21929 - get reviews endpoint

legal-api/src/legal_api/models/review.py

@@ -76,6 +76,27 @@ def get_review(cls, filing_id) -> Review:
                       one_or_none())
         return review
 
+    @classmethod
+    def get_paginated_reviews(cls, page, limit):
+        """Return paginated reviews."""
+        query = db.session.query(Review).order_by(Review.creation_date.asc())
+
+        pagination = query.paginate(per_page=limit, page=page)
+        results = pagination.items
+        total_count = pagination.total
+
+        reviews_list = [
+            review.json for review in results
+        ]
+
+        reviews = {
+            'reviews': reviews_list,
+            'page': page,
+            'limit': limit,
+            'total': total_count
+        }
+        return reviews
+
     @property
     def json(self) -> dict:
         """Return Review as a JSON object."""

legal-api/src/legal_api/resources/v2/admin/reviews.py

@@ -14,7 +14,7 @@
 """API endpoints for retrieving review data."""
 from http import HTTPStatus
 
-from flask import current_app, jsonify
+from flask import current_app, jsonify, request
 from flask_cors import cross_origin
 
 from legal_api.models import Filing, Review, UserRoles
@@ -23,6 +23,18 @@
 from .bp import bp_admin
 
 
+@bp_admin.route('/reviews', methods=['GET'])
+@cross_origin(origin='*')
+@jwt.has_one_of_roles([UserRoles.staff])
+def get_reviews():
+    """Return a list of reviews."""
+    page = int(request.args.get('page', 1))
+    limit = int(request.args.get('limit', 10))
+    reviews = Review.get_paginated_reviews(page, limit)
+
+    return reviews, HTTPStatus.OK
+
+
 @bp_admin.route('/reviews/<int:review_id>', methods=['GET', 'OPTIONS'])
 @cross_origin(origin='*')
 @jwt.has_one_of_roles([UserRoles.staff])

legal-api/tests/unit/resources/v2/test_reviews.py

@@ -0,0 +1,43 @@
+# Copyright © 2024 Province of British Columbia
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""Tests to assure the reviews end-point.
+
+Test-Suite to ensure that admin/reviews endpoints are working as expected.
+"""
+import pytest
+from http import HTTPStatus
+
+from legal_api.services.authz import BASIC_USER, STAFF_ROLE
+from tests.unit.services.utils import create_header
+
+
+def test_get_reviews_with_invalid_user(app, session, client, jwt):
+    """Assert unauthorized for BASIC_USER role."""
+
+    rv = client.get(f'/api/v2/admin/reviews',
+                    headers=create_header(jwt, [BASIC_USER], 'user'))
+
+    assert rv.status_code == HTTPStatus.UNAUTHORIZED
+
+def test_get_reviews_with_valid_user(app, session, client, jwt):
+    """Assert review object returned for STAFF role."""
+
+    rv = client.get(f'/api/v2/admin/reviews',
+                    headers=create_header(jwt, [STAFF_ROLE], 'user'))
+
+    assert rv.status_code == HTTPStatus.OK
+    assert 'reviews' in rv.json
+    assert 1 == rv.json.get('page')
+    assert 10 == rv.json.get('limit')