Add Public attestation endpoints

jest.config.js

@@ -2,6 +2,11 @@ module.exports ={
     preset: "ts-jest",
     testEnvironment : "node",
     testMatch : ["**/**/*test.ts"],
+    coveragePathIgnorePatterns: [
+      "<rootDir>/src/app/app.ts",
+      "<rootDir>/src/app/server.ts",
+      "<rootDir>/src/app/utils/utils.ts",
+    ],
     verbose: true,
     forceExit: true,
     testTimeout  : 50000,

openapi/PublicProjects.yaml

@@ -0,0 +1,91 @@
+openapi: 3.0.0
+info:
+  title: Public Projects API
+  version: 1.0.0
+paths:
+  /public/projects:
+    get:
+      summary: View all projects
+      responses:
+        '200':
+          description: List of all public projects
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  $ref: './schemas/Response/ProjectResponse.yaml'
+  /public/projects/{projectId}:
+    get:
+      summary: Public Project Overview
+      parameters:
+        - in: path
+          name: projectId
+          required: true
+          schema:
+            type: string
+            format: uuid
+      responses:
+        '200':
+          description: Project details with history and events
+          content:
+            application/json:
+              schema:
+                type: object
+                properties:
+                  projectDetails:
+                    $ref: './schemas/Response/ProjectResponse.yaml'
+                  events:
+                    type: array
+                    items:
+                      oneOf:
+                        - $ref: './schemas/Response/EventResponse.yaml'
+                        - $ref: './schemas/Response/ProjectDiffResponse.yaml'
+        '404':
+          description: Project ID not found
+  /public/projects/{projectId}/events:
+    get:
+      summary: View all Events on a public project
+      parameters:
+        - in: path
+          name: projectId
+          required: true
+          schema:
+            type: string
+            format: uuid
+      responses:
+        '200':
+          description: List of events for the project
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  $ref: './schemas/Response/EventResponse.yaml'
+        '404':
+          description: Project ID not found
+  /public/projects/{projectId}/events/{eventId}:
+    get:
+      summary: View Single Event on a public project
+      parameters:
+        - in: path
+          name: projectId
+          required: true
+          schema:
+            type: string
+            format: uuid
+        - in: path
+          name: eventId
+          required: true
+          schema:
+            type: string
+            format: uuid
+      responses:
+        '200':
+          description: Event details
+          content:
+            application/json:
+              schema:
+                $ref: './schemas/Response/EventResponse.yaml'
+        '404':
+          description: Project ID or Event ID not found

openapi/projects.yaml

@@ -1,6 +1,6 @@
 openapi: 3.0.0
 info:
-  title: Project Collaborators API
+  title: Projects API
   version: 1.0.0
 tags:
   - name: projectCollaborators_other

openapi/schemas/Request/ProjectRequest.yaml

@@ -8,6 +8,11 @@ properties:
     type: string
     maxLength: 1024
     pattern: '^\S(.*\S)?$'
+  public:
+    type: boolean
+    # Default value is false
+    default: false
+    description: Can only make projects public on creation, once project is public it cannot be made private
   projectStatus:
     type: string
     enum:

openapi/schemas/Response/ProjectResponse.yaml

@@ -25,9 +25,13 @@ properties:
     type: array
     items:
       $ref: './ProjectCollaborator.yaml'    
+  public:
+    type: boolean
+
 required:
   - projectId
   - startedDate
   - projectName
   - projectStatus
   - ProjectCollaborators
+  - public

redocly.yaml

@@ -2,16 +2,20 @@ apis:
   applications:
     root: ./openapi/applications.yaml
     x-openapi-ts:
-      output: .\src\app\models\openapi\applications.ts
+      output: ./src/app/models/openapi/applications.ts
   authentication:
     root: ./openapi/authentication.yaml
     x-openapi-ts:
-      output: .\src\app\models\openapi\authentication.ts
+      output: ./src/app/models/openapi/authentication.ts
   collaborators:
     root: ./openapi/collaborators.yaml
     x-openapi-ts:
-      output: .\src\app\models\openapi\collaborators.ts
+      output: ./src/app/models/openapi/collaborators.ts
   projects:
     root: ./openapi/projects.yaml
     x-openapi-ts:
-      output: .\src\app\models\openapi\projects.ts
+      output: ./src/app/models/openapi/projects.ts
+  publicProjects:
+    root: ./openapi/PublicProjects.yaml
+    x-openapi-ts:
+      output: ./src/app/models/openapi/PublicProjects.ts

src/app/app.ts

@@ -7,14 +7,18 @@ import { ApplicationRouter } from "./routes/applicationsRouter";
 import { authenticationRouter } from "./routes/AuthenticationRouter";
 import { collaboratorsRouter } from "./routes/CollaboratorsRouter";
 import { ProjectEventRouter } from "./routes/ProjectsEventsRouter";
+import { PublicProjectsRouter } from "./routes/publicProjectsRouter";
 
 export const app = express();
 
-app.use(morgan("dev"));
+if (process.env.NODE_ENV !== 'test') {
+  app.use(morgan("dev"));
+}
 app.use(express.json());
 
 app.use("/user", authenticationRouter);
 app.use("/projects", ProjectEventRouter);
+app.use("/public/projects", PublicProjectsRouter);
 app.use("/collaborators", collaboratorsRouter);
 app.use("/app", ApplicationRouter);
 

src/app/errors/errors.ts

@@ -37,12 +37,6 @@ export class UserInputError extends HttpError {
   }
 }
 
-export class NotImplimentedError extends HttpError {
-  constructor(message: string) {
-    super(501, message);
-  }
-}
-
 export class MethodNotAllowedError extends HttpError {
   constructor(message: string) {
     super(405, message);

src/app/models/database/project.ts

@@ -2,7 +2,7 @@
 
 import mongoose, { HydratedDocument, Model, model, Schema } from "mongoose";
 
-import { ServerError } from "../../errors/errors";
+import { ServerError, UserInputError } from "../../errors/errors";
 import {
   EventResponse,
   ProjectCollaborator,
@@ -26,6 +26,7 @@ interface IProjectArgs {
   collaboratorTenancy: mongoose.Types.ObjectId;
   diffs: ProjectDiffResponse[];
   collaborators: mongoose.Types.ObjectId[];
+  public: boolean;
 }
 
 // Declare the attributes of the model
@@ -75,6 +76,7 @@ const ProjectSchema = new Schema<IProject, IProjectModel, IProjectMethods, IProj
   events: [{ type: Schema.Types.ObjectId, ref: "Event" }],
   diffs: [{ type: Schema.Types.Mixed, required: true }],
   collaborators: [{ type: Schema.Types.ObjectId, ref: "diffCollaborators" }],
+  public: { type: Boolean, required: true },
 });
 
 ProjectSchema.static(
@@ -85,6 +87,20 @@ ProjectSchema.static(
   ): Promise<ProjectDocument> {
     const customMetaData = (projectInfo?.customMetaData as { [key: string]: string }) || {};
     const collaborators = projectInfo.collaborators?.map((id) => new mongoose.Types.ObjectId(id)) || [];
+    const _public = projectInfo.public || false;
+
+    // If the project is public, add the public tenant to the collaborators
+    const PublicTenant = await Tenancy.getPublicTenant();
+
+    if (_public) {
+      collaborators.push(PublicTenant._id);
+    } else {
+      // check that the public tenant is not in the collaborators list
+      // do a string comparison of the ids to make sure that the public tenant is not in the list
+      if (collaborators.map((id) => id.toString()).includes(PublicTenant._id.toString())) {
+        throw new UserInputError("Cannot add public tenant to a private project");
+      }
+    }
 
     const projectObj: IProject = {
       _id: new mongoose.Types.ObjectId(),
@@ -98,6 +114,7 @@ ProjectSchema.static(
       OwnerTenancy: tenancy._id,
       collaboratorTenancy: tenancy._id,
       diffs: [],
+      public: _public,
 
       // technically the owner shares the project with themselves, makes it easier to apply diffs and push events
       collaborators: [tenancy._id, ...collaborators],
@@ -137,6 +154,7 @@ ProjectSchema.static(
       collaboratorTenancy: collaborator._id,
       diffs: [],
       collaborators: project.collaborators,
+      public: project.public,
     };
 
     // push the project to the collaborator's project list
@@ -176,6 +194,7 @@ ProjectSchema.method("ToProjectResponse", async function ToProjectResponse(): Pr
     projectDescription: this.projectDescription,
     projectStatus: this.projectStatus,
     ProjectCollaborators: await this.ListProjectCollaborators(),
+    public: this.public,
   };
   return obj;
 });
@@ -186,6 +205,12 @@ ProjectSchema.method("ListProjectCollaborators", async function ListProjectColla
   // Filter out owner from the collaborators
   const collaborators = this.collaborators.filter((id) => !id.equals(this.OwnerTenancy));
 
+  // if public, filter out the public tenant
+  if (this.public) {
+    const PublicTenant = await Tenancy.getPublicTenant();
+    collaborators.filter((id) => !id.equals(PublicTenant._id));
+  }
+
   // Map each collaborator ID to a promise of fetching the collaborator
   const collaboratorPromises = collaborators.map((collaboratorID) => Tenancy.findById(collaboratorID));
 
@@ -278,8 +303,19 @@ ProjectSchema.method("applyDiff", async function applyDiff(diff: ProjectDiffRequ
   // The new collaborators value that will be set
   const Collaborators = [...new Set([this.OwnerTenancy, ...diffCollaborators])];
 
+  // Make sure that the public tenant is always in the collaborators list
+  const PublicTenant = await Tenancy.getPublicTenant();
+  if (this.public) {
+    Collaborators.push(PublicTenant._id);
+  }
   // Get the new collaborators that were added and create a copy of the project for them
   const newCollaborators = diffCollaborators.filter((id) => !this.collaborators.includes(id));
+
+  // make sure no one is trying to add the public tenant as a collaborator without the project being public
+  if (newCollaborators.includes(PublicTenant._id) && !this.public) {
+    throw new UserInputError("Cannot add public tenant to a private project");
+  }
+
   await tenancy.CheckCollaboratorsAreActive(newCollaborators);
   await this.CreateCopiesForCollaborators(newCollaborators);
 

src/app/models/database/tenancy.ts

@@ -6,6 +6,12 @@ import { ProjectCollaborator, ProjectResponse } from "../types/projects";
 import { Project } from "./project";
 import { RelationshipManager } from "./relationshipManager";
 
+const publicTenantName = "public-transparency-service";
+
+export interface NewTenancyOptions {
+  newPublicTenant?: boolean;
+}
+
 // Declare the attributes of the model
 interface ITenancy {
   _id: mongoose.Types.ObjectId;
@@ -37,7 +43,8 @@ export type TenancyDocument = HydratedDocument<ITenancy, ITenancyMethods>;
 
 // declare the Full Model along with any static methods
 export interface ITenancyModel extends Model<ITenancy, ITenancyQueryHelpers, ITenancyMethods> {
-  NewTenancy: (companyName: string) => Promise<TenancyDocument>;
+  NewTenancy: (companyName: string, opts?: NewTenancyOptions) => Promise<TenancyDocument>;
+  getPublicTenant: () => Promise<TenancyDocument>;
 }
 
 // Create the schema
@@ -48,13 +55,34 @@ const TenancySchema = new Schema<ITenancy, ITenancyModel, ITenancyMethods>({
   relationships: [{ type: Schema.Types.ObjectId, ref: RelationshipManager }],
 });
 
-TenancySchema.static("NewTenancy", async function NewTenancy(companyName: string): Promise<TenancyDocument> {
-  return this.create({
-    _id: new mongoose.Types.ObjectId(),
-    projects: [],
-    relationships: [],
-    companyName: companyName,
-  });
+TenancySchema.static(
+  "NewTenancy",
+  async function NewTenancy(companyName: string, opts = { newPublicTenant: false }): Promise<TenancyDocument> {
+    // check if the tenancy is trying to overwrite the public tenant
+    if (!opts.newPublicTenant) {
+      if (companyName === publicTenantName) {
+        throw new UserInputError("Invalid company name");
+      }
+    }
+
+    return this.create({
+      _id: new mongoose.Types.ObjectId(),
+      projects: [],
+      relationships: [],
+      companyName: companyName,
+    });
+  }
+);
+
+TenancySchema.static("getPublicTenant", async function getPublicTenant(): Promise<TenancyDocument> {
+  // if the public tenant does not exist, create it
+  let publicTenant = await this.findOne({ companyName: publicTenantName });
+
+  if (publicTenant == null) {
+    publicTenant = await this.NewTenancy(publicTenantName, { newPublicTenant: true });
+  }
+
+  return publicTenant;
 });
 
 TenancySchema.method("ListProjects", async function ListProjects(): Promise<ProjectResponse[]> {