Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(ids-api): Filter delegated national registry scopes by delegation types. #17354

Open
wants to merge 2 commits into
base: main
Choose a base branch
from

Conversation

valurefugl
Copy link
Member

@valurefugl valurefugl commented Dec 24, 2024

What

Filter delegated national registry scopes by delegation types in scope check.

Why

So we grant correct scopes to legal guardians of youths (16-18 year old).

Screenshots / Gifs

Attach Screenshots / Gifs to help reviewers understand the scope of the pull request

Checklist:

  • I have performed a self-review of my own code
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works
  • Formatting passes locally with my changes
  • I have rebased against main before asking for a review

Summary by CodeRabbit

  • New Features

    • Introduced new scope identifiers for legal guardianship, enhancing API interactions.
    • Added support for a new delegation type, LegalGuardianMinor, in delegation logic.
    • Expanded the getProvider method to handle the LegalGuardianMinor delegation type.
    • Updated the delegation handling logic to consider both LegalGuardian and LegalGuardianMinor.
  • Bug Fixes

    • Resolved duplicate import issue in the delegation scope service.
  • Tests

    • Added new test cases to validate the behavior of the updated delegation types.

@valurefugl valurefugl requested review from a team as code owners December 24, 2024 13:51
Copy link
Contributor

coderabbitai bot commented Dec 24, 2024

Walkthrough

This pull request introduces support for a new delegation type, LegalGuardianMinor, across multiple components of the authentication and authorization system. The changes involve adding new scopes, updating delegation scope service methods to accept delegation types, and modifying the fixture factory to handle the new delegation type. Additionally, test cases are adjusted to ensure proper validation and processing of both LegalGuardian and LegalGuardianMinor delegation types.

Changes

File Change Summary
apps/services/auth/ids-api/src/app/delegations/test/delegations-scopes.spec.ts - Added legalGuardianMinorScopes constant with lgm1 and lgm2 scopes
- Added new test case for combined LegalGuardian and LegalGuardianMinor delegation types
libs/auth-api-lib/src/lib/delegations/delegation-scope.service.ts - Updated findAllNationalRegistryScopes method to accept delegationTypes parameter
- Modified findAllScopesTo method to pass delegation types
libs/services/auth/testing/src/fixtures/fixture-factory.ts - Added case for AuthDelegationType.LegalGuardianMinor in getProvider method
apps/services/auth/public-api/src/app/modules/delegations/actorDelegations.controller.spec.ts - Updated delegation type check to include LegalGuardianMinor

Sequence Diagram

sequenceDiagram
    participant User
    participant DelegationScopeService
    participant NationalRegistry
    
    User->>DelegationScopeService: findAllScopesTo(user, nationalId, delegationTypes)
    DelegationScopeService->>DelegationScopeService: findAllNationalRegistryScopes(delegationTypes)
    DelegationScopeService->>NationalRegistry: Query scopes based on delegation types
    NationalRegistry-->>DelegationScopeService: Return applicable scopes
    DelegationScopeService-->>User: Return scopes
Loading

Possibly related PRs

Suggested labels

automerge

Suggested reviewers

  • Herdismaria
  • GunnlaugurG

Tip

CodeRabbit's docstrings feature is now available as part of our Early Access Program! Simply use the command @coderabbitai generate docstrings to have CodeRabbit automatically generate docstrings for your pull request. We would love to hear your feedback on Discord.


📜 Recent review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 680decf and c085ec6.

📒 Files selected for processing (1)
  • apps/services/auth/public-api/src/app/modules/delegations/actorDelegations.controller.spec.ts (1 hunks)
🧰 Additional context used
📓 Path-based instructions (1)
apps/services/auth/public-api/src/app/modules/delegations/actorDelegations.controller.spec.ts (2)

Pattern apps/services/**/*: "Confirm that the code adheres to the following:

  • NestJS architecture, including modules, services, and controllers.
  • Dependency injection patterns and service encapsulation.
  • Integration and unit testing coverage and practices."

Pattern apps/**/*: "Confirm that the code adheres to the following:

  • NextJS best practices, including file structure, API routes, and static generation methods.
  • Efficient state management and server-side rendering techniques.
  • Optimal use of TypeScript for component and utility type safety."
🔇 Additional comments (1)
apps/services/auth/public-api/src/app/modules/delegations/actorDelegations.controller.spec.ts (1)

796-799: Ensure the array usage in the destroy condition works as intended.

Providing an array for the delegationType inside destroy typically translates to an SQL IN operation in Sequelize. Confirm this matches your desired logic (i.e., removing entries where delegationType is either LegalGuardian or LegalGuardianMinor). The snippet itself appears correct.

✅ Verification successful

Let me verify the usage of array in delegationType by checking the model and repository implementation.


Let me try a different approach to verify the array usage in delegationType.


Array usage in delegationType is correctly implemented and works as intended

Based on the codebase analysis, the array usage for delegationType in the destroy condition is correctly implemented. The evidence shows that:

  1. The codebase consistently handles delegationType as an array across multiple services and models:

    • In the auth-api-lib, delegationType is properly typed as an array in models and DTOs
    • The DelegationProviderModel and related services handle array-based delegation types
    • The actorDelegations controller specifically handles array conversions: if (delegationTypes && !Array.isArray(delegationTypes)) { delegationTypes = [delegationTypes] }
  2. The implementation supports multiple delegation types as arrays throughout the codebase, including in queries and filters, which confirms that the array usage in the destroy condition will work correctly as an SQL IN operation.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify that an array-based 'where' clause is treated as an 'IN' operation in all references to these delegation types.
rg -A 3 "delegationType:\s*\[.*" 

Length of output: 11696


Script:

#!/bin/bash
# Check model definition and repository implementation
ast-grep --pattern 'class $_ extends $_ {
  $$$
  delegationType
  $$$
}'

# Check for destroy method implementation
ast-grep --pattern 'destroy($$$) {
  $$$
}'

Length of output: 121


Script:

#!/bin/bash
# Search for destroy operations with delegationType in test files
rg -B 5 -A 2 "destroy.*delegationType" 

# Search for repository or service implementations handling delegationType
rg -B 3 -A 3 "delegationType.*\[.*\]" --type ts --glob '!*.spec.ts' --glob '!*test*'

Length of output: 19337


Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (2)
apps/services/auth/ids-api/src/app/delegations/test/delegations-scopes.spec.ts (1)

22-22: Add a clarifying comment for this new scope constant.
A short comment before legalGuardianMinorScopes explaining its purpose and intended usage could help future contributors.

libs/auth-api-lib/src/lib/delegations/delegation-scope.service.ts (1)

254-254: Validate expected delegation types.
Ensure there's robust error handling if delegationTypes is empty or includes unknown values.

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 56493cc and 680decf.

📒 Files selected for processing (3)
  • apps/services/auth/ids-api/src/app/delegations/test/delegations-scopes.spec.ts (3 hunks)
  • libs/auth-api-lib/src/lib/delegations/delegation-scope.service.ts (5 hunks)
  • libs/services/auth/testing/src/fixtures/fixture-factory.ts (1 hunks)
🧰 Additional context used
📓 Path-based instructions (3)
libs/services/auth/testing/src/fixtures/fixture-factory.ts (2)

Pattern libs/services/**/*: "Confirm that the code adheres to the following:

  • Shared services and modules that can be utilized across NestJS apps.
  • Proper implementation of NestJS providers, including custom providers.
  • Adherence to NestJS module encapsulation and isolation principles."

Pattern libs/**/*: "Confirm that the code adheres to the following:

  • Reusability of components and hooks across different NextJS apps.
  • TypeScript usage for defining props and exporting types.
  • Effective tree-shaking and bundling practices."
apps/services/auth/ids-api/src/app/delegations/test/delegations-scopes.spec.ts (2)

Pattern apps/services/**/*: "Confirm that the code adheres to the following:

  • NestJS architecture, including modules, services, and controllers.
  • Dependency injection patterns and service encapsulation.
  • Integration and unit testing coverage and practices."

Pattern apps/**/*: "Confirm that the code adheres to the following:

  • NextJS best practices, including file structure, API routes, and static generation methods.
  • Efficient state management and server-side rendering techniques.
  • Optimal use of TypeScript for component and utility type safety."
libs/auth-api-lib/src/lib/delegations/delegation-scope.service.ts (1)

Pattern libs/**/*: "Confirm that the code adheres to the following:

  • Reusability of components and hooks across different NextJS apps.
  • TypeScript usage for defining props and exporting types.
  • Effective tree-shaking and bundling practices."
🔇 Additional comments (8)
apps/services/auth/ids-api/src/app/delegations/test/delegations-scopes.spec.ts (3)

30-30: Good job extending the apiScopes array.
Thanks for integrating the legalGuardianMinorScopes.


49-51: Approach validates new delegation type effectively.
This logic ensures that any scope falling under legalGuardianMinorScopes is recognized as LegalGuardianMinor.


116-127: Great addition for combined delegation coverage testing.
The new test case clarifies the expected scope set when both LegalGuardian and LegalGuardianMinor delegations are present.

libs/auth-api-lib/src/lib/delegations/delegation-scope.service.ts (4)

6-6: Remove duplicate or unused import references.
If kennitala was already imported elsewhere, ensure not to duplicate. Otherwise, keep it as is.


31-31: Confirm that filterByCustomScopeRule is used consistently.
Since it is newly imported, verify that it does not conflict with or duplicate existing logic.


241-243: Signature update ensures flexible filtering.
Revising findAllNationalRegistryScopes to accept delegation types improves extensibility.


422-422: Ensure correct usage of the newly added parameter.
Passing delegationTypes to findAllNationalRegistryScopes aligns with the new signature. Keep an eye on potential null or undefined delegation types.

libs/services/auth/testing/src/fixtures/fixture-factory.ts (1)

319-319: Logical extension for minor guardians.
Including AuthDelegationType.LegalGuardianMinor under NationalRegistry is consistent with your new scopes.

Copy link

codecov bot commented Dec 24, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 35.68%. Comparing base (2699012) to head (c085ec6).
Report is 1 commits behind head on main.

Additional details and impacted files

Impacted file tree graph

@@           Coverage Diff           @@
##             main   #17354   +/-   ##
=======================================
  Coverage   35.68%   35.68%           
=======================================
  Files        6931     6931           
  Lines      148782   148785    +3     
  Branches    42509    42510    +1     
=======================================
+ Hits        53091    53097    +6     
+ Misses      95691    95688    -3     
Flag Coverage Δ
air-discount-scheme-backend 48.24% <ø> (ø)
air-discount-scheme-web 0.00% <ø> (ø)
api 3.33% <ø> (ø)
api-catalogue-services 75.81% <ø> (ø)
api-domains-air-discount-scheme 37.99% <ø> (ø)
api-domains-assets 26.71% <ø> (ø)
api-domains-auth-admin 48.49% <ø> (ø)
api-domains-communications 39.42% <ø> (ø)
api-domains-criminal-record 48.03% <ø> (ø)
api-domains-driving-license 44.86% <ø> (ø)
api-domains-education 31.27% <ø> (ø)
api-domains-health-insurance 35.47% <ø> (ø)
api-domains-mortgage-certificate 35.24% <ø> (+0.10%) ⬆️
api-domains-payment-schedule 42.12% <ø> (ø)
application-api-files 61.90% <ø> (ø)
application-core 75.72% <ø> (ø)
application-system-api 38.73% <ø> (-0.01%) ⬇️
application-template-api-modules 27.68% <ø> (-0.01%) ⬇️
application-templates-accident-notification 27.61% <ø> (ø)
application-templates-car-recycling 3.12% <ø> (ø)
application-templates-criminal-record 25.83% <ø> (ø)
application-templates-driving-license 18.15% <ø> (ø)
application-templates-estate 13.66% <ø> (ø)
application-templates-example-payment 24.69% <ø> (ø)
application-templates-financial-aid 14.45% <ø> (ø)
application-templates-general-petition 23.12% <ø> (ø)
application-templates-inheritance-report 6.59% <ø> (ø)
application-templates-marriage-conditions 15.18% <ø> (ø)
application-templates-mortgage-certificate 43.68% <ø> (ø)
application-templates-parental-leave 29.95% <ø> (ø)
application-types 6.51% <ø> (ø)
application-ui-components 1.22% <ø> (ø)
application-ui-shell 22.26% <ø> (ø)
auth-admin-web 2.43% <ø> (ø)
auth-nest-tools 31.52% <ø> (ø)
clients-charge-fjs-v2 28.88% <ø> (ø)
clients-driving-license 40.91% <ø> (ø)
clients-driving-license-book 43.92% <ø> (ø)
clients-financial-statements-inao 49.70% <ø> (ø)
clients-license-client 1.26% <ø> (ø)
clients-middlewares 73.18% <ø> (+0.24%) ⬆️
clients-regulations 43.00% <ø> (ø)
clients-rsk-company-registry 31.18% <ø> (ø)
clients-rsk-personal-tax-return 38.32% <ø> (ø)
clients-smartsolutions 12.77% <ø> (ø)
clients-syslumenn 49.47% <ø> (ø)
clients-zendesk 50.58% <ø> (ø)
cms 0.39% <ø> (ø)
content-search-toolkit 8.16% <ø> (ø)
contentful-apps 4.71% <ø> (ø)
dokobit-signing 62.18% <ø> (ø)
email-service 60.15% <ø> (ø)
file-storage 45.97% <ø> (ø)
financial-aid-backend 51.42% <ø> (ø)
financial-aid-shared 17.88% <ø> (ø)
icelandic-names-registry-backend 54.33% <ø> (ø)
infra-nest-server 48.06% <ø> (ø)
infra-tracing 69.94% <ø> (ø)
island-ui-core 30.42% <ø> (ø)
judicial-system-api 20.20% <ø> (ø)
judicial-system-audit-trail 69.02% <ø> (ø)
judicial-system-backend 55.98% <ø> (ø)
judicial-system-message 66.60% <ø> (ø)
judicial-system-message-handler 48.33% <ø> (ø)
judicial-system-scheduler 71.15% <ø> (ø)
judicial-system-web 27.72% <ø> (ø)
license-api 42.94% <ø> (+0.07%) ⬆️
localization 10.15% <ø> (ø)
logging 58.02% <ø> (ø)
message-queue 67.76% <ø> (+0.70%) ⬆️
nest-audit 65.78% <ø> (ø)
nest-aws 51.93% <ø> (ø)
nest-config 76.45% <ø> (ø)
nest-core 53.16% <ø> (ø)
nest-feature-flags 51.06% <ø> (ø)
nest-problem 45.64% <ø> (ø)
nest-sequelize 94.44% <ø> (ø)
nest-swagger 51.13% <ø> (ø)
nova-sms 61.52% <ø> (ø)
portals-admin-regulations-admin 1.80% <ø> (ø)
portals-core 19.58% <ø> (ø)
services-auth-admin-api 52.54% <40.00%> (+0.01%) ⬆️
services-auth-delegation-api 58.55% <60.00%> (+<0.01%) ⬆️
services-auth-ids-api 52.59% <100.00%> (+0.03%) ⬆️
services-auth-public-api 49.43% <60.00%> (+<0.01%) ⬆️
services-sessions 65.32% <ø> (ø)
services-university-gateway 49.43% <ø> (-0.09%) ⬇️
services-user-notification 46.54% <ø> (ø)
services-user-profile 56.97% <ø> (+0.08%) ⬆️
shared-components 29.49% <ø> (ø)
shared-form-fields 33.38% <ø> (ø)
shared-utils 27.69% <ø> (ø)
skilavottord-ws 24.26% <ø> (ø)
web 2.40% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines Coverage Δ
...ib/src/lib/delegations/delegation-scope.service.ts 91.52% <100.00%> (ø)
...vices/auth/testing/src/fixtures/fixture-factory.ts 91.38% <100.00%> (+0.03%) ⬆️

... and 2 files with indirect coverage changes


Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 56493cc...c085ec6. Read the comment docs.

@datadog-island-is
Copy link

datadog-island-is bot commented Dec 24, 2024

Datadog Report

All test runs 986f909 🔗

10 Total Test Services: 0 Failed, 10 Passed
🔻 Test Sessions change in coverage: 1 decreased (-0.02%), 3 increased, 196 no change

Test Services
This report shows up to 10 services
Service Name Failed Known Flaky New Flaky Passed Skipped Total Time Code Coverage Change Test Service View
air-discount-scheme-backend 0 0 0 63 0 23.65s N/A Link
air-discount-scheme-web 0 0 0 2 0 7.88s N/A Link
api 0 0 0 4 0 3.22s N/A Link
api-catalogue-services 0 0 0 23 0 13.17s N/A Link
api-domains-air-discount-scheme 0 0 0 6 0 21.62s N/A Link
api-domains-assets 0 0 0 3 0 9.54s N/A Link
api-domains-auth-admin 0 0 0 18 0 10.14s N/A Link
api-domains-communications 0 0 0 5 0 30.54s N/A Link
api-domains-criminal-record 0 0 0 5 0 9.74s N/A Link
api-domains-driving-license 0 0 0 23 0 29.99s N/A Link

🔻 Code Coverage Decreases vs Default Branch (1)

  • services-university-gateway - jest 45.26% (-0.02%) - Details

@valurefugl valurefugl added the automerge Merge this PR as soon as all checks pass label Dec 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
automerge Merge this PR as soon as all checks pass
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant