remove user ownership from letter validation pipeline

Author: alexnuttall

infrastructure/terraform/modules/backend-api/spec.tmpl.json

@@ -208,9 +208,6 @@
               "files": {
                 "$ref": "#/components/schemas/LetterFiles"
               },
-              "owner": {
-                "type": "string"
-              },
               "personalisationParameters": {
                 "items": {
                   "type": "string"

lambdas/backend-api/src/__tests__/templates/api/process-proof.test.ts

@@ -41,9 +41,7 @@ test.each([
   'calls dependencies as expected for a %s virus scan',
   async (scanResultStatus, virusScanStatus, s3Expectation) => {
     const templateRepository = mockDeep<TemplateRepository>({
-      getClientId: jest
-        .fn()
-        .mockReturnValue({ clientId: 'template-owner', clientOwned: true }),
+      getClientId: jest.fn().mockReturnValue('template-owner'),
     });
     const letterFileRepository = mockDeep<LetterFileRepository>();
 
@@ -73,7 +71,6 @@ test.each([
       {
         clientId: 'template-owner',
         templateId: 'template-id',
-        clientOwned: true,
       },
       'proof.pdf',
       virusScanStatus,

lambdas/backend-api/src/__tests__/templates/api/set-letter-upload-virus-scan-status.test.ts

@@ -29,11 +29,6 @@ it('sets the virus scan status on pdf uploads identified by file metadata', asyn
     },
   });
 
-  mocks.templateRepository.getClientId.mockResolvedValueOnce({
-    clientId: 'template-owner',
-    clientOwned: true,
-  });
-
   await handler(event);
 
   expect(
@@ -42,7 +37,6 @@ it('sets the virus scan status on pdf uploads identified by file metadata', asyn
     {
       templateId: 'template-id',
       clientId: 'template-owner',
-      clientOwned: true,
     },
     'pdf-template',
     'template-version',
@@ -64,11 +58,6 @@ it('sets the virus scan status on csv files identified by file metadata', async
     },
   });
 
-  mocks.templateRepository.getClientId.mockResolvedValueOnce({
-    clientId: 'template-owner',
-    clientOwned: true,
-  });
-
   await handler(event);
 
   expect(
@@ -77,7 +66,6 @@ it('sets the virus scan status on csv files identified by file metadata', async
     {
       templateId: 'template-id',
       clientId: 'template-owner',
-      clientOwned: true,
     },
     'test-data',
     'template-version',
@@ -102,11 +90,6 @@ it.each($GuardDutyMalwareScanStatusFailed.options)(
       },
     });
 
-    mocks.templateRepository.getClientId.mockResolvedValueOnce({
-      clientId: 'template-owner',
-      clientOwned: true,
-    });
-
     await handler(event);
 
     expect(
@@ -115,7 +98,6 @@ it.each($GuardDutyMalwareScanStatusFailed.options)(
       {
         templateId: 'template-id',
         clientId: 'template-owner',
-        clientOwned: true,
       },
       'pdf-template',
       'template-version',
@@ -199,11 +181,6 @@ it('errors if status update fails', async () => {
     },
   });
 
-  mocks.templateRepository.getClientId.mockResolvedValueOnce({
-    clientId: 'template-owner',
-    clientOwned: true,
-  });
-
   const error = new Error('Status Update error');
 
   mocks.templateRepository.setLetterFileVirusScanStatusForUpload.mockRejectedValueOnce(
@@ -212,27 +189,3 @@ it('errors if status update fails', async () => {
 
   await expect(handler(event)).rejects.toThrow(error);
 });
-
-it('errors if owner from database does not match s3 path', async () => {
-  const { handler, mocks } = setup();
-  const event = makeGuardDutyMalwareScanResultNotificationEvent({
-    detail: {
-      s3ObjectDetails: {
-        bucketName: 'quarantine-bucket',
-        objectKey:
-          'pdf-template/template-owner/template-id/template-version.pdf',
-        versionId: 'pdf-s3-version-id',
-      },
-      scanResultDetails: { scanResultStatus: 'NO_THREATS_FOUND' },
-    },
-  });
-
-  mocks.templateRepository.getClientId.mockResolvedValueOnce({
-    clientId: 'someone-else',
-    clientOwned: true,
-  });
-
-  await expect(handler(event)).rejects.toThrow(
-    'Database owner and s3 owner mismatch'
-  );
-});

lambdas/backend-api/src/__tests__/templates/api/validate-letter-template-files.test.ts

@@ -124,7 +124,7 @@ describe('guard duty handler', () => {
     );
 
     expect(mocks.TemplatePdf).toHaveBeenCalledWith(
-      { templateId, clientId: userId, clientOwned: false },
+      { templateId, clientId: userId },
       pdfData
     );
     expect(mocks.TestDataCsv).toHaveBeenCalledWith(csvData);
@@ -137,7 +137,7 @@ describe('guard duty handler', () => {
     expect(
       mocks.templateRepository.setLetterValidationResult
     ).toHaveBeenCalledWith(
-      { templateId, clientId: userId, clientOwned: false },
+      { templateId, clientId: userId },
       versionId,
       true,
       pdf.personalisationParameters,
@@ -206,7 +206,7 @@ describe('guard duty handler', () => {
     );
 
     expect(mocks.TemplatePdf).toHaveBeenCalledWith(
-      { templateId, clientId, clientOwned: true },
+      { templateId, clientId },
       pdfData
     );
 
@@ -220,7 +220,7 @@ describe('guard duty handler', () => {
     expect(
       mocks.templateRepository.setLetterValidationResult
     ).toHaveBeenCalledWith(
-      { templateId, clientId, clientOwned: true },
+      { templateId, clientId },
       versionId,
       true,
       pdf.personalisationParameters,
@@ -295,7 +295,7 @@ describe('guard duty handler', () => {
 
     // assert
     expect(mocks.TemplatePdf).toHaveBeenCalledWith(
-      { templateId, clientId: userId, clientOwned: false },
+      { templateId, clientId: userId },
       pdfData
     );
     expect(mocks.TestDataCsv).toHaveBeenCalledWith(csvData);
@@ -305,7 +305,7 @@ describe('guard duty handler', () => {
     expect(
       mocks.templateRepository.setLetterValidationResult
     ).toHaveBeenCalledWith(
-      { templateId, clientId: userId, clientOwned: false },
+      { templateId, clientId: userId },
       versionId,
       true,
       ['firstName', 'parameter_1', 'unknown_parameter'],
@@ -385,7 +385,7 @@ describe('guard duty handler', () => {
     expect(
       mocks.templateRepository.setLetterValidationResult
     ).toHaveBeenCalledWith(
-      { templateId, clientId: userId, clientOwned: false },
+      { templateId, clientId: userId },
       versionId,
       false,
       ['firstName', 'parameter_1', 'unknown_parameter'],
@@ -453,7 +453,7 @@ describe('guard duty handler', () => {
     );
 
     expect(mocks.TemplatePdf).toHaveBeenCalledWith(
-      { templateId, clientId: userId, clientOwned: false },
+      { templateId, clientId: userId },
       pdfData
     );
     expect(mocks.TestDataCsv).not.toHaveBeenCalled();
@@ -468,7 +468,7 @@ describe('guard duty handler', () => {
     expect(
       mocks.templateRepository.setLetterValidationResult
     ).toHaveBeenCalledWith(
-      { templateId, clientId: userId, clientOwned: false },
+      { templateId, clientId: userId },
       versionId,
       true,
       pdf.personalisationParameters,
@@ -1157,7 +1157,7 @@ describe('guard duty handler', () => {
     expect(
       mocks.templateRepository.setLetterValidationResult
     ).toHaveBeenCalledWith(
-      { templateId, clientId: userId, clientOwned: false },
+      { templateId, clientId: userId },
       versionId,
       false,
       [],
@@ -1221,7 +1221,7 @@ describe('guard duty handler', () => {
     expect(
       mocks.templateRepository.setLetterValidationResult
     ).toHaveBeenCalledWith(
-      { templateId, clientId: userId, clientOwned: false },
+      { templateId, clientId: userId },
       versionId,
       false,
       [],
@@ -1285,7 +1285,7 @@ describe('guard duty handler', () => {
     expect(
       mocks.templateRepository.setLetterValidationResult
     ).toHaveBeenCalledWith(
-      { templateId, clientId: userId, clientOwned: false },
+      { templateId, clientId: userId },
       versionId,
       false,
       pdf.personalisationParameters,

lambdas/backend-api/src/__tests__/templates/app/template-client.test.ts

@@ -363,7 +363,7 @@ describe('templateClient', () => {
         updatedAt: updateTime,
       };
 
-      const { version: _, ...expectedDto } = finalTemplate;
+      const { version: _1, owner: _2, ...expectedDto } = finalTemplate;
 
       mocks.templateRepository.create.mockResolvedValueOnce({
         data: initialCreatedTemplate,
@@ -508,7 +508,7 @@ describe('templateClient', () => {
           updatedAt: updateTime,
         };
 
-        const { version: _, ...expectedDto } = finalTemplate;
+        const { version: _1, owner: _2, ...expectedDto } = finalTemplate;
 
         mocks.templateRepository.create.mockResolvedValueOnce({
           data: initialCreatedTemplate,
@@ -1911,7 +1911,6 @@ describe('templateClient', () => {
           },
         },
         id: templateId,
-        owner: user.userId,
         language: 'en',
         letterType: 'x1',
         name: templateName,

lambdas/backend-api/src/__tests__/templates/domain/template-pdf.test.ts

@@ -9,7 +9,6 @@ test('has the given key attributes', () => {
     {
       templateId: 'template-id',
       clientId: 'template-owner',
-      clientOwned: true,
     },
     Buffer.from('')
   );
@@ -26,7 +25,6 @@ test('parse with no custom personalisation', async () => {
     {
       templateId: 'template-id',
       clientId: 'template-owner',
-      clientOwned: true,
     },
     file
   );
@@ -77,7 +75,6 @@ test('parse with custom personalisation', async () => {
     {
       templateId: 'template-id',
       clientId: 'template-owner',
-      clientOwned: true,
     },
     file
   );
@@ -139,7 +136,6 @@ test('errors if parse is not called before reading personalisation', () => {
     {
       templateId: 'template-id',
       clientId: 'template-owner',
-      clientOwned: true,
     },
     file
   );
@@ -167,7 +163,6 @@ test('errors if file cannot be parsed', async () => {
     {
       templateId: 'template-id',
       clientId: 'template-owner',
-      clientOwned: true,
     },
     file
   );
@@ -184,7 +179,6 @@ test('errors if file cannot be opened', async () => {
     {
       templateId: 'template-id',
       clientId: 'template-owner',
-      clientOwned: true,
     },
     file
   );