#3981 - Model SDPR API

devops/openshift/api-deploy.yml

@@ -303,6 +303,38 @@ objects:
       to:
         kind: Service
         name: ${NAME}
+  - apiVersion: route.openshift.io/v1
+    kind: Route
+    metadata:
+      name: ${EXTERNAL_SWAGGER_NAME}-route
+      annotations:
+        haproxy.router.openshift.io/balance: leastconn
+        haproxy.router.openshift.io/disable_cookies: "true"
+        haproxy.router.openshift.io/hsts_header: max-age=31536000;includeSubDomains;preload
+        haproxy.router.openshift.io/timeout: 30s
+    spec:
+      host: ${HOST_NAME}
+      path: ${EXTERNAL_SWAGGER_PATH}
+      port:
+        targetPort: http
+      tls:
+        insecureEdgeTerminationPolicy: Redirect
+        termination: edge
+        certificate: |
+          -----BEGIN CERTIFICATE-----
+          ${TLS_CERTIFICATE}
+          -----END CERTIFICATE-----
+        key: |
+          -----BEGIN PRIVATE KEY-----
+          ${TLS_KEY}
+          -----END PRIVATE KEY-----
+        caCertificate: |
+          -----BEGIN CERTIFICATE-----
+          ${TLS_CA_CERTIFICATE}
+          -----END CERTIFICATE-----
+      to:
+        kind: Service
+        name: ${NAME}
   - apiVersion: autoscaling/v2
     kind: HorizontalPodAutoscaler
     metadata:
@@ -345,6 +377,12 @@ parameters:
   - name: SWAGGER_PATH
     value: /swagger
     required: true
+  - name: EXTERNAL_SWAGGER_NAME
+    value: external-swagger
+    required: true
+  - name: EXTERNAL_SWAGGER_PATH
+    value: /external/swagger
+    required: true
   - name: PROJECT
     value: sims
   - name: SERVICE_NAME

sources/packages/backend/apps/api/src/app.external.module.ts

@@ -0,0 +1,11 @@
+import { Module } from "@nestjs/common";
+import { StudentExternalController } from "./route-controllers";
+import { AuthModule } from "./auth/auth.module";
+import { StudentService } from "@sims/integrations/services";
+
+@Module({
+  imports: [AuthModule],
+  controllers: [StudentExternalController],
+  providers: [StudentService],
+})
+export class AppExternalModule {}

sources/packages/backend/apps/api/src/app.module.ts

@@ -30,6 +30,7 @@ import { ConfigModule } from "@sims/utilities/config";
 import { DatabaseModule } from "@sims/sims-db";
 import { NotificationsModule } from "@sims/services/notifications";
 import { QueueModule } from "@sims/services/queue";
+import { AppExternalModule } from "./app.external.module";
 
 @Module({
   imports: [
@@ -43,6 +44,7 @@ import { QueueModule } from "@sims/services/queue";
     AppAESTModule,
     AppInstitutionsModule,
     AppStudentsModule,
+    AppExternalModule,
     AppSupportingUsersModule,
     QueueModule,
     ClamAntivirusModule,
@@ -63,6 +65,10 @@ import { QueueModule } from "@sims/services/queue";
         path: ClientTypeBaseRoute.SupportingUser,
         module: AppSupportingUsersModule,
       },
+      {
+        path: ClientTypeBaseRoute.External,
+        module: AppExternalModule,
+      },
     ]),
   ],
   controllers: [

sources/packages/backend/apps/api/src/auth/authorized-parties.enum.ts

@@ -7,4 +7,5 @@ export enum AuthorizedParties {
   student = "student",
   aest = "aest",
   supportingUsers = "supporting-users",
+  external = "external",
 }

sources/packages/backend/apps/api/src/auth/guards/authorized-parties.guard.ts

@@ -66,6 +66,9 @@ export class AuthorizedPartiesGuard implements CanActivate {
     authorizedParty: AuthorizedParties,
     identityProvider: IdentityProviders,
   ): boolean {
+    if (authorizedParty === AuthorizedParties.external) {
+      return true;
+    }
     switch (authorizedParty) {
       case AuthorizedParties.student:
         if (

sources/packages/backend/apps/api/src/main.ts

@@ -12,6 +12,7 @@ import { Request, Response } from "express";
 import { KeycloakConfig } from "@sims/auth/config";
 import helmet from "helmet";
 import { SystemUsersService } from "@sims/services";
+import { AppExternalModule } from "./app.external.module";
 
 async function bootstrap() {
   await KeycloakConfig.load();
@@ -87,6 +88,12 @@ async function bootstrap() {
       .build();
     const document = SwaggerModule.createDocument(app, options);
     SwaggerModule.setup("swagger", app, document);
+
+    // External swagger
+    const externalDocument = SwaggerModule.createDocument(app, options, {
+      include: [AppExternalModule], // Includes only AppExternalModule.
+    });
+    SwaggerModule.setup("external/swagger", app, externalDocument);
   }
 
   // Starting application

sources/packages/backend/apps/api/src/route-controllers/index.ts

@@ -82,3 +82,4 @@ export * from "./program-year/program-year.controller.service";
 export * from "./cas-supplier/cas-supplier.aest.controller";
 export * from "./application-restriction-bypass/application-restriction-bypass.aest.controller";
 export * from "./audit/audit.controller";
+export * from "./student/student.external.controller";

sources/packages/backend/apps/api/src/route-controllers/student/models/student.dto.ts

@@ -300,3 +300,23 @@ export class UpdateStudentDetailsAPIInDTO {
   @MaxLength(NOTE_DESCRIPTION_MAX_LENGTH)
   noteDescription: string;
 }
+
+/**
+ * Student details.
+ */
+export class StudentDetailsAPIOutDTO {
+  firstName: string;
+  lastName: string;
+  sin: string;
+  dateOfBirth: string;
+  address: AddressAPIOutDTO;
+  applicationNumbers: string[];
+}
+
+/**
+ * Student external search parameters.
+ */
+export class ExternalSearchStudentAPIInDTO {
+  @IsValidSIN()
+  sin: string;
+}

sources/packages/backend/apps/api/src/route-controllers/student/student.external.controller.ts

@@ -0,0 +1,67 @@
+import {
+  Body,
+  Controller,
+  HttpCode,
+  HttpStatus,
+  NotFoundException,
+  Post,
+} from "@nestjs/common";
+import { ApiNotFoundResponse, ApiTags } from "@nestjs/swagger";
+import { ClientTypeBaseRoute } from "../../types";
+import { AuthorizedParties } from "../../auth/authorized-parties.enum";
+import {
+  AllowAuthorizedParty,
+  RequiresUserAccount,
+} from "../../auth/decorators";
+import BaseController from "../BaseController";
+import { StudentService } from "@sims/integrations/services";
+import {
+  ExternalSearchStudentAPIInDTO,
+  StudentDetailsAPIOutDTO,
+} from "./models/student.dto";
+
+/**
+ * Student controller for external client.
+ */
+@RequiresUserAccount(false)
+@AllowAuthorizedParty(AuthorizedParties.external)
+@Controller("student")
+@ApiTags(`${ClientTypeBaseRoute.External}-student`)
+export class StudentExternalController extends BaseController {
+  constructor(private readonly studentService: StudentService) {
+    super();
+  }
+
+  /**
+   * Searches for student details.
+   * This request method is POST to avoid passing sensitive data in the URL.
+   * @param payload payload with SIN to retrieve the student details.
+   * @returns student details.
+   */
+  @Post()
+  @ApiNotFoundResponse({ description: "Student not found." })
+  @HttpCode(HttpStatus.OK)
+  async searchStudentDetails(
+    @Body() payload: ExternalSearchStudentAPIInDTO,
+  ): Promise<StudentDetailsAPIOutDTO> {
+    const student = await this.studentService.getStudentBySIN(payload.sin);
+    if (!student) {
+      throw new NotFoundException("Student not found.");
+    }
+    return {
+      firstName: student.user.firstName,
+      lastName: student.user.lastName,
+      sin: student.sinValidation.sin,
+      dateOfBirth: student.birthDate,
+      address: {
+        addressLine1: student.contactInfo.address.addressLine1,
+        addressLine2: student.contactInfo.address.addressLine2,
+        city: student.contactInfo.address.city,
+        provinceState: student.contactInfo.address.provinceState,
+        country: student.contactInfo.address.country,
+        postalCode: student.contactInfo.address.postalCode,
+      },
+      applicationNumbers: student.applications.map((a) => a.applicationNumber),
+    };
+  }
+}

sources/packages/backend/apps/api/src/types/clientTypeBaseRoute.ts

@@ -3,4 +3,5 @@ export enum ClientTypeBaseRoute {
   Institution = "institutions",
   AEST = "aest",
   SupportingUser = "supporting-users",
+  External = "external",
 }

sources/packages/backend/libs/integrations/src/services/student/student.service.ts

@@ -51,6 +51,30 @@ export class StudentService {
     });
   }
 
+  /**
+   * Gets student by SIN.
+   * @param sin student's SIN.
+   * @returns student.
+   */
+  async getStudentBySIN(sin: string): Promise<Student> {
+    return this.studentRepo.findOne({
+      select: {
+        id: true,
+        sinValidation: { id: true, sin: true },
+        user: { id: true, firstName: true, lastName: true, email: true },
+        birthDate: true,
+        contactInfo: true as unknown,
+        applications: { applicationNumber: true },
+      },
+      relations: {
+        sinValidation: true,
+        user: true,
+        applications: true,
+      },
+      where: { sinValidation: { sin } },
+    });
+  }
+
   /**
    * Gets all the students that have the SIN validation pending.
    * @returns Students pending SIN validation.

sources/packages/backend/libs/sims-db/src/entities/student.model.ts

@@ -18,6 +18,7 @@ import {
   StudentRestriction,
   CASSupplier,
   DisbursementOveraward,
+  Application,
 } from ".";
 import { SINValidation } from "./sin-validation.model";
 
@@ -140,4 +141,13 @@ export class Student extends RecordDataModel {
     cascade: false,
   })
   overawards?: DisbursementOveraward[];
+
+  /**
+   * Student applications.
+   */
+  @OneToMany(() => Application, (application) => application.student, {
+    eager: false,
+    cascade: false,
+  })
+  applications?: Application[];
 }