From 1d3ccc32ec4bb46f60c10d0f5ec24630bf7a6ebd Mon Sep 17 00:00:00 2001
From: jean-baptiste-perez-bib <jean-baptiste.perez_ext@michelin.com>
Date: Tue, 24 Sep 2024 21:08:09 +0200
Subject: [PATCH] Updates /api/v2/health endpoint

Makes it require authenticated users.
Simplifies back the management of the returned "access" field.
---
 app/api/v2/handlers/health_api.py        |  5 ++---
 tests/api/v2/handlers/test_health_api.py | 15 ++-------------
 2 files changed, 4 insertions(+), 16 deletions(-)

diff --git a/app/api/v2/handlers/health_api.py b/app/api/v2/handlers/health_api.py
index 37458c36d..cb7e7c7cd 100644
--- a/app/api/v2/handlers/health_api.py
+++ b/app/api/v2/handlers/health_api.py
@@ -4,7 +4,6 @@
 from aiohttp import web
 
 import app
-from app.api.v2 import security
 from app.api.v2.handlers.base_api import BaseApi
 from app.api.v2.schemas.caldera_info_schemas import CalderaInfoSchema
 
@@ -16,7 +15,7 @@ def __init__(self, services):
 
     def add_routes(self, app: web.Application):
         router = app.router
-        router.add_get('/health', security.authentication_exempt(self.get_health_info))
+        router.add_get('/health', self.get_health_info)
 
     @aiohttp_apispec.docs(tags=['health'],
                           summary='Health endpoints returns the status of Caldera',
@@ -29,7 +28,7 @@ async def get_health_info(self, request):
         mapping = {
             'application': 'Caldera',
             'version': app.get_version(),
-            'access': access[0].name if len(access) > 0 else None,  # 0 when not authenticated.
+            'access': access[0].name,
             'plugins': loaded_plugins_sorted
         }
 
diff --git a/tests/api/v2/handlers/test_health_api.py b/tests/api/v2/handlers/test_health_api.py
index 11a4e2321..52cb87baf 100644
--- a/tests/api/v2/handlers/test_health_api.py
+++ b/tests/api/v2/handlers/test_health_api.py
@@ -1,5 +1,3 @@
-import copy
-
 import pytest
 import app
 
@@ -16,13 +14,6 @@ def expected_caldera_info():
     }
 
 
-@pytest.fixture
-def expected_unauthorized_caldera_info(expected_caldera_info):
-    new_info = copy.deepcopy(expected_caldera_info)
-    new_info['access'] = None
-    return new_info
-
-
 class TestHealthApi:
     async def test_get_health(self, api_v2_client, api_cookies, expected_caldera_info):
         resp = await api_v2_client.get('/api/v2/health', cookies=api_cookies)
@@ -30,8 +21,6 @@ async def test_get_health(self, api_v2_client, api_cookies, expected_caldera_inf
         output_info = await resp.json()
         assert output_info == expected_caldera_info
 
-    async def test_unauthorized_get_health(self, api_v2_client, expected_unauthorized_caldera_info):
+    async def test_unauthorized_get_health(self, api_v2_client):
         resp = await api_v2_client.get('/api/v2/health')
-        assert resp.status == HTTPStatus.OK
-        output_info = await resp.json()
-        assert output_info == expected_unauthorized_caldera_info
+        assert resp.status == HTTPStatus.UNAUTHORIZED