Skip to content

Commit

Permalink
Merge branch 'main' into forms-960-idp-refactor
Browse files Browse the repository at this point in the history
  • Loading branch information
@usingtechnology
usingtechnology authored Feb 9, 2024
2 parents 48269b1 + 8a927a7 commit 958d0e8
Show file tree
Hide file tree
Showing 6 changed files with 434 additions and 44 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/on_pr_opened.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ jobs:
github_token: ${{ secrets.GITHUB_TOKEN }}
app_title: Common Hosted Forms - PR-${{ github.event.number }}
route_path: /pr-${{ github.event.number }}
app_contact: ${{ secrets.VITE_CONTACT }}
app_contact: ${{ vars.CHEFS_CONTACT }}

deploy-pr-dev:
name: Deploy Pull Request to Dev
Expand Down Expand Up @@ -67,4 +67,4 @@ jobs:
with:
header: release
message: |
Release ${{ github.sha }} deployed at <https://${{ env.ACRONYM }}-dev.apps.silver.devops.gov.bc.ca/pr-${{ github.event.number }}>
Release ${{ github.sha }} deployed at <https://${{ env.ACRONYM }}-dev.apps.silver.devops.gov.bc.ca/pr-${{ github.event.number }}>
74 changes: 71 additions & 3 deletions app/src/docs/v1.api-spec.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -171,6 +171,8 @@ paths:
$ref: '#/components/headers/RateLimit'
RateLimit-Policy:
$ref: '#/components/headers/RateLimit-Policy'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/UnauthorizedError'
'403':
Expand Down Expand Up @@ -212,6 +214,8 @@ paths:
$ref: '#/components/headers/RateLimit'
RateLimit-Policy:
$ref: '#/components/headers/RateLimit-Policy'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/UnauthorizedError'
'403':
Expand Down Expand Up @@ -247,6 +251,8 @@ paths:
$ref: '#/components/headers/RateLimit'
RateLimit-Policy:
$ref: '#/components/headers/RateLimit-Policy'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/UnauthorizedError'
'403':
Expand Down Expand Up @@ -275,6 +281,8 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/FormApiKey'
'400':
$ref: '#/components/responses/BadRequest'
'403':
$ref: '#/components/responses/Forbidden'
default:
Expand All @@ -298,6 +306,8 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/FormApiKey'
'400':
$ref: '#/components/responses/BadRequest'
'403':
$ref: '#/components/responses/Forbidden'
default:
Expand All @@ -317,6 +327,8 @@ paths:
responses:
'204':
description: OK
'400':
$ref: '#/components/responses/BadRequest'
'403':
$ref: '#/components/responses/Forbidden'
default:
Expand Down Expand Up @@ -414,6 +426,8 @@ paths:
type: array
items:
$ref: '#/components/schemas/FormSubmissionExport'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/UnauthorizedError'
'403':
Expand Down Expand Up @@ -466,6 +480,8 @@ paths:
type: array
items:
$ref: '#/components/schemas/FormSubmissionExport'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/UnauthorizedError'
'403':
Expand Down Expand Up @@ -526,10 +542,14 @@ paths:
$ref: '#/components/headers/RateLimit'
RateLimit-Policy:
$ref: '#/components/headers/RateLimit-Policy'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/UnauthorizedError'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
'429':
$ref: '#/components/responses/TooManyRequests'
default:
Expand Down Expand Up @@ -563,10 +583,14 @@ paths:
$ref: '#/components/headers/RateLimit'
RateLimit-Policy:
$ref: '#/components/headers/RateLimit-Policy'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/UnauthorizedError'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
'429':
$ref: '#/components/responses/TooManyRequests'
default:
Expand Down Expand Up @@ -599,6 +623,8 @@ paths:
$ref: '#/components/headers/RateLimit'
RateLimit-Policy:
$ref: '#/components/headers/RateLimit-Policy'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/UnauthorizedError'
'403':
Expand Down Expand Up @@ -643,10 +669,14 @@ paths:
$ref: '#/components/headers/RateLimit'
RateLimit-Policy:
$ref: '#/components/headers/RateLimit-Policy'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/UnauthorizedError'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
'429':
$ref: '#/components/responses/TooManyRequests'
default:
Expand Down Expand Up @@ -681,6 +711,8 @@ paths:
$ref: '#/components/headers/RateLimit'
RateLimit-Policy:
$ref: '#/components/headers/RateLimit-Policy'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/UnauthorizedError'
'403':
Expand Down Expand Up @@ -730,6 +762,8 @@ paths:
$ref: '#/components/headers/RateLimit'
RateLimit-Policy:
$ref: '#/components/headers/RateLimit-Policy'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/UnauthorizedError'
'403':
Expand Down Expand Up @@ -767,10 +801,14 @@ paths:
$ref: '#/components/headers/RateLimit'
RateLimit-Policy:
$ref: '#/components/headers/RateLimit-Policy'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/UnauthorizedError'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
'429':
$ref: '#/components/responses/TooManyRequests'
default:
Expand Down Expand Up @@ -812,10 +850,14 @@ paths:
$ref: '#/components/headers/RateLimit'
RateLimit-Policy:
$ref: '#/components/headers/RateLimit-Policy'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/UnauthorizedError'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
'429':
$ref: '#/components/responses/TooManyRequests'
default:
Expand Down Expand Up @@ -844,10 +886,14 @@ paths:
$ref: '#/components/headers/RateLimit'
RateLimit-Policy:
$ref: '#/components/headers/RateLimit-Policy'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/UnauthorizedError'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
'429':
$ref: '#/components/responses/TooManyRequests'
default:
Expand Down Expand Up @@ -881,10 +927,14 @@ paths:
$ref: '#/components/headers/RateLimit'
RateLimit-Policy:
$ref: '#/components/headers/RateLimit-Policy'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/UnauthorizedError'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
'429':
$ref: '#/components/responses/TooManyRequests'
default:
Expand Down Expand Up @@ -969,10 +1019,14 @@ paths:
$ref: '#/components/headers/RateLimit'
RateLimit-Policy:
$ref: '#/components/headers/RateLimit-Policy'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/UnauthorizedError'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
'429':
$ref: '#/components/responses/TooManyRequests'
default:
Expand Down Expand Up @@ -1011,10 +1065,14 @@ paths:
$ref: '#/components/headers/RateLimit'
RateLimit-Policy:
$ref: '#/components/headers/RateLimit-Policy'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/UnauthorizedError'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
'429':
$ref: '#/components/responses/TooManyRequests'
default:
Expand Down Expand Up @@ -1054,10 +1112,14 @@ paths:
$ref: '#/components/headers/RateLimit'
RateLimit-Policy:
$ref: '#/components/headers/RateLimit-Policy'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/UnauthorizedError'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
'429':
$ref: '#/components/responses/TooManyRequests'
default:
Expand Down Expand Up @@ -1106,10 +1168,14 @@ paths:
$ref: '#/components/headers/RateLimit'
RateLimit-Policy:
$ref: '#/components/headers/RateLimit-Policy'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/UnauthorizedError'
'403':
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
'429':
$ref: '#/components/responses/TooManyRequests'
default:
Expand Down Expand Up @@ -1321,6 +1387,8 @@ paths:
type: array
items:
$ref: '#/components/schemas/StatusCodes'
'400':
$ref: '#/components/responses/BadRequest'
'403':
$ref: '#/components/responses/Forbidden'
default:
Expand Down Expand Up @@ -3761,13 +3829,13 @@ components:
description: What type of problem, link to explanation of problem
title:
type: string
description: Title of problem, generally the Http Status Code description
description: Title of problem, generally the HTTP status code description
status:
type: string
description: The Http Status code
description: The HTTP status code
detail:
type: string
description: short description of why this problem was raised.
description: Short description of why this problem was raised
Role:
allOf:
- $ref: '#/components/schemas/RoleBasic'
Expand Down
92 changes: 92 additions & 0 deletions app/src/forms/auth/middleware/params.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,92 @@
const Problem = require('api-problem');
const uuid = require('uuid');

const formService = require('../../form/service');

/**
* Validates that the :formId route parameter exists and is a UUID.
*
* @param {*} _req the Express object representing the HTTP request - unused
* @param {*} _res the Express object representing the HTTP response - unused
* @param {*} next the Express chaining function
* @param {*} formId the :formId value from the route
*/
const validateFormId = async (_req, _res, next, formId) => {
try {
if (!uuid.validate(formId)) {
throw new Problem(400, {
detail: 'Bad formId',
});
}

next();
} catch (error) {
next(error);
}
};

/**
* Validates that the :formVersionDraftId route parameter exists and is a UUID.
* This validator requires that the :formId route parameter also exists.
*
* @param {*} req the Express object representing the HTTP request
* @param {*} _res the Express object representing the HTTP response - unused
* @param {*} next the Express chaining function
* @param {*} formVersionDraftId the :formVersionDraftId value from the route
*/
const validateFormVersionDraftId = async (req, _res, next, formVersionDraftId) => {
try {
if (!uuid.validate(formVersionDraftId)) {
throw new Problem(400, {
detail: 'Bad formVersionDraftId',
});
}

const formVersionDraft = await formService.readDraft(formVersionDraftId);
if (!formVersionDraft || formVersionDraft.formId !== req.params.formId) {
throw new Problem(404, {
detail: 'formVersionDraftId does not exist on this form',
});
}

next();
} catch (error) {
next(error);
}
};

/**
* Validates that the :formVersionId route parameter exists and is a UUID. This
* validator requires that the :formId route parameter also exists.
*
* @param {*} req the Express object representing the HTTP request
* @param {*} _res the Express object representing the HTTP response - unused
* @param {*} next the Express chaining function
* @param {*} formVersionId the :formVersionId value from the route
*/
const validateFormVersionId = async (req, _res, next, formVersionId) => {
try {
if (!uuid.validate(formVersionId)) {
throw new Problem(400, {
detail: 'Bad formVersionId',
});
}

const formVersion = await formService.readVersion(formVersionId);
if (!formVersion || formVersion.formId !== req.params.formId) {
throw new Problem(404, {
detail: 'formVersionId does not exist on this form',
});
}

next();
} catch (error) {
next(error);
}
};

module.exports = {
validateFormId,
validateFormVersionId,
validateFormVersionDraftId,
};
Loading

0 comments on commit 958d0e8

Please sign in to comment.