update file upload api

.circleci/config.yml

@@ -133,7 +133,7 @@ parameters:
     default: "main"
     type: string
   sandbox_git_branch:  # change to feature branch to test deployment
-    default: "js-135-submit-report"
+    default: "js-drop-attachment-enum"
     type: string
 jobs:
   build_and_lint:

.env.example

@@ -33,7 +33,6 @@ HSES_DATA_PASSWORD=password
 # This URI is automatically dropped into the cloud.gov environment as the env variable DATABASE_URL
 DATABASE_URL=secret
 # Local development variables to support s3 endpoint development and testing
-LOCAL_DEV=true
 # Comment this out if you are not using docker
 S3_ENDPOINT=http://minio:9000
 # Uncomment the following if you aren't using docker for development. Note: This requires minio to be running locally on port 9000

deployment_config/dev_vars.yml

@@ -1,5 +1,6 @@
 env: dev
 instances: 1
+AUTH_BASE: https://uat.hsesinfo.org
 # This env variable should go away soon in favor of TTA_SMART_HUB_URI
 REDIRECT_URI_HOST: https://tta-smarthub-dev.app.cloud.gov
 rds_instance: ttahub-dev

deployment_config/prod_vars.yml

@@ -1,7 +1,8 @@
 env: prod
 instances: 2
+AUTH_BASE: TKTK
 # This env variable should go away soon in favor of TTA_SMART_HUB_URI
-REDIRECT_URI_HOST: https://tta-smarthub-prod.app.cloud.gov
+REDIRECT_URI_HOST: https://ttahub.ohs.acf.hhs.gov
 rds_instance: ttahub-prod
 s3_doc_upload_bucket: ttahub-document-upload-prod
-TTA_SMART_HUB_URI: https://tta-smarthub-prod.app.cloud.gov
+TTA_SMART_HUB_URI: https://ttahub.ohs.acf.hhs.gov

deployment_config/sandbox_vars.yml

@@ -1,5 +1,6 @@
 env: sandbox
 instances: 1
+AUTH_BASE: https://uat.hsesinfo.org
 # This env variable should go away soon in favor of TTA_SMART_HUB_URI
 REDIRECT_URI_HOST: https://tta-smarthub-sandbox.app.cloud.gov
 rds_instance: ttahub-sandbox

deployment_config/staging_vars.yml

@@ -1,5 +1,6 @@
 env: staging
 instances: 1
+AUTH_BASE: https://uat.hsesinfo.org
 # This env variable should go away soon in favor of TTA_SMART_HUB_URI
 REDIRECT_URI_HOST: https://tta-smarthub-staging.app.cloud.gov
 rds_instance: ttahub-staging

docs/boundary_diagram.md

@@ -1,7 +1,7 @@
 System Boundary Diagram
 =======================
 
-<img src="http://www.plantuml.com/plantuml/png/fLPlRnit3t_lJy4dBmeNQE8-IGOKmp3KYTqqGznwERTzKo2GTRGjL2TTHSgkCVIxJrJEPr_S3Hi61B5CaJ-IF_wHNnEhmB6olVyPfsqi4LRCDVqy60IrELiQNiLv90pQEqR7PzfN0rK6ezpQnZeEhYzFfrOv_Z2v6rZ5I9n43zT9Mnc7uQmMR3Pi4MQp8HHLSWTlunpcFhfIXIsi3MvwKmpaNR_E7mxj2pZPgtuW32T9CdI0hZoLSC0lW5TFC4-Uxt1ANAFr2Qs3Czf9JphYTGBr0LeR0kLAk9bD4fxpZA08naw7RSt6ktT9qXjQ2re2rIAYP5iRpLY22WYOTUNR9j47ixi2_dzs3j5P90AVmWuRGmY2NPxralTyx5qrZFJLXYJRJmNS-FMrzR4yUGv_z01Q3It2fLydjNmyI-T61w3O4cFrCFx6WlIWxFnG3QnNvUbSMULqOg9nDBoxIjbshLil3wes7OZXzFPlj8EFd9d_vPbLMmpqA-nD7oz9_ERCu8ta5BR0GIqMHWDXM1kD3VwU4_QInb3hWALX9Rotjstg06tdzJURJGgyxiJHRS5FE8TXNLkZCvp4zCwN-5ln0iRVwe2Kod2FIhFSZ0pL2UQnERIt5ZLJ1YmLgpEOHCkcjWZ64Gkt124wPzmofzADJLjLAQdU6vCiIAkic7dDnAXg-55EjuunE6L1xSE4XGzxapmCiPQYKkFeUw_ZR3JFL9H2tzGJBmCMlz_1IB6QAy9T1zoF2ZasPWJDm3VfkeLPnj3wFvgx7tcaYmQwk81vr5-GJrg1d0hs0Gb8YgbX8Kme8cJ9GxButdlihlxRObmaVVd8TYdlf5kOfOFtxhERl1d2sYYOcGfFhnHXALK57s1w-n6q2kNdf5Nu63JAthW9oZ5YPY2vQbjiIUg1b28f2vRtmydqDD4U_3e15aeLkSiwBUzm4z0QBOs36xYNyuv4uwAF11Fl3FkGso1bb5GEbzC1m4GvjKH8uiHl9Gq4py3wvJAP2cPUot0pdWscxulqxyDiC1hVZMTZw5zUNZnFw8BTD7q7EM3j0nCmMgoGmrRWMDSTmuFDkryQLOwfRV9_5uQK_t2VbtxZf4sRIZChlQhGCNLWEp1j9CUxfGx-cv4PmwyHYUcVntQ4rNBs7q1RZ7QoPK8fvzh2W210_zNBLo-Fx9eU3yZ1u1hR9ZtY_S3jiRcAl4B7iYcG83RlvljX4fyV5xenMcCmYosOKYnvUvnqw_BAT9osQoMWAccm2KQyIiI4306r3sLElgQl5le_NLwS_mKANVm8PRU3169TQtdyQsyS7mvjCqpIIBlXlRuTN8zWQcgqnk7nrEOVDHBsZM7PNh9QtXQduYp8NfTzLoB8s91XByzB5q2Re2rg8xxoyVhsoTJBtbuswx9e7xIZyMyZcSQvDRJAZWKgNG2bx_tpywRKRTI7pdrL9SMLzr_0UJOBwTrTHC1U7Y1uPADksSXWUv0dR_m8Q-ktdUSc_L7K6eaMqJPm2JWXtQdjm-Z9vdYKtZSxEmjUeojZPVy4" alt="rendered boundary diagram">
+<img src="http://www.plantuml.com/plantuml/png/fLPVRnit37_tf-3oKBX04tT91XJ3CDI9tJH3t7evjtqf4CWwsXQgawuYPTSO-jqdAkUpBqQ73GEIMAR87yaV_oYlYLNWMDdUJyPf6qk45NDDlmu6GMtEbePNSHu9W_QEqV6PzjL0bS4ejxQnZeFhozEfLOu_JEu6LZ4I9z73TT9Mnc4ugmMR3Lk4sMm8HPNSmTiuXxcFhbHX2sk3czuK0tdNh_E7G_i2JlQg7mZ3IP8C7Q0hJoKSy0lWrHFCa-Sxd1BNQ7r2w-2CTjAJZdYTG7s0reP0kH9kPfE4vpmZA8Anqs5Ri_7kNPBqXjQ2ba2rY2ZPraOpbg020cPT-RP9zC7ihe2VpyuXEej4u5FOOMC8GR3Birxode-zguQHljgGPFkfW1k_lhO-bYVFuQyUGAkXHRZqwwIMZsVftEW055jYh1x6trYG7fIT7wg1zQeydIkhd6veJOw6TrSfswvrw-L1rQO3CPpU_eDsy94pyxyzisgBWNw7lUdZ9OdVd1cyaPp25ZYenS9e80nhex71ttF2VYwnQXsmDAo4z_QsJHsWxRp-PhD9WTUTEBej-0ddCAnhQtI6avZU-HB_A5x0-5iTa58Pxb5fbfkHeJh1F3Q7zjQYPig0fM9r1fDesTGMmJXYuPOWHEUCM-PKkh5fgoebrNjZaWLfbHKphvaOLGq_okdMCGQdBAXzcB3mOM-IXo7MKbGwTZIQPnfAeMxgYPS1Yp_lOAHOpHNXhlhteqAEZHb1C-nDgcvXbZ6qlhia_j0dNJJWnGNCe_w2VD8Av5Im3qX0KaeD2-514I7lilZUaz_llSSEwxyjnaMoaezidN9F5eLPEdZlFhl9co6iZOAPgV3qIX6MKbdm0QQt7q6hK7vEMeMFGQFiZfkW72Dc9fB3jisMf1v8APBIO7a_d4nF4_N1hnDWeLIHEwtJzWut0QtHqZouWNivxyWqBlf8CF7Ei0-v5L96IULmGHq0J9HJIuGaJZnNqaJm3AnVBfEfOERL33VZsM3wlaX_Fim6e_7TU3Q6_kNbnVE4BjXDutUG0zO-C06ZnGevR0METTqnFDY--yLHvPZQHlzlOKWJ7Exqqc-Sj6fJRsQbLnKwfWvi1wQDv7Y_rC5_Cp9d-3KYCVtxs8wmMix-1sYBqKwtJ2dbN5iO40JelthvwkMHNTFZ0JaON6FRf4Uy7xWzDbUHL-XOjWKInERjV3zCulFZGZT6QmnciGLJYYLlZvDkNLwPZjDslGHK9GqsmOXNYPYG8Q3seSp9r_JLGl-Noulp7w18hnoZx7QHGAnh3UZAsXl7XqFR39Cqqcvuhsy7roEOcXgjSNWyjVaV6mdxnh1iCLajRujJSHPajylUAn5aRCYmboUc2w1Dq1Qr4L_vU7txPEfbTo-RjLcqZzhH-BUHJEFS6bfbnmALBe3Iz_xvULFgDkf3vxwgakBA-o_WF9k5zEuk8c0lZn0yib6tR6ImFSYJTtw4jVNRpfEJVYXgZKIBQ1ku19oGxjJsOVHaSpnAxvkTdGMlqPMnidy3" alt="rendered boundary diagram">
 
 UML Source
 ----------
@@ -23,9 +23,9 @@ Boundary(aws, "AWS GovCloud") {
     Boundary(atob, "Accreditation Boundary") {
       Container(www_app, "<&layers> TTA Smart Hub Web Application", "NodeJS, Express, React", "Displays and collects TTA data. Multiple instances running")
       Container(clamav, "File scanning API", "ClamAV", "Internal application for scanning user uploads")
+      ContainerDb(www_db, "PostgreSQL Database", "AWS RDS", "Contains content and configuration for TTA Smart Hub")
+      ContainerDb(www_s3, "AWS S3 bucket", "AWS S3", "Stores static file assets")
     }
-    ContainerDb(www_db, "PostgreSQL Database", "AWS RDS", "Contains content and configuration for TTA Smart Hub")
-    ContainerDb(www_s3, "AWS S3 bucket", "AWS S3", "Stores static file assets")
   }
 }
 System(HSES, "HSES", "Single Sign On\nMFA via Time-Based App or PIV card\n\nSource of Grantee Data")
@@ -59,7 +59,7 @@ Lay_R(HSES, aws)
 Instructions
 ------------
 
-1. [Edit this diagram with plantuml.com](http://www.plantuml.com/plantuml/uml/fLPlRnit3t_lJy4dBmeNQE8-IGOKmp3KYTqqGznwERTzKo2GTRGjL2TTHSgkCVIxJrJEPr_S3Hi61B5CaJ-IF_wHNnEhmB6olVyPfsqi4LRCDVqy60IrELiQNiLv90pQEqR7PzfN0rK6ezpQnZeEhYzFfrOv_Z2v6rZ5I9n43zT9Mnc7uQmMR3Pi4MQp8HHLSWTlunpcFhfIXIsi3MvwKmpaNR_E7mxj2pZPgtuW32T9CdI0hZoLSC0lW5TFC4-Uxt1ANAFr2Qs3Czf9JphYTGBr0LeR0kLAk9bD4fxpZA08naw7RSt6ktT9qXjQ2re2rIAYP5iRpLY22WYOTUNR9j47ixi2_dzs3j5P90AVmWuRGmY2NPxralTyx5qrZFJLXYJRJmNS-FMrzR4yUGv_z01Q3It2fLydjNmyI-T61w3O4cFrCFx6WlIWxFnG3QnNvUbSMULqOg9nDBoxIjbshLil3wes7OZXzFPlj8EFd9d_vPbLMmpqA-nD7oz9_ERCu8ta5BR0GIqMHWDXM1kD3VwU4_QInb3hWALX9Rotjstg06tdzJURJGgyxiJHRS5FE8TXNLkZCvp4zCwN-5ln0iRVwe2Kod2FIhFSZ0pL2UQnERIt5ZLJ1YmLgpEOHCkcjWZ64Gkt124wPzmofzADJLjLAQdU6vCiIAkic7dDnAXg-55EjuunE6L1xSE4XGzxapmCiPQYKkFeUw_ZR3JFL9H2tzGJBmCMlz_1IB6QAy9T1zoF2ZasPWJDm3VfkeLPnj3wFvgx7tcaYmQwk81vr5-GJrg1d0hs0Gb8YgbX8Kme8cJ9GxButdlihlxRObmaVVd8TYdlf5kOfOFtxhERl1d2sYYOcGfFhnHXALK57s1w-n6q2kNdf5Nu63JAthW9oZ5YPY2vQbjiIUg1b28f2vRtmydqDD4U_3e15aeLkSiwBUzm4z0QBOs36xYNyuv4uwAF11Fl3FkGso1bb5GEbzC1m4GvjKH8uiHl9Gq4py3wvJAP2cPUot0pdWscxulqxyDiC1hVZMTZw5zUNZnFw8BTD7q7EM3j0nCmMgoGmrRWMDSTmuFDkryQLOwfRV9_5uQK_t2VbtxZf4sRIZChlQhGCNLWEp1j9CUxfGx-cv4PmwyHYUcVntQ4rNBs7q1RZ7QoPK8fvzh2W210_zNBLo-Fx9eU3yZ1u1hR9ZtY_S3jiRcAl4B7iYcG83RlvljX4fyV5xenMcCmYosOKYnvUvnqw_BAT9osQoMWAccm2KQyIiI4306r3sLElgQl5le_NLwS_mKANVm8PRU3169TQtdyQsyS7mvjCqpIIBlXlRuTN8zWQcgqnk7nrEOVDHBsZM7PNh9QtXQduYp8NfTzLoB8s91XByzB5q2Re2rg8xxoyVhsoTJBtbuswx9e7xIZyMyZcSQvDRJAZWKgNG2bx_tpywRKRTI7pdrL9SMLzr_0UJOBwTrTHC1U7Y1uPADksSXWUv0dR_m8Q-ktdUSc_L7K6eaMqJPm2JWXtQdjm-Z9vdYKtZSxEmjUeojZPVy4)
+1. [Edit this diagram with plantuml.com](http://www.plantuml.com/plantuml/uml/fLPVRnit37_tf-3oKBX04tT91XJ3CDI9tJH3t7evjtqf4CWwsXQgawuYPTSO-jqdAkUpBqQ73GEIMAR87yaV_oYlYLNWMDdUJyPf6qk45NDDlmu6GMtEbePNSHu9W_QEqV6PzjL0bS4ejxQnZeFhozEfLOu_JEu6LZ4I9z73TT9Mnc4ugmMR3Lk4sMm8HPNSmTiuXxcFhbHX2sk3czuK0tdNh_E7G_i2JlQg7mZ3IP8C7Q0hJoKSy0lWrHFCa-Sxd1BNQ7r2w-2CTjAJZdYTG7s0reP0kH9kPfE4vpmZA8Anqs5Ri_7kNPBqXjQ2ba2rY2ZPraOpbg020cPT-RP9zC7ihe2VpyuXEej4u5FOOMC8GR3Birxode-zguQHljgGPFkfW1k_lhO-bYVFuQyUGAkXHRZqwwIMZsVftEW055jYh1x6trYG7fIT7wg1zQeydIkhd6veJOw6TrSfswvrw-L1rQO3CPpU_eDsy94pyxyzisgBWNw7lUdZ9OdVd1cyaPp25ZYenS9e80nhex71ttF2VYwnQXsmDAo4z_QsJHsWxRp-PhD9WTUTEBej-0ddCAnhQtI6avZU-HB_A5x0-5iTa58Pxb5fbfkHeJh1F3Q7zjQYPig0fM9r1fDesTGMmJXYuPOWHEUCM-PKkh5fgoebrNjZaWLfbHKphvaOLGq_okdMCGQdBAXzcB3mOM-IXo7MKbGwTZIQPnfAeMxgYPS1Yp_lOAHOpHNXhlhteqAEZHb1C-nDgcvXbZ6qlhia_j0dNJJWnGNCe_w2VD8Av5Im3qX0KaeD2-514I7lilZUaz_llSSEwxyjnaMoaezidN9F5eLPEdZlFhl9co6iZOAPgV3qIX6MKbdm0QQt7q6hK7vEMeMFGQFiZfkW72Dc9fB3jisMf1v8APBIO7a_d4nF4_N1hnDWeLIHEwtJzWut0QtHqZouWNivxyWqBlf8CF7Ei0-v5L96IULmGHq0J9HJIuGaJZnNqaJm3AnVBfEfOERL33VZsM3wlaX_Fim6e_7TU3Q6_kNbnVE4BjXDutUG0zO-C06ZnGevR0METTqnFDY--yLHvPZQHlzlOKWJ7Exqqc-Sj6fJRsQbLnKwfWvi1wQDv7Y_rC5_Cp9d-3KYCVtxs8wmMix-1sYBqKwtJ2dbN5iO40JelthvwkMHNTFZ0JaON6FRf4Uy7xWzDbUHL-XOjWKInERjV3zCulFZGZT6QmnciGLJYYLlZvDkNLwPZjDslGHK9GqsmOXNYPYG8Q3seSp9r_JLGl-Noulp7w18hnoZx7QHGAnh3UZAsXl7XqFR39Cqqcvuhsy7roEOcXgjSNWyjVaV6mdxnh1iCLajRujJSHPajylUAn5aRCYmboUc2w1Dq1Qr4L_vU7txPEfbTo-RjLcqZzhH-BUHJEFS6bfbnmALBe3Iz_xvULFgDkf3vxwgakBA-o_WF9k5zEuk8c0lZn0yib6tR6ImFSYJTtw4jVNRpfEJVYXgZKIBQ1ku19oGxjJsOVHaSpnAxvkTdGMlqPMnidy3)
 1. Copy and paste the final UML into the UML Source section
 1. Update the img src and edit link target to the current values
 

docs/openapi/index.yaml

@@ -132,7 +132,7 @@ components:
         reportId: 
           type: number
           description: "id of the Activity report the file is associated with"
-        File:
+        file:
           type: string
           format: binary
           description: "File to be uploaded"

docs/openapi/paths/files.yaml

@@ -12,7 +12,7 @@ post:
           $ref: '../index.yaml#/components/schemas/fileUpload'
   responses:
     200:
-      description: One user by an id
+      description: Returns the id of the uploaded file
       content:
         application/json:
           schema:

docs/workflow_diagrams.md

@@ -0,0 +1,100 @@
+Workflow Diagrams
+=================
+
+Collection of various workflows and processes present in the TTA Smart Hub application.
+
+Account Creation
+----------------
+
+<img src="http://www.plantuml.com/plantuml/png/dP91JyCm38Nl_HNcjlq5Tc0W8OtpDkvMwgtMqcJ4piR-FKcAKPd4XLkL-dtlvSLhKKoQHzyzd1CUHuGiz4v9sQ5_Eq0CNPle7lT22Nmy2d202oDijg_RLSS7MBHV0qex0dGkvg1FIz210Ynk9CiEO0AmGAAU4pcb7ZJ2RlUysR_0bNMeIX8ffoSAgo8nTbNvw4xKtqCDEsPH40fzeNza4fsXuvaIQamL33bKa6LSDOHeF9SFyaBpsvY-o4SMuHW4XFJF27YhzTHsiEIuC5qXaOkfbohWz0k4tiVhP5zIVxl38iG9QJaiAD0dYygFjysPkOrn8MUD8xRtypTmYL2fhqxcKNERCH_-K-A05xglfJWOS2fqTg4vtz2Mk0KiaBO17AQjCiQw4FFelm00" alt="rendered account creation diagram">
+
+### UML Source
+
+```
+@startuml
+!pragma useVerticalIf on
+start
+:User logs in via HSES;
+if (User has HSES account?) then (yes)
+  :User is redirected to TTAHUB with access token;
+  if (User is locked?) then (yes)
+    :User must send request to TTAHUB operators to unlock account;
+    stop
+  elseif (User has TTAHUB permissions set?) then (yes)
+    :User may log in and view records their permissions allow;
+    end
+  else (no)
+    if (User account exists?) then (no)
+      :User account is automatically created;
+    else (yes)
+    endif
+    :User must send request to TTAHUB operators to have permissions set;
+  endif
+  stop
+else (no)
+  :User must request account creation within HSES;
+  stop
+@enduml
+```
+
+[Edit this diagram with plantuml.com](http://www.plantuml.com/plantuml/uml/dP91JyCm38Nl_HNcjlq5Tc0W8OtpDkvMwgtMqcJ4piR-FKcAKPd4XLkL-dtlvSLhKKoQHzyzd1CUHuGiz4v9sQ5_Eq0CNPle7lT22Nmy2d202oDijg_RLSS7MBHV0qex0dGkvg1FIz210Ynk9CiEO0AmGAAU4pcb7ZJ2RlUysR_0bNMeIX8ffoSAgo8nTbNvw4xKtqCDEsPH40fzeNza4fsXuvaIQamL33bKa6LSDOHeF9SFyaBpsvY-o4SMuHW4XFJF27YhzTHsiEIuC5qXaOkfbohWz0k4tiVhP5zIVxl38iG9QJaiAD0dYygFjysPkOrn8MUD8xRtypTmYL2fhqxcKNERCH_-K-A05xglfJWOS2fqTg4vtz2Mk0KiaBO17AQjCiQw4FFelm00)
+
+Account Termination
+-------------------
+
+<img src="http://www.plantuml.com/plantuml/png/XOynQeP048NxFSKhjKkQ49BYzm2f0XvWq56NpEx8pgxYxRCA5e64DCFmU7mVhxDCAPSWxdfSufKfu-sJDyyxYd423OEMcD-Tdz3qPo9a6QBpp2DyHD34o0j5FBy-OQJ3GBC-sffnH7EmjQuIWsuC4i7AANWphz4m9GteVsXOZFzNlVnf-j3XwnSacgYjupZwwPwvBrvgVaBlhY4hqhN-SRLTLqy9yWq0" alt="rendered account termination diagram">
+
+### UML Source
+
+```
+@startuml
+start
+repeat :Review user account;
+if (User last logged in more than 180 days ago?) then (yes)
+:Remove all permissions from User account;
+elseif (User last logged in more than 60 days ago?) then (yes)
+:Lock User account;
+else (no)
+endif
+repeat while (more accounts to review?)
+end
+@enduml
+```
+
+[Edit this diagram with plantuml.com](http://www.plantuml.com/plantuml/uml/XOynQeP048NxFSKhjKkQ49BYzm2f0XvWq56NpEx8pgxYxRCA5e64DCFmU7mVhxDCAPSWxdfSufKfu-sJDyyxYd423OEMcD-Tdz3qPo9a6QBpp2DyHD34o0j5FBy-OQJ3GBC-sffnH7EmjQuIWsuC4i7AANWphz4m9GteVsXOZFzNlVnf-j3XwnSacgYjupZwwPwvBrvgVaBlhY4hqhN-SRLTLqy9yWq0)
+
+
+Setting Permissions
+-------------------
+
+<img src="http://www.plantuml.com/plantuml/png/ZP11JWCn34NtESNVCRt2T44hRa3R0qIfPuZ8s60x86wF9niaLjrOzlzVxqi-cMVrlhKqbZIVIv7EZYrpNacXz5Nfsz0jZW_IhPfLuT0_EvaVKrqmtNQp6ZAkrpDUX5rpST7d0_oD6DCFsI41yuNyFycGerBlbLUu3FV9eD88esQDJ6wuU5wMFVCgvgJ7HCq84yk3t4Bi6XpHFwO4iT3e2XxVwvBc6pSfxmCsj7IA4V_v1G00" alt="setting access permissions diagram">
+
+### UML Source
+
+```
+@startuml
+start
+:Account manager reviews user permission request;
+if (User is a TTA Contractor?) then (yes)
+  :Set user permissions according to user's role on regional Staffing Roster;
+else (no)
+  :Set user permissions according to central or regional office role;
+endif
+:Unlock user;
+end
+@enduml
+```
+
+[Edit this diagram with plantuml.com](http://www.plantuml.com/plantuml/uml/ZP11JWCn34NtESNVCRt2T44hRa3R0qIfPuZ8s60x86wF9niaLjrOzlzVxqi-cMVrlhKqbZIVIv7EZYrpNacXz5Nfsz0jZW_IhPfLuT0_EvaVKrqmtNQp6ZAkrpDUX5rpST7d0_oD6DCFsI41yuNyFycGerBlbLUu3FV9eD88esQDJ6wuU5wMFVCgvgJ7HCq84yk3t4Bi6XpHFwO4iT3e2XxVwvBc6pSfxmCsj7IA4V_v1G00)
+
+--------------------------------------------------------------------------------
+
+### Instructions
+
+1. Edit each diagram using the relevant link
+1. Copy and paste the final UML into the UML Source section
+1. Update the img src and edit link target to the current values
+
+### Notes
+
+* See the help docs for [PlantUML Activity Diagrams](https://plantuml.com/activity-diagram-beta) for syntax help.

manifest.yml

@@ -6,9 +6,10 @@ applications:
     buildpacks:
       - nodejs_buildpack
     env:
-      AUTH_BASE: https://uat.hsesinfo.org
+      AUTH_BASE: ((AUTH_BASE))
       AUTH_CLIENT_ID: ((AUTH_CLIENT_ID))
       AUTH_CLIENT_SECRET: ((AUTH_CLIENT_SECRET))
+      LOG_JSON_FORMAT: "true"
       NEW_RELIC_APP_NAME: tta-smarthub-((env))
       NEW_RELIC_LICENSE_KEY: ((NEW_RELIC_LICENSE_KEY))
       NODE_ENV: production

src/lib/s3Uploader.js

@@ -1,14 +1,30 @@
 import { S3 } from 'aws-sdk';
 
-export const s3 = new S3({
-  accessKeyId: process.env.AWS_ACCESS_KEY_ID,
-  endpoint: process.env.S3_ENDPOINT,
-  secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY,
-  signatureVersion: 'v4',
-  s3ForcePathStyle: true,
-});
+let s3Config;
 
-export const verifyVersioning = async (bucket = process.env.bucket, s3Client = s3) => {
+let bucketName = process.env.S3_BUCKET;
+if (process.env.VCAP_SERVICES) {
+  const { credentials } = JSON.parse(process.env.VCAP_SERVICES).s3[0];
+  bucketName = credentials.bucket;
+  s3Config = {
+    accessKeyId: credentials.access_key_id,
+    endpoint: credentials.fips_endpoint,
+    secretAccessKey: credentials.secret_access_key,
+    signatureVersion: 'v4',
+    s3ForcePathStyle: true,
+  };
+} else {
+  s3Config = {
+    accessKeyId: process.env.AWS_ACCESS_KEY_ID,
+    endpoint: process.env.S3_ENDPOINT,
+    secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY,
+    signatureVersion: 'v4',
+    s3ForcePathStyle: true,
+  };
+}
+export const s3 = new S3(s3Config);
+
+export const verifyVersioning = async (bucket = bucketName, s3Client = s3) => {
   const versioningConfiguration = {
     MFADelete: 'Disabled',
     Status: 'Enabled',
@@ -30,12 +46,12 @@ export const verifyVersioning = async (bucket = process.env.bucket, s3Client = s
 const s3Uploader = async (buffer, name, type, s3Client = s3) => {
   const params = {
     Body: buffer,
-    Bucket: process.env.S3_BUCKET,
+    Bucket: bucketName,
     ContentType: type.mime,
     Key: name,
   };
   // Only check for versioning if not using Minio
-  if (process.env.LOCAL_DEV !== 'true') {
+  if (process.env.NODE_ENV === 'production') {
     await verifyVersioning();
   }
 

src/lib/s3Uploader.test.js

@@ -7,7 +7,7 @@ const mockData = {
 };
 
 // make sure we save to original value so we can restore it
-const oldEndpoint = process.env.LOCAL_DEV;
+const oldEnv = process.env.NODE_ENV;
 
 describe('s3Uploader.verifyVersioning', () => {
   let mockGet = jest.spyOn(s3, 'getBucketVersioning').mockImplementation(async () => mockData);
@@ -54,17 +54,17 @@ describe('s3Uploader', () => {
     mockGet.mockClear();
   });
   afterAll(() => {
-    process.env.LOCAL_DEV = oldEndpoint;
+    process.env.NODE_ENV = oldEnv;
   });
 
   it('Correctly Uploads the file', async () => {
-    process.env.LOCAL_DEV = 'true';
+    process.env.NODE_ENV = 'development';
     const got = await s3Uploader(buf, name, goodType);
     expect(mockGet.mock.calls.length).toBe(0);
     await expect(got).toBe(response);
   });
   it('Correctly Uploads the file and checks versioning', async () => {
-    process.env.LOCAL_DEV = 'false';
+    process.env.NODE_ENV = 'production';
     const got = await s3Uploader(buf, name, goodType);
     expect(mockGet.mock.calls.length).toBe(1);
     await expect(got).toBe(response);

src/migrations/20210121192644-add-attachment-type-to-files.js

@@ -9,6 +9,10 @@ module.exports = {
   },
 
   down: async (queryInterface) => {
-    await queryInterface.removeColumn('Files', 'attachmentType');
+    queryInterface.sequelize.transaction(async (t) => {
+      const query = 'DROP TYPE public."enum_Files_attachmentType";';
+      await queryInterface.removeColumn('Files', 'attachmentType', { transaction: t });
+      await queryInterface.sequelize.query(query, { transaction: t });
+    });
   },
 };

src/routes/files/handlers.js

@@ -1,7 +1,7 @@
 import { v4 as uuidv4 } from 'uuid';
 import * as fs from 'fs';
 import handleErrors from '../../lib/apiErrorHandler';
-import { sequelize, File } from '../../models';
+import { File } from '../../models';
 import s3Uploader from '../../lib/s3Uploader';
 
 const fileType = require('file-type');
@@ -31,9 +31,7 @@ export const createFileMetaData = async (
   };
   let file;
   try {
-    await sequelize.transaction(async (transaction) => {
-      file = await File.create(newFile, transaction);
-    });
+    file = await File.create(newFile);
     return file.dataValues;
   } catch (error) {
     return error;
@@ -43,9 +41,7 @@ export const createFileMetaData = async (
 export const updateStatus = async (fileId, fileStatus) => {
   let file;
   try {
-    await sequelize.transaction(async (transaction) => {
-      file = await File.update({ status: fileStatus }, { where: { id: fileId } }, transaction);
-    });
+    file = await File.update({ status: fileStatus }, { where: { id: fileId } });
     return file.dataValues;
   } catch (error) {
     return error;
@@ -64,11 +60,11 @@ export default async function uploadHandler(req, res) {
     let type;
 
     try {
-      if (!files.File) {
+      if (!files.file) {
         res.status(400).send({ error: 'file required' });
         return;
       }
-      const { path, originalFilename } = files.File[0];
+      const { path, originalFilename } = files.file[0];
       const { reportId, attachmentType } = fields;
       if (!reportId) {
         res.status(400).send({ error: 'reportId required' });
@@ -92,7 +88,6 @@ export default async function uploadHandler(req, res) {
       metadata = await createFileMetaData(originalFilename, fileName, reportId, attachmentType[0]);
     } catch (err) {
       await handleErrors(req, res, err, logContext);
-      res.status(500);
       return;
     }
     try {