@verii/server-credentialagent 1.0.0 → 1.0.1

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@verii/server-credentialagent",
-  "version": "1.0.0",
+  "version": "1.0.1",
   "description": "Credential Agent application",
   "main": "src/index.js",
   "repository": "https://github.com/LFDT-Verii/core",
@@ -40,31 +40,31 @@
     "@fastify/view": "^11.0.0",
     "@spencejs/spence-factories": "^0.10.2",
     "@spencejs/spence-mongo-repos": "^0.10.2",
-    "@verii/auth": "1.0.0",
-    "@verii/base-contract-io": "1.0.0",
-    "@verii/blockchain-functions": "1.0.0",
-    "@verii/common-fetchers": "1.0.0",
-    "@verii/common-functions": "1.0.0",
-    "@verii/common-schemas": "1.0.0",
-    "@verii/config": "1.0.0",
-    "@verii/contract-permissions": "1.0.0",
-    "@verii/crypto": "1.0.0",
-    "@verii/csv-parser": "1.0.0",
-    "@verii/db-kms": "1.0.0",
-    "@verii/did-doc": "1.0.0",
-    "@verii/fastify-plugins": "1.0.0",
-    "@verii/jwt": "1.0.0",
-    "@verii/metadata-registration": "1.0.0",
-    "@verii/organizations-registry": "1.0.0",
-    "@verii/request": "1.0.0",
-    "@verii/rest-queries": "1.0.0",
-    "@verii/server-provider": "1.0.0",
-    "@verii/spencer-mongo-extensions": "1.0.0",
-    "@verii/test-regexes": "1.0.0",
-    "@verii/validation": "1.0.0",
-    "@verii/vc-checks": "1.0.0",
-    "@verii/verii-issuing": "1.0.0",
-    "@verii/verii-verification": "1.0.0",
+    "@verii/auth": "1.0.1",
+    "@verii/base-contract-io": "1.0.1",
+    "@verii/blockchain-functions": "1.0.1",
+    "@verii/common-fetchers": "1.0.1",
+    "@verii/common-functions": "1.0.1",
+    "@verii/common-schemas": "1.0.1",
+    "@verii/config": "1.0.1",
+    "@verii/contract-permissions": "1.0.1",
+    "@verii/crypto": "1.0.1",
+    "@verii/csv-parser": "1.0.1",
+    "@verii/db-kms": "1.0.1",
+    "@verii/did-doc": "1.0.1",
+    "@verii/fastify-plugins": "1.0.1",
+    "@verii/jwt": "1.0.1",
+    "@verii/metadata-registration": "1.0.1",
+    "@verii/organizations-registry": "1.0.1",
+    "@verii/request": "1.0.1",
+    "@verii/rest-queries": "1.0.1",
+    "@verii/server-provider": "1.0.1",
+    "@verii/spencer-mongo-extensions": "1.0.1",
+    "@verii/test-regexes": "1.0.1",
+    "@verii/validation": "1.0.1",
+    "@verii/vc-checks": "1.0.1",
+    "@verii/verii-issuing": "1.0.1",
+    "@verii/verii-verification": "1.0.1",
     "ajv": "8.17.1",
     "canonicalize": "^2.1.0",
     "date-fns": "~3.6.0",
@@ -83,10 +83,10 @@
   },
   "devDependencies": {
     "@spencejs/spence-config": "0.10.2",
-    "@verii/endpoints-organizations-registrar": "1.0.0",
-    "@verii/sample-data": "1.0.0",
+    "@verii/endpoints-organizations-registrar": "1.0.1",
+    "@verii/sample-data": "1.0.1",
     "@verii/test-regexes": "0.5.0-build",
-    "@verii/tests-helpers": "1.0.0",
+    "@verii/tests-helpers": "1.0.1",
     "cheerio": "1.1.2",
     "dotenv": "16.6.1",
     "eslint": "8.57.1",
@@ -107,5 +107,5 @@
     "prettier": "2.8.8",
     "qs": "6.14.0"
   },
-  "gitHead": "cd16eb096562d76aed1a11a1adabcc34aa26324a"
+  "gitHead": "9d9c8078fa1081d2bbe4a0d489d1ac9eead80edb"
 }

package/src/controllers/operator/tenants/_tenantId/disclosures/schemas/update-agent-disclosure.schema.js

@@ -1,4 +1,3 @@
-const { omit } = require('lodash/fp');
 const newAgentDisclosureSchema = require('./new-agent-disclosure.schema.json');
 
 const updateAgentDisclosureSchema = {
@@ -7,7 +6,7 @@ const updateAgentDisclosureSchema = {
   title: 'update-agent-disclosure',
   description: 'Slightly modified from new-agent-disclosure',
   properties: {
-    ...omit(['feed'], newAgentDisclosureSchema.properties),
+    ...newAgentDisclosureSchema.properties,
     setIssuingDefault: {
       type: 'boolean',
     },

package/src/entities/disclosures/domains/errors.js

@@ -29,6 +29,7 @@ const DisclosureErrors = {
   PRESENTATION_DEFINITION_GROUP_IF_SUBMISSION_REQUIREMENTS:
     'presentationDefinition input_descriptors[*].group is required when submission_requirements are sent',
   ISSUING_FEED_NOT_SUPPORTED: 'Issuing feeds are not supported',
+  FEED_PROPERTY_CANNOT_BE_MODIFIED: 'feed property cannot be modified',
 };
 
 module.exports = { DisclosureErrors };

package/src/entities/disclosures/domains/validate-disclosure.js

@@ -29,7 +29,7 @@ const validateDisclosure = (
   validateVendorEndpoint(disclosure);
   validateCommercialEntity(disclosure, verifiedProfile);
   validatePresentationDefinition(disclosure);
-  validateFeed(disclosure);
+  validateFeed(disclosure, context);
 };
 
 module.exports = {

package/src/entities/disclosures/domains/validate-feed.js

@@ -2,15 +2,26 @@ const newError = require('http-errors');
 const { DisclosureErrors } = require('./errors');
 const { ConfigurationType } = require('./constants');
 
-const validateFeed = (disclosure) => {
+const validateFeed = (disclosure, context) => {
   const { configurationType, feed } = disclosure;
   if (configurationType === ConfigurationType.ISSUING && feed === true) {
     throw newError(400, DisclosureErrors.ISSUING_FEED_NOT_SUPPORTED, {
       errorCode: 'issuing_feed_not_supported',
     });
   }
+  if (
+    context.method === 'PUT' &&
+    isFeedModified(context.disclosure, disclosure)
+  ) {
+    throw newError(400, DisclosureErrors.FEED_PROPERTY_CANNOT_BE_MODIFIED, {
+      errorCode: 'feed_property_cannot_be_modified',
+    });
+  }
 };
 
+const isFeedModified = (existing, modified) =>
+  (!existing.feed && modified.feed) || (existing.feed && !modified.feed);
+
 module.exports = {
   validateFeed,
 };

package/test/operator/disclosures-controller-v0.8.test.js

@@ -2834,8 +2834,7 @@ describe('disclosures management', () => {
           await persistDisclosure({
             tenant,
             configurationType: ConfigurationType.INSPECTION,
-            identificationMethods: ['verifiable_presentation'],
-            vendorEndpoint: 'receive-applicant',
+            vendorEndpoint: VendorEndpoint.RECEIVE_CHECKED_CREDENTIALS,
           })
         );
         const response = await fastify.injectJson({
@@ -2867,8 +2866,7 @@ describe('disclosures management', () => {
           await persistDisclosure({
             tenant,
             configurationType: ConfigurationType.INSPECTION,
-            identificationMethods: ['verifiable_presentation'],
-            vendorEndpoint: 'receive-applicant',
+            vendorEndpoint: VendorEndpoint.RECEIVE_CHECKED_CREDENTIALS,
           })
         );
         const response = await fastify.injectJson({
@@ -2894,53 +2892,90 @@ describe('disclosures management', () => {
         );
       });
 
-      it('should 200 and update the disclosure with identificationMethods set to [verifiable_presentation]', async () => {
+      it('should 400 if the feed property is modified', async () => {
+        const disclosure = await persistDisclosure({
+          feed: true,
+          tenant,
+          configurationType: ConfigurationType.INSPECTION,
+          vendorEndpoint: VendorEndpoint.RECEIVE_CHECKED_CREDENTIALS,
+        });
         const updatePayload = _.flow(
           _.omit(['createdAt', 'updatedAt', '_id']),
-          _.set('identificationMethods', ['verifiable_presentation'])
-        )(disclosures.a);
+          _.set('description', 'new description'),
+          _.set('feed', false)
+        )(disclosure);
 
         const response = await fastify.injectJson({
           method: 'PUT',
-          url: `${disclosureUrl(tenant)}/${disclosures.a._id}`,
+          url: `${disclosureUrl(tenant)}/${disclosure._id}`,
+          payload: updatePayload,
+        });
+
+        expect(response.statusCode).toEqual(400);
+        expect(response.json).toEqual(
+          errorResponseMatcher({
+            error: 'Bad Request',
+            errorCode: 'feed_property_cannot_be_modified',
+            message: 'feed property cannot be modified',
+            statusCode: 400,
+          })
+        );
+      });
+
+      it('should 200 and update the disclosure', async () => {
+        const disclosure = await persistDisclosure({
+          tenant,
+          configurationType: ConfigurationType.INSPECTION,
+          vendorEndpoint: VendorEndpoint.RECEIVE_CHECKED_CREDENTIALS,
+        });
+
+        const updatePayload = _.flow(
+          _.omit(['createdAt', 'updatedAt', '_id']),
+          _.set('description', 'new description')
+        )(disclosure);
+
+        const response = await fastify.injectJson({
+          method: 'PUT',
+          url: `${disclosureUrl(tenant)}/${disclosure._id}`,
           payload: updatePayload,
         });
 
         expect(response.statusCode).toEqual(200);
         expect(response.json).toEqual({
+          ..._.omit(['_id'], disclosure),
           ...updatePayload,
+          id: disclosure._id,
           identificationMethods: ['verifiable_presentation'],
-          sendPushOnVerification: false,
           feed: false,
-          id: expect.stringMatching(OBJECT_ID_FORMAT),
-          createdAt: expect.stringMatching(ISO_DATETIME_FORMAT),
           updatedAt: expect.stringMatching(ISO_DATETIME_FORMAT),
         });
 
         const dbResult = await mongoDb()
           .collection('disclosures')
           .findOne({ _id: new ObjectId(response.json.id) });
-        expect(mongoify(dbResult)).toEqual({
-          ...updatePayload,
-          identificationMethods: ['verifiable_presentation'],
-          sendPushOnVerification: false,
-          _id: new ObjectId(response.json.id),
-          tenantId: new ObjectId(tenant._id),
-          deactivationDate: expect.any(Date),
-          createdAt: expect.any(Date),
-          updatedAt: expect.any(Date),
-        });
+        expect(mongoify(dbResult)).toEqual(
+          mongoify({
+            ...disclosure,
+            ...updatePayload,
+            tenantId: tenant._id,
+            feed: false,
+            identificationMethods: ['verifiable_presentation'],
+            updatedAt: expect.any(Date),
+          })
+        );
       });
 
-      it('should 200 and strip the feed property', async () => {
+      it('should 200 and update the feed disclosure', async () => {
         const disclosure = await persistDisclosure({
-          description: 'feedTrueTest',
-          feed: true,
           tenant,
+          feed: true,
+          configurationType: ConfigurationType.INSPECTION,
+          vendorEndpoint: VendorEndpoint.RECEIVE_CHECKED_CREDENTIALS,
         });
+
         const updatePayload = _.flow(
           _.omit(['createdAt', 'updatedAt', '_id']),
-          _.set('feed', false)
+          _.set('description', 'new description')
         )(disclosure);
 
         const response = await fastify.injectJson({
@@ -2951,29 +2986,25 @@ describe('disclosures management', () => {
 
         expect(response.statusCode).toEqual(200);
         expect(response.json).toEqual({
+          ..._.omit(['_id'], disclosure),
           ...updatePayload,
+          id: disclosure._id,
           identificationMethods: ['verifiable_presentation'],
-          sendPushOnVerification: false,
-          feed: true,
-          id: expect.stringMatching(OBJECT_ID_FORMAT),
-          createdAt: expect.stringMatching(ISO_DATETIME_FORMAT),
           updatedAt: expect.stringMatching(ISO_DATETIME_FORMAT),
         });
 
         const dbResult = await mongoDb()
           .collection('disclosures')
           .findOne({ _id: new ObjectId(response.json.id) });
-        expect(mongoify(dbResult)).toEqual({
-          ...updatePayload,
-          feed: true,
-          identificationMethods: ['verifiable_presentation'],
-          sendPushOnVerification: false,
-          _id: new ObjectId(response.json.id),
-          tenantId: new ObjectId(tenant._id),
-          deactivationDate: expect.any(Date),
-          createdAt: expect.any(Date),
-          updatedAt: expect.any(Date),
-        });
+        expect(mongoify(dbResult)).toEqual(
+          mongoify({
+            ...disclosure,
+            ...updatePayload,
+            tenantId: tenant._id,
+            identificationMethods: ['verifiable_presentation'],
+            updatedAt: expect.any(Date),
+          })
+        );
       });
     });
 
@@ -3157,6 +3188,7 @@ describe('disclosures management', () => {
         expect(mongoify(dbResult)).toEqual({
           ...updatePayload,
           identificationMethods: ['verifiable_presentation'],
+          feed: false,
           sendPushOnVerification: false,
           _id: new ObjectId(response.json.id),
           tenantId: new ObjectId(tenant._id),
@@ -3252,6 +3284,7 @@ describe('disclosures management', () => {
           ..._.omit(['_id'], payload),
           identificationMethods: ['verifiable_presentation'],
           sendPushOnVerification: false,
+          feed: false,
           _id: new ObjectId(response.json.id),
           tenantId: new ObjectId(tenant._id),
           types: [{ type: 'EmailV1.0' }, { type: 'PhoneV1.0' }],
@@ -3388,6 +3421,7 @@ describe('disclosures management', () => {
           ...updatePayload,
           identificationMethods: ['preauth'],
           sendPushOnVerification: false,
+          feed: false,
           _id: new ObjectId(response.json.id),
           tenantId: new ObjectId(tenant._id),
           deactivationDate: expect.any(Date),
@@ -3460,6 +3494,7 @@ describe('disclosures management', () => {
           .findOne({ _id: new ObjectId(disclosure._id) });
         expect(mongoify(updatedDisclosure)).toEqual({
           ...payload,
+          feed: false,
           _id: expect.any(ObjectId),
           tenantId: expect.any(ObjectId),
           identificationMethods: ['verifiable_presentation'],
@@ -3507,6 +3542,7 @@ describe('disclosures management', () => {
           .findOne({ _id: new ObjectId(disclosure._id) });
         expect(mongoify(updatedDisclosure)).toEqual({
           ...payload,
+          feed: false,
           _id: expect.any(ObjectId),
           tenantId: expect.any(ObjectId),
           identificationMethods: ['verifiable_presentation'],