Merge pull request #1599 from CVEProject/dr_create_update_org_cleanup

Remove redundant functions

Author: david-rocca

src/controller/org.controller/index.js

@@ -490,7 +490,7 @@ router.post('/registry/org',
   query().custom((query) => { return mw.validateQueryParameterNames(query, ['']) }),
   parsePostParams,
   parseError,
-  controller.REGISTRY_CREATE_ORG
+  controller.ORG_CREATE_SINGLE
 )
 
 router.put('/registry/org/:shortname',
@@ -571,7 +571,7 @@ router.put('/registry/org/:shortname',
   validateUpdateOrgParameters(),
   parseError,
   parsePutParams,
-  controller.REGISTRY_UPDATE_ORG
+  controller.ORG_UPDATE_SINGLE
 )
 
 router.post('/registry/org/:shortname/user',

src/controller/org.controller/org.controller.js

@@ -218,65 +218,6 @@ async function getOrgIdQuota (req, res, next) {
   }
 }
 
-async function registryCreateOrg (req, res, next) {
-  try {
-    const session = await mongoose.startSession()
-    const repo = req.ctx.repositories.getBaseOrgRepository()
-    const body = req.ctx.body
-    let returnValue
-    // Do not allow the user to pass in a UUID
-    if (body?.uuid ?? null) {
-      return res.status(400).json(error.uuidProvided('org'))
-    }
-
-    try {
-      session.startTransaction()
-      // Because Discriminators are used to handle the different types, mongoose automatically drops ALL fields that are not defined in EITHER the base or sub schema
-
-      const result = repo.validateOrg(req.ctx.body, { session })
-      if (!result.isValid) {
-        logger.error(JSON.stringify({ uuid: req.ctx.uuid, message: 'CVE JSON schema validation FAILED.' }))
-        await session.abortTransaction()
-        if (!Array.isArray(body?.authority) || body?.authority.some(item => typeof item !== 'string')) {
-          return res.status(400).json({ error: 'BAD_INPUT', message: 'Parameters were invalid', details: [{ param: 'authority', msg: 'Parameter must be a one-dimensional array of strings' }] })
-        }
-        return res.status(400).json({ error: 'BAD_INPUT', message: 'Parameters were invalid', errors: result.errors })
-      }
-
-      // Check to see if the org already exists
-      if (await repo.orgExists(body.short_name, { session })) {
-        logger.info({ uuid: req.ctx.uuid, message: body.short_name + ' organization was not created because it already exists.' })
-        await session.abortTransaction()
-        return res.status(400).json(error.orgExists(body.short_name))
-      }
-
-      // If we get here, we know we are good to create
-      const userRepo = req.ctx.repositories.getBaseUserRepository()
-      const requestingUserUUID = await userRepo.getUserUUID(req.ctx.user, req.ctx.org, { session })
-      const isSecretariat = await repo.isSecretariatByShortName(req.ctx.org, { session })
-      returnValue = await repo.createOrg(req.ctx.body, { session, upsert: true }, false, requestingUserUUID, isSecretariat)
-
-      await session.commitTransaction()
-      logger.info({
-        action: 'create_org',
-        change: returnValue.short_name + ' organization was successfully created.',
-        req_UUID: req.ctx.uuid,
-        org_UUID: returnValue.UUID,
-        org: returnValue
-      })
-    } catch (error) {
-      await session.abortTransaction()
-      throw error
-    } finally {
-      await session.endSession()
-    }
-
-    return res.status(200).json({ message: returnValue.short_name + ' organization was successfully created.', created: returnValue })
-  } catch (err) {
-    next(err)
-  }
-}
-
 /**
  *  Creates a new org only if the org doesn't exist for the specified shortname.
  *  If the org exists, we do not update the org.
@@ -293,15 +234,32 @@ async function createOrg (req, res, next) {
 
     try {
       session.startTransaction()
-      if (await repo.orgExists(body?.short_name, { session }, true)) {
+
+      if (req.useRegistry) {
+        // If we are creating an org via the registry flag, we can do a full validation.
+        const result = await repo.validateOrg(body, { session })
+        if (!result.isValid) {
+          logger.error(JSON.stringify({ uuid: req.ctx.uuid, message: 'CVE JSON schema validation FAILED.' }))
+          await session.abortTransaction()
+          if (!Array.isArray(body?.authority) || body?.authority.some(item => typeof item !== 'string')) {
+            return res.status(400).json({ error: 'BAD_INPUT', message: 'Parameters were invalid', details: [{ param: 'authority', msg: 'Parameter must be a one-dimensional array of strings' }] })
+          }
+          return res.status(400).json({ error: 'BAD_INPUT', message: 'Parameters were invalid', errors: result.errors })
+        }
+      }
+
+      // Check to see if the org already exits
+      // Org exists funciton checks if we should "return the legacy format" NOT "IS IT" a legacy format. TODO: Fix that.
+      if (await repo.orgExists(body?.short_name, { session }, !req.useRegistry)) {
         logger.info({ uuid: req.ctx.uuid, message: body?.short_name + ' organization was not created because it already exists.' })
         await session.abortTransaction()
         return res.status(400).json(error.orgExists(body?.short_name))
       }
-      const isSecretariat = await repo.isSecretariatByShortName(req.ctx.org, { session })
+
       const userRepo = req.ctx.repositories.getBaseUserRepository()
+      const isSecretariat = await repo.isSecretariatByShortName(req.ctx.org, { session })
       const requestingUserUUID = await userRepo.getUserUUID(req.ctx.user, req.ctx.org, { session })
-      returnValue = await repo.createOrg(req.ctx.body, { session, upsert: true }, true, requestingUserUUID, isSecretariat)
+      returnValue = await repo.createOrg(req.ctx.body, { session, upsert: true }, !req.useRegistry, requestingUserUUID, isSecretariat)
 
       await session.commitTransaction()
     } catch (error) {
@@ -332,72 +290,6 @@ async function createOrg (req, res, next) {
   }
 }
 
-// update org for registry
-// /api/registry/org/{shortname}
-async function registryUpdateOrg (req, res, next) {
-  const session = await mongoose.startSession()
-  const shortNameUrlParameter = req.ctx.params.shortname
-  let responseMessage
-  const orgRepository = req.ctx.repositories.getBaseOrgRepository()
-
-  // Get the query parameters as JSON
-  // These are validated by the middleware in org/index.js
-  const queryParametersJson = req.ctx.query
-
-  // Try for network request
-  try {
-    // Try for database, if we were catching things more specifically, we could move to 1 try statement
-    try {
-      session.startTransaction()
-      if (queryParametersJson['active_roles.add']) {
-        if (!Array.isArray(queryParametersJson.active_roles?.add) || queryParametersJson.active_roles?.add.some(item => typeof item !== 'string')) {
-          await session.abortTransaction()
-          return res.status(400).json({ message: 'Parameters were invalid', details: [{ param: 'authority', msg: 'Parameter must be a one-dimensional array of strings' }] })
-        }
-      }
-
-      if (queryParametersJson['active_roles.remove']) {
-        if (!Array.isArray(queryParametersJson.active_roles?.remove) || queryParametersJson.active_roles?.remove.some(item => typeof item !== 'string')) {
-          await session.abortTransaction()
-          return res.status(400).json({ message: 'Parameters were invalid', details: [{ param: 'authority', msg: 'Parameter must be a one-dimensional array of strings' }] })
-        }
-      }
-
-      if (!(await orgRepository.orgExists(shortNameUrlParameter, { session }))) {
-        logger.info({ uuid: req.ctx.uuid, message: `Organization ${shortNameUrlParameter} not found.` })
-        await session.abortTransaction()
-        return res.status(404).json(error.orgDnePathParam(shortNameUrlParameter))
-      }
-
-      if (Object.hasOwn(queryParametersJson, 'new_short_name') && (await orgRepository.orgExists(queryParametersJson.new_short_name, { session }))) {
-        await session.abortTransaction()
-        return res.status(403).json(error.duplicateShortname(queryParametersJson.new_short_name))
-      }
-
-      const userRepo = req.ctx.repositories.getBaseUserRepository()
-      const requestingUserUUID = await userRepo.getUserUUID(req.ctx.user, req.ctx.org, { session })
-      const isSecretariat = await orgRepository.isSecretariatByShortName(req.ctx.org, { session })
-      const isAdmin = await userRepo.isAdmin(req.ctx.user, req.ctx.org, { session })
-      const updatedOrg = await orgRepository.updateOrg(shortNameUrlParameter, queryParametersJson, { session }, false, requestingUserUUID, isAdmin, isSecretariat)
-
-      responseMessage = { message: `${updatedOrg.short_name} organization was successfully updated.`, updated: updatedOrg } // Clarify message
-      const payload = { action: 'update_org', change: `${updatedOrg.short_name} organization was successfully updated.`, org: updatedOrg }
-      payload.user_UUID = await userRepo.getUserUUID(req.ctx.user, updatedOrg.UUID, { session })
-      payload.org_UUID = updatedOrg.UUID
-      payload.req_UUID = req.ctx.uuid
-      await session.commitTransaction()
-    } catch (error) {
-      await session.abortTransaction()
-      throw error
-    } finally {
-      await session.endSession()
-    }
-    return res.status(200).json(responseMessage)
-  } catch (err) {
-    next(err)
-  }
-}
-
 /**
  *  Updates an org only if the org exist for the specified shortname.
  *  If no org exists, we do not create the org.
@@ -416,6 +308,24 @@ async function updateOrg (req, res, next) {
   try {
     try {
       session.startTransaction()
+
+      // TODO: Check to see if this check is needed for both options
+      if (req.useRegistry) {
+        if (queryParametersJson['active_roles.add']) {
+          if (!Array.isArray(queryParametersJson.active_roles?.add) || queryParametersJson.active_roles?.add.some(item => typeof item !== 'string')) {
+            await session.abortTransaction()
+            return res.status(400).json({ message: 'Parameters were invalid', details: [{ param: 'authority', msg: 'Parameter must be a one-dimensional array of strings' }] })
+          }
+        }
+
+        if (queryParametersJson['active_roles.remove']) {
+          if (!Array.isArray(queryParametersJson.active_roles?.remove) || queryParametersJson.active_roles?.remove.some(item => typeof item !== 'string')) {
+            await session.abortTransaction()
+            return res.status(400).json({ message: 'Parameters were invalid', details: [{ param: 'authority', msg: 'Parameter must be a one-dimensional array of strings' }] })
+          }
+        }
+      }
+
       if (!(await orgRepository.orgExists(shortNameUrlParameter, { session }))) {
         logger.info({ uuid: req.ctx.uuid, message: `Organization ${shortNameUrlParameter} not found.` })
         return res.status(404).json(error.orgDnePathParam(shortNameUrlParameter))
@@ -426,11 +336,10 @@ async function updateOrg (req, res, next) {
       }
 
       const userRepo = req.ctx.repositories.getBaseUserRepository()
+      const requestingUserUUID = await userRepo.getUserUUID(req.ctx.user, req.ctx.org, { session })
       const isSecretariat = await orgRepository.isSecretariatByShortName(req.ctx.org, { session })
       const isAdmin = await userRepo.isAdmin(req.ctx.user, req.ctx.org, { session })
-      const requestingUserUUID = await userRepo.getUserUUID(req.ctx.user, req.ctx.org, { session })
-
-      const updatedOrg = await orgRepository.updateOrg(shortNameUrlParameter, queryParametersJson, { session }, true, requestingUserUUID, isAdmin, isSecretariat)
+      const updatedOrg = await orgRepository.updateOrg(shortNameUrlParameter, queryParametersJson, { session }, !req.useRegistry, requestingUserUUID, isAdmin, isSecretariat)
 
       responseMessage = { message: `${updatedOrg.short_name} organization was successfully updated.`, updated: updatedOrg } // Clarify message
       const payload = { action: 'update_org', change: `${updatedOrg.short_name} organization was successfully updated.`, org: updatedOrg }
@@ -804,7 +713,5 @@ module.exports = {
   USER_SINGLE: getUser,
   USER_CREATE_SINGLE: createUser,
   USER_UPDATE_SINGLE: updateUser,
-  USER_RESET_SECRET: resetSecret,
-  REGISTRY_CREATE_ORG: registryCreateOrg,
-  REGISTRY_UPDATE_ORG: registryUpdateOrg
+  USER_RESET_SECRET: resetSecret
 }

src/repositories/baseOrgRepository.js

@@ -77,7 +77,6 @@ class BaseOrgRepository extends BaseRepository {
     return null
   }
 
-  // In the future we wont need a second arg here, but until that databases are synced I need to control this.
   async orgExists (shortName, options = {}, returnLegacyFormat = false) {
     if (await this.findOneByShortName(shortName, options, returnLegacyFormat)) {
       return true