Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

#1791 - Enable Assessments tab view and NOA view for Public Institution Users - Part 5 #1984

Merged
merged 10 commits into from
Jun 5, 2023
Merged

#1791 - Enable Assessments tab view and NOA view for Public Institution Users - Part 5 #1984

merged 10 commits into from
Jun 5, 2023

Conversation

ann-aot
Copy link
Contributor

@ann-aot ann-aot commented Jun 1, 2023
edited
Loading

  • Added application check for award, noa, exception, and appeal.
  • Updated existing decorator @HasStudentDataAccess to accept applicationId as an optional parameter and it applied to requests, history, award, noa, exception, and appeals.

@ann-aot ann-aot self-assigned this Jun 1, 2023
@ann-aot ann-aot marked this pull request as ready for review June 1, 2023 19:38
@ann-aot ann-aot added Test Case tickets relating to test cases Web Portal SIMS-Api SIMS-Api E2E/Unit tests labels Jun 1, 2023
dheepak-aot
dheepak-aot reviewed Jun 2, 2023
View reviewed changes
...ackend/apps/api/src/auth/decorators/institution/institution-student-data-access.decorator.ts
applicationIdParamName?: string,
) =>
SetMetadata(INSTITUTION_HAS_STUDENT_DATA_ACCESS_KEY, [
studentIdParamName,
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yesterday post stand-up, I believe we decided to go with the approach of using institutionId in the query.
when did that change?

andrewsignori-aot
andrewsignori-aot reviewed Jun 2, 2023
View reviewed changes
.../packages/backend/apps/api/src/route-controllers/assessment/assessment.controller.service.ts Outdated
* to disbursement dynamic data.\
* @param options options,
* - `studentId` studentId student to whom the award details belong to.
* - `applicationId` applications id.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe we can add more information to the comments, for instance, that the applicationId is used for authorization purposes in this case.

* - `applicationId` application is used for authorization purposes to ensure that a user has access to the specific application data.

andrewsignori-aot
andrewsignori-aot reviewed Jun 2, 2023
View reviewed changes
Copy link
Collaborator

@andrewsignori-aot andrewsignori-aot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great work, maybe we will need a team discussion to settle the idea around the decorator. Please take a look at the comments.

dheepak-aot
dheepak-aot reviewed Jun 2, 2023
View reviewed changes
...ackages/backend/apps/api/src/services/application-exception/application-exception.service.ts Outdated
.innerJoin("application.student", "student")
.andWhere("student.id = :studentId", { studentId });
}

if (applicationId) {
exception.andWhere("application.id = :applicationId", { applicationId });
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm confused here. I was in an assumption that, with decorators in place we will not be again doing the same applicationId condition in query in the services.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

not sure, if I got your question, the decorator will check if the student has access to the student id and application. each service will check if the entity is related to the application and student here, exception is related to the application and student.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I understood the point later. Thanks for explaining.

dheepak-aot
dheepak-aot approved these changes Jun 5, 2023
View reviewed changes
Copy link
Collaborator

@dheepak-aot dheepak-aot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

Assuming that all other devs are okay with the decorator approach.

andrewsignori-aot
andrewsignori-aot reviewed Jun 5, 2023
View reviewed changes
.../packages/backend/apps/api/src/route-controllers/assessment/assessment.controller.service.ts
maskMSFAA?: boolean;
},
): Promise<AssessmentNOAAPIOutDTO> {
const assessment = await this.assessmentService.getAssessmentForNOA(
assessmentId,
options?.studentId,
{ studentId: options?.studentId, applicationId: options?.applicationId },
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just to raise a point that was a subject of a conversation with @dheepak-aot, due to the fact the applicationId was authorized by the decorator, we no longer need to include the studentId in the queries unless required for some other reason than authorization.

@sonarqubecloud
Copy link

sonarqubecloud bot commented Jun 5, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@github-actions
Copy link

github-actions bot commented Jun 5, 2023

Backend Unit Tests Coverage Report

Totals Coverage
Statements: 17.91% ( 2091 / 11672 )
Methods: 8.23% ( 123 / 1494 )
Lines: 20.69% ( 1832 / 8853 )
Branches: 10.26% ( 136 / 1325 )

@github-actions
Copy link

github-actions bot commented Jun 5, 2023

E2E Workflow Workers Coverage Report

Totals Coverage
Statements: 49.81% ( 267 / 536 )
Methods: 41.56% ( 32 / 77 )
Lines: 55.33% ( 218 / 394 )
Branches: 26.15% ( 17 / 65 )

@github-actions
Copy link

github-actions bot commented Jun 5, 2023

E2E Queue Consumers Coverage Report

Totals Coverage
Statements: 69.4% ( 390 / 562 )
Methods: 59.15% ( 42 / 71 )
Lines: 71.52% ( 344 / 481 )
Branches: 40% ( 4 / 10 )

andrewsignori-aot
andrewsignori-aot approved these changes Jun 5, 2023
View reviewed changes
Copy link
Collaborator

@andrewsignori-aot andrewsignori-aot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for doing the changes, looks good 👍

@github-actions
Copy link

github-actions bot commented Jun 5, 2023

E2E SIMS API Coverage Report

Totals Coverage
Statements: 43.53% ( 3040 / 6984 )
Methods: 37.65% ( 340 / 903 )
Lines: 48.6% ( 2533 / 5212 )
Branches: 19.22% ( 167 / 869 )

andrepestana-aot
andrepestana-aot approved these changes Jun 5, 2023
View reviewed changes
Copy link
Contributor

@andrepestana-aot andrepestana-aot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great Job!

@ann-aot ann-aot merged commit c5a37a9 into main Jun 5, 2023
@ann-aot ann-aot temporarily deployed to DEV June 5, 2023 18:47 — with GitHub Actions Inactive
@ann-aot ann-aot temporarily deployed to DEV June 5, 2023 18:47 — with GitHub Actions Inactive
@ann-aot ann-aot temporarily deployed to DEV June 5, 2023 22:05 — with GitHub Actions Inactive
@ann-aot ann-aot temporarily deployed to DEV June 5, 2023 22:05 — with GitHub Actions Inactive
@ann-aot ann-aot temporarily deployed to DEV June 5, 2023 22:05 — with GitHub Actions Inactive
@ann-aot ann-aot temporarily deployed to DEV June 5, 2023 22:05 — with GitHub Actions Inactive
@ann-aot ann-aot temporarily deployed to DEV June 5, 2023 22:05 — with GitHub Actions Inactive
@ann-aot ann-aot temporarily deployed to DEV June 5, 2023 22:05 — with GitHub Actions Inactive
@ann-aot ann-aot temporarily deployed to DEV June 5, 2023 22:15 — with GitHub Actions Inactive
@ann-aot ann-aot temporarily deployed to DEV June 5, 2023 22:17 — with GitHub Actions Inactive
@ann-aot ann-aot temporarily deployed to DEV June 5, 2023 22:17 — with GitHub Actions Inactive
@ann-aot ann-aot temporarily deployed to DEV June 5, 2023 22:17 — with GitHub Actions Inactive
@ann-aot ann-aot temporarily deployed to DEV June 5, 2023 22:17 — with GitHub Actions Inactive
@ann-aot ann-aot deleted the feature/sims-#1791-part-5 branch June 5, 2023 22:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dheepak-aot dheepak-aot dheepak-aot approved these changes

@andrewsignori-aot andrewsignori-aot andrewsignori-aot approved these changes

@andrepestana-aot andrepestana-aot andrepestana-aot approved these changes

@sh16011993 sh16011993 Awaiting requested review from sh16011993

@guru-aot guru-aot Awaiting requested review from guru-aot

@JasonCTang JasonCTang Awaiting requested review from JasonCTang

Assignees

@ann-aot ann-aot

Labels
E2E/Unit tests SIMS-Api SIMS-Api Test Case tickets relating to test cases
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ann-aot @dheepak-aot @andrewsignori-aot @andrepestana-aot