Merge branch 'main' into greenfield-infra

api/api.js

@@ -19,7 +19,6 @@ import endpointCoverage from './middleware/endpointCoverage.js';
 import errorHandler from './middleware/errorHandler.js';
 import { setup as mongoSetup, getConnectionStatus } from './db/mongodb.js';
 import knex from './db/knex.js';
-import { waitForInitialization as ldWaitForInitialization } from './middleware/launchDarkly.js'; // initialize LaunchDarkly
 import me from './routes/me/index.js';
 
 const logger = loggerFactory('main');
@@ -36,15 +35,6 @@ const logger = loggerFactory('main');
   }
 })();
 
-(async () => {
-  try {
-    await ldWaitForInitialization();
-    logger.info('LaunchDarkly connected');
-  } catch (err) {
-    logger.error(`Error setting up LaunchDarkly: ${err}`);
-  }
-})();
-
 // deepcode ignore UseCsurfForExpress: we need a larger ticket to implement csurf
 const api = express();
 

api/auth/oktaAuth.js

@@ -44,7 +44,7 @@ const oktaVerifier = new OktaJwtVerifier({
  */
 export const actualVerifyJWT = (token, { verifier = oktaVerifier } = {}) => {
   return verifier
-    .verifyAccessToken(token, OKTA_AUDIENCE)
+    .verifyAccessToken(token, OKTA_AUDIENCE || 'MacPRO-eAPD')
     .then(({ claims }) => {
       // the token is valid (per definition of 'valid' above)
       return claims;

api/db/users.js

@@ -1,8 +1,7 @@
 import { isPast } from 'date-fns';
 import { oktaClient } from '../auth/oktaAuth.js';
 import knex from './knex.js';
-import { AFFILIATION_STATUSES } from '@cms-eapd/common';
-import { isSysAdmin } from '../util/auth.js';
+import { AFFILIATION_STATUSES, isSysAdmin } from '@cms-eapd/common';
 
 import {
   getUserAffiliatedStates as actualGetUserAffiliatedStates,
@@ -88,7 +87,7 @@ export const populateUserRole = async (
     let state = {};
     let states = {};
     const username = user.login || user.username;
-    const userIsSysAdmin = await isSysAdmin(username);
+    const userIsSysAdmin = isSysAdmin(username);
 
     states = (await getUserAffiliatedStates(user.id)) || {};
 

api/package.json

@@ -42,12 +42,12 @@
     "node": "16.19.1"
   },
   "dependencies": {
-    "@aws-sdk/client-s3": "3.259.0",
+    "@aws-sdk/client-s3": "3.317.0",
     "@cms-eapd/common": "0.0.1",
     "@okta/jwt-verifier": "2.6.0",
     "@okta/okta-sdk-nodejs": "6.6.0",
     "axios": "0.27.2",
-    "body-parser": "1.20.1",
+    "body-parser": "1.20.2",
     "chalk": "4.1.2",
     "compression": "1.7.4",
     "cors": "2.8.5",
@@ -63,16 +63,15 @@
     "jsonpatch-to-mongodb": "1.0.0",
     "jsonpointer": "5.0.1",
     "jsonwebtoken": "9.0.0",
-    "knex": "2.4.0",
-    "launchdarkly-node-server-sdk": "6.4.3",
+    "knex": "2.4.2",
     "mongoose": "5.13.15",
     "mongoose-lean-virtuals": "^0.9.1",
     "morgan": "1.10.0",
     "newrelic": "8.16.0",
-    "pg": "8.9.0",
-    "sanitize-html": "2.8.1",
+    "pg": "8.10.0",
+    "sanitize-html": "2.10.0",
     "sharp": "0.31.3",
-    "swagger-ui-express": "4.6.0",
+    "swagger-ui-express": "4.6.2",
     "uuid": "8.3.2",
     "winston": "3.8.2",
     "zxcvbn": "4.4.2"
@@ -83,16 +82,16 @@
     "babel-plugin-istanbul": "6.1.1",
     "c8": "7.13.0",
     "colors": "1.4.0",
-    "core-js": "3.29.0",
+    "core-js": "3.30.1",
     "cross-env": "7.0.3",
-    "eslint": "8.33.0",
+    "eslint": "8.38.0",
     "eslint-config-airbnb-base": "15.0.0",
-    "eslint-config-prettier": "8.6.0",
+    "eslint-config-prettier": "8.8.0",
     "eslint-plugin-import": "2.27.5",
     "istanbul": "0.4.5",
     "jest-environment-jsdom": "^29.5.0",
     "leaked-handles": "5.2.0",
-    "nodemon": "2.0.20",
+    "nodemon": "2.0.22",
     "nyc": "15.1.0",
     "sinon": "14.0.0",
     "supertest": "6.3.3",

api/routes/affiliations/get.js

@@ -1,9 +1,8 @@
 import loggerFactory from '../../logger/index.js';
 import { getAffiliationsByUserId as _getAffiliationsByUserId } from '../../db/index.js';
 import { loggedIn } from '../../middleware/index.js';
-import { isSysAdmin } from '../../util/auth.js';
 import { getAllStates as _getAllStates } from '../../db/states.js';
-import { AFFILIATION_STATUSES } from '@cms-eapd/common';
+import { AFFILIATION_STATUSES, isSysAdmin } from '@cms-eapd/common';
 
 const { APPROVED } = AFFILIATION_STATUSES;
 
@@ -22,7 +21,7 @@ export default (
       message: `handling GET /me endpoint}`
     });
     try {
-      if (await isSysAdmin(request.user.username)) {
+      if (isSysAdmin(request.user.username)) {
         const allStates = await getAllStates();
         const resp = allStates.map(state => ({
           displayName: request.user.displayName,

api/seeds/shared/set-up-users.js

@@ -3,6 +3,7 @@ import { format } from 'date-fns';
 import loggerFactory from '../../logger/index.js';
 
 const logger = loggerFactory('user seeder');
+const SEEDED_STATE = 'na';
 
 const { REQUESTED, APPROVED, DENIED, REVOKED } = AFFILIATION_STATUSES;
 
@@ -43,7 +44,7 @@ const createUsersToAdd = async (knex, oktaClient) => {
   const requestedRole = (await oktaClient.getUser('requestedrole')) || {};
   const deniedRole = (await oktaClient.getUser('deniedrole')) || {};
   const revokedRole = (await oktaClient.getUser('revokedrole')) || {};
-  const betaUser = (await oktaClient.getUser('betauser')) || {};
+  // const betaUser = (await oktaClient.getUser('betauser')) || {};
   const mfaUser = (await oktaClient.getUser('mfa@email.com')) || {};
   const resetmfa = (await oktaClient.getUser('resetmfa')) || {};
 
@@ -73,7 +74,7 @@ const createUsersToAdd = async (knex, oktaClient) => {
   if (regularUser) {
     oktaAffiliations.push({
       user_id: regularUser.id,
-      state_id: 'na',
+      state_id: SEEDED_STATE,
       role_id: stateAdminRoleId,
       status: APPROVED,
       username: regularUser.profile.login,
@@ -88,7 +89,7 @@ const createUsersToAdd = async (knex, oktaClient) => {
   if (mfaUser) {
     oktaAffiliations.push({
       user_id: mfaUser.id,
-      state_id: 'na',
+      state_id: SEEDED_STATE,
       role_id: stateStaffRoleId,
       status: APPROVED,
       username: mfaUser.profile.login
@@ -110,7 +111,7 @@ const createUsersToAdd = async (knex, oktaClient) => {
   if (stateAdmin) {
     oktaAffiliations.push({
       user_id: stateAdmin.id,
-      state_id: 'na',
+      state_id: SEEDED_STATE,
       role_id: stateAdminRoleId,
       status: APPROVED,
       username: stateAdmin.profile.login,
@@ -125,7 +126,7 @@ const createUsersToAdd = async (knex, oktaClient) => {
   if (expiredAdmin) {
     oktaAffiliations.push({
       user_id: expiredAdmin.id,
-      state_id: 'na',
+      state_id: SEEDED_STATE,
       role_id: stateAdminRoleId,
       status: APPROVED,
       username: expiredAdmin.profile.login,
@@ -141,7 +142,7 @@ const createUsersToAdd = async (knex, oktaClient) => {
     oktaAffiliations.push({
       id: 1001, // manually set id for testing
       user_id: pendingAdmin.id,
-      state_id: 'na',
+      state_id: SEEDED_STATE,
       role_id: stateStaffRoleId,
       status: APPROVED,
       username: pendingAdmin.profile.login
@@ -159,7 +160,7 @@ const createUsersToAdd = async (knex, oktaClient) => {
       id: 1002, // manually set id for testing
       ffy: currentFfy,
       name: `${pendingAdmin.profile.firstName} ${pendingAdmin.profile.lastName}`,
-      state: 'na',
+      state: SEEDED_STATE,
       email: pendingAdmin.profile.email,
       uploadedBy: fedAdmin.id,
       uploadedOn: new Date(),
@@ -187,7 +188,7 @@ const createUsersToAdd = async (knex, oktaClient) => {
   if (stateStaff) {
     oktaAffiliations.push({
       user_id: stateStaff.id,
-      state_id: 'na',
+      state_id: SEEDED_STATE,
       role_id: stateStaffRoleId,
       status: APPROVED,
       username: stateStaff.profile.login
@@ -198,7 +199,7 @@ const createUsersToAdd = async (knex, oktaClient) => {
   if (stateContractor) {
     oktaAffiliations.push({
       user_id: stateContractor.id,
-      state_id: 'na',
+      state_id: SEEDED_STATE,
       role_id: stateContractorRoleId,
       status: APPROVED,
       username: stateContractor.profile.login
@@ -209,7 +210,7 @@ const createUsersToAdd = async (knex, oktaClient) => {
   if (requestedRole) {
     oktaAffiliations.push({
       user_id: requestedRole.id,
-      state_id: 'na',
+      state_id: SEEDED_STATE,
       status: REQUESTED,
       username: requestedRole.profile.login
     });
@@ -220,7 +221,7 @@ const createUsersToAdd = async (knex, oktaClient) => {
   if (deniedRole) {
     oktaAffiliations.push({
       user_id: deniedRole.id,
-      state_id: 'na',
+      state_id: SEEDED_STATE,
       status: DENIED,
       username: deniedRole.profile.login
     });
@@ -230,29 +231,29 @@ const createUsersToAdd = async (knex, oktaClient) => {
   if (revokedRole) {
     oktaAffiliations.push({
       user_id: revokedRole.id,
-      state_id: 'na',
+      state_id: SEEDED_STATE,
       status: REVOKED,
       username: revokedRole.profile.login
     });
 
     oktaUsers.push(formatOktaUser(revokedRole));
   }
 
-  if (betaUser) {
-    oktaAffiliations.push({
-      user_id: betaUser.id,
-      state_id: 'na',
-      role_id: stateStaffRoleId,
-      status: APPROVED,
-      username: betaUser.profile.login
-    });
-    oktaUsers.push(formatOktaUser(betaUser));
-  }
+  // if (betaUser) {
+  //   oktaAffiliations.push({
+  //     user_id: betaUser.id,
+  //     state_id: SEEDED_STATE,
+  //     role_id: stateStaffRoleId,
+  //     status: APPROVED,
+  //     username: betaUser.profile.login
+  //   });
+  //   oktaUsers.push(formatOktaUser(betaUser));
+  // }
 
   if (resetmfa) {
     oktaAffiliations.push({
       user_id: resetmfa.id,
-      state_id: 'na',
+      state_id: SEEDED_STATE,
       role_id: stateStaffRoleId,
       status: APPROVED,
       username: resetmfa.profile.login