Merge branch 'staging' into OCD-4516

chpladmin · Jan 2, 2025 · b3b4f6a · b3b4f6a
2 parents 632bcd2 + 4cfaa29
commit b3b4f6a
Show file tree

Hide file tree

Showing 24 changed files with 336 additions and 24 deletions.
diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md
@@ -1,5 +1,22 @@
 # Release Notes
 
+## Version 47.6.0
+_18 December 2024_
+
+### Features
+* Add endpoint to return data for Service Base URL List report
+* Allow existing user to be granted access to additional Organizations
+* Return generic msg if invitation token is bad
+* Create /developers/<id>/insights endpoint to fetch insights data
+
+### Bug Fixes
+* Add all required standards to listing as of cert day + current day
+* Give appropriate error if addt'l software group name too long
+* Give pending change request report user correct cognito group
+* Send API Key deletion warning if key was created and never used
+
+---
+
 ## Version 47.5.0
 _9 December 2024_
 

diff --git a/chpl/chpl-api/src/main/java/gov/healthit/chpl/web/controller/UserManagementController.java b/chpl/chpl-api/src/main/java/gov/healthit/chpl/web/controller/UserManagementController.java
@@ -185,6 +185,8 @@ public CognitoUserInvitation inviteUser(@RequestBody CognitoUserInvitation invit
             case CognitoGroups.CHPL_CMS_STAFF:
                 createdInvitiation = cognitoInvitationManager.inviteCmsUser(invitation);
                 break;
+            default:
+                LOGGER.error("Invitation group name not handled: " + invitation.getGroupName());
         }
         return createdInvitiation;
     }
@@ -200,21 +202,40 @@ public CognitoUserInvitation inviteUser(@RequestBody CognitoUserInvitation invit
             })
     @RequestMapping(value = "", method = RequestMethod.POST, consumes = MediaType.APPLICATION_JSON_VALUE,
             produces = "application/json; charset=utf-8")
-    public void addUser(@RequestBody CreateUserFromInvitationRequest userInfo) throws ValidationException, EmailNotSentException,
-        UserRetrievalException, UserCreationException, ActivityException {
+    public void addUser(@RequestBody CreateUserFromInvitationRequest userInfo) throws InvalidArgumentsException,
+        ValidationException, EmailNotSentException, UserRetrievalException, UserCreationException, ActivityException {
         if (!ff4j.check(FeatureList.SSO)) {
             throw new NotImplementedException("This method has not been implemented");
         }
+        UUID token = null;
 
         try {
-            CognitoUserInvitation invitation = cognitoInvitationManager.getByToken(UUID.fromString(userInfo.getHash()));
+            token = UUID.fromString(userInfo.getHash());
+        } catch (IllegalArgumentException ex) {
+            LOGGER.error("Attempting to create a user from a invalid invitation token: " + userInfo.getHash(), ex);
+            throw new InvalidArgumentsException(msgUtil.getMessage("user.invitation.invalid",
+                    authorizationLengthInDays + "",
+                    authorizationLengthInDays == 1 ? "" : "s"));
+        }
+
+        try {
+            CognitoUserInvitation invitation = cognitoInvitationManager.getByToken(token);
             if (invitation != null) {
                 cognitoUserManager.createUser(userInfo);
+            } else {
+                throw new InvalidArgumentsException(msgUtil.getMessage("user.invitation.invalid",
+                        authorizationLengthInDays + "",
+                        authorizationLengthInDays == 1 ? "" : "s"));
             }
         } catch (ValidationException ex) {
             throw ex;
         } catch (Exception ex) {
             LOGGER.error("Error creating user from invitation.", ex);
+            throw new InvalidArgumentsException(msgUtil.getMessage("user.invitation.invalid",
+                    authorizationLengthInDays + "",
+                    authorizationLengthInDays == 1 ? "" : "s"));
+        } finally {
+            SecurityContextHolder.getContext().setAuthentication(null);
         }
     }
 
@@ -275,7 +296,7 @@ public User updateUserDetails(@RequestBody User userInfo, @PathVariable("cognito
 
         UserInvitation invitation = invitationManager.getByInvitationHash(userInfo.getHash());
         if (invitation == null || invitation.isOlderThan(invitationLengthInDays)) {
-            throw new ValidationException(msgUtil.getMessage("user.invitation.expired",
+            throw new ValidationException(msgUtil.getMessage("user.invitation.invalid",
                     invitationLengthInDays + "",
                     invitationLengthInDays == 1 ? "" : "s"));
         }
@@ -378,7 +399,7 @@ public String authorizeUser(@RequestBody AuthorizeCredentials credentials)
 
         UserInvitation invitation = invitationManager.getByInvitationHash(credentials.getHash());
         if (invitation == null || invitation.isOlderThan(authorizationLengthInDays)) {
-            throw new InvalidArgumentsException(msgUtil.getMessage("user.invitation.expired",
+            throw new InvalidArgumentsException(msgUtil.getMessage("user.invitation.invalid",
                     authorizationLengthInDays + "",
                     authorizationLengthInDays == 1 ? "" : "s"));
         }

diff --git a/chpl/chpl-api/src/main/resources/log4j2-xinclude-file-appenders-console.xml b/chpl/chpl-api/src/main/resources/log4j2-xinclude-file-appenders-console.xml
@@ -482,4 +482,11 @@
             <KeyValuePair key="dd.span_id" value="%X{dd.span_id}" />
         </JsonLayout>
     </Console>
+    <Console name="fixDatadogUrlUptimeAssertionsJobJson" target="SYSTEM_OUT">
+        <JsonLayout compact="true" eventEol="true" properties="true" stacktraceAsString="true">
+            <KeyValuePair key="service" value="fixDatadogUrlUptimeAssertionsJob" />
+            <KeyValuePair key="dd.trace_id" value="%X{dd.trace_id}" />
+            <KeyValuePair key="dd.span_id" value="%X{dd.span_id}" />
+        </JsonLayout>
+    </Console>
 </Appenders>
diff --git a/chpl/chpl-api/src/main/resources/log4j2-xinclude-file-appenders.xml b/chpl/chpl-api/src/main/resources/log4j2-xinclude-file-appenders.xml
@@ -820,4 +820,16 @@
                 interval="1" modulate="true" />
         </Policies>
     </RollingFile>
+    <RollingFile name="fixDatadogUrlUptimeAssertionsJob"
+        fileName="${logDir}/scheduler/fixDatadogUrlUptimeAssertionsJob.log"
+        filePattern="${logDir}/scheduler/history/fixDatadogUrlUptimeAssertionsJob-%d{yyyy-MM-dd}.log"
+        filePermissions="rw-rw-r--">
+        <PatternLayout>
+            <Pattern>%d{ISO8601} %-5p (%t) [%C{1}(%M:%L)] %m%n</Pattern>
+        </PatternLayout>
+        <Policies>
+            <TimeBasedTriggeringPolicy
+                interval="1" modulate="true" />
+        </Policies>
+    </RollingFile>
 </Appenders>
diff --git a/chpl/chpl-api/src/main/resources/log4j2-xinclude-loggers-local.xml b/chpl/chpl-api/src/main/resources/log4j2-xinclude-loggers-local.xml
@@ -208,4 +208,7 @@
     <Logger name="attestationReportCreatorJobLogger" level="INFO" additivity="false">
         <AppenderRef ref="attestationReportCreatorJob" />
     </Logger>
+    <Logger name="fixDatadogUrlUptimeAssertionsJobLogger" level="INFO" additivity="false">
+        <AppenderRef ref="fixDatadogUrlUptimeAssertionsJob" />
+    </Logger>
 </Loggers>
diff --git a/chpl/chpl-api/src/main/resources/log4j2-xinclude-loggers.xml b/chpl/chpl-api/src/main/resources/log4j2-xinclude-loggers.xml
@@ -266,4 +266,8 @@
         <AppenderRef ref="attestationReportCreatorJob" />
         <AppenderRef ref="attestationReportCreatorJobJson" />
     </Logger>
+    <Logger name="fixDatadogUrlUptimeAssertionsJobLogger" level="INFO" additivity="false">
+        <AppenderRef ref="fixDatadogUrlUptimeAssertionsJob" />
+        <AppenderRef ref="FixDatadogUrlUptimeAssertionsJobJson" />
+    </Logger>
 </Loggers>
diff --git a/chpl/chpl-resources/src/main/resources/environment.properties b/chpl/chpl-resources/src/main/resources/environment.properties
@@ -17,7 +17,7 @@ chplUrlBegin=https://chpl.healthit.gov
 developerUrlPart=/#/organizations/developers/%s
 jndiName=java:comp/env/jdbc/openchpl
 persistenceUnitName=openchpl
-api.version=47.5.0
+api.version=47.6.0
 api.description=Created by CHPL Development Team. Please submit any questions using the Health IT \
     Feedback Form and select the "Certified Health IT Products List (CHPL)" category. <br/>\
     See more at <a href="%s" target="_blank">%s</a>

diff --git a/chpl/chpl-resources/src/main/resources/errors.properties b/chpl/chpl-resources/src/main/resources/errors.properties
@@ -590,6 +590,7 @@ listing.participantAssistiveTechnology.maxlength=You have exceeded the max lengt
 listing.taskRatingScale.maxlength=You have exceeded the max length, %s characters, for a Task Rating Scale. You will need to correct this error before you can confirm. Current value: "%s"
 listing.privacyAndSecurityFramework.maxlength=You have exceeded the max length, %s characters, for a Privacy and Security Framework. You will need to correct this error before you can confirm. Current value: "%s"
 listing.specialFunctionalityTested.maxlength=You have exceeded the max length, %s characters, for a Functionality Tested. You will need to correct this error before you can confirm. Current value: "%s"
+listing.additionalSoftwareGroup.maxlength=You have exceeded the max length, %s characters, for a Relied Upon Software group name. Current value: "%s"
 listing.apiDocumentationLink.maxlength=You have exceeded the max length, %s characters, for an API Documentation Link. You will need to correct this error before you can confirm. Current value: "%s"
 listing.exportDocumentationLink.maxlength=You have exceeded the max length, %s characters, for an Export Documentation Link. You will need to correct this error before you can confirm. Current value: "%s"
 listing.documentationUrlLink.maxlength=You have exceeded the max length, %s characters, for a Documentation URL Link. You will need to correct this error before you can confirm. Current value: "%s"
@@ -851,7 +852,7 @@ search.questionableActivity.activityDate.invalid=Could not parse '%s' as an acti
 search.questionableActivity.invalidTrigger=The trigger ID %s is not valid.
 
 #invitation errors
-user.invitation.expired=The provided invitation key is not valid. The key is valid for up to %s day%s from when it is assigned.
+user.invitation.invalid=The provided invitation key is not valid. The key is valid for up to %s day%s from when it is assigned.
 user.confirmation.expired=The provided confirmation key is not valid. The key is valid for up to %s day%s from when it is assigned.
 user.invitation.emailRequired=Email is required to create invitation
 user.invitation.emailNotValid='%s' is not a valid email address
@@ -912,6 +913,7 @@ maxLength.participantAssistiveTechnology=250
 maxLength.taskRatingScale=50
 maxLength.privacyAndSecurityFramework=100
 maxLength.specialFunctionalityTested=200
+maxLength.additionalSoftwareGroup=10
 maxLength.apiDocumentationLink=1024
 maxLength.exportDocumentationLink=1024
 maxLength.documentationUrlLink=1024

diff --git a/chpl/chpl-resources/src/main/resources/jobs.xml b/chpl/chpl-resources/src/main/resources/jobs.xml
@@ -930,5 +930,14 @@
             <durability>true</durability>
             <recover>false</recover>
         </job>
+
+        <job>
+            <name>fixDatadogUrlUptimeAssertionsJob</name>
+            <group>systemJobs</group>
+            <description>Fix Datadog Url Uptime Assertions Job (BEWARE - THIS JOB CAN ONLY BE RUN ONCE IN EACH DATADOG ENVITRONMENT!)</description>
+            <job-class>gov.healthit.chpl.scheduler.job.urluptime.FixDatadogUrlUptimeAssertionsJob</job-class>
+            <durability>true</durability>
+            <recover>false</recover>
+        </job>
     </schedule>
 </job-scheduling-data>
diff --git a/chpl/chpl-service/pom.xml b/chpl/chpl-service/pom.xml
@@ -379,7 +379,7 @@
         <dependency>
             <groupId>org.apache.tomcat</groupId>
             <artifactId>tomcat-catalina</artifactId>
-            <version>10.1.30</version>
+            <version>10.1.34</version>
             <scope>provided</scope>
         </dependency>
 

diff --git a/chpl/chpl-service/src/main/java/gov/healthit/chpl/domain/activity/ActivityConcept.java b/chpl/chpl-service/src/main/java/gov/healthit/chpl/domain/activity/ActivityConcept.java
@@ -13,6 +13,7 @@ public enum ActivityConcept implements Serializable {
     CORRECTIVE_ACTION_PLAN,
     DEVELOPER,
     FUNCTIONALITY_TESTED,
+    INVITATION,
     LISTING_UPLOAD,
     PENDING_CERTIFIED_PRODUCT,
     PENDING_SURVEILLANCE,

diff --git a/...ce/src/main/java/gov/healthit/chpl/permissions/domains/ListingUploadDomainPerissions.java b/...ce/src/main/java/gov/healthit/chpl/permissions/domains/ListingUploadDomainPerissions.java
@@ -11,11 +11,13 @@
 import gov.healthit.chpl.permissions.domains.listingUpload.GetByIdActionPermissions;
 import gov.healthit.chpl.permissions.domains.listingUpload.GetListingUploadAsListingPermissions;
 import gov.healthit.chpl.permissions.domains.listingUpload.GetUploadedCsvActionPermissions;
+import gov.healthit.chpl.permissions.domains.listingUpload.ParseActionPermissions;
 import gov.healthit.chpl.permissions.domains.listingUpload.ValidateByIdsActionPermissions;
 
 @Component
 public class ListingUploadDomainPerissions extends DomainPermissions {
     public static final String CREATE = "CREATE";
+    public static final String PARSE = "PARSE";
     public static final String GET_ALL = "GET_ALL";
     public static final String GET_BY_ID = "GET_BY_ID";
     public static final String GET_UPLOAD_AS_LISTING = "GET_UPLOAD_AS_LISTING";
@@ -27,6 +29,7 @@ public class ListingUploadDomainPerissions extends DomainPermissions {
     @Autowired
     public ListingUploadDomainPerissions(
             @Qualifier("createListingUploadActionPermissions") CreateActionPermissions createActionPermissions,
+            @Qualifier("parseListingUploadActionPermissions") ParseActionPermissions parseActionPermissions,
             @Qualifier("getAllListingUploadsActionPermissions") GetAllActionPermissions getAllActionPermissions,
             @Qualifier("getListingUploadByIdActionPermissions") GetByIdActionPermissions getByIdActionPermissions,
             @Qualifier("getListingUploadAsListingActionPermissions") GetListingUploadAsListingPermissions getListingUploadAsListingPermissions,
@@ -35,6 +38,7 @@ public ListingUploadDomainPerissions(
             @Qualifier("deleteListingUploadActionPermissions") DeleteActionPermissions deleteActionPermissions,
             @Qualifier("getUploadedCsvActionPermissions") GetUploadedCsvActionPermissions getUploadedCsvActionPermissions) {
         getActionPermissions().put(CREATE, createActionPermissions);
+        getActionPermissions().put(PARSE, parseActionPermissions);
         getActionPermissions().put(GET_ALL, getAllActionPermissions);
         getActionPermissions().put(GET_BY_ID, getByIdActionPermissions);
         getActionPermissions().put(GET_UPLOAD_AS_LISTING, getListingUploadAsListingPermissions);

diff --git a/...healthit/chpl/permissions/domains/listingUpload/GetListingUploadAsListingPermissions.java b/...healthit/chpl/permissions/domains/listingUpload/GetListingUploadAsListingPermissions.java
@@ -23,7 +23,8 @@ public boolean hasAccess(Object obj) {
     }
 
     private boolean hasAccess(ListingUpload uploadedMetadata) {
-        if (getResourcePermissions().isUserRoleAdmin()) {
+        if (getResourcePermissions().isUserRoleAdmin()
+                || getResourcePermissions().isUserRoleOnc()) {
             return true;
         } else if (getResourcePermissions().isUserRoleAcbAdmin()) {
             return isAcbValidForCurrentUser(uploadedMetadata.getAcb().getId());

diff --git a/...main/java/gov/healthit/chpl/permissions/domains/listingUpload/ParseActionPermissions.java b/...main/java/gov/healthit/chpl/permissions/domains/listingUpload/ParseActionPermissions.java
@@ -0,0 +1,46 @@
+package gov.healthit.chpl.permissions.domains.listingUpload;
+
+import java.util.List;
+
+import org.springframework.stereotype.Component;
+
+import gov.healthit.chpl.domain.ListingUpload;
+import gov.healthit.chpl.permissions.domains.ActionPermissions;
+
+@Component("parseListingUploadActionPermissions")
+public class ParseActionPermissions extends ActionPermissions {
+
+    @Override
+    public boolean hasAccess() {
+        return getResourcePermissions().isUserRoleAdmin()
+                || getResourcePermissions().isUserRoleOnc()
+                || getResourcePermissions().isUserRoleAcbAdmin();
+    }
+
+    @Override
+    public boolean hasAccess(Object obj) {
+        if (obj instanceof ListingUpload) {
+            return hasAccess((ListingUpload) obj);
+        } else if (obj instanceof List<?>) {
+            boolean hasAccessToAll = true;
+            for (Object listItem : (List<?>) obj) {
+                if (listItem instanceof ListingUpload) {
+                    hasAccessToAll = hasAccessToAll && hasAccess((ListingUpload) listItem);
+                } else {
+                    hasAccessToAll = false;
+                }
+            }
+            return hasAccessToAll;
+        }
+        return false;
+    }
+
+    private boolean hasAccess(ListingUpload uploadedMetadata) {
+        if (getResourcePermissions().isUserRoleAdmin()) {
+            return true;
+        } else if (getResourcePermissions().isUserRoleAcbAdmin() && uploadedMetadata.getAcb() != null) {
+            return isAcbValidForCurrentUser(uploadedMetadata.getAcb().getId());
+        }
+        return false;
+    }
+}
diff --git a/...src/main/java/gov/healthit/chpl/scheduler/job/urluptime/DatadogSyntheticsTestService.java b/...src/main/java/gov/healthit/chpl/scheduler/job/urluptime/DatadogSyntheticsTestService.java
@@ -60,6 +60,10 @@ public DatadogSyntheticsTestService(DatadogSyntheticsTestApiProvider apiProvider
         this.datadogTestLocation = datadogTestLocation;
     }
 
+    protected DatadogSyntheticsTestApiProvider getApiProvider() {
+        return apiProvider;
+    }
+
     public List<SyntheticsTestDetails> getAllSyntheticsTests() {
         try {
             return apiProvider.getApiInstance().listTests().getTests();