@w3-commons/js-build-resources 0.0.1-security → 1.0.4

package/settings-service/src/repo/settingsRepo.ts

@@ -0,0 +1,388 @@
+import { types } from 'dse-driver';
+import { toUpper } from 'lodash';
+import { QueryResults } from 'types/QueryResultsTypes';
+import { logger } from '../logger/logger';
+import {
+  AppSettingsConfigDBRow,
+  AppSettingsResponse,
+  BatchQuery,
+  DeprecatedValues,
+  FetchAndMapLanguagesArgs,
+  GetAllSettingsOptions,
+  UpdateAppSettingsArgs,
+  UserSettings,
+  UserSettingsDBRow,
+} from '../types/settingsRepoTypes';
+import { getUnifiedProfile } from '../unified-profile/unifiedProfileUtils';
+import { reverseMapFullNameToIsoCode } from '../util/isocodeMapper';
+import languages from '../util/languages';
+import { cassandraDBHelpers } from './cassandraDBHelpers';
+import * as srq from './settingsRepoQueries';
+
+export interface SettingsRepo {
+  getUserSettings(userId: string, appId: string): Promise<UserSettings>;
+
+  updateUserSettings(
+    userId: string,
+    appId: string,
+    settingName: string,
+    settingValue: string,
+  ): Promise<boolean>;
+
+  deleteUserSettings(userId: string): Promise<boolean>;
+
+  getAppSettings(appId: string, settingName: string | undefined): Promise<AppSettingsResponse>;
+
+  updateAppSettings(updateAppSettingsArgs: UpdateAppSettingsArgs): Promise<boolean>;
+
+  deleteAppSettings(appId: string, settingName: string): Promise<boolean>;
+
+  checkValueIsValidOption(updateValue: string[], optionsArray: string[]): boolean;
+
+  fetchAndMapLanguageValues(fetchAndMapLanguagesArgs: FetchAndMapLanguagesArgs): Promise<UserSettings>;
+
+  transformAndUpdateDeprecatedValues(deprecatedValues: DeprecatedValues, dbRow: UserSettingsDBRow): string;
+
+  getAllSettings(options: GetAllSettingsOptions): Promise<QueryResults>;
+}
+
+export class SettingsRepoCassandra implements SettingsRepo {
+  public async getUserSettings(userId: string, appId: string): Promise<UserSettings> {
+    const filter: AppSettingsResponse = await this.getAppSettings(appId, undefined);
+
+    return cassandraDBHelpers
+      .execute(srq.fetchUserSettingsDataQuery, [toUpper(userId), appId], { prepare: true })
+      .then(async (results: types.ResultSet) => {
+        const response: types.Row[] = results.rows;
+        logger.debug(
+          `${SettingsRepoCassandra.name} | ${this.getUserSettings.name}() | List size of userSettings :: ${response.length}`,
+        );
+
+        const result: UserSettings = {};
+
+        for (const row of response) {
+          const retrievedSettingName = row.setting_name;
+          if (retrievedSettingName in filter) {
+            const deprecatedValues = filter[retrievedSettingName].deprecated_values;
+            const retrievedSettingValue = deprecatedValues
+              ? this.transformAndUpdateDeprecatedValues(deprecatedValues, row as unknown as UserSettingsDBRow)
+              : row.setting_value;
+            if (
+              retrievedSettingName != null &&
+              this.checkValueIsValidOption(
+                retrievedSettingValue?.split(','),
+                filter[retrievedSettingName].options,
+              )
+            ) {
+              result[retrievedSettingName] =
+                filter[retrievedSettingName].setting_type === 'array'
+                  ? retrievedSettingValue?.split(',')
+                  : retrievedSettingValue;
+            }
+          }
+        }
+
+        if (appId === 'general') {
+          const updatedLanguageValues = await this.fetchAndMapLanguageValues({
+            userId,
+            appId,
+            result,
+            filter,
+            settingsDBRows: response as unknown as UserSettingsDBRow[],
+          });
+          result.secondaryLanguages = result.secondaryLanguages
+            ? result.secondaryLanguages
+            : updatedLanguageValues.secondaryLanguages;
+          result.primaryLanguage = result.primaryLanguage
+            ? result.primaryLanguage
+            : updatedLanguageValues.primaryLanguage;
+        }
+        for (const setting in filter) {
+          if (!result[setting]) {
+            result[setting] = filter[setting].default || null;
+            if (filter[setting].setting_type === 'array' && !result[setting]) {
+              result[setting] = [];
+            }
+          }
+        }
+        return result;
+      })
+      .catch((error) => {
+        logger.error(
+          `${SettingsRepoCassandra.name} | ${this.getUserSettings.name}() | Error while reading userSettings ${error}`,
+        );
+        throw Error(`Error while reading getUserSettings`);
+      });
+  }
+
+  public async updateUserSettings(
+    userId: string,
+    appId: string,
+    settingName: string,
+    settingValue: string,
+  ): Promise<boolean> {
+    const batchQueries: BatchQuery[] = [];
+    batchQueries.push(
+      {
+        query: srq.updateUserSettingsDataQuery,
+        params: [settingValue, userId, appId, settingName],
+      },
+      {
+        query: srq.updateUserSettingsByAppQuery,
+        params: [settingValue, appId, settingName, userId],
+      },
+    );
+    await cassandraDBHelpers.batch(batchQueries);
+    return true;
+  }
+
+  public async deleteUserSettings(userId: string): Promise<boolean> {
+    const settings = await cassandraDBHelpers.execute(srq.fetchUserSettingsById, [userId], { prepare: true });
+    const batchQueries: BatchQuery[] = [];
+    batchQueries.push({
+      query: srq.deleteUserSettingsDataQuery,
+      params: [userId],
+    });
+    settings.rows.forEach((row: types.Row) => {
+      batchQueries.push({
+        query: srq.deleteUserSettingsByAppQuery,
+        params: [row.app_id, row.setting_name, userId],
+      });
+    });
+    await cassandraDBHelpers.batch(batchQueries);
+
+    return true;
+  }
+
+  public async getAppSettings(appId: string, settingName: string | undefined): Promise<AppSettingsResponse> {
+    let query = srq.fetchAppSettingsDataQuery;
+    let params = [appId];
+
+    if (settingName) {
+      query = srq.fetchSingleAppSettingsDataQuery;
+      params = [appId, settingName];
+    }
+    return cassandraDBHelpers
+      .execute(query, params, { prepare: true })
+      .then((results: types.ResultSet) => {
+        const response: AppSettingsConfigDBRow[] = results.rows as unknown as AppSettingsConfigDBRow[];
+        logger.debug(
+          `${SettingsRepoCassandra.name} | ${this.getAppSettings.name}() | List size of appSettings :: ${response.length}`,
+        );
+        const result = {};
+        for (const row of response) {
+          if (row.setting_name) {
+            result[row.setting_name] = {
+              default: row.setting_default,
+              options: row.setting_options,
+            };
+            if (row.setting_type) {
+              result[row.setting_name].setting_type = row.setting_type;
+            }
+            if (row.deprecated_values) {
+              result[row.setting_name].deprecated_values = JSON.parse(row.deprecated_values);
+            }
+          }
+        }
+        return result;
+      })
+      .catch((error) => {
+        logger.error(
+          `${SettingsRepoCassandra.name} | ${this.getAppSettings.name}() | Error while reading appSettings ${error}`,
+        );
+        throw Error(`Error while reading getAppSettings`);
+      });
+  }
+
+  public async updateAppSettings({
+    appId,
+    settingName,
+    settingDefault,
+    settingOptions,
+    settingType,
+    deprecatedValues,
+  }: UpdateAppSettingsArgs): Promise<boolean> {
+    return cassandraDBHelpers
+      .execute(
+        srq.updateAppSettingsDataQuery,
+        [
+          settingDefault ?? null,
+          settingOptions,
+          settingType ?? null,
+          deprecatedValues ?? null,
+          appId,
+          settingName,
+        ],
+        { prepare: true },
+      )
+      .then(() => {
+        logger.debug(
+          `${SettingsRepoCassandra.name} | ${this.updateAppSettings.name}() | Success updating AppSettings`,
+        );
+        return true;
+      })
+      .catch((error) => {
+        logger.error(
+          `${SettingsRepoCassandra.name} | ${this.updateAppSettings.name}() | Error while updating appSettings ${error}`,
+        );
+        throw Error(`Error while updating AppSettings`);
+      });
+  }
+
+  public async deleteAppSettings(appId: string, settingName: string): Promise<boolean> {
+    return cassandraDBHelpers
+      .execute(srq.deleteAppSettingsDataQuery, [appId, settingName], { prepare: true })
+      .then(() => {
+        logger.debug(
+          `${SettingsRepoCassandra.name} | ${this.deleteAppSettings.name}() | Success deleted app settings`,
+        );
+        return true;
+      })
+      .catch((error) => {
+        logger.error(
+          `${SettingsRepoCassandra.name} | ${this.deleteAppSettings.name}() | Error while deleting appSettings ${error}`,
+        );
+        throw Error(`Error while deleting AppSettings`);
+      });
+  }
+
+  public checkValueIsValidOption(updatedValue: string[], optionsArray: string[]): boolean {
+    if (Array.isArray(updatedValue)) {
+      for (const eachValue of updatedValue) {
+        if (!optionsArray.includes(eachValue)) {
+          return false;
+        }
+      }
+    } else if (!optionsArray.includes(updatedValue)) {
+      return false;
+    }
+    return true;
+  }
+
+  public async fetchAndMapLanguageValues({
+    userId,
+    appId,
+    result,
+    filter,
+    settingsDBRows,
+  }: FetchAndMapLanguagesArgs): Promise<UserSettings> {
+    const updatedLanguageSettings: UserSettings = {};
+    // check if they have ever had a secondary languages value set
+    const hasSecondaryLanguagesRow = settingsDBRows.some(
+      (row: UserSettingsDBRow) => row.setting_name === 'secondaryLanguages',
+    );
+
+    if (!result.primaryLanguage || (!result.secondaryLanguages && !hasSecondaryLanguagesRow)) {
+      const profile = await getUnifiedProfile(userId);
+
+      if (profile && profile.content) {
+        if (!result.primaryLanguage) {
+          if (profile.content.languages && profile.content.languages.length === 1) {
+            updatedLanguageSettings.primaryLanguage = reverseMapFullNameToIsoCode(
+              profile.content.languages[0],
+              languages,
+            );
+          }
+          if (profile.content.preferredLanguage && !result.primaryLanguage) {
+            updatedLanguageSettings.primaryLanguage = reverseMapFullNameToIsoCode(
+              profile.content.preferredLanguage,
+              languages,
+            );
+          }
+          // If valid primaryLanguage then, Store UP language as the primaryLanguage in user settings.
+          // Else store the default language as pre-configured in app_config
+          if (updatedLanguageSettings.primaryLanguage) {
+            await this.updateUserSettings(
+              userId,
+              appId,
+              'primaryLanguage',
+              updatedLanguageSettings.primaryLanguage as string,
+            );
+            logger.info(
+              `${SettingsRepoCassandra.name} | ${this.getUserSettings.name}() | Persisted UP primaryLanguage to user settings`,
+            );
+          } else {
+            if (filter.primaryLanguage.default) {
+              await this.updateUserSettings(userId, appId, 'primaryLanguage', filter.primaryLanguage.default);
+            }
+            logger.info(
+              `${SettingsRepoCassandra.name} | ${this.fetchAndMapLanguageValues.name}() | Persisted default primaryLanguage to user settings`,
+            );
+          }
+        }
+
+        if (!result.secondaryLanguages) {
+          if (profile.content.languages && profile.content.languages.length > 1) {
+            let secondaryLanguagesArray = profile.content.languages.map((language: string) => {
+              return reverseMapFullNameToIsoCode(language, languages);
+            });
+            secondaryLanguagesArray = result.primaryLanguage
+              ? secondaryLanguagesArray.filter((language: string) => language !== result.primaryLanguage)
+              : secondaryLanguagesArray.filter(
+                  (language: string) => language !== filter.primaryLanguage.default,
+                );
+            updatedLanguageSettings.secondaryLanguages = secondaryLanguagesArray;
+          }
+          // If valid secondaryLanguages then, Store UP secondaryLanguages as the secondaryLanguages value in user settings.
+          // Else store an empty string so we don't make the same call again
+          if (updatedLanguageSettings.secondaryLanguages) {
+            await this.updateUserSettings(
+              userId,
+              appId,
+              'secondaryLanguages',
+              (updatedLanguageSettings.secondaryLanguages as string[]).join(','),
+            );
+            logger.info(
+              `${SettingsRepoCassandra.name} | ${this.fetchAndMapLanguageValues.name}() | Persisted UP secondaryLanguages to user settings`,
+            );
+          } else {
+            await this.updateUserSettings(userId, appId, 'secondaryLanguages', '');
+            logger.info(
+              `${SettingsRepoCassandra.name} | ${this.fetchAndMapLanguageValues.name}() | Persisted placeholder for secondaryLanguages to user settings`,
+            );
+            updatedLanguageSettings.secondaryLanguages = [];
+          }
+        }
+        /* eslint-enable no-param-reassign */
+      }
+    }
+    return updatedLanguageSettings;
+  }
+
+  public transformAndUpdateDeprecatedValues(
+    deprecatedValues: DeprecatedValues,
+    dbRow: UserSettingsDBRow,
+  ): string {
+    let updateFlag = false;
+    const updatedValue = dbRow.setting_value?.split(',')
+      .map((value: string) => {
+        if (deprecatedValues[value]) {
+          updateFlag = true;
+          return deprecatedValues[value];
+        }
+        return value;
+      })
+      .join(',');
+
+    if (updateFlag) {
+      logger.debug(
+        `${SettingsRepoCassandra.name} | ${this.transformAndUpdateDeprecatedValues.name}() | Updating deprecated user setting values`,
+      );
+      this.updateUserSettings(dbRow.user_id, dbRow.app_id, dbRow.setting_name, updatedValue);
+    }
+    return updatedValue;
+  }
+
+  public async getAllSettings(options: GetAllSettingsOptions): Promise<QueryResults> {
+    const { pageState = '', settingName, fetchSize = 500, appId }: GetAllSettingsOptions = options;
+    if (appId) {
+      return settingName
+        ? cassandraDBHelpers.paginate(srq.allUserSettingsBySettingNameQuery, [appId, settingName], {
+            pageState,
+            fetchSize,
+          })
+        : cassandraDBHelpers.paginate(srq.allUserSettingsByAppIdQuery, [appId], { pageState, fetchSize });
+    }
+    return cassandraDBHelpers.paginate(srq.allUserSettingsQuery, [], { pageState, fetchSize });
+  }
+}

package/settings-service/src/repo/settingsRepoFactory.ts

@@ -0,0 +1,10 @@
+import { SettingsRepoCassandra } from './settingsRepo';
+
+export class SettingsRepoFactory {
+  private static singleton: SettingsRepoCassandra;
+
+  static accessOrCreateSingleton(): SettingsRepoCassandra {
+    this.singleton = this.singleton || new SettingsRepoCassandra();
+    return this.singleton;
+  }
+}

package/settings-service/src/repo/settingsRepoQueries.ts

@@ -0,0 +1,62 @@
+export const fetchUserSettingsDataQuery = `
+  SELECT * 
+    FROM user_settings 
+   WHERE user_id = ? AND app_id = ?
+`;
+export const updateUserSettingsDataQuery = `
+  UPDATE user_settings 
+     SET setting_value = ? 
+   WHERE user_id = ? AND app_id = ? AND setting_name = ?
+`;
+export const deleteUserSettingsDataQuery = `
+  DELETE FROM user_settings 
+   WHERE user_id = ?
+`;
+export const fetchAppSettingsDataQuery = `
+  SELECT * 
+    FROM app_settings_config 
+   WHERE app_id = ? 
+   ORDER BY setting_name ASC
+`;
+export const fetchSingleAppSettingsDataQuery = `
+  SELECT * 
+    FROM app_settings_config 
+   WHERE app_id = ? and setting_name = ?
+`;
+export const updateAppSettingsDataQuery = `
+  UPDATE app_settings_config 
+     SET setting_default = ?, setting_options = ?, setting_type = ? , deprecated_values = ? 
+   WHERE app_id = ? AND setting_name = ?
+`;
+export const deleteAppSettingsDataQuery = `
+  DELETE FROM app_settings_config 
+   WHERE app_id = ? AND setting_name = ?
+`;
+export const updateUserSettingsByAppQuery = `
+  UPDATE user_settings_by_app 
+     SET setting_value = ? 
+   WHERE app_id = ? AND setting_name = ? AND user_id = ?
+`;
+export const deleteUserSettingsByAppQuery = `
+  DELETE FROM user_settings_by_app 
+   WHERE app_id = ? AND setting_name = ? AND user_id = ?
+`;
+export const fetchUserSettingsById = `
+  SELECT * 
+    FROM user_settings 
+   WHERE user_id = ?
+`;
+export const allUserSettingsQuery = `
+  SELECT * 
+    FROM user_settings
+`;
+export const allUserSettingsBySettingNameQuery = `
+  SELECT * 
+    FROM user_settings_by_app 
+   WHERE app_id = ? AND setting_name = ?
+`;
+export const allUserSettingsByAppIdQuery = `
+  SELECT * 
+    FROM user_settings_by_app 
+   WHERE app_id = ?
+`;

package/settings-service/src/routes/apiKeyRoutes.ts

@@ -0,0 +1,27 @@
+import restify from 'restify';
+import { fetchApiKey, postApiKey, putApiKey } from '../controller/ApiKeyController';
+import { AuthenticationMiddleware } from '../middleware/AuthenticationMiddleware';
+
+export default function apiKeyRoutes(server: restify.Server): void {
+  server.get(
+    AuthenticationMiddleware.apiKeyPath,
+    AuthenticationMiddleware.checkPreAuthentication,
+    AuthenticationMiddleware.checkAuthentication,
+    AuthenticationMiddleware.checkPostAuthentication,
+    fetchApiKey,
+  );
+  server.post(
+    AuthenticationMiddleware.apiKeyPath,
+    AuthenticationMiddleware.checkPreAuthentication,
+    AuthenticationMiddleware.checkAuthentication,
+    AuthenticationMiddleware.checkPostAuthentication,
+    postApiKey,
+  );
+  server.put(
+    AuthenticationMiddleware.apiKeyPath,
+    AuthenticationMiddleware.checkPreAuthentication,
+    AuthenticationMiddleware.checkAuthentication,
+    AuthenticationMiddleware.checkPostAuthentication,
+    putApiKey,
+  );
+}

package/settings-service/src/routes/appSettingsRoutes.ts

@@ -0,0 +1,30 @@
+import restify from 'restify';
+import { deleteAppSettings, getAppSettings, postAppSettings } from '../controller/AppSettingsController';
+import { AuthenticationMiddleware } from '../middleware/AuthenticationMiddleware';
+
+export default function appSettingsRoutes(server: restify.Server): void {
+  server.get(
+    AuthenticationMiddleware.allAppSettingsPath,
+    AuthenticationMiddleware.checkPreAuthentication,
+    AuthenticationMiddleware.checkAuthentication,
+    getAppSettings,
+  );
+  server.get(
+    AuthenticationMiddleware.singleAppSettingPath,
+    AuthenticationMiddleware.checkPreAuthentication,
+    AuthenticationMiddleware.checkAuthentication,
+    getAppSettings,
+  );
+  server.post(
+    AuthenticationMiddleware.singleAppSettingPath,
+    AuthenticationMiddleware.checkPreAuthentication,
+    AuthenticationMiddleware.checkAuthentication,
+    postAppSettings,
+  );
+  server.del(
+    AuthenticationMiddleware.singleAppSettingPath,
+    AuthenticationMiddleware.checkPreAuthentication,
+    AuthenticationMiddleware.checkAuthentication,
+    deleteAppSettings,
+  );
+}

package/settings-service/src/routes/healthCheck.ts

@@ -0,0 +1,10 @@
+import restify from 'restify';
+import { logger } from '../logger/logger';
+
+export default function healthCheck(server: restify.Server): void {
+  server.get('/health/ping', (req, res, next) => {
+    logger.debug('Health check service pinged...');
+    res.send('OK');
+    next();
+  });
+}

package/settings-service/src/routes/swagger.ts

@@ -0,0 +1,8 @@
+import restify from 'restify';
+import swaggerUiRestify from 'swagger-ui-restify';
+import swaggerJson from '../swagger.json';
+
+export default function swagger(server: restify.Server): void {
+  server.get('/:', swaggerUiRestify.serveFiles(swaggerJson));
+  server.get('/', swaggerUiRestify.setup(swaggerJson));
+}

package/settings-service/src/routes/userSettingsRoutes.ts

@@ -0,0 +1,30 @@
+import restify from 'restify';
+import {
+  deleteUserSettings,
+  getAllSettings,
+  getUserSettings,
+  postUserSettings,
+} from '../controller/UserSettingsController';
+import { AuthenticationMiddleware } from '../middleware/AuthenticationMiddleware';
+
+export default function userSettingsRoutes(server: restify.Server): void {
+  server.get(AuthenticationMiddleware.settingsPath, getUserSettings);
+  server.post(
+    AuthenticationMiddleware.settingsPath,
+    AuthenticationMiddleware.checkPreAuthentication,
+    AuthenticationMiddleware.checkAuthentication,
+    postUserSettings,
+  );
+  server.get(
+    AuthenticationMiddleware.allSettingsPath,
+    AuthenticationMiddleware.checkPreAuthentication,
+    AuthenticationMiddleware.checkAuthentication,
+    getAllSettings,
+  );
+  server.del(
+    AuthenticationMiddleware.deleteSettingsPath,
+    AuthenticationMiddleware.checkPreAuthentication,
+    AuthenticationMiddleware.checkAuthentication,
+    deleteUserSettings,
+  );
+}

package/settings-service/src/server.ts

@@ -0,0 +1,77 @@
+import dotenv from 'dotenv';
+import restify from 'restify';
+import corsMiddleware from 'restify-cors-middleware';
+import { settings } from './config/config';
+import { logger } from './logger/logger';
+import apiKeyRoutes from './routes/apiKeyRoutes';
+import appSettingsRoutes from './routes/appSettingsRoutes';
+import healthCheck from './routes/healthCheck';
+import swagger from './routes/swagger';
+import userSettingsRoutes from './routes/userSettingsRoutes';
+import { downloadCassandra } from './util/downloadCassandra';
+
+dotenv.config();
+
+const cors = corsMiddleware({
+  preflightMaxAge: 5,
+  credentials: true,
+  origins: [
+    /^https?:\/\/localhost(:[\d]+)?$/,
+    /^https?:\/\/.+\.ibm\.com$/,
+    /^https?:\/\/.+\.ibm\.com(:[\d]+)$/,
+  ],
+  allowHeaders: [
+    'X-Requested-With',
+    'Accept-Language',
+    'Content-Language',
+    'Last-Event-ID',
+    'X-HTTP-Method-Override',
+    'access-control-allow-origin',
+    'withcredentials',
+    'Origin',
+    'Authorization',
+    'Content-Type',
+    'Accept',
+    'Accept-Encoding',
+    'Access-Control-Allow-Credentials',
+    'Access-Control-Request-Method',
+    'Access-Control-Request-Headers',
+    'X-Up-Token',
+    'nextgen_sso',
+  ],
+  exposeHeaders: ['API-Token-Expiry', 'Access-Control-Allow-Credentials'],
+});
+function initRoutes(server: restify.Server): void {
+  healthCheck(server);
+  swagger(server);
+  userSettingsRoutes(server);
+  appSettingsRoutes(server);
+  apiKeyRoutes(server);
+}
+
+function initServer(server: restify.Server): restify.Server {
+  server.use(restify.plugins.queryParser());
+  server.use(restify.plugins.bodyParser());
+  server.pre(cors.preflight);
+  server.use(cors.actual);
+  return server;
+}
+
+function getServer(): restify.Server {
+  const myServer = restify.createServer();
+  return myServer;
+}
+
+async function run(): Promise<void> {
+  const server = getServer();
+  await downloadCassandra();
+  initServer(server);
+  initRoutes(server);
+
+  server.listen(settings.apiPort, async () => {
+    logger.info(`Server is up and is listening on port: ${settings.apiPort}`);
+    logger.info(`Server: http://localhost:${settings.apiPort}`);
+  });
+}
+
+run();