Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

2024-09-10 | MAIN --> PROD | DEV (7aeeb4e) --> STAGING #4268

Merged
merged 2 commits into from
Sep 10, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/add-bpmn-renders.yml
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ jobs:

- name: Create Pull Request with Changes
if: steps.vars.outputs.imagesupdated != 0
uses: peter-evans/create-pull-request@v6
uses: peter-evans/create-pull-request@v7
with:
commit-message: Update BPMN images for ${{ env.BRANCH_NAME }}
title: Update BPMN images for ${{ env.BRANCH_NAME }}
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/new-relic-deployment.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ jobs:
run: echo "RELEASE_VERSION=${{ github.ref_name }}" >> $GITHUB_ENV

- name: Add New Relic Application Deployment Marker
uses: newrelic/[email protected].0
uses: newrelic/[email protected].1
with:
apiKey: ${{ secrets.NEW_RELIC_API_KEY }}
guid: ${{ secrets.NEW_RELIC_DEV_DEPLOYMENT_ENTITY_GUID }}
Expand All @@ -32,7 +32,7 @@ jobs:
run: echo "RELEASE_VERSION=${{ github.ref_name }}" >> $GITHUB_ENV

- name: Add New Relic Application Deployment Marker
uses: newrelic/[email protected].0
uses: newrelic/[email protected].1
with:
apiKey: ${{ secrets.NEW_RELIC_API_KEY }}
guid: ${{ secrets.NEW_RELIC_STAGING_DEPLOYMENT_ENTITY_GUID }}
Expand All @@ -48,7 +48,7 @@ jobs:
run: echo "RELEASE_VERSION=${{ github.ref_name }}" >> $GITHUB_ENV

- name: Add New Relic Application Deployment Marker
uses: newrelic/[email protected].0
uses: newrelic/[email protected].1
with:
apiKey: ${{ secrets.NEW_RELIC_API_KEY }}
guid: ${{ secrets.NEW_RELIC_PRODUCTION_DEPLOYMENT_ENTITY_GUID }}
Expand Down
44 changes: 44 additions & 0 deletions backend/dissemination/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,50 @@ When adding a new API version:
- This is likely true of TESTED patch version bumps (v1_0_0 to v1_0_1), and *maybe* minor version bumps (v1_0_0 to v1_1_0). MAJOR bumps require change management messaging.
5. If previous versions of the API are needed, `APIViewTests` will need to be updated. At the time of writing this, it only tests the default API.

# Using VS Code REST Client Plugin to Test API

## Installation:
1. In your Visual Studio Code, go to the Extensions Marketplace and search for **REST Client**.
4. Click **Install** and follow the steps to install one of the "REST Client".

## How to Use:
Once the REST Client extension is installed, you can create a `.http` or `.rest` file in your project and write your API queries directly within that file.

## Sample API Request:

Here’s an example of how to query your API using the REST Client:

```http
GET {{scheme}}://{{api_url}}/function_name_or_view_name_plus_params_if_any
authorization: Bearer {{YOUR_JWT_TOKEN}}
x-api-user-id: {{your_api_user_id}}
accept-profile: target_api_profile
x-api-key: {{YOUR_API_GOV_KEY}}
```

## Key Details:
- **`authorization`**: The `Bearer {{YOUR_JWT_TOKEN}}` token is mandatory. Use the same JWT token used in Cypress tests from the code base. Without this token, the request will be flagged as anonymous and require extra steps to create an anonymous role in the local environment.

- **`x-api-user-id`**: Mandatory in some cases, depending on the API function. Search for the function in the code base to find where to get the correct value for `x-api-user-id`. Check keys like `support_administrative_key_uuids` and `dissemination_tribalapiaccesskeyids` for reference.

- **`accept-profile`**: Specifies the API version/profile. The current default is `api_v1_0_3`. You can check available profiles and deprecated versions in `backend/dissemination/api_versions.py`.

- **`x-api-key`**: An API key can be requested by following the steps described [here](https://www.fac.gov/api/).

## Example:

```http
GET http://localhost:3000/general?limit=1&is_public=eq.false
authorization: Bearer {{CYPRESS_API_GOV_JWT}}
x-api-user-id: 00112233-4455-6677-8899-aabbccddeeff
accept-profile: admin_api_v1_1_0
x-api-key: abcdefghijklmnop
```

This will send a request to `http://localhost:3000/general` with the provided headers and params.
Check `backend/support/api/admin_api_v1_1_0/` for more examples.


# End-to-end workbook testing

### How to run the end-to-end test data generator:
Expand Down
47 changes: 47 additions & 0 deletions backend/dissemination/api/api_v1_1_1/create_functions.sql
Original file line number Diff line number Diff line change
Expand Up @@ -56,4 +56,51 @@ END;
$has_tribal_data_access$ LANGUAGE plpgsql;


CREATE OR REPLACE FUNCTION api_v1_1_1.request_file_access(
report_id TEXT
) RETURNS JSON LANGUAGE plpgsql AS
$$
DECLARE
v_uuid_header TEXT;
v_access_uuid VARCHAR(200);
v_key_exists BOOLEAN;
v_key_added_date DATE;
BEGIN

SELECT api_v1_1_1_functions.get_api_key_uuid() INTO v_uuid_header;

-- Check if the provided API key exists in public.dissemination_TribalApiAccessKeyIds
SELECT
EXISTS(
SELECT 1
FROM public.dissemination_TribalApiAccessKeyIds
WHERE key_id = v_uuid_header
) INTO v_key_exists;


-- Get the added date of the key from public.dissemination_TribalApiAccessKeyIds
SELECT date_added
INTO v_key_added_date
FROM public.dissemination_TribalApiAccessKeyIds
WHERE key_id = v_uuid_header;


-- Check if the key is less than 6 months old
IF v_uuid_header IS NOT NULL AND v_key_exists AND v_key_added_date >= CURRENT_DATE - INTERVAL '6 months' THEN
-- Generate UUID (using PostgreSQL's gen_random_uuid function)
SELECT gen_random_uuid() INTO v_access_uuid;

-- Inserting data into the one_time_access table
INSERT INTO public.dissemination_onetimeaccess (uuid, api_key_id, timestamp, report_id)
VALUES (v_access_uuid::UUID, v_uuid_header, CURRENT_TIMESTAMP, report_id);

-- Return the UUID to the user
RETURN json_build_object('access_uuid', v_access_uuid);
ELSE
-- Return an error for unauthorized access
RETURN json_build_object('error', 'Unauthorized access or key older than 6 months')::JSON;
END IF;
END;
$$;

NOTIFY pgrst, 'reload schema';
48 changes: 30 additions & 18 deletions backend/package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 4 additions & 4 deletions backend/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -25,13 +25,13 @@
"devDependencies": {
"@4tw/cypress-drag-drop": "^2.2.5",
"@babel/eslint-parser": "^7.25.1",
"@eslint/js": "^9.9.1",
"cypress": "^13.14.0",
"@eslint/js": "^9.10.0",
"cypress": "^13.14.2",
"cypress-axe": "^1.5.0",
"cypress-downloadfile": "^1.2.4",
"cypress-file-upload": "^5.0.8",
"cypress-otp": "^1.0.3",
"eslint": "^9.9.1",
"eslint": "^9.10.0",
"eslint-config-prettier": "^9.1.0",
"eslint-plugin-cypress": "^3.5.0",
"eslint-plugin-prettier": "^5.2.1",
Expand All @@ -48,7 +48,7 @@
"esbuild-sass-plugin": "3.3.1",
"glob": "11.0.0",
"npm-run-all": "^4.1.5",
"postcss": "^8.4.41",
"postcss": "^8.4.45",
"postcss-cli": "^11.0.0"
}
}
29 changes: 29 additions & 0 deletions backend/support/api/admin_api_v1_1_1/base.sql
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
DO
$do$
BEGIN
IF EXISTS (
SELECT FROM pg_catalog.pg_roles
WHERE rolname = 'authenticator') THEN
RAISE NOTICE 'Role "authenticator" already exists. Skipping.';
ELSE
CREATE ROLE authenticator LOGIN NOINHERIT NOCREATEDB NOCREATEROLE NOSUPERUSER;
END IF;
END
$do$;

DO
$do$
BEGIN
IF EXISTS (
SELECT FROM pg_catalog.pg_roles
WHERE rolname = 'api_fac_gov') THEN
RAISE NOTICE 'Role "api_fac_gov" already exists. Skipping.';
ELSE
CREATE ROLE api_fac_gov NOLOGIN;
END IF;
END
$do$;

GRANT api_fac_gov TO authenticator;

NOTIFY pgrst, 'reload schema';
43 changes: 43 additions & 0 deletions backend/support/api/admin_api_v1_1_1/create_access_tables.sql
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
-- This is explicitly not a Django managed table.
-- In order to have an administrative key added,
-- it must be added via a Github commit, and a PR
-- must be performed to merge the key into the tree.

-- This is because administrative keys can read/write
-- to some tables in the database. They can read internal and
-- in-flight data.

DROP TABLE IF EXISTS support_administrative_key_uuids;

CREATE TABLE support_administrative_key_uuids
(
id BIGSERIAL PRIMARY KEY,
email TEXT,
uuid TEXT,
permissions TEXT,
added DATE
);

INSERT INTO support_administrative_key_uuids
(email, uuid, permissions, added)
VALUES
(
'[email protected]',
'61ba59b2-f545-4c2f-9b24-9655c706a06c',
'CREATE,READ,DELETE',
'2023-12-04'
),
(
'[email protected]',
'b6e08808-ecb2-4b6a-b928-46d4205497ff',
'CREATE,READ,DELETE',
'2023-12-08'
),
(
'[email protected]',
'dd60c3f9-053d-4d82-a309-c89da53559f4',
'CREATE,READ,DELETE',
'2024-07-10'
)
;

Loading
Loading