From a31347359dba5c299d827a6a3ba0cc2e0bf08b32 Mon Sep 17 00:00:00 2001
From: amit-kumaryadav <amtydv630@gmail.com>
Date: Wed, 8 Sep 2021 18:16:54 +0530
Subject: [PATCH] Added proxy for private content update

---
 src/protectedApi_v8/contentprivate.ts | 115 ++++++++++++++++++++++++++
 src/protectedApi_v8/protectedApiV8.ts |   2 +
 2 files changed, 117 insertions(+)
 create mode 100644 src/protectedApi_v8/contentprivate.ts

diff --git a/src/protectedApi_v8/contentprivate.ts b/src/protectedApi_v8/contentprivate.ts
new file mode 100644
index 00000000..7d5e9c6e
--- /dev/null
+++ b/src/protectedApi_v8/contentprivate.ts
@@ -0,0 +1,115 @@
+import axios from 'axios'
+import { Router } from 'express'
+
+import { axiosRequestConfig } from '../configs/request.config'
+import { CONSTANTS } from '../utils/env'
+import { logError } from '../utils/logger'
+import { ERROR } from '../utils/message'
+import { extractUserId, extractUserToken } from '../utils/requestExtract'
+
+export const contentPrivateApi = Router()
+
+const API_END_POINTS = {
+    getHierarchyDetails: (id: string) => `${CONSTANTS.KNOWLEDGE_MW_API_BASE}/action/content/v3/hierarchy/${id}?mode=edit`,
+    readUserEndPoint: (userId: string) => `${CONSTANTS.KONG_API_BASE}/user/v2/read/${userId}`,
+    updateContentEndPoint: (id: string) => `${CONSTANTS.KONG_API_BASE}/private/content/v3/update/${id}`,
+}
+
+const editableFields = ['versionKey', 'createdBy', 'creatorContacts']
+const userIdFailedMessage = 'NO_USER_ID'
+const FIELD_VALIDATION_ERROR = 'TRYING_TO_UPDATE_NON_EDITABLE_FIELDS'
+const CHANNEL_VALIDATION_ERROR = 'SOURCE_MISMATCH_ERROR'
+
+contentPrivateApi.patch('/update/:id', async (req, res) => {
+    try {
+        const id = req.params.id
+        const content = req.body.content
+        const fields = Object.keys(content)
+        const userId = extractUserId(req)
+        const userToken = extractUserToken(req) as string
+        if (!userId) {
+            res.status(400).send(userIdFailedMessage)
+            return
+        }
+        if (fields instanceof Array) {
+            for (const entry of fields) {
+                if (editableFields.indexOf(entry) === -1) {
+                    res.status(400).send({
+                        msg: res.status(400).send({
+                            msg: FIELD_VALIDATION_ERROR,
+                        }),
+                    })
+                }
+            }
+        }
+        const userChannel = getUserChannel(userToken, userId)
+        const hierarchySource = getHierarchyDetails(userToken, id)
+        if (userChannel !== hierarchySource) {
+            res.status(400).send({
+                msg: res.status(400).send({
+                    msg: CHANNEL_VALIDATION_ERROR,
+                }),
+            })
+        }
+        const response = await axios.patch(
+            API_END_POINTS.updateContentEndPoint(id),
+            req.body,
+            {
+                ...axiosRequestConfig,
+                headers: {
+                    Authorization: CONSTANTS.SB_API_KEY,
+                    // tslint:disable-next-line: all
+                    'x-authenticated-user-token': userToken,
+                },
+            }
+        )
+        res.status(response.status).send(response.data)
+    } catch (err) {
+        logError(Error + err)
+        res.status((err && err.response && err.response.status) || 500).send(
+            (err && err.response && err.response.data) || {
+                error: ERROR.GENERAL_ERR_MSG,
+            }
+        )
+    }
+})
+
+export async function getHierarchyDetails(token: string, id: string) {
+    try {
+        const response = await axios.get(API_END_POINTS.getHierarchyDetails(id), {
+            ...axiosRequestConfig,
+            headers: {
+                Authorization: CONSTANTS.SB_API_KEY,
+                // tslint:disable-next-line: all
+                'x-authenticated-user-token': token,
+            },
+        })
+        const hierarchyResult = response.data.result.content
+        if (typeof hierarchyResult !== 'undefined' && hierarchyResult != null) {
+            return hierarchyResult.source
+        }
+    } catch (error) {
+        logError('ERROR WHILE FETCHING THE Hierarchy DETAILS --> ', error)
+        return 'contentSourceDetails'
+    }
+}
+
+export async function getUserChannel(token: string, userId: string) {
+    try {
+        const response = await axios.get(API_END_POINTS.readUserEndPoint(userId), {
+            ...axiosRequestConfig,
+            headers: {
+                Authorization: CONSTANTS.SB_API_KEY,
+                // tslint:disable-next-line: all
+                'x-authenticated-user-token': token,
+            },
+        })
+        const userProfileResult = response.data.result.response
+        if (typeof userProfileResult !== 'undefined' && userProfileResult != null) {
+            return userProfileResult.channel
+        }
+    } catch (error) {
+        logError('ERROR WHILE FETCHING THE USER DETAILS --> ', error)
+        return 'userChannelDetails'
+    }
+}
diff --git a/src/protectedApi_v8/protectedApiV8.ts b/src/protectedApi_v8/protectedApiV8.ts
index 9f92a395..1bbb53e0 100644
--- a/src/protectedApi_v8/protectedApiV8.ts
+++ b/src/protectedApi_v8/protectedApiV8.ts
@@ -11,6 +11,7 @@ import { conceptGraphApi } from './concept'
 // import { connectionsApi } from './connections'
 import { connectionsV2Api } from './connections_v2'
 import { contentApi } from './content'
+import { contentPrivateApi } from './contentprivate'
 import { contentValidationApi } from './contentValidation'
 import { counterApi } from './counter'
 import { deptApi } from './departments'
@@ -79,3 +80,4 @@ protectedApiV8.use('/roleactivity', roleActivityApi)
 protectedApiV8.use('/resource', userAuthKeyCloakApi)
 protectedApiV8.use('/workallocation', workAllocationApi)
 protectedApiV8.use('/frac', fracApi)
+protectedApiV8.use('/contentprivate', contentPrivateApi)