Skip to content

Commit

Permalink
feat(identity): phase 2 (#509)
Browse files Browse the repository at this point in the history
* Feat/login flow (#477)

* Feat: add SessionData class

* Refactor: swap out auth middleware to use sessionData

* Refactor: modify sessionData in rollbackRouteHandler

* Feat: update middleware and auth services

* Chore: swap out v1 routes

Using a 1-1 swap here for v1 routes, since these are mostly outdated or due for refactor

* Refactor: swap id used in logger

* Feat: add handler to attach site name to sessionData

* Chore: modify v2 routes and services to use sessionData

* Chore: swap whoamiAuth to verifyJwt and useSiteAccessTokenIfAvailable with checkHasAccess

* Test: add fixtures for new middleware

* Fix: tests

* Fix: allow e2e test user

* Chore: update v1 endpoint

* Fix: migrate auth middle to ts

* Chore: rename to usersessiondata

* Refactor: split sessionData into separate classes

* Chore: replace sessionData

* Chore: replace githubsessiondata

* Chore: add jsdoc for classes

* Chore: update routes and services to pass appropriate sessionData objects

* Fix: tests

* Fix: specify request types

* Chore: remove unnecessary comment

* Fix: simplify getGithubParamsWithSite

* Feat/site member verification for email (#479)

* Feat: add IsomerAdmins database table and migrations

* Feat: add access token via interceptor if missing

* Feat: add isomerAdminsService

* Feat: add hasAccessToSite to usersService

* Feat: shift site membership check to authorizationMiddlewareService

* Chore: replace authMiddleware.checkHasAccess with authorizationMiddleware.checkIsSiteMember

* Chore: migrate authmiddlewareservice to typescript

* Fix: rename auth middleware to authentication middleware

* Fix: move e2e_isomer_id into constants

* Chore: add cookie types

* Fix: more concise check for isSiteMember

* FIx: rebase errors

* Fix: remove unused identityAuthService dependency

* Fix: rename AuthService import as identityAuthService

* Nit: separate type definition

* Feat/email login flow (#480)

* build(deps): bump file-type from 16.5.3 to 16.5.4 (#475)

Bumps [file-type](https://github.com/sindresorhus/file-type) from 16.5.3 to 16.5.4.
- [Release notes](https://github.com/sindresorhus/file-type/releases)
- [Commits](sindresorhus/file-type@v16.5.3...v16.5.4)

---
updated-dependencies:
- dependency-name: file-type
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: package.json & package-lock.json to reduce vulnerabilities (#476)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-SEQUELIZE-2959225

* build(deps): bump vm2 from 3.9.5 to 3.9.7 (#350)

Bumps [vm2](https://github.com/patriksimek/vm2) from 3.9.5 to 3.9.7.
- [Release notes](https://github.com/patriksimek/vm2/releases)
- [Changelog](https://github.com/patriksimek/vm2/blob/master/CHANGELOG.md)
- [Commits](patriksimek/vm2@3.9.5...3.9.7)

---
updated-dependencies:
- dependency-name: vm2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Chore: remove site links from description (#482)

* Fix: update resource room (#481)

* 0.10.0

* fix: remove unnecessary update step (#487)

* 0.10.1

* Chore: update commit message to include user id

* Feat: add login and verify endpoints

* Fix: model relations and alias

* Feat: add findSitesByUserId

* Feat: add site retrieval for email and admin users

* Fix: hasAccessToSite

* Fix: update email/mobile by isomer id

* Chore: update error message

* Fix: await check for whitelist

* Chore: add mockSessionData for email login

* Fix: SiteService behaviour for email users with no whitelisted sites

* Test: update sitesservice tests

* Test: add new authservice tests and fix existing tests

* Fix: update user model to allow null in github field

* Fix: update test fixture

* Fix: update user test suite

* Chore: remove unused endpoint

* Fix: rebase errors

* Chore: remove unnecessary message in test

* Chore: remove unnecessary userId field

* Nit: rename variable

* Refactor: shift site retrieval for email users into helper method

* Chore: spacing and remove unused var

* Fix: tests

* Tests: add new authorizationMiddlewareService test

* fix: remove resources_name and add support for url (#490)

* fix: remove resources_name and add support for url

* fix: display url parameter as domain but store with https scheme

* fix: resolve failing tests

* Chore: flip conditional

* Refactor: shift order of getSites to make it easier to understand

* Test: add new auth router tests

* Feat: add integration tests for getSites

* Fix: failing requests for getLastUpdated and getStagingUrl

* Nit: add comment

* Nit: test name and var name

* chore(mocks/axios): remove extra stuff

* test(sites.spec): refactor specs for clarity

* Fix: update settings

* Nit: update comment

* Fix: tests

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Snyk bot <[email protected]>
Co-authored-by: Hsu Zhong Jun <[email protected]>
Co-authored-by: seaerchin <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Snyk bot <[email protected]>
Co-authored-by: Hsu Zhong Jun <[email protected]>
Co-authored-by: seaerchin <[email protected]>

* Fix: e2e bypass of authorization middleware

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Snyk bot <[email protected]>
Co-authored-by: Hsu Zhong Jun <[email protected]>
Co-authored-by: seaerchin <[email protected]>

* feat: collaborators (#510)

* build(devdeps): add lodash types

* fix(model): rectify db model definitions

* refactor: add message param to ForbiddenError

* feat: add CollaboratorsService

* test: add tests for CollaboratorsService

* feat: use CollaboratorService in authorization middleware

* test: add tests for authorization middleware

* feat: add CollaboratorsRouter

* test: add tests for CollaboratorsRouter

* feat(db-migration): change site_members role enum in the database

* feat: modify authzMiddlewareService tests

* fix: error in mock collaborators fixture

* ref(services): migrate SitesService to TypeScript (#512)

* ref(fixtures): convert repoInfo to typescript

* ref(services): migrate SitesService to typescript

* tests: update unit and integration tests for SitesService

* ref(sites): migrate sites router to typescript

* fix: revert back to using SessionData

* fix: remove use of Bluebird and unused getSiteToken function

* fix: use more accurate type

* chore: remove unused variable

* refactor(tests): migrate generic axios instance to __mocks__

* tests: use mockAxios directly instead of preparing an instance

* feat(rr): db migrations (#515)

* chore(infraservice): remove unused prop

* chore(routes/auth): remove unused var

* build(package): add useful command to undo migration

* feat(migrations): add migrations for review requests

fix(db migratino): update property names

* chore(db migration): add migration to add status col to rr

* chore(db migrations): add required columns for seq creation

* feat: introduce a new site info API endpoint (#513)

* ref(fixtures): convert repoInfo to typescript

* ref(services): migrate SitesService to typescript

* tests: update unit and integration tests for SitesService

* ref(sites): migrate sites router to typescript

* fix: revert back to using SessionData

* fix: remove use of Bluebird and unused getSiteToken function

* fix: use more accurate type

* chore: remove unused variable

* refactor(tests): migrate generic axios instance to __mocks__

* feat: introduce function to obtain latest commit details

* feat: add function for obtaining a User by ID

* feat: introduce a new site info API endpoint

* tests: add partial tests for SitesService

* tests: use mockAxios directly instead of preparing an instance

* tests: fix SitesService unit tests to pass

* chore: adjust constants to use SCREAMING_SNAKE_CASE

* fix: add authorizationMiddleware to ensure user is member of site

* chore: combine sessionData unpacking

* fix: insert try-catch to handle errors from JSON.parse

* chore: remove unnecessary check for undefined site

* chore: return instead of throwing NotFoundError

* fix: add assertion to ensure integrity of GitHubCommitData

* fix: remove need for adding site name to sessionData

* refactor: convert routes Sites.spec.js to TypeScript

* refactor: redesign getUrlsOfSite to increase readability

* fix: use correct endpoint to get latest commit data

* test: add unit tests for GitHubService getLatestCommitOfBranch

* fix: add stub for obtaining merge author details

* fix: return a well-formatted response for known exceptions

* test: enhance GitHubService test for all other error statuses

* chore: rename isType function and return boolean directly

* fix: create new siteUrls object instead of changing in-place

* fix: handle case of null or undefined user email

* chore: improve code style

* tests: fix output of getStagingUrl

* feat: add collaborators statistics API endpoint (#520)

* ref(fixtures): convert repoInfo to typescript

* ref(services): migrate SitesService to typescript

* tests: update unit and integration tests for SitesService

* ref(sites): migrate sites router to typescript

* fix: revert back to using SessionData

* fix: remove use of Bluebird and unused getSiteToken function

* fix: use more accurate type

* chore: remove unused variable

* refactor(tests): migrate generic axios instance to __mocks__

* feat: introduce function to obtain latest commit details

* feat: add function for obtaining a User by ID

* feat: introduce a new site info API endpoint

* tests: add partial tests for SitesService

* tests: use mockAxios directly instead of preparing an instance

* tests: fix SitesService unit tests to pass

* chore: adjust constants to use SCREAMING_SNAKE_CASE

* fix: add authorizationMiddleware to ensure user is member of site

* chore: combine sessionData unpacking

* fix: insert try-catch to handle errors from JSON.parse

* chore: remove unnecessary check for undefined site

* chore: return instead of throwing NotFoundError

* fix: add assertion to ensure integrity of GitHubCommitData

* fix: remove need for adding site name to sessionData

* refactor: convert routes Sites.spec.js to TypeScript

* refactor: redesign getUrlsOfSite to increase readability

* feat: add collaborators statistics API endpoint

* test: add unit tests for collaborators statistics

* fix: return 404 instead of throwing an exception

* tests: add test to check for 404 status

* refactor: remove all usages of TokenStore and tests (#533)

* feat(rr): add database models (#518)

* chore(infraservice): remove unused prop

* chore(routes/auth): remove unused var

* build(package): add useful command to undo migration

* feat(migrations): add migrations for review requests

fix(db migratino): update property names

* chore(db migration): add migration to add status col to rr

* chore(db migrations): add required columns for seq creation

* feat(db/models): add new db models for rr

fix(db models): update db models

fix(reviewmeat): update db model

* chore(reviewrequest): update db model for seq

* fix(reviewmeta): add annotation on db model

* chore(reviewrequest.ts): add col to db model

* fix(teardown): add enum dropping for tests teardown

* feat: add new siteUrl API endpoint to get the production URL of site (#535)

* Feat/notifications (#508)

* Feat: add notification database model and update related models

* Chore: add migrations

Also adds id to site_members table for easier reference

* Feat: add notificationService

* Feat: add notificationUtils

* Feat: add notifications router

* Chore: initialise Notifications table and services

* Fix: remove unused imports

* Fix: change behaviour of quick retrieval

Always returns only new notifications now, unless there are none, in which case it returns most recent 6

* Chore: remove unused imports

* Refactor: findAll method

* Chore: add notificationResponse type

* Feat: add created_at sorting criteria

* Fix: notification sorting order

* Chore: add documentation for sort criteria

* Fix: rebase errors

* Fix: rebase errors for tests

* feat(rr): services + routes (#519)

* feat(services): add initial services for rr

* feat(types): add github types

* feat(reviewrequestservice): add features

* chore(review): wip for review routes

* feat(types): add new types

* feat(reviewrequestservice): add impl for computing sha mappings

* feat(usersservice): add nwe method to user service to retrieve site admins

* feat(review): add route for creating review request

* refactor(collaboratorsservice): refactor method api for clarity

* feat(types): add more types

* refactor(collaborators): fix typings and add more steuff to return

* chore(routes): update authenticated routes

* chore(review): refactor to use collaborators service

* refactor(reviewrequestservice): update methods

* chore(server): add init code

* refactor(reviewmeta): updat eto use belongs to

* feat(types): add more types

* feat(requestnotfounderror): add new error type

* feat(review): add methods for listing review requests and retrieval of rr

* refactor(types/dto): update review types

* refactor(rrservice): update enum type

* feat(rrservice): add new method to merge rr

* feat(review): add new route to merge rr

* fix(collaborators): remove erroneous destructuring

* fix(routes/review): add siteId prop

* chore(review dto): add status

* chore(requestrequestservice): remove old comment

* fix(reviewrequestservice): changed some stuff to be optional

* refactor(rr service): split retrieving db/github view into 2 methods

* feat(rr service): add methods to close/approve rr

* refactor(rr service): refactor merge rr method

* chore(collaboratorsservice): remove extra typecasts

* feat(rr): add new endpoint to update rr

* chore(types): minor cleanup

* feat(rr routes): add new routes for close and approve pr

* chore(review): update to userwithsitesesiontoken

* refactor(reviewrequestservice): migrate api calls into own file

* refactor(authenticated): shift review router dpes to init function

* fix(index): fixed faulty init

* refactor(reviewrequestservice): add site to reviewreq object

* fix(review.ts): add explicit bearer token to api call

* refactor(rrservice): refactor to retrieve user from db

* chore(settingsservice): remove extra console log

* chore(github): remove extra `patch` property

* chore(review): add logging

* fix(server): update imports from rebase

* Chore: Update src/routes/v2/authenticated/review.ts

Co-authored-by: Hsu Zhong Jun <[email protected]>

* Chore: Update src/routes/v2/authenticated/review.ts

Co-authored-by: Hsu Zhong Jun <[email protected]>

* feat(rr status): add rr status enum

* chore(rr): update db model

* refactor(rrservice): updat to use enum

* chore(rrservice): fix commennt

* chore(review): update error codes

* chore(usersservice): rename hasAccess to getSiteMember

* chore(usersservice): update method name

* feat(rr): allow updating of admins (#539)

* chore(server): add init code

* chore(dto): removed trailing space on folder name

* refactor(reviewrequestservice): update to remove title/desc from update api

* chore(collaborators): update import

* chore(routes/review): updaterr api

Co-authored-by: Hsu Zhong Jun <[email protected]>

* feat: add model and migration for review_request_views table (#521)

* feat: add model and migration for review_request_views table

* chore: rename migration

* fix: add missing association with ReviewRequest model

* fix: revert adding association in ReviewRequest model

* fix: missing @column for primary and foreign key

* fix: add new database table to sequelize

* feat: add review request views API endpoint and functions (#532)

* feat: add review request views API endpoint and functions

* fix: adjust to use Promise.all to allow concurrent creations

* chore: adjust naming of variable to be more reflective of state

* Expose new API endpoint to update lastViewedAt timestamp

* fix(server): removed extra db assoc

* fix(formsgsitecreation): removed extra prop

* Fix: reviewRequestId instead of reviewId

* fix(server.js): add reviewrequestview init

* feat: add endpoint to mark a review request as viewed (#550)

* feat: add endpoint to mark a review request as viewed

* fix: use upsert for updateReviewRequestLastViewedAt

* Feat/comments (#534)

* Feat: add methods for retrieving comments from github

* Chore: add types

* Feat: add comments methods to reviewRequestService

* Feat: add comments routes

* fix: check for properly formatted comments

* Chore: remove incorrect comments

* Fix: remove error return type

* Fix: add logging if site not found

* Feat: swap use of email in github commit to userid

* Fix: response type

* Fix: rename method and add github comment type

* fix: compute the number of new comments to show (#549)

* fix: compute the number of new comments to show

* chore: adjust naming of variable and structure of code

* chore: split getting number of new comments into 2 lines

Co-authored-by: Hsu Zhong Jun <[email protected]>

* feat(rr): adds be for unapproval of rr (#540)

* feat(rr): delete rr approval

* chore(review): update numbering and logging

* chore(review): update to send rather than empty json

* fix(rrservice): update to use enum

* fix: use review request requestor email for production commit email (#552)

* fix: include full model in order by due to presence of alias (#554)

* fix(server): swap order for auth to avoid nemspace conflicts

* fix(review): allow rr creation by users of the site (#556)

* tests: add remaining tests for identity features in SitesService (#566)

* chore: define more specific constants for source of URLs

* chore: move siteUrls type to repoInfo

* tests: add remaining tests for identity features

* tests: add spy method to check if extractAuthorEmail was called

* chore(collaborators): update typings (#568)

* chore(collaborators): update typings to be accurate

* chore(collaborators): update typings

* tests: add unit tests for ReviewRequestService (#569)

* chore: remove TODO comment as it is already done

* fix: should get the count of unread comments instead

* tests: add ReviewRequestService unit tests

* chore: move tests back to identity services

* chore: remove unused variable

* chore: adjust naming of test to be clearer on the situation

* ref(fixtures): allow generating router for different user types (#574)

* ref(fixtures): allow generating router for different user types

* fix: switch to specifying the siteName directly

* feat: allow adding a default user session

* Fix/reference sitename from repo (#577)

* Fix: use name from Repo instead of Site

* Fix: tests

* Fix: run tests sequentially

* Fix: remove required from includes

* Feat/add middleware for verifying email user (#573)

* Feat: add middleware for email user

* feat: add email verification middleware to collaborators

* tests: add integration tests for review requests and comments (#576)

* fix: force tests to run sequentially

* fix: reset the state of the tables before running the tests

* feat: add fixtures used for review requests

* fix: await results from IdentityService

* tests: add partial integration tests for review requests

* chore: switch site name to use repo name instead

* chore: switch to using variable for file name

* chore: standardise the response codes for non-happy paths

* fix: add additional sanity checks for comments-related features

* tests: add remaining integration tests for review requests

* fix: add methods to generate router for default values

* chore: rename test to be more reflective of its purpose

* fix: add missing return and await when updating database

* chore: add comment on the need for Table.sync

* fix(collaborators): add required middleware (#586)

* fix(collaborators): add required middleware

* chore(review): add missing await

* tests: add unit tests for review requests routes (#582)

* feat(rr): blob diffs (#575)

* feat(review): add service methods to get raw blob from gh

* feat(review): add route to retrieve blob diff

* chore(review): add comment for head refs at present

* fix(review): update types, fix header and remove extra await

* Feat/notifications tests (#514)

* Feat: add notificationService tests

* Test: add Notification router tests

* Test: add integration test for notifications

* Fix: notification tests to work with new behaviour

* Chore: swap constants to SCREAMING_SNAKE_CASE

* Chore: fix test description

* Chore: add comments

* Chore: modify test names

* Fix: cleanup tables between tests

* Feat/generic notification creation (#523)

* Feat: move notifications router to authenticated subrouter

* Feat: modify create notification arguments

* Feat: add notification middleware to handle edit notifications

* Fix: allow next on routeHandler

* Feat: add creatnotification middleware to authenticatesSitesRouter

* Chore: add notification types

* Feat: add notification changes when reviews are modified

* Fix: swap order of subrouters

* Fix: review request router dependencies

* Fix: time period for updating notification

* Fix: updating createdAt

* Fix: tests

* Chore: swap to promise.all

* fix: rebase errors

* Fix: add jsdoc

* Feat: add link to notificationHandler

* Fix: swap to promise.all and add links

* fix(review): fixed triggering event for request approved notif

* chore(notifications.spec): added correct ports

* Fix: update message on update notification

* Fix: notification integration tests

* Feat: add generic notification handler tests (#572)

* Feat: add generic notification handler tests

* Fix: router initialisation and cleanup

* fix: update github actions to use runInBand

* Fix: update tests

* Fix: reset database tables before integration tests

* Chore: modify imports

* Nit: test comment spelling

Co-authored-by: Kishore <[email protected]>

* Nit: comments and change var names

Co-authored-by: Kishore <[email protected]>

Co-authored-by: seaerchin <[email protected]>
Co-authored-by: Kishore <[email protected]>

* Vapt: merge back to tracking (#647)

* fix(notificationonedithandler): add check for email user

* fix(review.ts): update routes access control (#589)

* fix: prevent caching of backend API resp (#616)

* fix: sanitize file content (#591)

* feat: sanitize content via markdown utils

* deps: use isomorphic-dompurify instead

removes the need to declare a virtual DOM in node

* feat: add sanitizedYaml helpers

* feat: use sanitizedYaml helpers in codebase

* test: add tests for sanitizedYaml helpers

* chore: fix silly line break issues

* test: add tests for markdown sanitization utils

* fix: add express import that was removed

by accident

* chore: specify return types in yaml helpers

* fix: make sanitizeYamlParse return type more specific

* fix: hide contactNumber (#584)

* Fix: query for site through repo (#630)

* Fix/make login response indistinguishable (#624)

* feat: add extra logging for mail failure

* fix: always return 200 when attempting to retrieve otp

* chore: update logging for sms

* Fix: use logger.error

* feat: Added virus scan functionality for file upload (VAPT finding) (#631)

* feat: Added virus scan functionality for file/image upload using Cloudmersive API

* Fixed lint and naming convention issue

* uncomment the medianameChecks lines

* Addressed PR comments: added more info/error logging and consistent message

* Addressed PR comments: added check for Cloudmersive API key, corrected variable naming convention

* Removed unused declaration of schema

* auto-formatted by prettier and fixed formatting issue

* chore: fix formatting on package-lock

---------

Co-authored-by: Alexander Lee <[email protected]>

* Feat/swap jwt to session (#619)

* Chore: install new dependencies

* Chore: add migration

* Feat: add session middleware

* feat: replace jwt with session

* feat: update middleware

* feat: update auth routes

* chore: update method names

* Fix: tests

* chore: update .env-example

* chore: rename session middleware

* fix: use lodash isempty

* fix: .env-example

* chore: add logging to login and logout endpoints

* Fix: remove log on logout

Cookie may no longer exist

* fix: tests

* chore: fix rebase errors

* Feat/otp mechanism (#636)

* feat: adding bcrypt as dependency

* feat!: adding otp table and migration

* feat: logic complete for otp service

* test: fix auth service tests

* fix: user service tests

* feat: fix tests and improve checks

* fix: package-lock version formatting

* feat: adding env vars to example

* fix: remove console log

* fix: adding env vars to .env.test

* fix: parsed env vars with check

* fix: simplify find logic

* fix: remove unnecessary null check

* fix: throw instead of return

* test: adding more tests for otp mechanism

* test: add more cases, improve existing cases

* feat: simplify methods without enums

* fix: auth service otp tests

* Feat/throttling (#641)

* build(package): install rate limiting package

* feat(auth): add new rate limiter service and use it in auth router

* test(auth.spec): add skeleton for test cases for auth

* test(auth.spec): add tests for rate limiting

* refactor(ratelimiter.spec): shift to own test file

* chore(server): add trust proxy to our rate limiter

* refactor(ratelimiter): read from env var

* chore(auth.spec): remove unused import

* test(sitesservice.spec): update where condition

* fix(mediafileservice): revert api; fixed tests

* Chore: remove temp ip endpoint

* Fix: remove set number of max hops

* Fix: remove unused import

* chore: remove comment

* chore: change 1 to true

---------

Co-authored-by: seaerchin <[email protected]>

* feat: add gitguardian hook and update readme (#642)

* chore: use trust proxy

* feat: add gitguardian hook and readme

* fix: remove pre-commit config

* fix: fix nits

* fix: add ggshield cache files to gitignore

* feat: use env for gitguardian

* chore: update readme and env example

---------

Co-authored-by: Alexander Lee <[email protected]>

* fix: wrong constant name used in test (#645)

---------

Co-authored-by: seaerchin <[email protected]>
Co-authored-by: seaerchin <[email protected]>
Co-authored-by: Preston Lim <[email protected]>
Co-authored-by: Qilu Xie <[email protected]>
Co-authored-by: Harish <[email protected]>
Co-authored-by: Harish <[email protected]>

* Fix: rebase errors

* Fix: error message for review request

* Fix: tests

* feat: use convict for env vars (#646)

* feat: add convict as dependency

* feat: config wip

* feat: add convict schema with defaults and validation

* feat: add config alias and update dependencies

* feat: replace process.env with config.get (wip)

* fix: use import over require

* feat: wip to use config

* feat: add cloudmersive key as env

* feat: wip to use config

* feat: update config properties

* feat: update imports and use config

* chore: update env.test and imports

* chore: standardise env

* chore: remove dotenv

* chore: format eslintrc

* fix: rename convict format and env enums

* chore: remove DOMAIN_WHITELIST from env

* chore: revert trust proxy change

* fix: cookie domain to be enums

* feat: update to use config

* fix: remove checks for env in logic

* fix: make gitGuardian optional env

* feat: add staging as option for node env

* chore(app): chagne to import syntax

* fix: remove string coercing for env key

* chore: remove check for undefine site create form key env

* chore: update package-lock

---------

Co-authored-by: seaerchin <[email protected]>

* fix: make default empty strings (#658)

* Fix/convict fixes (#660)

* fix: make site launch vars optional, remove redundant ones

* fix: remove duplicate express-session in package json

* Chore/change node env of local dev to expect dev (#659)

* chore: update references to node_env

* Fix: remove .toLowerCase when retrieving config

* Chore: add vapt to accepted application environments

* Refactor: use isSecure

* chore: replace IS_LOCAL_DEV with IS_DEV

* Fix: change isSecure to variable instead of func (#664)

* Fix/convict fixes (#663)

* fix: update database config to use process.env

* feat: strengthen validation for number check

* fix: add try-catch to convict validate to prevent hard failure on deployment

* fix: rename to use whole number

* fix: console log convict err

* fix: update check for whole to natural number

* fix: rename back to positive number

* fix: add radix param

* chore(package-lock): installed using old npm

---------

Co-authored-by: Alexander Lee <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Snyk bot <[email protected]>
Co-authored-by: Hsu Zhong Jun <[email protected]>
Co-authored-by: Preston Lim <[email protected]>
Co-authored-by: Kishore <[email protected]>
Co-authored-by: Qilu Xie <[email protected]>
Co-authored-by: Harish <[email protected]>
Co-authored-by: Harish <[email protected]>
  • Loading branch information
10 people authored Mar 30, 2023
1 parent c0d0a6b commit 2a3adbf
Show file tree
Hide file tree
Showing 235 changed files with 20,222 additions and 6,418 deletions.
18 changes: 16 additions & 2 deletions .env-example
Original file line number Diff line number Diff line change
@@ -1,16 +1,20 @@
export CLIENT_ID=""
export CLIENT_SECRET=""
export REDIRECT_URI="http://localhost:8081/auth"
export REDIRECT_URI="http://localhost:8081/v1/auth"
export NODE_ENV="LOCAL_DEV"
export COOKIE_DOMAIN="localhost"
export AUTH_TOKEN_EXPIRY_DURATION_IN_MILLISECONDS=3600000
export SESSION_SECRET=mysessionsecretblah
export JWT_SECRET=mysecretblah
export ENCRYPTION_SECRET=anothersecretblah
export FRONTEND_URL='http://localhost:8081'
export GITHUB_ORG_NAME="isomerpages"
export GITHUB_BUILD_ORG_NAME="opengovsg"
export GITHUB_BUILD_REPO_NAME="isomer-build"
export MUTEX_TABLE_NAME=""
export MAX_NUM_OTP_ATTEMPTS=5
export OTP_EXPIRY=900000
export MUTEX_TABLE_NAME="mutex-table"

# GitHub access token to create repo
export SYSTEM_GITHUB_TOKEN=""
Expand All @@ -36,7 +40,6 @@ export DB_ENABLE_LOGGING=""

export LOCAL_SITE_ACCESS_TOKEN=""
export OTP_SECRET="dummysecret"
export DOMAIN_WHITELIST=".gov.sg"

# Email
export POSTMAN_API_KEY=""
Expand All @@ -48,3 +51,14 @@ export POSTMAN_SMS_CRED_NAME=""
export DD_ENV="local"
export DD_SERVICE="isomer"
export DD_TAGS="service:isomer"

# Cloudmersive
export CLOUDMERSIVE_API_KEY=""

# GitGuardian
export GITGUARDIAN_API_KEY=""

# SQS Queue
export INCOMING_QUEUE_URL="incoming"
export OUTGOING_QUEUE_URL="outgoing"
export SITE_LAUNCH_QUEUE_URL="site_launch"
44 changes: 41 additions & 3 deletions .env.test
Original file line number Diff line number Diff line change
Expand Up @@ -10,20 +10,58 @@ export FRONTEND_URL="http://localhost:3000"
export GITHUB_ORG_NAME="isomerpages"
export GITHUB_BUILD_ORG_NAME="opengovsg"
export GITHUB_BUILD_REPO_NAME="isomer-build"
export MUTEX_TABLE_NAME="mutex-table"
export ISOMERPAGES_REPO_PAGE_COUNT=3
export MAX_NUM_OTP_ATTEMPTS=5
export OTP_EXPIRY=900000
export SESSION_SECRET=blahblah

# GitHub access token to create repo
export SYSTEM_GITHUB_TOKEN="github_token"

# FormSG keys
export SITE_CREATE_FORM_KEY="site_form_key"

# Required to connect to DynamoDB
export AWS_ACCESS_KEY_ID="abc123"
export AWS_SECRET_ACCESS_KEY="xyz123"

# Required to run end-to-end tests
export E2E_TEST_REPO="e2e-test-repo"
export E2E_TEST_SECRET="test"
export E2E_TEST_GH_TOKEN="test"

# Database
export DB_URI="postgres://isomer:password@localhost:54321/isomercms_test"
export DB_MIN_POOL="1"
export DB_MAX_POOL="10"
export DB_ENABLE_LOGGING=""
export DB_ENABLE_LOGGING="true"

export LOCAL_SITE_ACCESS_TOKEN=""
export LOCAL_SITE_ACCESS_TOKEN="dummy"
export OTP_SECRET="dummysecret"
export DOMAIN_WHITELIST=".gov.sg"

# Email
export POSTMAN_API_KEY="some api key"

# SMS
export POSTMAN_SMS_CRED_NAME="isomer"

# Amplify
export AWS_REGION="ap-southeast-1"
export AWS_ACCOUNT_NUMBER="random"

# DataDog
export DD_ENV="local"
export DD_SERVICE="isomer"
export DD_TAGS="service:isomer"

# Cloudmersive
export CLOUDMERSIVE_API_KEY="cloudmersive"

# GitGuardian
export GITGUARDIAN_API_KEY="gitguardian"

# SQS Queue
export INCOMING_QUEUE_URL="incoming"
export OUTGOING_QUEUE_URL="outgoing"
export SITE_LAUNCH_QUEUE_URL="site_launch"
239 changes: 125 additions & 114 deletions .eslintrc.json
Original file line number Diff line number Diff line change
@@ -1,118 +1,129 @@
{
"env": {
"browser": true,
"commonjs": true,
"es2021": true,
"jest": true,
"jest/globals": true
},
"extends": [
"airbnb-base",
"prettier",
"plugin:import/typescript"
],
"plugins": ["only-warn", "import", "jest"],
"parserOptions": {
"ecmaVersion": 12
},
"rules": {
"no-underscore-dangle": "off",
"class-methods-use-this": "off",
"import/no-unresolved": "error",
"import/extensions": ["warn", "never"],
"import/order": [
"error",
{
"alphabetize": {
"order": "asc",
"caseInsensitive": true
},
"newlines-between": "always",
"groups": ["builtin", "external", "internal", "parent", "sibling", "index", "object"],
"pathGroups": [{
"pattern": "@logger/**",
"group": "internal",
"position": "before"
},
{
"pattern": "@errors/**",
"group": "internal",
"position": "before"
},
{
"pattern": "@middleware/**",
"group": "internal",
"position": "before"
},
{
"pattern": "@classes/**",
"group": "internal",
"position": "before"
},
{
"pattern": "@routes/**",
"group": "internal",
"position": "before"
},
{
"pattern": "@utils/**",
"group": "internal",
"position": "before"
},
{
"pattern": "@validators/**",
"group": "internal",
"position": "before"
},
{
"pattern": "@constants/**",
"group": "internal",
"position": "before"
}
]
}
"env": {
"browser": true,
"commonjs": true,
"es2021": true,
"jest": true,
"jest/globals": true
},
"extends": ["airbnb-base", "prettier", "plugin:import/typescript"],
"plugins": ["only-warn", "import", "jest"],
"parserOptions": {
"ecmaVersion": 12
},
"rules": {
"no-underscore-dangle": "off",
"class-methods-use-this": "off",
"import/no-unresolved": "error",
"import/extensions": ["warn", "never"],
"import/order": [
"error",
{
"alphabetize": {
"order": "asc",
"caseInsensitive": true
},
"newlines-between": "always",
"groups": [
"builtin",
"external",
"internal",
"parent",
"sibling",
"index",
"object"
],
"jest/no-identical-title": "error"
},
"overrides": [
{
"files": ["*.ts", "*.tsx"],
"parser": "@typescript-eslint/parser",
"extends": ["plugin:@typescript-eslint/recommended"]
}
],
"settings": {
"import/parsers": {
"@typescript-eslint/parser": [".ts", ".tsx"]
},
"import/resolver": {
"typescript": {
// always try to resolve types under `<root>@types` directory even it doesn't contain any source code, like `@types/unist`
"alwaysTryTypes": true
},
"node": {
"paths": ["src"],
"extensions": [".js", ".jsx", ".ts", ".tsx"]
},
"alias": [
["@root", "."],
["@classes", "./classes"],
["@errors", "./errors"],
["@logger", "./logger"],
["@middleware", "./middleware"],
["@routes", "./routes"],
["@utils", "./utils"],
["@loaders", "./loaders"],
["@database", "./database"],
["@services", "./services"],
["@validators", "./validators"],
["@fixtures", "./fixtures"],
["@database", "./database"],
["@constants", "./constants"]
]
}
"pathGroups": [
{
"pattern": "@config/**",
"group": "internal",
"position": "before"
},
{
"pattern": "@logger/**",
"group": "internal",
"position": "before"
},
{
"pattern": "@errors/**",
"group": "internal",
"position": "before"
},
{
"pattern": "@middleware/**",
"group": "internal",
"position": "before"
},
{
"pattern": "@classes/**",
"group": "internal",
"position": "before"
},
{
"pattern": "@routes/**",
"group": "internal",
"position": "before"
},
{
"pattern": "@utils/**",
"group": "internal",
"position": "before"
},
{
"pattern": "@validators/**",
"group": "internal",
"position": "before"
},
{
"pattern": "@constants/**",
"group": "internal",
"position": "before"
}
]
}
],
"jest/no-identical-title": "error"
},
"overrides": [
{
"files": ["*.ts", "*.tsx"],
"parser": "@typescript-eslint/parser",
"extends": ["plugin:@typescript-eslint/recommended"]
}
],
"settings": {
"import/parsers": {
"@typescript-eslint/parser": [".ts", ".tsx"]
},
"globals": {
"Base64": true
"import/resolver": {
"typescript": {
// always try to resolve types under `<root>@types` directory even it doesn't contain any source code, like `@types/unist`
"alwaysTryTypes": true
},
"node": {
"paths": ["src"],
"extensions": [".js", ".jsx", ".ts", ".tsx"]
},
"alias": [
["@root", "."],
["@config", "./config"],
["@classes", "./classes"],
["@errors", "./errors"],
["@logger", "./logger"],
["@middleware", "./middleware"],
["@routes", "./routes"],
["@utils", "./utils"],
["@loaders", "./loaders"],
["@database", "./database"],
["@services", "./services"],
["@validators", "./validators"],
["@fixtures", "./fixtures"],
["@database", "./database"],
["@constants", "./constants"]
]
}
}
},
"globals": {
"Base64": true
}
}
2 changes: 1 addition & 1 deletion .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ jobs:
key: ${{ runner.OS }}-node-${{ hashFiles('**/package-lock.json') }}
- run: npm ci
- run: npm run dev:services
- run: . .env.test && npx jest
- run: . .env.test && npx jest --runInBand
- run: docker compose down

gatekeep:
Expand Down
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -10,3 +10,4 @@ build/
.DS_Store
.step-functions-local/
.serverless/
.cache_ggshield
1 change: 1 addition & 0 deletions .husky/pre-commit
Original file line number Diff line number Diff line change
Expand Up @@ -2,3 +2,4 @@
. "$(dirname "$0")/_/husky.sh"

npx lint-staged
source .env && ggshield secret scan pre-commit
Loading

0 comments on commit 2a3adbf

Please sign in to comment.