Merge pull request #3889 from 4Science/task/main/DURACOM-309_from-community-main

Add new orejime cookie for correlation-id header

Author: tdonohue

.github/workflows/build.yml

@@ -29,6 +29,8 @@ jobs:
       DSPACE_CACHE_SERVERSIDE_ANONYMOUSCACHE_MAX: 0
       # Tell Cypress to run e2e tests using the same UI URL
       CYPRESS_BASE_URL: http://127.0.0.1:4000
+      # Disable the cookie consent banner in e2e tests to avoid errors because of elements hidden by it
+      DSPACE_INFO_ENABLECOOKIECONSENTPOPUP: false
       # When Chrome version is specified, we pin to a specific version of Chrome
       # Comment this out to use the latest release
       #CHROME_VERSION: "90.0.4430.212-1"

config/config.example.yml

@@ -467,6 +467,8 @@ info:
   enableEndUserAgreement: true
   enablePrivacyStatement: true
   enableCOARNotifySupport: true
+  # Whether to show the cookie consent popup and the cookie settings footer link or not.
+  enableCookieConsentPopup: true
 
 # Whether to enable Markdown (https://commonmark.org/) and MathJax (https://www.mathjax.org/)
 # display in supported metadata fields. By default, only dc.description.abstract is supported.

cypress/support/e2e.ts

@@ -56,7 +56,7 @@ before(() => {
 beforeEach(() => {
   // Pre-agree to all Orejime cookies by setting the orejime-anonymous cookie
   // This just ensures it doesn't get in the way of matching other objects in the page.
-  cy.setCookie('orejime-anonymous', '{"authentication":true,"preferences":true,"acknowledgement":true,"google-analytics":true}');
+  cy.setCookie('orejime-anonymous', '{"authentication":true,"preferences":true,"acknowledgement":true,"google-analytics":true,"correlation-id":true}');
 
   // Remove any CSRF cookies saved from prior tests
   cy.clearCookie(DSPACE_XSRF_COOKIE);

src/app/core/auth/auth.service.ts

@@ -256,6 +256,16 @@ export class AuthService {
     );
   }
 
+  /**
+   * Returns the authenticated user id from the store
+   * @returns {User}
+   */
+  public getAuthenticatedUserIdFromStore(): Observable<string> {
+    return this.store.pipe(
+      select(getAuthenticatedUserId),
+    );
+  }
+
   /**
    * Checks if token is present into browser storage and is valid.
    */

src/app/core/log/log.interceptor.spec.ts

@@ -10,12 +10,18 @@ import {
 import { TestBed } from '@angular/core/testing';
 import { Router } from '@angular/router';
 import { StoreModule } from '@ngrx/store';
+import { of } from 'rxjs';
 
 import {
   appReducers,
   storeModuleConfig,
 } from '../../app.reducer';
 import { CorrelationIdService } from '../../correlation-id/correlation-id.service';
+import { OrejimeService } from '../../shared/cookies/orejime.service';
+import {
+  CORRELATION_ID_COOKIE,
+  CORRELATION_ID_OREJIME_KEY,
+} from '../../shared/cookies/orejime-configuration';
 import { CookieServiceMock } from '../../shared/mocks/cookie.service.mock';
 import { RouterStub } from '../../shared/testing/router.stub';
 import { RestRequestMethod } from '../data/rest-request-method';
@@ -40,6 +46,8 @@ describe('LogInterceptor', () => {
   const mockStatusCode = 200;
   const mockStatusText = 'SUCCESS';
 
+  const mockOrejimeService = jasmine.createSpyObj('OrejimeService', ['getSavedPreferences']);
+
 
   beforeEach(() => {
     TestBed.configureTestingModule({
@@ -56,6 +64,7 @@ describe('LogInterceptor', () => {
         { provide: Router, useValue: router },
         { provide: CorrelationIdService, useClass: CorrelationIdService },
         { provide: UUIDService, useClass: UUIDService },
+        { provide: OrejimeService, useValue: mockOrejimeService },
         provideHttpClient(withInterceptorsFromDi()),
         provideHttpClientTesting(),
       ],
@@ -66,12 +75,14 @@ describe('LogInterceptor', () => {
     cookieService = TestBed.inject(CookieService);
     correlationIdService = TestBed.inject(CorrelationIdService);
 
-    cookieService.set('CORRELATION-ID','123455');
-    correlationIdService.initCorrelationId();
+    cookieService.set(CORRELATION_ID_COOKIE,'123455');
+    correlationIdService.setCorrelationId();
   });
 
 
-  it('headers should be set', (done) => {
+  it('headers should be set when cookie is accepted', (done) => {
+    mockOrejimeService.getSavedPreferences.and.returnValue(of({ [CORRELATION_ID_OREJIME_KEY]: true }));
+
     service.request(RestRequestMethod.POST, 'server/api/core/items', 'test', { withCredentials: false }).subscribe((response) => {
       expect(response).toBeTruthy();
       done();
@@ -83,7 +94,23 @@ describe('LogInterceptor', () => {
     expect(httpRequest.request.headers.has('X-REFERRER')).toBeTrue();
   });
 
-  it('headers should have the right values', (done) => {
+  it('headers should not be set when cookie is declined', (done) => {
+    mockOrejimeService.getSavedPreferences.and.returnValue(of({ [CORRELATION_ID_OREJIME_KEY]: false }));
+
+    service.request(RestRequestMethod.POST, 'server/api/core/items', 'test', { withCredentials: false }).subscribe((response) => {
+      expect(response).toBeTruthy();
+      done();
+    });
+
+    const httpRequest = httpMock.expectOne('server/api/core/items');
+    httpRequest.flush(mockPayload, { status: mockStatusCode, statusText: mockStatusText });
+    expect(httpRequest.request.headers.has('X-CORRELATION-ID')).toBeFalse();
+    expect(httpRequest.request.headers.has('X-REFERRER')).toBeTrue();
+  });
+
+  it('headers should have the right values when cookie is accepted', (done) => {
+    mockOrejimeService.getSavedPreferences.and.returnValue(of({ [CORRELATION_ID_OREJIME_KEY]: true }));
+
     service.request(RestRequestMethod.POST, 'server/api/core/items', 'test', { withCredentials: false }).subscribe((response) => {
       expect(response).toBeTruthy();
       done();

src/app/core/log/log.interceptor.ts

@@ -7,9 +7,15 @@ import {
 import { Injectable } from '@angular/core';
 import { Router } from '@angular/router';
 import { Observable } from 'rxjs';
+import { switchMap } from 'rxjs/operators';
 
 import { CorrelationIdService } from '../../correlation-id/correlation-id.service';
-import { hasValue } from '../../shared/empty.util';
+import { OrejimeService } from '../../shared/cookies/orejime.service';
+import { CORRELATION_ID_OREJIME_KEY } from '../../shared/cookies/orejime-configuration';
+import {
+  hasValue,
+  isEmpty,
+} from '../../shared/empty.util';
 
 /**
  * Log Interceptor intercepting Http Requests & Responses to
@@ -19,22 +25,37 @@ import { hasValue } from '../../shared/empty.util';
 @Injectable()
 export class LogInterceptor implements HttpInterceptor {
 
-  constructor(private cidService: CorrelationIdService, private router: Router) {}
+  constructor(
+    private cidService: CorrelationIdService,
+    private router: Router,
+    private orejimeService: OrejimeService,
+  ) {
+  }
 
   intercept(request: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
+    return this.orejimeService.getSavedPreferences().pipe(
+      switchMap(preferences => {
+        // Check if the user has declined correlation id tracking
+        const correlationDeclined =
+          isEmpty(preferences) ||
+          isEmpty(preferences[CORRELATION_ID_OREJIME_KEY]) ||
+          !preferences[CORRELATION_ID_OREJIME_KEY];
 
-    // Get the correlation id for the user from the store
-    const correlationId = this.cidService.getCorrelationId();
-
-    // Add headers from the intercepted request
-    let headers = request.headers;
-    if (hasValue(correlationId)) {
-      headers = headers.append('X-CORRELATION-ID', correlationId);
-    }
-    headers = headers.append('X-REFERRER', this.router.url);
+        // Add headers from the intercepted request
+        let headers = request.headers;
+        if (!correlationDeclined) {
+          // Get the correlation id for the user from the store
+          const correlationId = this.cidService.getCorrelationId();
+          if (hasValue(correlationId)) {
+            headers = headers.append('X-CORRELATION-ID', correlationId);
+          }
+        }
+        headers = headers.append('X-REFERRER', this.router.url);
 
-    // Add new headers to the intercepted request
-    request = request.clone({ withCredentials: true, headers: headers });
-    return next.handle(request);
+        // Add new headers to the intercepted request
+        request = request.clone({ withCredentials: true, headers: headers });
+        return next.handle(request);
+      }),
+    );
   }
 }

src/app/correlation-id/correlation-id.service.spec.ts

@@ -4,13 +4,15 @@ import {
   StoreModule,
 } from '@ngrx/store';
 import { MockStore } from '@ngrx/store/testing';
+import { of } from 'rxjs';
 
 import {
   appReducers,
   AppState,
   storeModuleConfig,
 } from '../app.reducer';
 import { UUIDService } from '../core/shared/uuid.service';
+import { CORRELATION_ID_COOKIE } from '../shared/cookies/orejime-configuration';
 import { CookieServiceMock } from '../shared/mocks/cookie.service.mock';
 import { SetCorrelationIdAction } from './correlation-id.actions';
 import { CorrelationIdService } from './correlation-id.service';
@@ -34,7 +36,13 @@ describe('CorrelationIdService', () => {
     cookieService = new CookieServiceMock();
     uuidService = new UUIDService();
     store = TestBed.inject(Store) as MockStore<AppState>;
-    service = new CorrelationIdService(cookieService, uuidService, store);
+    const mockOrejimeService = {
+      getSavedPreferences: () => of({ CORRELATION_ID_OREJIME_KEY: true }),
+      initialize: jasmine.createSpy('initialize'),
+      showSettings: jasmine.createSpy('showSettings'),
+    };
+
+    service = new CorrelationIdService(cookieService, uuidService, store, mockOrejimeService, { nativeWindow: undefined });
   });
 
   describe('getCorrelationId', () => {
@@ -46,45 +54,45 @@ describe('CorrelationIdService', () => {
   });
 
 
-  describe('initCorrelationId', () => {
+  describe('setCorrelationId', () => {
     const cookieCID = 'cookie CID';
     const storeCID = 'store CID';
 
     it('should set cookie and store values to a newly generated value if neither ex', () => {
-      service.initCorrelationId();
+      service.setCorrelationId();
 
-      expect(cookieService.get('CORRELATION-ID')).toBeTruthy();
+      expect(cookieService.get(CORRELATION_ID_COOKIE)).toBeTruthy();
       expect(service.getCorrelationId()).toBeTruthy();
-      expect(cookieService.get('CORRELATION-ID')).toEqual(service.getCorrelationId());
+      expect(cookieService.get(CORRELATION_ID_COOKIE)).toEqual(service.getCorrelationId());
     });
 
     it('should set store value to cookie value if present', () => {
       expect(service.getCorrelationId()).toBe(null);
 
-      cookieService.set('CORRELATION-ID', cookieCID);
+      cookieService.set(CORRELATION_ID_COOKIE, cookieCID);
 
-      service.initCorrelationId();
+      service.setCorrelationId();
 
-      expect(cookieService.get('CORRELATION-ID')).toBe(cookieCID);
+      expect(cookieService.get(CORRELATION_ID_COOKIE)).toBe(cookieCID);
       expect(service.getCorrelationId()).toBe(cookieCID);
     });
 
     it('should set cookie value to store value if present', () => {
       store.dispatch(new SetCorrelationIdAction(storeCID));
 
-      service.initCorrelationId();
+      service.setCorrelationId();
 
-      expect(cookieService.get('CORRELATION-ID')).toBe(storeCID);
+      expect(cookieService.get(CORRELATION_ID_COOKIE)).toBe(storeCID);
       expect(service.getCorrelationId()).toBe(storeCID);
     });
 
     it('should set store value to cookie value if both are present', () => {
-      cookieService.set('CORRELATION-ID', cookieCID);
+      cookieService.set(CORRELATION_ID_COOKIE, cookieCID);
       store.dispatch(new SetCorrelationIdAction(storeCID));
 
-      service.initCorrelationId();
+      service.setCorrelationId();
 
-      expect(cookieService.get('CORRELATION-ID')).toBe(cookieCID);
+      expect(cookieService.get(CORRELATION_ID_COOKIE)).toBe(cookieCID);
       expect(service.getCorrelationId()).toBe(cookieCID);
     });
   });

src/app/correlation-id/correlation-id.service.ts

@@ -1,4 +1,7 @@
-import { Injectable } from '@angular/core';
+import {
+  Inject,
+  Injectable,
+} from '@angular/core';
 import {
   select,
   Store,
@@ -7,8 +10,20 @@ import { take } from 'rxjs/operators';
 
 import { AppState } from '../app.reducer';
 import { CookieService } from '../core/services/cookie.service';
+import {
+  NativeWindowRef,
+  NativeWindowService,
+} from '../core/services/window.service';
 import { UUIDService } from '../core/shared/uuid.service';
-import { isEmpty } from '../shared/empty.util';
+import { OrejimeService } from '../shared/cookies/orejime.service';
+import {
+  CORRELATION_ID_COOKIE,
+  CORRELATION_ID_OREJIME_KEY,
+} from '../shared/cookies/orejime-configuration';
+import {
+  hasValue,
+  isEmpty,
+} from '../shared/empty.util';
 import { SetCorrelationIdAction } from './correlation-id.actions';
 import { correlationIdSelector } from './correlation-id.selector';
 
@@ -24,15 +39,32 @@ export class CorrelationIdService {
     protected cookieService: CookieService,
     protected uuidService: UUIDService,
     protected store: Store<AppState>,
+    protected orejimeService: OrejimeService,
+    @Inject(NativeWindowService) protected _window: NativeWindowRef,
   ) {
+    if (this._window?.nativeWindow) {
+      this._window.nativeWindow.initCorrelationId = () => this.initCorrelationId();
+    }
   }
 
   /**
-   * Initialize the correlation id based on the cookie or the ngrx store
+   * Check if the correlation id is allowed to be set, then set it
    */
   initCorrelationId(): void {
+    this.orejimeService?.getSavedPreferences().subscribe(preferences => {
+      if (hasValue(preferences) && preferences[CORRELATION_ID_OREJIME_KEY]) {
+        this.setCorrelationId();
+      }
+    },
+    );
+  }
+
+  /**
+   * Initialize the correlation id based on the cookie or the ngrx store
+   */
+  setCorrelationId(): void {
     // first see of there's a cookie with a correlation-id
-    let correlationId = this.cookieService.get('CORRELATION-ID');
+    let correlationId = this.cookieService.get(CORRELATION_ID_COOKIE);
 
     // if there isn't see if there's an ID in the store
     if (isEmpty(correlationId)) {
@@ -46,7 +78,7 @@ export class CorrelationIdService {
 
     // Store the correct id both in the store and as a cookie to ensure they're in sync
     this.store.dispatch(new SetCorrelationIdAction(correlationId));
-    this.cookieService.set('CORRELATION-ID', correlationId);
+    this.cookieService.set(CORRELATION_ID_COOKIE, correlationId);
   }
 
   /**

src/app/footer/footer.component.html

@@ -59,11 +59,13 @@ <h5 class="text-uppercase">Footer Content</h5>
         href="https://www.lyrasis.org/" role="link" tabindex="0">{{ 'footer.link.lyrasis' | translate}}</a>
       </p>
       <ul class="footer-info list-unstyled d-flex justify-content-center mb-0">
+        @if (showCookieSettings) {
         <li>
-          <button class="btn btn-link text-white" type="button" (click)="showCookieSettings()" role="button" tabindex="0">
+          <button class="btn btn-link text-white" type="button" (click)="openCookieSettings()" role="button" tabindex="0">
             {{ 'footer.link.cookies' | translate}}
           </button>
         </li>
+        }
         @if (showPrivacyPolicy) {
           <li>
             <a class="btn text-white"

src/app/footer/footer.component.spec.ts

@@ -63,21 +63,21 @@ describe('Footer component', () => {
     expect(comp.showEndUserAgreement).toBe(environment.info.enableEndUserAgreement);
   });
 
-  describe('showCookieSettings', () => {
+  describe('openCookieSettings', () => {
     it('should call cookies.showSettings() if cookies is defined', () => {
       const cookies = jasmine.createSpyObj('cookies', ['showSettings']);
       comp.cookies = cookies;
-      comp.showCookieSettings();
+      comp.openCookieSettings();
       expect(cookies.showSettings).toHaveBeenCalled();
     });
 
     it('should not call cookies.showSettings() if cookies is undefined', () => {
       comp.cookies = undefined;
-      expect(() => comp.showCookieSettings()).not.toThrow();
+      expect(() => comp.openCookieSettings()).not.toThrow();
     });
 
     it('should return false', () => {
-      expect(comp.showCookieSettings()).toBeFalse();
+      expect(comp.openCookieSettings()).toBeFalse();
     });
   });