APPEALS-46324: CE API User Management #1745
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Add Pre File Fetch Sensitivity Check - Verify user and veteran sensitivity levels are compatible. - Add specs and supporting services needed to perform sensitivity level checks. * Implement Banner for Unauthorized Vet Access * Restore Old Error Message Logic
* Gate VBMS Methods with Sensitivity Checks Validate user access to veteran before allowing fetch of veteran data. * Remove Unneeded allow Directives in Spec
* Remove Unneeded Sensitivity Checks Checks are already handled by the sensitive_record method. * Fix Non-Forbidden Banner Styling
…le (#1667) * Pass Sensitivity Check Feature Toggle to UI * Restore Manifest Sensitivity Logic
* Fix User Missing for BGS Sensitivity Check - Update the manifests_controller's refresh method to use the find_or_create_by_user method to find a manifest. This will ensure that the user is set correctly for BGS calls. - Move SensitivityLevelCheckFailure logic to the base_controller. * Fix Misc. Issues - Move rescue_from for BGS errors into the API V1 controller so its existing standard error rescue doesn't catch this exception. - Improve manifests_controller request spec with sensitivity check logic.
- Use new method to check user/veteran sensitivity compatibility in the V2 ApplicationController. - This will prevent the old "use BGS error to verify access" logic from running. Co-authored-by: cacevesva <[email protected]>
* Send Veteran Number in Restart Request * Update Link rel Param
- Remove recently-added frontend logic for setting veteran ID in refresh request as it is unreliable in the way it sets the veteran ID. - Update manifests_controller to set the veteran ID using the manifest as this is much more reliable.
- Gem now returns the JSON body of a HTTP response, so our response parsing code needed to be updated to handle the new format. - Update the VBMS service to alert us of any API responses that can't be parsed so we can troubleshoot them.
- Since the SaveFilesInS3 job is spawned by another job, it does not have access to RequestStore[:current_user] which is needed for verifying veteran/user sensitivity compatibility. - This PR also fixes several Rubocop violations in various files.
* Adjusted UI_EXPIRY_HOURS based on deploy environment * Adjust API HOURS
- Sort output by sensitivity level. - Display total result count for each level.
* Removed send_user feature flag, combined with use_ce_api * Updated vbms service spec * Updated manifest spec for uat expiration hours * send user feature toggle combined with use_ce_api * Combined with ce_api feature toggle * Update failing rspecs * Remove feature flag from method, wrapped method with all ce api calls * wrap ce_api related sensitivity changes * Fix failing specs, reverted to prior code outside of feature flag * update manifest expiry hours to not change in test + non prod * remove pry, reverted to previous test case * If user is blank, return * update front end error handling * Linting * Revert changes
* Change type_description to mapping * Updated rspecs to handle edge case
* pass user info to ceapi * Update specs * update branch name * fix rspec * update claim_evidence_request method * change ref to branch * revert x86 --------- Co-authored-by: youfoundmanesh <[email protected]>
* Add CE API Error Handler Class * Update VBMSService and SensitivityChecker Classes with Error Handling * Update VBMSService with CE API Error Handling * Fix Bad Method Signature * Fix More Spec Failures
- Restore code we know is good. - Wrap in begin/rescue blocks and handle errors there. - Add feature toggle to ApplicationController response so frontend will display banners correctly.
* update feature toggle for user specific * update specs
youfoundmanesh
force-pushed
the
current-user-mgmt
branch
from
1a1794c to
253c22c
Compare
SanthiParakal133
approved these changes
Dec 2, 2024
youfoundmanesh
added a commit
that referenced
this pull request
Dec 4, 2024
* APPEALS-46324: CE API User Management (#1745) * Add Pre File Fetch Sensitivity Check (#1652) * Add Pre File Fetch Sensitivity Check - Verify user and veteran sensitivity levels are compatible. - Add specs and supporting services needed to perform sensitivity level checks. * Implement Banner for Unauthorized Vet Access * Restore Old Error Message Logic * Add Specs to Cover Additional Sensitivity Cases (#1662) * Gate VBMS Methods with Sensitivity Checks (#1665) * Gate VBMS Methods with Sensitivity Checks Validate user access to veteran before allowing fetch of veteran data. * Remove Unneeded allow Directives in Spec * Remove Unneeded Sensitivity Checks (#1666) * Remove Unneeded Sensitivity Checks Checks are already handled by the sensitive_record method. * Fix Non-Forbidden Banner Styling * Restore Pre-Fetch Sensitivity Check Logic & Add Frontend Feature Toggle (#1667) * Pass Sensitivity Check Feature Toggle to UI * Restore Manifest Sensitivity Logic * Updated ruby_claim_evidence_api gem * Fix Missing Manifest User Causing Sensitivity Check Failures (#1675) * Fix User Missing for BGS Sensitivity Check - Update the manifests_controller's refresh method to use the find_or_create_by_user method to find a manifest. This will ensure that the user is set correctly for BGS calls. - Move SensitivityLevelCheckFailure logic to the base_controller. * Fix Misc. Issues - Move rescue_from for BGS errors into the API V1 controller so its existing standard error rescue doesn't catch this exception. - Improve manifests_controller request spec with sensitivity check logic. * Use New Sensitivity Check Method (#1676) - Use new method to check user/veteran sensitivity compatibility in the V2 ApplicationController. - This will prevent the old "use BGS error to verify access" logic from running. Co-authored-by: cacevesva <[email protected]> * Update Specs to Address Failures (#1677) * Send Veteran Number in Restart Request (#1679) * Send Veteran Number in Restart Request * Update Link rel Param * Update CE API Gem (#1680) * Update Logic for Setting Veteran ID in Request (#1681) - Remove recently-added frontend logic for setting veteran ID in refresh request as it is unreliable in the way it sets the veteran ID. - Update manifests_controller to set the veteran ID using the manifest as this is much more reliable. * Update JSON Parsing Logic to Handle CE API Gem Changes (#1686) - Gem now returns the JSON body of a HTTP response, so our response parsing code needed to be updated to handle the new format. - Update the VBMS service to alert us of any API responses that can't be parsed so we can troubleshoot them. * Updated ruby_claim_evidence_api * Add current_user to SaveFilesInS3 Job (#1688) - Since the SaveFilesInS3 job is spawned by another job, it does not have access to RequestStore[:current_user] which is needed for verifying veteran/user sensitivity compatibility. - This PR also fixes several Rubocop violations in various files. * add check for empty result (#1687) * Add Script for Finding Valid UAT Testing Users (#1690) * Kev ma/appeals 58216 time adjust (#1692) * Adjusted UI_EXPIRY_HOURS based on deploy environment * Adjust API HOURS * Fix Incorrect Keyword in Script (#1693) * Handle All Possible Errors in Script (#1694) * Improve Script Output (#1695) - Sort output by sensitivity level. - Display total result count for each level. * Updated ruby_claim_evidence_api gem with ref * Update feature toogle to send_current_user_cred * Update feature toogle to send_current_user_cred_to_ce_api * Kev ma/appeals 59461 (#1701) * Removed send_user feature flag, combined with use_ce_api * Updated vbms service spec * Updated manifest spec for uat expiration hours * send user feature toggle combined with use_ce_api * Combined with ce_api feature toggle * Update failing rspecs * Remove feature flag from method, wrapped method with all ce api calls * wrap ce_api related sensitivity changes * Fix failing specs, reverted to prior code outside of feature flag * update manifest expiry hours to not change in test + non prod * remove pry, reverted to previous test case * If user is blank, return * update front end error handling * Linting * Revert changes * typo fix (#1702) * Kev ma/appeals 58827 v2 (#1703) * Change type_description to mapping * Updated rspecs to handle edge case * Updated ruby_claim_evidence_api gem * Updated ruby_claim_evidence_api * Deepak/appeals 59642 v1 (#1714) * pass user info to ceapi * Update specs * update branch name * fix rspec * update claim_evidence_request method * change ref to branch * revert x86 --------- Co-authored-by: youfoundmanesh <[email protected]> * Improve Claim Evidence API Error Logging (#1723) * Add CE API Error Handler Class * Update VBMSService and SensitivityChecker Classes with Error Handling * Update VBMSService with CE API Error Handling * Fix Bad Method Signature * Fix More Spec Failures * Fix Logging Logic Errors (#1731) - Restore code we know is good. - Wrap in begin/rescue blocks and handle errors there. - Add feature toggle to ApplicationController response so frontend will display banners correctly. * Update ruby_claim_evidence_api gem * Compatible with Zeitwrek autoloader * Deepak/appeals 65021 (#1744) * update feature toggle for user specific * update specs * Fixed the code climate issues --------- Co-authored-by: Alex Smith <[email protected]> Co-authored-by: cacevesva <[email protected]> Co-authored-by: SanthiParakal133 <[email protected]> Co-authored-by: Kevma50287 <[email protected]> Co-authored-by: Alex Smith <[email protected]> * Fix for fetch_sensitivity_level (#1747) --------- Co-authored-by: Alex Smith <[email protected]> Co-authored-by: cacevesva <[email protected]> Co-authored-by: SanthiParakal133 <[email protected]> Co-authored-by: Kevma50287 <[email protected]> Co-authored-by: Alex Smith <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Resolves #{APPEALS-46324} / department-of-veterans-affairs/caseflow#{caseflow issue number} / CASEFLOW-{JIRA number}
Description
Please explain the changes you made here.
Acceptance Criteria
Testing Plan
User Facing Changes
Code Documentation Updates
Database Changes
Only for Schema Changes
migrate:rollbackworks as desired (changesupported functions)make docs(after runningmake migrate)Integrations: Adding endpoints for external APIs