Skip to content

Commit

Permalink
Merge branch 'master' of github.com:department-of-veterans-affairs/ve…
Browse files Browse the repository at this point in the history
…ts-api into 98361-dr-engine-job-versions
  • Loading branch information
dfong-adh committed Dec 19, 2024
2 parents 896ae3b + 816cbcb commit dbc8284
Show file tree
Hide file tree
Showing 78 changed files with 3,022 additions and 808 deletions.
6 changes: 6 additions & 0 deletions .github/CODEOWNERS
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
Expand Up @@ -138,6 +138,7 @@ app/controllers/v0/search_controller.rb @department-of-veterans-affairs/va-api-e
app/controllers/v0/search_typeahead_controller.rb @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
app/controllers/v0/sign_in_controller.rb @department-of-veterans-affairs/octo-identity
app/controllers/v0/terms_of_use_agreements_controller.rb @department-of-veterans-affairs/octo-identity
app/controllers/v0/test_account_user_emails_controller.rb @department-of-veterans-affairs/octo-identity
app/controllers/v0/trackings_controller.rb @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/qa-standards @department-of-veterans-affairs/backend-review-group
app/controllers/v0/triage_teams_controller.rb @department-of-veterans-affairs/vfs-mhv-secure-messaging @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
app/controllers/v0/upload_supporting_evidences_controller.rb @department-of-veterans-affairs/Disability-Experience @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
Expand Down Expand Up @@ -850,6 +851,7 @@ lib/caseflow @department-of-veterans-affairs/lighthouse-banana-peels @department
lib/central_mail @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
lib/chip @department-of-veterans-affairs/vsa-healthcare-health-quest-1-backend @department-of-veterans-affairs/patient-check-in @department-of-veterans-affairs/backend-review-group
lib/claim_letters @department-of-veterans-affairs/benefits-management-tools-be @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
lib/claim_documents/monitor.rb @department-of-veterans-affairs/pension-and-burials @department-of-veterans-affairs/backend-review-group
lib/clamav @department-of-veterans-affairs/backend-review-group
lib/common/client/base.rb @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
lib/common/client/concerns/mhv_fhir_session_client.rb @department-of-veterans-affairs/vfs-mhv-medical-records @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
Expand Down Expand Up @@ -1233,6 +1235,7 @@ spec/factories/message_drafts.rb @department-of-veterans-affairs/vfs-mhv-secure-
spec/factories/message_threads.rb @department-of-veterans-affairs/vfs-mhv-secure-messaging @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
spec/factories/messages.rb @department-of-veterans-affairs/vfs-mhv-secure-messaging @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
spec/factories/messaging_preferences.rb @department-of-veterans-affairs/vfs-mhv-secure-messaging @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
spec/factories/mhv_user_accounts.rb @department-of-veterans-affairs/octo-identity
spec/factories/military_service_episodes.rb @department-of-veterans-affairs/vfs-authenticated-experience-backend @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
spec/factories/mpi @department-of-veterans-affairs/octo-identity
spec/factories/mvi_profile_relationships.rb @department-of-veterans-affairs/octo-identity
Expand Down Expand Up @@ -1417,6 +1420,7 @@ spec/lib/carma @department-of-veterans-affairs/vfs-10-10 @department-of-veterans
spec/lib/caseflow @department-of-veterans-affairs/lighthouse-banana-peels @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
spec/lib/central_mail @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
spec/lib/chip @department-of-veterans-affairs/vsa-healthcare-health-quest-1-backend @department-of-veterans-affairs/patient-check-in @department-of-veterans-affairs/backend-review-group
spec/lib/claim_documents/monitor_spec.rb @department-of-veterans-affairs/pension-and-burials @department-of-veterans-affairs/backend-review-group
spec/lib/claim_status_tool @department-of-veterans-affairs/benefits-management-tools-be @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
spec/lib/common/client/concerns/mhv_fhir_session_client_spec.rb @department-of-veterans-affairs/vfs-mhv-medical-records @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
spec/lib/common/client/concerns/mhv_jwt_session_client_spec.rb @department-of-veterans-affairs/vfs-mhv-medical-records @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
Expand Down Expand Up @@ -1733,6 +1737,7 @@ spec/requests/v0/caregivers_assistance_claims_spec.rb @department-of-veterans-af
spec/requests/v0/claim_documents_spec.rb @department-of-veterans-affairs/Disability-Experience @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
spec/requests/v0/debts_spec.rb @department-of-veterans-affairs/vsa-debt-resolution @department-of-veterans-affairs/backend-review-group
spec/requests/v0/disability_compensation_form_spec.rb @department-of-veterans-affairs/Disability-Experience @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
spec/requests/v0/test_account_user_emails_spec.rb @department-of-veterans-affairs/octo-identity
spec/requests/v1/higher_level_reviews @department-of-veterans-affairs/benefits-decision-reviews-be @department-of-veterans-affairs/backend-review-group
spec/requests/v1/notice_of_disagreements @department-of-veterans-affairs/benefits-decision-reviews-be @department-of-veterans-affairs/backend-review-group
spec/requests/v1/supplemental_claims @department-of-veterans-affairs/benefits-decision-reviews-be @department-of-veterans-affairs/backend-review-group
Expand Down Expand Up @@ -2124,6 +2129,7 @@ spec/support/vcr_cassettes/spec/support @department-of-veterans-affairs/octo-ide
spec/support/vcr_cassettes/staccato @department-of-veterans-affairs/vfs-10-10 @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
spec/support/vcr_cassettes/token_validation @department-of-veterans-affairs/lighthouse-banana-peels @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
spec/support/vcr_cassettes/travel_pay @department-of-veterans-affairs/travel-pay-integration @department-of-veterans-affairs/backend-review-group
spec/support/vcr_cassettes/uploads/validate_document.yml @department-of-veterans-affairs/pension-and-burials @department-of-veterans-affairs/backend-review-group
spec/spupport/vcr_cassettes/user/get_facilities_empty.yml @department-of-veterans-affairs/vfs-facilities-frontend @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
spec/support/vcr_cassettes/va_forms @department-of-veterans-affairs/platform-va-product-forms @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
spec/support/vcr_cassettes/va_notify @department-of-veterans-affairs/va-notify-write @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
Expand Down
8 changes: 3 additions & 5 deletions Gemfile.lock
Original file line number Diff line number Diff line change
Expand Up @@ -705,11 +705,9 @@ GEM
nio4r (2.7.4-java)
nkf (0.2.0)
nkf (0.2.0-java)
nokogiri (1.16.8)
nokogiri (1.17.2)
mini_portile2 (~> 2.8.2)
racc (~> 1.4)
nokogiri (1.16.8-java)
racc (~> 1.4)
nori (2.7.1)
bigdecimal
notiffany (0.1.3)
Expand Down Expand Up @@ -766,8 +764,8 @@ GEM
ruby-rc4
ttfunk
pg (1.5.9)
pg_query (5.1.0)
google-protobuf (>= 3.22.3)
pg_query (6.0.0)
google-protobuf (>= 3.25.3)
pg_search (2.3.7)
activerecord (>= 6.1)
activesupport (>= 6.1)
Expand Down
2 changes: 1 addition & 1 deletion app/controllers/concerns/exception_handling.rb
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,7 @@ def report_mapped_exception(exception, va_exception)
# Add additional user specific context to the logs
if exception.is_a?(Common::Exceptions::BackendServiceException) && current_user.present?
extra[:icn] = current_user.icn
extra[:mhv_correlation_id] = current_user.mhv_correlation_id
extra[:mhv_credential_uuid] = current_user.mhv_credential_uuid
end
va_exception_info = { va_exception_errors: va_exception.errors.map(&:to_hash) }
log_exception_to_sentry(exception, extra.merge(va_exception_info))
Expand Down
66 changes: 56 additions & 10 deletions app/controllers/v0/claim_documents_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -2,36 +2,46 @@

require 'pension_burial/tag_sentry'
require 'lgy/tag_sentry'
require 'claim_documents/monitor'
require 'lighthouse/benefits_intake/service'
require 'pdf_utilities/datestamp_pdf'

module V0
class ClaimDocumentsController < ApplicationController
service_tag 'claims-shared'
skip_before_action(:authenticate)
before_action :load_user

def create
Rails.logger.info "Creating PersistentAttachment FormID=#{form_id}"
uploads_monitor.track_document_upload_attempt(form_id, current_user)

attachment = klass.new(form_id:)
@attachment = klass&.new(form_id:)
# add the file after so that we have a form_id and guid for the uploader to use
attachment.file = unlock_file(params['file'], params['password'])
@attachment.file = unlock_file(params['file'], params['password'])

raise Common::Exceptions::ValidationErrors, attachment unless attachment.valid?
if %w[21P-527EZ 21P-530 21P-530V2].include?(form_id) &&
Flipper.enabled?(:document_upload_validation_enabled) && !stamped_pdf_valid?

attachment.save
raise Common::Exceptions::ValidationErrors, @attachment
end

raise Common::Exceptions::ValidationErrors, @attachment unless @attachment.valid?

Rails.logger.info "Success creating PersistentAttachment FormID=#{form_id} AttachmentID=#{attachment.id}"
@attachment.save

render json: PersistentAttachmentSerializer.new(attachment)
uploads_monitor.track_document_upload_success(form_id, @attachment.id, current_user)

render json: PersistentAttachmentSerializer.new(@attachment)
rescue => e
Rails.logger.error "Error creating PersistentAttachment FormID=#{form_id} AttachmentID=#{attachment.id} #{e}"
uploads_monitor.track_document_upload_failed(form_id, @attachment&.id, current_user, e)
raise e
end

private

def klass
case form_id
when '21P-527EZ', '21P-530EZ'
when '21P-527EZ', '21P-530EZ', '21P-530V2'
PensionBurial::TagSentry.tag_sentry
PersistentAttachments::PensionBurial
when '21-686C', '686C-674'
Expand All @@ -47,7 +57,7 @@ def form_id
end

def unlock_file(file, file_password)
return file unless File.extname(file) == '.pdf' && file_password
return file unless File.extname(file) == '.pdf' && file_password.present?

pdftk = PdfForms.new(Settings.binaries.pdftk)
tmpf = Tempfile.new(['decrypted_form_attachment', '.pdf'])
Expand All @@ -69,5 +79,41 @@ def unlock_file(file, file_password)
file.tempfile = tmpf
file
end

# rubocop:disable Metrics/MethodLength
def stamped_pdf_valid?
extension = File.extname(@attachment&.file&.id)
allowed_types = PersistentAttachment::ALLOWED_DOCUMENT_TYPES

if allowed_types.exclude?(extension)
raise Common::Exceptions::UnprocessableEntity.new(
detail: I18n.t('errors.messages.extension_allowlist_error', extension:, allowed_types:),
source: 'PersistentAttachment.stamped_pdf_valid?'
)
elsif @attachment&.file&.size&.< PersistentAttachment::MINIMUM_FILE_SIZE
raise Common::Exceptions::UnprocessableEntity.new(
detail: 'File size must not be less than 1.0 KB',
source: 'PersistentAttachment.stamped_pdf_valid?'
)
end

document = PDFUtilities::DatestampPdf.new(@attachment.to_pdf).run(text: 'VA.GOV', x: 5, y: 5)
intake_service.valid_document?(document:)
rescue BenefitsIntake::Service::InvalidDocumentError => e
@attachment.errors.add(:attachment, e.message)
false
rescue PdfForms::PdftkError
@attachment.errors.add(:attachment, 'File is corrupt and cannot be uploaded')
false
end
# rubocop:enable Metrics/MethodLength

def intake_service
@intake_service ||= BenefitsIntake::Service.new
end

def uploads_monitor
@uploads_monitor ||= ClaimDocuments::Monitor.new
end
end
end
26 changes: 26 additions & 0 deletions app/controllers/v0/test_account_user_emails_controller.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
# frozen_string_literal: true

module V0
class TestAccountUserEmailsController < ApplicationController
service_tag 'identity'
skip_before_action :authenticate

NAMESPACE = 'test_account_user_email'
TTL = 2_592_000

def create
email_redis_key = SecureRandom.uuid
Rails.cache.write(email_redis_key, create_params, namespace: NAMESPACE, expires_in: TTL)

Rails.logger.info("[V0][TestAccountUserEmailsController] create, key:#{email_redis_key}")

render json: { test_account_user_email_uuid: email_redis_key }, status: :created
rescue
render json: { errors: 'invalid params' }, status: :bad_request
end

def create_params
params.require(:email)
end
end
end
11 changes: 4 additions & 7 deletions app/controllers/v1/sessions_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -374,7 +374,7 @@ def handle_callback_error(exc, status, response, level = :error, context = {},
else
exc.message
end
conditional_log_message_to_sentry(message, level, context, code)
conditional_log_message_to_sentry(message, level, context)
Rails.logger.info("SessionsController version:v1 saml_callback failure, user_uuid=#{@current_user&.uuid}")

unless performed?
Expand All @@ -393,14 +393,11 @@ def handle_callback_error(exc, status, response, level = :error, context = {},
end
# rubocop:enable Metrics/ParameterLists

def conditional_log_message_to_sentry(message, level, context, code)
# If our error is that we have multiple mhv ids, this is a case where we won't log in the user,
# but we give them a path to resolve this. So we don't want to throw an error, and we don't want
# to pollute Sentry with this condition, but we will still log in case we want metrics in
# Cloudwatch or any other log aggregator. Additionally, if the user has an invalid message timestamp
def conditional_log_message_to_sentry(message, level, context)
# If the user has an invalid message timestamp
# error, this means they have waited too long in the log in page to progress, so it's not really an
# appropriate Sentry error
if code == SAML::UserAttributeError::MULTIPLE_MHV_IDS_CODE || invalid_message_timestamp_error?(message)
if invalid_message_timestamp_error?(message)
Rails.logger.warn("SessionsController version:v1 context:#{context} message:#{message}")
else
log_message_to_sentry(message, level, extra_context: context)
Expand Down
1 change: 1 addition & 0 deletions app/models/mhv_user_account.rb
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ class MHVUserAccount
attribute :patient, :boolean
attribute :sm_account_created, :boolean
attribute :message, :string
alias_attribute :id, :user_profile_id

validates :user_profile_id, presence: true
validates :premium, :champ_va, :patient, :sm_account_created, inclusion: { in: [true, false] }
Expand Down
3 changes: 3 additions & 0 deletions app/models/persistent_attachment.rb
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,9 @@
class PersistentAttachment < ApplicationRecord
include SetGuid

ALLOWED_DOCUMENT_TYPES = %w[.pdf .jpg .jpeg .png].freeze
MINIMUM_FILE_SIZE = 1.kilobyte.freeze

has_kms_key
has_encrypted :file_data, key: :kms_key, **lockbox_options
belongs_to :saved_claim, inverse_of: :persistent_attachments, optional: true
Expand Down
11 changes: 7 additions & 4 deletions app/models/user.rb
Original file line number Diff line number Diff line change
Expand Up @@ -98,6 +98,7 @@ def pciu_alternate_phone
delegate :idme_uuid, to: :identity, allow_nil: true
delegate :loa3?, to: :identity, allow_nil: true
delegate :logingov_uuid, to: :identity, allow_nil: true
delegate :mhv_credential_uuid, to: :identity, allow_nil: true
delegate :mhv_icn, to: :identity, allow_nil: true
delegate :multifactor, to: :identity, allow_nil: true
delegate :sign_in, to: :identity, allow_nil: true, prefix: true
Expand Down Expand Up @@ -152,14 +153,16 @@ def mhv_account_type
end

def mhv_correlation_id
identity.mhv_correlation_id || mpi_mhv_correlation_id
return mhv_user_account.id if mhv_user_account.present?

mpi_mhv_correlation_id if active_mhv_ids&.one?
end

def mhv_user_account
@mhv_user_account ||= MHV::UserAccount::Creator.new(user_verification:).perform
rescue MHV::UserAccount::Errors::UserAccountError => e
rescue => e
log_mhv_user_account_error(e.message)
raise
nil
end

def middle_name
Expand Down Expand Up @@ -488,7 +491,7 @@ def mpi
def get_user_verification
case identity_sign_in&.dig(:service_name)
when SAML::User::MHV_ORIGINAL_CSID
return UserVerification.find_by(mhv_uuid: mhv_correlation_id) if mhv_correlation_id
return UserVerification.find_by(mhv_uuid: mhv_credential_uuid) if mhv_credential_uuid
when SAML::User::DSLOGON_CSID
return UserVerification.find_by(dslogon_uuid: identity.edipi) if identity.edipi
when SAML::User::LOGINGOV_CSID
Expand Down
2 changes: 1 addition & 1 deletion app/models/user_identity.rb
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ class UserIdentity < Common::RedisStore
attribute :verified_at # Login.gov IAL2 verification timestamp
attribute :sec_id
attribute :mhv_icn # only needed by B/E not serialized in user_serializer
attribute :mhv_correlation_id # this is the cannonical version of MHV Correlation ID, provided by MHV sign-in users
attribute :mhv_credential_uuid
attribute :mhv_account_type # this is only available for MHV sign-in users
attribute :edipi # this is only available for dslogon users
attribute :sign_in, Hash # original sign_in (see sso_service#mergable_identity_attributes)
Expand Down
2 changes: 1 addition & 1 deletion app/services/login/after_login_actions.rb
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ def id_mismatch_validations
check_id_mismatch(current_user.identity.icn, current_user.mpi_icn, 'User Identity & MPI ICN values conflict')
check_id_mismatch(current_user.identity.edipi, current_user.edipi_mpi,
'User Identity & MPI EDIPI values conflict')
check_id_mismatch(current_user.identity.mhv_correlation_id, current_user.mpi_mhv_correlation_id,
check_id_mismatch(current_user.identity.mhv_credential_uuid, current_user.mpi_mhv_correlation_id,
'User Identity & MPI MHV Correlation ID values conflict')
end

Expand Down
2 changes: 1 addition & 1 deletion app/services/login/user_verifier.rb
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ class UserVerifier
def initialize(user)
@login_type = user.sign_in&.dig(:service_name)
@auth_broker = user.sign_in&.dig(:auth_broker)
@mhv_uuid = user.mhv_correlation_id
@mhv_uuid = user.mhv_credential_uuid
@idme_uuid = user.idme_uuid
@dslogon_uuid = user.edipi
@logingov_uuid = user.logingov_uuid
Expand Down
Loading

0 comments on commit dbc8284

Please sign in to comment.