style="font-family: arial,  helvetica, sans-serif;font-size: 15px;color: #494A4C; white-space: pre;">To minimize any disruption to your ORCID integration in the future, we would recommend that you reach out to our Engagement Team by replying to this email to discuss our ORCID membership options.
      		<br/>
             <p style="font-family: arial,  helvetica, sans-serif;font-size: 15px;color: #494A4C; white-space: pre;">

diff --git a/orcid-pub-web/src/main/java/org/orcid/api/filters/ApiRateLimitFilter.java b/orcid-pub-web/src/main/java/org/orcid/api/filters/ApiRateLimitFilter.java
@@ -110,11 +110,14 @@ public class ApiRateLimitFilter extends OncePerRequestFilter {
             + "You can increase your daily quota by registering for and using Public API client credentials "
             + "(https://info.orcid.org/documentation/integration-guide/registering-a-public-api-client/ )";
 
-    private static final String SUBJECT = "[ORCID] You have exceeded the daily Public API Usage Limit - ";
+    private static final String SUBJECT = "[ORCID-API] WARNING! You have exceeded the daily Public API Usage Limit - ";
 
-    @Value("${org.orcid.papi.rate.limit.fromEmail:notify@notify.orcid.org}")
+    @Value("${org.orcid.papi.rate.limit.fromEmail:apiusage@orcid.org}")
     private String FROM_ADDRESS;
 
+    @Value("${org.orcid.papi.rate.limit.ccAddress:[email protected]}")
+    private String CC_ADDRESS;
+
     @Override
     public void afterPropertiesSet() throws ServletException {
         super.afterPropertiesSet();
@@ -123,7 +126,7 @@ public void afterPropertiesSet() throws ServletException {
     }
 
     @Override
-    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain)
+    public void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain)
             throws ServletException, IOException {
         LOG.trace("ApiRateLimitFilter starts, rate limit is : " + enableRateLimiting);
         if (enableRateLimiting) {
@@ -197,7 +200,6 @@ private void rateLimitAnonymousRequest(String ipAddress, LocalDate today, HttpSe
 
         }
         return;
-
     }
 
     private void rateLimitClientRequest(String clientId, LocalDate today) {
@@ -261,7 +263,7 @@ private void sendEmail(String clientId, LocalDate requestDate) {
         }
 
         // Send the email
-        boolean mailSent = mailGunManager.sendEmail(FROM_ADDRESS, email, SUBJECT, body, html);
+        boolean mailSent = mailGunManager.sendEmailWithCC(FROM_ADDRESS, email, CC_ADDRESS, SUBJECT, body, html);
         if (!mailSent) {
             LOG.error("Failed to send email for papi limits, orcid=" + profile.getId() + " email: " + email);
         }
@@ -281,7 +283,6 @@ private void setPapiRateExceededItemInPanoply(PanoplyPapiDailyRateExceededItem i
             if (!result) {
                 LOG.error("Async call to panoply for : " + item.toString() + " Stored: " + result);
             }
-
         });
     }
 
@@ -307,5 +308,4 @@ private boolean isWhiteListed(String ipAddress) {
     private boolean isClientIdWhiteListed(String clientId) {
         return (papiClientIdWhiteList != null)?papiClientIdWhiteList.contains(clientId):false;
     }
-
 }
diff --git a/orcid-pub-web/src/test/java/org/orcid/api/filters/ApiRateLimitFilterTest.java b/orcid-pub-web/src/test/java/org/orcid/api/filters/ApiRateLimitFilterTest.java
@@ -0,0 +1,57 @@
+package org.orcid.api.filters;
+
+import org.apache.commons.math3.stat.inference.TestUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
+import org.orcid.core.oauth.service.OrcidTokenStore;
+import org.orcid.persistence.dao.PublicApiDailyRateLimitDao;
+import org.orcid.test.OrcidJUnit4ClassRunner;
+import org.orcid.test.TargetProxyHelper;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+
+import javax.annotation.Resource;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import java.io.IOException;
+
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.mockito.ArgumentMatchers.eq;
+import static org.mockito.Mockito.*;
+
+@RunWith(OrcidJUnit4ClassRunner.class)
+@ContextConfiguration(locations = { "classpath:test-orcid-t1-web-context.xml" })
+public class ApiRateLimitFilterTest {
+
+    @Resource
+    public ApiRateLimitFilter apiRateLimitFilter;
+
+    @Mock
+    private FilterChain filterChainMock;
+
+    @Mock
+    private OrcidTokenStore orcidTokenStoreMock;
+
+    @Mock
+    private PublicApiDailyRateLimitDao papiRateLimitingDaoMock;
+
+    MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
+
+    MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
+
+    @Test
+    public void enableRateLimitingDisabledTest() throws ServletException, IOException {
+        MockitoAnnotations.initMocks(this);
+        TargetProxyHelper.injectIntoProxy(apiRateLimitFilter, "enableRateLimiting", false);
+        TargetProxyHelper.injectIntoProxy(apiRateLimitFilter, "orcidTokenStore", orcidTokenStoreMock);
+        apiRateLimitFilter.doFilterInternal(mockHttpServletRequest, mockHttpServletResponse, filterChainMock);
+        verify(filterChainMock, times(1)).doFilter(eq(mockHttpServletRequest), eq(mockHttpServletResponse));
+        verify(orcidTokenStoreMock, never()).readClientId(anyString());
+        verify(papiRateLimitingDaoMock, never()).findByIpAddressAndRequestDate(anyString(), any());
+        verify(papiRateLimitingDaoMock, never()).persist(any());
+    }
+}
diff --git a/orcid-utils/src/main/java/org/orcid/utils/email/MailGunManager.java b/orcid-utils/src/main/java/org/orcid/utils/email/MailGunManager.java
@@ -4,6 +4,7 @@
 
 import javax.annotation.PostConstruct;
 
+import org.apache.commons.lang3.StringUtils;
 import org.orcid.utils.jersey.JerseyClientHelper;
 import org.orcid.utils.jersey.JerseyClientResponse;
 import org.slf4j.Logger;
@@ -63,14 +64,18 @@ public void initJerseyClientHelper() {
     }
 
     public boolean sendMarketingEmail(String from, String to, String subject, String text, String html) {
-        return sendEmail(from, to, subject, text, html, true);
+        return sendEmail(from, to, null, subject, text, html, true);
     }
 
     public boolean sendEmail(String from, String to, String subject, String text, String html) {
-        return sendEmail(from, to, subject, text, html, false);
+        return sendEmail(from, to, null, subject, text, html, false);
     }
-
-    public boolean sendEmail(String from, String to, String subject, String text, String html, boolean marketing) {
+
+    public boolean sendEmailWithCC(String from, String to, String cc, String subject, String text, String html) {
+        return sendEmail(from, to, cc, subject, text, html, false);
+    }
+
+    private boolean sendEmail(String from, String to, String cc, String subject, String text, String html, boolean marketing) {
         String fromEmail = getFromEmail(from);
         String apiUrl;
         if(marketing)
@@ -84,6 +89,9 @@ else if (fromEmail.endsWith("@notify.orcid.org"))
         Form formData = new Form();
         formData.param("from", from);
         formData.param("to", to);
+        if(StringUtils.isNotBlank(cc)) {
+            formData.param("cc", cc);
+        }
         formData.param("subject", subject);
         formData.param("text", text);
         if (html != null) {