[PRMP-841] Create logic for new endpoint for review status (#890)

Author: steph-torres-nhs

.github/workflows/base-lambdas-reusable-deploy-all.yml

@@ -738,3 +738,17 @@ jobs:
       lambda_layer_names: "core_lambda_layer"
     secrets:
       AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }}
+
+  deploy_review_document_status_check_lambda:
+    name: Deploy Search Document Review
+    uses: ./.github/workflows/base-lambdas-reusable-deploy.yml
+    with:
+      environment: ${{ inputs.environment }}
+      python_version: ${{ inputs.python_version }}
+      build_branch: ${{ inputs.build_branch }}
+      sandbox: ${{ inputs.sandbox }}
+      lambda_handler_name: review_document_status_check_handler
+      lambda_aws_name: ReviewDocumentStatusCheck
+      lambda_layer_names: "core_lambda_layer"
+    secrets:
+      AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }}

lambdas/enums/lambda_error.py

@@ -658,7 +658,7 @@ def create_error_body(self, params: Optional[dict] = None, **kwargs) -> str:
     }
 
     """
-        Errors for SearchDocumentReviewReference exceptions
+        Errors for DocumentReview exceptions
     """
     DocumentReviewDB = {
         "err_code": "SDR_5001",
@@ -670,12 +670,23 @@ def create_error_body(self, params: Optional[dict] = None, **kwargs) -> str:
         "message": "Review document model error",
     }
 
-    SearchDocumentReviewMissingODS = {
-        "err_code": "SDR_4001",
+    DocumentReviewMissingODS = {
+        "err_code": "SDR_4011",
         "message": "Missing ODS code in request context",
     }
 
     SearchDocumentInvalidQuerystring = {
         "err_code": "SDR_4002",
         "message": "Invalid query string passed",
     }
+
+    DocumentReviewStatusMissingId = {
+        "err_code": "SDR_4003",
+        "message": "Missing path parameters"
+    }
+
+    DocumentReviewForbidden = {
+        "err_code": "SDR_4031",
+        "message": "User is not permitted to review document"
+    }
+

lambdas/handlers/review_document_status_check_handler.py

@@ -0,0 +1,71 @@
+import json
+
+from enums.feature_flags import FeatureFlags
+from enums.lambda_error import LambdaError
+from services.feature_flags_service import FeatureFlagService
+from services.review_document_status_check_service import (
+    ReviewDocumentStatusCheckService,
+)
+from utils.audit_logging_setup import LoggingService
+from utils.decorators.ensure_env_var import ensure_environment_variables
+from utils.decorators.handle_lambda_exceptions import handle_lambda_exceptions
+from utils.decorators.set_audit_arg import set_request_context_for_logging
+from utils.exceptions import OdsErrorException
+from utils.lambda_exceptions import DocumentReviewException
+from utils.lambda_handler_utils import validate_review_path_parameters
+from utils.lambda_response import ApiGatewayResponse
+from utils.ods_utils import extract_ods_code_from_request_context
+
+logger = LoggingService(__name__)
+
+
+@ensure_environment_variables(
+    names=["DOCUMENT_REVIEW_DYNAMODB_NAME"]
+)
+@set_request_context_for_logging
+@handle_lambda_exceptions
+def lambda_handler(event, context):
+    """
+        Lambda handler for checking the review status of a document in the review table
+        Trigger by GET request to /DocumentReview/{id}/{version}/Status
+
+    Args:
+        event: API Gateway event containing path parameters {id} and {version}
+        context: Lambda Context
+
+    Returns:
+        ApiGatewayResponse, body contains id, version and review status of reference searched for.
+        401 - No ODS code or auth token provided in request.
+        403 - User is not author of review entry.
+        500 - Document Review Error, Internal Server Error.
+
+    """
+    try:
+
+        feature_flag_service = FeatureFlagService()
+        feature_flag_service.validate_feature_flag(
+            FeatureFlags.UPLOAD_DOCUMENT_ITERATION_3_ENABLED
+        )
+
+        ods_code = extract_ods_code_from_request_context()
+
+        logger.info("Initialising Review Document Status Check service.")
+        status_check_service = ReviewDocumentStatusCheckService()
+
+        document_id, document_version = validate_review_path_parameters(event)
+        body = status_check_service.get_document_review_status(
+            ods_code=ods_code,
+            document_id=document_id,
+            document_version=document_version,
+        )
+
+        logger.info("Returning document review status.")
+        return ApiGatewayResponse(
+            status_code=200,
+            body=json.dumps(body),
+            methods="GET",
+        ).create_api_gateway_response()
+
+    except OdsErrorException:
+        logger.error("Missing ODS code in request context.")
+        raise DocumentReviewException(401, LambdaError.DocumentReviewMissingODS)

lambdas/handlers/search_document_review_handler.py

@@ -81,7 +81,7 @@ def lambda_handler(event, context):
         logger.error(e)
         return ApiGatewayResponse(
             status_code=401,
-            body=LambdaError.SearchDocumentReviewMissingODS.create_error_body(),
+            body=LambdaError.DocumentReviewMissingODS.create_error_body(),
             methods="GET",
         ).create_api_gateway_response()
 
@@ -99,7 +99,7 @@ def get_ods_code_from_request_context():
 
     except AttributeError as e:
         logger.error(e)
-        raise DocumentReviewException(401, LambdaError.SearchDocumentReviewMissingODS)
+        raise DocumentReviewException(401, LambdaError.DocumentReviewMissingODS)
 
 
 def parse_querystring_parameters(event):

lambdas/models/document_review.py

@@ -53,7 +53,6 @@ def model_dump_camel_case(self, *args, **kwargs):
 
         return camel_case_model_dump_results
 
-
     def camelize(self, model: dict) -> dict:
         camel_case_dict = {}
         for key, value in model.items():
@@ -68,6 +67,7 @@ def camelize(self, model: dict) -> dict:
 
         return camel_case_dict
 
+
 class PatchDocumentReviewRequest(BaseModel):
     model_config = ConfigDict(
         validate_by_alias=True,

lambdas/services/authoriser_service.py

@@ -119,16 +119,20 @@ def deny_access_policy(self, path, user_role, nhs_number: str = None):
             case "/Feedback":
                 deny_resource = False
 
-            case "/DocumentReview":
-                deny_resource = False
-
             case "/DocumentStatus":
                 deny_resource = (
                     not patient_access_is_allowed or is_user_gp_clinical or is_user_pcse
                 )
-            case path if path.startswith("/DocumentReview/"):
+
+            case path if re.match(r"^/DocumentReview/[^/]+/[^/]+/Status$", path):
+                deny_resource = False
+
+            case path if re.match(r"^/DocumentReview/[^/]+/[^/]+$", path):
                 deny_resource = not patient_access_is_allowed
 
+            case "/DocumentReview":
+                deny_resource = False
+
             case "/UploadState":
                 deny_resource = (
                     not patient_access_is_allowed or is_user_gp_clinical or is_user_pcse

lambdas/services/document_service.py

@@ -106,11 +106,11 @@ def fetch_documents_from_table(
         return documents
 
     def get_item(
-            self,
-            document_id: str,
-            sort_key: dict = None,
-            table_name: str = None,
-            model_class: type[BaseModel] = None,
+        self,
+        document_id: str,
+        sort_key: dict = None,
+        table_name: str = None,
+        model_class: type[BaseModel] = None,
     ) -> Optional[BaseModel]:
         """Fetch a single document by ID from a specified or configured table.
 

lambdas/services/document_upload_review_service.py

@@ -89,6 +89,20 @@ def _validate_review_references(
                 "Failed to validate document review references"
             )
 
+    def get_document(
+        self, document_id: str, version: int | None
+    ) -> DocumentUploadReviewReference | None:
+        try:
+            sort_key = {"Version": version}
+            response = self.get_item(
+                table_name=self.table_name, document_id=document_id, sort_key=sort_key
+            )
+
+            return response
+        except ClientError as e:
+            logger.error(e)
+            raise DocumentReviewException("500, LambdaError.DocumentReviewDB")
+
     def update_document_review_custodian(
         self,
         patient_documents: list[DocumentUploadReviewReference],

lambdas/services/review_document_status_check_service.py

@@ -0,0 +1,47 @@
+from enums.lambda_error import LambdaError
+from models.document_review import DocumentUploadReviewReference
+from services.document_upload_review_service import DocumentUploadReviewService
+from utils.audit_logging_setup import LoggingService
+from utils.exceptions import OdsErrorException
+from utils.lambda_exceptions import DocumentReviewException
+
+logger = LoggingService(__name__)
+
+
+class ReviewDocumentStatusCheckService:
+    def __init__(self):
+        self.review_document_service = DocumentUploadReviewService()
+
+    def get_document_review_status(
+        self, ods_code: str, document_id: str, document_version: int
+    ):
+        try:
+
+            logger.info("Extracting ODS code from request context.")
+
+            logger.info("Retrieving document review reference from DynamoDB.")
+            review_document_reference = self.review_document_service.get_document(
+                document_id=document_id, version=document_version
+            )
+            if not review_document_reference:
+                logger.info("No document review references found.")
+                raise DocumentReviewException(404, LambdaError.DocumentReviewNotFound)
+
+            logger.info("Checking user is author of review document.")
+            if not self.user_is_author(ods_code, review_document_reference):
+                raise DocumentReviewException(403, LambdaError.DocumentReviewForbidden)
+
+            return review_document_reference.model_dump_camel_case(
+                mode="json", include={"id", "version", "review_status"}
+            )
+
+        except OdsErrorException:
+            logger.info("Failed to obtain ODS code from request context.")
+            raise DocumentReviewException(401, LambdaError.DocumentReviewMissingODS)
+
+    def user_is_author(
+        self,
+        user_ods_code: str,
+        review_document_reference: DocumentUploadReviewReference,
+    ) -> bool:
+        return user_ods_code == review_document_reference.author