gchq · JR40159 · Sep 18, 2023 · Sep 5, 2023 · Sep 7, 2023 · Sep 7, 2023
diff --git a/backend/config/docker_compose.cjs b/backend/config/docker_compose.cjs
@@ -9,6 +9,9 @@ module.exports = {
   },
 
   app: {
+    protocol: 'http',
+    host: 'localhost',
+    port: 8080,
     // Typically generated from `npm run certs`
     privateKey: '/certs/key.pem',
     publicKey: '/certs/cert.pem',

diff --git a/backend/package-lock.json b/backend/package-lock.json
diff --git a/backend/src/connectors/v2/authorisation/index.ts b/backend/src/connectors/v2/authorisation/index.ts
@@ -28,6 +28,9 @@ export abstract class BaseAuthorisationConnector {
     action: ReleaseActionKeys,
   ): Promise<boolean>
   abstract getEntities(user: UserDoc): Promise<Array<string>>
+  abstract getUserInformation(userEntity: string): Promise<{ email: string }>
+  abstract getUserInformationList(userEntity: string): Promise<Promise<{ email: string }>[]>
+  abstract getEntityMembers(groupEntity: string): Promise<Array<string>>
 }
 
 let authConnector: undefined | BaseAuthorisationConnector = undefined

diff --git a/backend/src/connectors/v2/authorisation/silly.ts b/backend/src/connectors/v2/authorisation/silly.ts
@@ -1,9 +1,14 @@
 import { ModelDoc } from '../../../models/v2/Model.js'
 import { ReleaseDoc } from '../../../models/v2/Release.js'
 import { UserDoc } from '../../../models/v2/User.js'
-import { toEntity } from '../../../utils/v2/entity.js'
+import { fromEntity, toEntity } from '../../../utils/v2/entity.js'
 import { BaseAuthorisationConnector, ModelActionKeys } from './index.js'
 
+const SillyEntityKind = {
+  User: 'user',
+  Group: 'group',
+} as const
+
 export class SillyAuthorisationConnector implements BaseAuthorisationConnector {
   constructor() {
     // do nothing
@@ -20,6 +25,31 @@ export class SillyAuthorisationConnector implements BaseAuthorisationConnector {
   }
 
   async getEntities(user: UserDoc) {
-    return [toEntity('user', user.dn)]
+    return [toEntity(SillyEntityKind.User, user.dn)]
+  }
+
+  async getUserInformation(entity: string): Promise<{ email: string }> {
+    const entityObject = fromEntity(entity)
+    if (entityObject.kind !== SillyEntityKind.User) {
+      throw new Error(`Cannot get user information for a non-user entity: ${entity}`)
+    }
+    return {
+      email: `${entityObject.value}@example.com`,
+    }
+  }
+
+  async getUserInformationList(entity): Promise<Promise<{ email: string }>[]> {
+    const entities = await this.getEntityMembers(entity)
+    return entities.map((member) => this.getUserInformation(member))
+  }
+
+  async getEntityMembers(entity: string): Promise<string[]> {
+    if (fromEntity(entity).kind === SillyEntityKind.User) {
+      return [entity]
+    } else if (fromEntity(entity).kind === SillyEntityKind.Group) {
+      return [toEntity(SillyEntityKind.User, 'user1'), toEntity(SillyEntityKind.User, 'user2')]
+    } else {
+      throw new Error(`Unable to get Entity Members. Entity not kind recognised: ${entity}`)
+    }
   }
 }
diff --git a/backend/src/index.ts b/backend/src/index.ts
@@ -8,7 +8,6 @@ import processDeployments from './processors/processDeployments.js'
 import processUploads from './processors/processUploads.js'
 import { server } from './routes.js'
 import { addDefaultSchemas } from './services/schema.js'
-import { addDefaultApprovals } from './services/v2/approval.js'
 import { addDefaultSchemas as addDefaultSchemasv2 } from './services/v2/schema.js'
 import config from './utils/config.js'
 import { connectToMongoose, runMigrations } from './utils/database.js'
@@ -39,7 +38,6 @@ createSchemaIndexes()
 addDefaultSchemas()
 if (config.experimental.v2) {
   addDefaultSchemasv2()
-  addDefaultApprovals()
 }
 
 await Promise.all([processUploads(), processDeployments()])

diff --git a/backend/src/models/v2/Approval.ts b/backend/src/models/v2/Approval.ts
diff --git a/backend/src/models/v2/Review.ts b/backend/src/models/v2/Review.ts
@@ -0,0 +1,74 @@
+import { Document, model, Schema } from 'mongoose'
+import MongooseDelete from 'mongoose-delete'
+
+import { ReviewKind, ReviewKindKeys } from '../../types/v2/enums.js'
+
+export const Decision = {
+  RequestChanges: 'request_changes',
+  Approve: 'approve',
+} as const
+export type DecisionKeys = (typeof Decision)[keyof typeof Decision]
+
+interface ReviewResponse {
+  user: string
+  decision: DecisionKeys
+  comment: string
+}
+
+// This interface stores information about the properties on the base object.
+// It should be used for plain object representations, e.g. for sending to the
+// client.
+export interface ReviewInterface {
+  semver?: string
+  modelId?: string
+  kind: ReviewKindKeys
+
+  role: string
+
+  responses: Array<ReviewResponse>
+
+  createdAt: Date
+  updatedAt: Date
+}
+
+// The doc type includes all values in the plain interface, as well as all the
+// properties and functions that Mongoose provides.  If a function takes in an
+// object from Mongoose it should use this interface
+export type ReviewDoc = ReviewInterface & Document<any, any, ReviewInterface>
+
+const ReviewSchema = new Schema<ReviewInterface>(
+  {
+    semver: {
+      type: String,
+      required: function (this: ReviewInterface): boolean {
+        return this.kind === ReviewKind.Release
+      },
+    },
+    modelId: { type: String, required: true },
+    kind: { type: String, enum: Object.values(ReviewKind), required: true },
+
+    role: { type: String, required: true },
+
+    responses: [
+      {
+        user: { type: String, required: true },
+        decision: { type: String, enum: Object.values(Decision), required: true },
+        comment: { type: String, required: false },
+      },
+    ],
+  },
+  {
+    timestamps: true,
+    collection: 'v2_reviews',
+  },
+)
+
+ReviewSchema.plugin(MongooseDelete, {
+  overrideMethods: 'all',
+  deletedBy: true,
+  deletedByType: String,
+})
+
+const ReviewModel = model<ReviewInterface>('v2_Review', ReviewSchema)
+
+export default ReviewModel
diff --git a/backend/src/routes.ts b/backend/src/routes.ts
@@ -48,8 +48,6 @@ import {
   putUpdateLastViewed,
   putVersion,
 } from './routes/v1/version.js'
-import { getApprovals as getApprovalsV2 } from './routes/v2/approval/getApprovals.js'
-import { getApprovalsCount as getApprovalsCountV2 } from './routes/v2/approval/getApprovalsCount.js'
 import { getComplianceApprovals } from './routes/v2/model/compliance/getComplianceCheckApprovals.js'
 import { deleteFile } from './routes/v2/model/file/deleteFile.js'
 import { getFiles } from './routes/v2/model/file/getFiles.js'
@@ -69,6 +67,8 @@ import { deleteRelease } from './routes/v2/release/deleteRelease.js'
 import { getRelease } from './routes/v2/release/getRelease.js'
 import { getReleases } from './routes/v2/release/getReleases.js'
 import { postRelease } from './routes/v2/release/postRelease.js'
+import { getReviewsCount } from './routes/v2/review/getReviewCount.js'
+import { getReviews } from './routes/v2/review/getReviews.js'
 import { getSchema as getSchemaV2 } from './routes/v2/schema/getSchema.js'
 import { getSchemas as getSchemasV2 } from './routes/v2/schema/getSchemas.js'
 import { postSchema as postSchemaV2 } from './routes/v2/schema/postSchema.js'
@@ -222,8 +222,8 @@ if (config.experimental.v2) {
   server.get('/api/v2/schema/:schemaId', ...getSchemaV2)
   server.post('/api/v2/schemas', ...postSchemaV2)
 
-  server.get('/api/v2/approvals', ...getApprovalsV2)
-  server.get('/api/v2/approvals/count', ...getApprovalsCountV2)
+  server.get('/api/v2/reviews', ...getReviews)
+  server.get('/api/v2/reviews/count', ...getReviewsCount)
 
   server.get('/api/v2/model/:modelId/roles', ...getModelRoles)
   server.get('/api/v2/model/:modelId/roles/mine', ...getModelCurrentUserRoles)
@@ -238,9 +238,6 @@ if (config.experimental.v2) {
   server.get('/api/v2/team/:teamId', ...getTeam)
   server.patch('/api/v2/team/:teamId', ...patchTeam)
 
-  server.get('/api/v2/approvals', ...getApprovalsV2)
-  server.get('/api/v2/approvals/count', ...getApprovalsCountV2)
-
   // server.post('/api/v2/teams/:teamId/members', ...postTeamMember)
   // server.get('/api/v2/teams/:teamId/members', ...getTeamMembers)
   // server.delete('/api/v2/teams/:teamId/members/:memberId', ...deleteTeamMember)

diff --git a/backend/src/routes/v2/approval/getApprovals.ts b/backend/src/routes/v2/approval/getApprovals.ts
diff --git a/backend/src/routes/v2/approval/getApprovalsCount.ts b/backend/src/routes/v2/approval/getApprovalsCount.ts
diff --git a/backend/src/routes/v2/model/compliance/getComplianceCheckApprovals.ts b/backend/src/routes/v2/model/compliance/getComplianceCheckApprovals.ts
@@ -2,7 +2,8 @@ import bodyParser from 'body-parser'
 import { Request, Response } from 'express'
 import { z } from 'zod'
 
-import { ApprovalInterface } from '../../../../models/v2/Approval.js'
+import { testReleaseReview, testReleaseReviewWithResponses } from '../../../../../test/testUtils/testModels.js'
+import { ReviewInterface } from '../../../../models/v2/Review.js'
 import { parse } from '../../../../utils/validate.js'
 
 export const getComplianceApprovalsSchema = z.object({
@@ -14,7 +15,7 @@ export const getComplianceApprovalsSchema = z.object({
 })
 
 interface GetComplianceApprovalsResponse {
-  approvals: Array<ApprovalInterface>
+  approvals: Array<ReviewInterface>
 }
 
 export const getComplianceApprovals = [
@@ -23,26 +24,7 @@ export const getComplianceApprovals = [
     const _ = parse(req, getComplianceApprovalsSchema)
 
     return res.json({
-      approvals: [
-        {
-          model: 'yolo',
-          release: '3.0.2',
-          role: 'owner',
-          kind: 'access',
-          active: true,
-          createdAt: new Date('08/13/2023'),
-          updatedAt: new Date('08/14/2023'),
-        },
-        {
-          model: 'yolo',
-          release: '3.0.1',
-          role: 'owner',
-          kind: 'access',
-          active: true,
-          createdAt: new Date('08/12/2023'),
-          updatedAt: new Date('08/12/2023'),
-        },
-      ],
+      approvals: [testReleaseReviewWithResponses, testReleaseReview],
     })
   },
 ]
diff --git a/backend/src/routes/v2/review/getReviewCount.ts b/backend/src/routes/v2/review/getReviewCount.ts
@@ -0,0 +1,18 @@
+import bodyParser from 'body-parser'
+import { Request, Response } from 'express'
+
+import { countReviews } from '../../../services/v2/review.js'
+
+interface GetReviewsCountResponse {
+  count: number
+}
+
+export const getReviewsCount = [
+  bodyParser.json(),
+  async (req: Request, res: Response<GetReviewsCountResponse>) => {
+    const count = await countReviews(req.user)
+    return res.json({
+      count,
+    })
+  },
+]
diff --git a/backend/src/routes/v2/review/getReviews.ts b/backend/src/routes/v2/review/getReviews.ts
@@ -0,0 +1,30 @@
+import bodyParser from 'body-parser'
+import { Request, Response } from 'express'
+import { z } from 'zod'
+
+import { ReviewInterface } from '../../../models/v2/Review.js'
+import { findReviewsByActive } from '../../../services/v2/review.js'
+import { parse, strictCoerceBoolean } from '../../../utils/v2/validate.js'
+
+export const getReviewSchema = z.object({
+  query: z.object({
+    active: strictCoerceBoolean(z.boolean()),
+  }),
+})
+
+interface GetReviewResponse {
+  reviews: Array<ReviewInterface>
+}
+
+export const getReviews = [
+  bodyParser.json(),
+  async (req: Request, res: Response<GetReviewResponse>) => {
+    const {
+      query: { active },
+    } = parse(req, getReviewSchema)
+    const reviews = await findReviewsByActive(req.user, active)
+    return res.json({
+      reviews,
+    })
+  },
+]