Merge pull request #585 from credebl/develop

Develop to QA

.env.sample

@@ -1,15 +1,26 @@
 MODE=DEV
 
-
-SUPABASE_URL= // Please specify your Supabase Url
+SUPABASE_URL= // Please specify your Supabase URL
 SUPABASE_KEY= // Please specify your Supabase Anon key
 SUPABASE_JWT_SECRET= // Please specify your Supabase jwt secret
 
 API_GATEWAY_PROTOCOL=http
 API_GATEWAY_HOST='0.0.0.0'
 API_GATEWAY_PORT=5000
 
-PLATFORM_NAME=CREDEBL
+##
+PLATFORM_NAME= // Please specify your paltform name 
+PUBLIC_PLATFORM_SUPPORT_EMAIL= // Please specify your support email 
+POWERED_BY= // Please specify your powered by org name
+PLATFORM_WEB_URL= // Please specify your platform web URL
+POWERED_BY_URL= // Please specify your support URL
+
+PUBLIC_LOCALHOST_URL= // Please specify your localhost URL
+PUBLIC_DEV_API_URL= // Please specify your DEV environment api URL
+PUBLIC_QA_API_URL= // Please specify your your QA environment api URL
+PUBLIC_PRODUCTION_API_URL= // Please specify your PRODUCTION environment api URL
+PUBLIC_SANDBOX_API_URL= // Please specify your sandbox environment URL
+
 
 AGENT_HOST=[email protected]   // Please specify your agent host VM and IP address
 AWS_ACCOUNT_ID=xxxxx  // Please provide your AWS account Id
@@ -47,8 +58,8 @@ PLATFORM_SEED=                 // The seed should consist of 32 characters.
 PLATFORM_ID=
 
 AFJ_AGENT_ENDPOINT_PATH=/apps/agent-provisioning/AFJ/endpoints/
-DATABASE_URL="postgresql://postgres:xxxxxx@localhost:5432/postgres?schema=public"    #Provide supabase postgres url and Use the correct user/pwd, IP Address
-POOL_DATABASE_URL="" #Provide pooler supabase postgres url
+DATABASE_URL="postgresql://postgres:xxxxxx@localhost:5432/postgres?schema=public"    #Provide supabase postgres URL and Use the correct user/pwd, IP Address
+POOL_DATABASE_URL="" #Provide pooler supabase postgres URL
 CLUSTER_NAME=""  # ecs cluster
 TESKDEFINITION_FAMILY="" # ecs task-definition
 AGENT_PROTOCOL=http
@@ -68,4 +79,11 @@ export DEBUG="prisma:engine"
 export DEBUG="prisma:client" 
 
 # enable both prisma-client- and engine-level debugging output 
-export DEBUG="prisma:client,prisma:engine"
+export DEBUG="prisma:client,prisma:engine"
+
+KEYCLOAK_DOMAIN=http://localhost:8080/
+KEYCLOAK_ADMIN_URL=http://localhost:8080
+KEYCLOAK_MASTER_REALM=xxxxxxx
+KEYCLOAK_MANAGEMENT_CLIENT_ID=xxxxxxx
+KEYCLOAK_MANAGEMENT_CLIENT_SECRET=xxxxxxx
+KEYCLOAK_REALM=xxxxxxx

apps/agent-service/src/agent-service.controller.ts

@@ -3,9 +3,9 @@ import { MessagePattern } from '@nestjs/microservices';
 import { AgentServiceService } from './agent-service.service';
 import { IAgentStatus, IConnectionDetails, IUserRequestInterface, ISendProofRequestPayload, IAgentSpinUpSatus, IGetCredDefAgentRedirection, IGetSchemaAgentRedirection, IAgentSpinupDto, IIssuanceCreateOffer, ITenantCredDef, ITenantDto, ITenantSchema, IOutOfBandCredentialOffer, IProofPresentation, IAgentProofRequest, IPresentation  } from './interface/agent-service.interface';
 import { user } from '@prisma/client';
-import { ICreateConnectionUrl } from '@credebl/common/interfaces/connection.interface';
 import { IConnectionDetailsById } from 'apps/api-gateway/src/interfaces/IConnectionSearch.interface';
 import { IProofPresentationDetails } from '@credebl/common/interfaces/verification.interface';
+import { InvitationMessage } from '@credebl/common/interfaces/agent-service.interface';
 
 @Controller()
 export class AgentServiceController {
@@ -54,7 +54,7 @@ export class AgentServiceController {
 
   //DONE
   @MessagePattern({ cmd: 'agent-create-connection-legacy-invitation' })
-  async createLegacyConnectionInvitation(payload: { connectionPayload: IConnectionDetails, url: string, apiKey: string }): Promise<ICreateConnectionUrl> {
+  async createLegacyConnectionInvitation(payload: { connectionPayload: IConnectionDetails, url: string, apiKey: string }): Promise<InvitationMessage> {
     return this.agentServiceService.createLegacyConnectionInvitation(payload.connectionPayload, payload.url, payload.apiKey);
   }
 

apps/agent-service/src/agent-service.service.ts

@@ -36,6 +36,7 @@ import { CACHE_MANAGER } from '@nestjs/cache-manager';
 import { IProofPresentationDetails } from '@credebl/common/interfaces/verification.interface';
 import { ICreateConnectionUrl } from '@credebl/common/interfaces/connection.interface';
 import { IConnectionDetailsById } from 'apps/api-gateway/src/interfaces/IConnectionSearch.interface';
+import { InvitationMessage } from '@credebl/common/interfaces/agent-service.interface';
 
 @Injectable()
 @WebSocketGateway()
@@ -952,7 +953,7 @@ export class AgentServiceService {
     }
   }
 
-  async createLegacyConnectionInvitation(connectionPayload: IConnectionDetails, url: string, apiKey: string): Promise<ICreateConnectionUrl> {
+  async createLegacyConnectionInvitation(connectionPayload: IConnectionDetails, url: string, apiKey: string): Promise<InvitationMessage> {
     try {
 
 

apps/api-gateway/src/authz/guards/org-roles.guard.ts

@@ -1,7 +1,5 @@
 import { BadRequestException, CanActivate, ExecutionContext, ForbiddenException, Logger } from '@nestjs/common';
 
-import { HttpException } from '@nestjs/common';
-import { HttpStatus } from '@nestjs/common';
 import { Injectable } from '@nestjs/common';
 import { OrgRoles } from 'libs/org-roles/enums';
 import { ROLES_KEY } from '../decorators/roles.decorator';
@@ -34,15 +32,23 @@ export class OrgRolesGuard implements CanActivate {
 
     const orgId = req.params.orgId || req.query.orgId || req.body.orgId;
 
-    if (!orgId) {
-      throw new BadRequestException(ResponseMessages.organisation.error.orgIdIsRequired);
-    }
+    if (orgId) {  
 
     if (!isValidUUID(orgId)) {
       throw new BadRequestException(ResponseMessages.organisation.error.invalidOrgId);
-    }
-
-    if (orgId) {     
+    }    
+
+
+        if (user.hasOwnProperty('resource_access') && user.resource_access[orgId]) {
+          const orgRoles: string[] = user.resource_access[orgId].roles;
+          const roleAccess = requiredRoles.some((role) => orgRoles.includes(role));
+
+          if (!roleAccess) {
+            throw new ForbiddenException(ResponseMessages.organisation.error.roleNotMatch, { cause: new Error(), description: ResponseMessages.errorMessages.forbidden });
+          }
+          return roleAccess;
+        }
+
       const specificOrg = user.userOrgRoles.find((orgDetails) => {
         if (!orgDetails.orgId) {
           return false;
@@ -78,7 +84,7 @@ export class OrgRolesGuard implements CanActivate {
       return false;
 
     } else {
-      throw new HttpException('organization is required', HttpStatus.BAD_REQUEST);
+      throw new BadRequestException('organization is required');
     }
 
     // Sending user friendly message if a user attempts to access an API that is inaccessible to their role

apps/api-gateway/src/authz/guards/user-access-guard.ts

@@ -0,0 +1,16 @@
+import { Injectable, CanActivate, ExecutionContext, UnauthorizedException } from '@nestjs/common';
+import { Observable } from 'rxjs';
+
+@Injectable()
+export class UserAccessGuard implements CanActivate {
+  canActivate(context: ExecutionContext): boolean | Promise<boolean> | Observable<boolean> {
+    const request = context.switchToHttp().getRequest();
+
+    const { user } = request;
+
+    if (user.hasOwnProperty('client_id')) {
+      throw new UnauthorizedException('You do not have access');
+    }
+    return true;
+  }
+}

apps/api-gateway/src/connection/connection.controller.ts

@@ -15,7 +15,7 @@ import { CustomExceptionFilter } from 'apps/api-gateway/common/exception-handler
 import { OrgRoles } from 'libs/org-roles/enums';
 import { Roles } from '../authz/decorators/roles.decorator';
 import { OrgRolesGuard } from '../authz/guards/org-roles.guard';
-import { GetAllConnectionsDto } from './dtos/get-all-connections.dto';
+import { GetAllAgentConnectionsDto, GetAllConnectionsDto } from './dtos/get-all-connections.dto';
 import { ApiResponseDto } from '../dtos/apiResponse.dto';
 import { IConnectionSearchCriteria } from '../interfaces/IConnectionSearch.interface';
 import { SortFields } from 'apps/connection/src/enum/connection.enum';
@@ -108,7 +108,40 @@ export class ConnectionController {
         return res.status(HttpStatus.OK).json(finalResponse);
     }
 
-
+    /**
+   * Description: Get all connections from agent
+   * @param user
+   * @param orgId
+   *
+   */
+  @Get('/orgs/:orgId/agent/connections')
+  @UseGuards(AuthGuard('jwt'), OrgRolesGuard)
+  @Roles(OrgRoles.OWNER, OrgRoles.ADMIN, OrgRoles.ISSUER, OrgRoles.VERIFIER, OrgRoles.MEMBER)
+  @ApiOperation({
+    summary: `Fetch all connections from agent by orgId`,
+    description: `Fetch all connections from agent by orgId`
+  })
+  @ApiResponse({ status: HttpStatus.OK, description: 'Success', type: ApiResponseDto })
+  async getConnectionListFromAgent(
+    @Query() getAllConnectionsDto: GetAllAgentConnectionsDto,
+    @Param('orgId') orgId: string,
+    @Res() res: Response
+  ): Promise<Response> {
+
+    const connectionDetails = await this.connectionService.getConnectionListFromAgent(
+      getAllConnectionsDto,
+      orgId
+    );
+
+    const finalResponse: IResponse = {
+      statusCode: HttpStatus.OK,
+      message: ResponseMessages.connection.success.fetch,
+      data: connectionDetails
+    };
+    return res.status(HttpStatus.OK).json(finalResponse);
+  }
+
+
     @Get('orgs/:orgId/question-answer/question')
     @UseGuards(AuthGuard('jwt'), OrgRolesGuard)
     @Roles(OrgRoles.OWNER, OrgRoles.ADMIN, OrgRoles.ISSUER, OrgRoles.VERIFIER, OrgRoles.MEMBER, OrgRoles.HOLDER, OrgRoles.SUPER_ADMIN, OrgRoles.PLATFORM_ADMIN)

apps/api-gateway/src/connection/connection.service.ts

@@ -5,7 +5,7 @@ import { BaseService } from 'libs/service/base.service';
 import { ConnectionDto, CreateConnectionDto, ReceiveInvitationDto, ReceiveInvitationUrlDto } from './dtos/connection.dto';
 import { IReceiveInvitationRes, IUserRequestInterface } from './interfaces';
 import { IConnectionList, ICreateConnectionUrl } from '@credebl/common/interfaces/connection.interface';
-import { IConnectionDetailsById, IConnectionSearchCriteria } from '../interfaces/IConnectionSearch.interface';
+import { AgentConnectionSearchCriteria, IConnectionDetailsById, IConnectionSearchCriteria } from '../interfaces/IConnectionSearch.interface';
 import { QuestionDto } from './dtos/question-answer.dto';
 
 @Injectable()
@@ -77,6 +77,14 @@ export class ConnectionService extends BaseService {
     return this.sendNatsMessage(this.connectionServiceProxy, 'get-all-connections', payload);
   }
 
+  getConnectionListFromAgent(
+    connectionSearchCriteria: AgentConnectionSearchCriteria,
+    orgId: string
+  ): Promise<IConnectionList> {
+    const payload = { connectionSearchCriteria, orgId };
+    return this.sendNatsMessage(this.connectionServiceProxy, 'get-all-agent-connection-list', payload);
+  }
+
   getConnectionsById(
     user: IUserRequest,
     connectionId: string,

apps/api-gateway/src/connection/dtos/get-all-connections.dto.ts

@@ -1,41 +1,61 @@
-import { ApiProperty } from "@nestjs/swagger";
-import { Transform, Type } from "class-transformer";
-import { IsEnum, IsOptional } from "class-validator";
-import { SortValue } from "../../enum";
-import { trim } from "@credebl/common/cast.helper";
-import { SortFields } from "apps/connection/src/enum/connection.enum";
+import { ApiProperty } from '@nestjs/swagger';
+import { Transform, Type } from 'class-transformer';
+import { IsEnum, IsOptional } from 'class-validator';
+import { SortValue } from '../../enum';
+import { trim } from '@credebl/common/cast.helper';
+import { SortFields } from 'apps/connection/src/enum/connection.enum';
 
 export class GetAllConnectionsDto {
-
-    @ApiProperty({ required: false, example: '1' })
-    @IsOptional()
-    pageNumber: number = 1;
-
-    @ApiProperty({ required: false, example: '10' })
-    @IsOptional()
-    pageSize: number = 10;
-
-    @ApiProperty({ required: false })
-    @IsOptional()
-    @Transform(({ value }) => trim(value))
-    @Type(() => String)
-    searchByText: string = '';
-
-    @ApiProperty({
-        required: false
-    })
-    @Transform(({ value }) => trim(value))
-    @IsOptional()
-    @IsEnum(SortFields)
-    sortField: string = SortFields.CREATED_DATE_TIME;
-
-    @ApiProperty({
-        enum: [SortValue.DESC, SortValue.ASC],
-        required: false
-    })
-    @Transform(({ value }) => trim(value))
-    @IsOptional()
-    @IsEnum(SortValue)
-    sortBy: string = SortValue.DESC;
+  @ApiProperty({ required: false, example: '1' })
+  @IsOptional()
+  pageNumber: number = 1;
+
+  @ApiProperty({ required: false, example: '10' })
+  @IsOptional()
+  pageSize: number = 10;
+
+  @ApiProperty({ required: false })
+  @IsOptional()
+  @Transform(({ value }) => trim(value))
+  @Type(() => String)
+  searchByText: string = '';
+
+  @ApiProperty({
+    required: false
+  })
+  @Transform(({ value }) => trim(value))
+  @IsOptional()
+  @IsEnum(SortFields)
+  sortField: string = SortFields.CREATED_DATE_TIME;
+
+  @ApiProperty({
+    enum: [SortValue.DESC, SortValue.ASC],
+    required: false
+  })
+  @Transform(({ value }) => trim(value))
+  @IsOptional()
+  @IsEnum(SortValue)
+  sortBy: string = SortValue.DESC;
 }
 
+export class GetAllAgentConnectionsDto {
+  @ApiProperty({ required: false, example: 'e315f30d-9beb-4068-aea4-abb5fe5eecb1' })
+  @IsOptional()
+  outOfBandId: string = '';
+
+  @ApiProperty({ required: false, example: 'Test' })
+  @IsOptional()
+  alias: string = '';
+
+  @ApiProperty({ required: false, example: 'did:example:e315f30d-9beb-4068-aea4-abb5fe5eecb1' })
+  @IsOptional()
+  myDid: string = '';
+
+  @ApiProperty({ required: false, example: 'did:example:e315f30d-9beb-4068-aea4-abb5fe5eecb1' })
+  @IsOptional()
+  theirDid: string = '';
+
+  @ApiProperty({ required: false, example: 'Bob' })
+  @IsOptional()
+  theirLabel: string = '';
+}

apps/api-gateway/src/interfaces/IConnectionSearch.interface.ts

@@ -1,25 +1,34 @@
 import { IUserRequestInterface } from './IUserRequestInterface';
 
 export interface IConnectionSearchCriteria {
-    pageNumber: number;
-    pageSize: number;
-    sortField: string;
-    sortBy: string;
-    searchByText: string;
-    user?: IUserRequestInterface
+  pageNumber: number;
+  pageSize: number;
+  sortField: string;
+  sortBy: string;
+  searchByText: string;
+  user?: IUserRequestInterface;
 }
 
 export interface IConnectionDetailsById {
-    id: string;
-    createdAt: string;
-    did: string;
-    theirDid: string;
-    theirLabel: string;
-    state: string;
-    role: string;
-    autoAcceptConnection: boolean;
-    threadId: string;
-    protocol: string;
-    outOfBandId: string;
-    updatedAt: string;
-  }
+  id: string;
+  createdAt: string;
+  did: string;
+  theirDid: string;
+  theirLabel: string;
+  state: string;
+  role: string;
+  autoAcceptConnection: boolean;
+  threadId: string;
+  protocol: string;
+  outOfBandId: string;
+  updatedAt: string;
+}
+
+export interface AgentConnectionSearchCriteria {
+  outOfBandId?: string;
+  alias?: string;
+  state?: string;
+  myDid?: string;
+  theirDid?: string;
+  theirLabel?: string;
+}

apps/api-gateway/src/interfaces/IUserRequestInterface.ts

@@ -1,6 +1,7 @@
 import { UserRoleOrgPermsDto } from '../authz/dtos/user-role-org-perms.dto';
 
 export interface IUserRequestInterface {
+    id: string;
     userId: string;    
     email: string; 
     orgId: string;