From 1dca022a7b37c8058a7e6772ea4bf4d43bde543d Mon Sep 17 00:00:00 2001 From: luciajanikova <19lucia99@gmail.com> Date: Fri, 15 Dec 2023 15:30:11 +0100 Subject: [PATCH 1/7] Updates --- .env | 2 +- .../authorize_delivery_notification_job.rb | 4 +- app/jobs/govbox/download_message_job.rb | 4 +- app/jobs/govbox/submit_message_draft_job.rb | 4 +- app/jobs/govbox/sync_box_job.rb | 4 +- app/jobs/govbox/sync_folder_job.rb | 4 +- app/lib/upvs/govbox_api.rb | 2 + app/lib/upvs/sk_api.rb | 58 +++++++++++++++++++ app/lib/upvs_environment.rb | 8 ++- app/services/upvs/sk_api_client.rb | 9 +++ .../20230802071745_update_message_subjects.rb | 4 +- .../20231012213434_update_message_metadata.rb | 4 +- 12 files changed, 88 insertions(+), 19 deletions(-) create mode 100644 app/lib/upvs/sk_api.rb create mode 100644 app/services/upvs/sk_api_client.rb diff --git a/.env b/.env index 7fda76b81..242798998 100644 --- a/.env +++ b/.env @@ -1,5 +1,5 @@ -GB_API_ENV= GB_API_URL= +SK_API_URL= SITE_ADMIN_EMAILS= GOOGLE_CLIENT_ID= GOOGLE_CLIENT_SECRET= diff --git a/app/jobs/govbox/authorize_delivery_notification_job.rb b/app/jobs/govbox/authorize_delivery_notification_job.rb index 86f8ca17a..d1886f820 100644 --- a/app/jobs/govbox/authorize_delivery_notification_job.rb +++ b/app/jobs/govbox/authorize_delivery_notification_job.rb @@ -1,6 +1,6 @@ class Govbox::AuthorizeDeliveryNotificationJob < ApplicationJob - def perform(message, upvs_client: UpvsEnvironment.upvs_client) - edesk_api = upvs_client.api(message.thread.box).edesk + def perform(message) + edesk_api = UpvsEnvironment.upvs_api(message.thread.box).edesk success, target_message_id = edesk_api.authorize_delivery_notification(message.metadata["delivery_notification"]["authorize_url"], mode: :sync) diff --git a/app/jobs/govbox/download_message_job.rb b/app/jobs/govbox/download_message_job.rb index 97cdfbbf6..62a49b9f7 100644 --- a/app/jobs/govbox/download_message_job.rb +++ b/app/jobs/govbox/download_message_job.rb @@ -2,8 +2,8 @@ module Govbox class DownloadMessageJob < ApplicationJob queue_as :default - def perform(govbox_folder, edesk_message_id, upvs_client: UpvsEnvironment.upvs_client) - edesk_api = upvs_client.api(govbox_folder.box).edesk + def perform(govbox_folder, edesk_message_id) + edesk_api = UpvsEnvironment.upvs_api(govbox_folder.box).edesk response_status, raw_message = edesk_api.fetch_message(edesk_message_id) raise "Unable to fetch folder messages" if response_status != 200 diff --git a/app/jobs/govbox/submit_message_draft_job.rb b/app/jobs/govbox/submit_message_draft_job.rb index bb3defaa3..4ae63ea17 100644 --- a/app/jobs/govbox/submit_message_draft_job.rb +++ b/app/jobs/govbox/submit_message_draft_job.rb @@ -7,7 +7,7 @@ class TemporarySubmissionError < SubmissionError retry_on TemporarySubmissionError, wait: 2.minutes, attempts: 5 - def perform(message_draft, schedule_sync: true, upvs_client: UpvsEnvironment.upvs_client) + def perform(message_draft, schedule_sync: true) message_draft_data = { posp_id: message_draft.metadata["posp_id"], posp_version: message_draft.metadata["posp_version"], @@ -21,7 +21,7 @@ def perform(message_draft, schedule_sync: true, upvs_client: UpvsEnvironment.upv objects: build_objects(message_draft) }.compact - sktalk_api = upvs_client.api(message_draft.thread.box).sktalk + sktalk_api = UpvsEnvironment.upvs_api(message_draft.thread.box).sktalk success, response_status, response_body = sktalk_api.receive_and_save_to_outbox(message_draft_data) if success diff --git a/app/jobs/govbox/sync_box_job.rb b/app/jobs/govbox/sync_box_job.rb index d13027aba..55385cdfa 100644 --- a/app/jobs/govbox/sync_box_job.rb +++ b/app/jobs/govbox/sync_box_job.rb @@ -2,10 +2,10 @@ module Govbox class SyncBoxJob < ApplicationJob queue_as :default - def perform(box, upvs_client: UpvsEnvironment.upvs_client) + def perform(box) return unless box.syncable? - edesk_api = upvs_client.api(box).edesk + edesk_api = UpvsEnvironment.upvs_api(box).edesk response_status, raw_folders = edesk_api.fetch_folders raise "Unable to fetch folders" if response_status != 200 diff --git a/app/jobs/govbox/sync_folder_job.rb b/app/jobs/govbox/sync_folder_job.rb index 461ac4c9f..9668db59a 100644 --- a/app/jobs/govbox/sync_folder_job.rb +++ b/app/jobs/govbox/sync_folder_job.rb @@ -2,8 +2,8 @@ module Govbox class SyncFolderJob < ApplicationJob queue_as :default - def perform(folder, upvs_client: UpvsEnvironment.upvs_client, batch_size: 1000) - edesk_api = upvs_client.api(folder.box).edesk + def perform(folder, batch_size: 1000) + edesk_api = UpvsEnvironment.upvs_api(folder.box).edesk new_messages_ids = [] 0.step do |k| diff --git a/app/lib/upvs/govbox_api.rb b/app/lib/upvs/govbox_api.rb index cc12441a8..946fc333c 100644 --- a/app/lib/upvs/govbox_api.rb +++ b/app/lib/upvs/govbox_api.rb @@ -5,6 +5,8 @@ class GovboxApi < Api attr_reader :sub, :obo, :api_token_private_key, :url, :edesk, :sktalk def initialize(url, box:, handler: Faraday) + raise "Box API connection is not of type Govbox API connection" unless (box.api_connection.is_a?(Govbox::ApiConnection) || box.api_connection.is_a?(Govbox::ApiConnectionWithOboSupport)) + @sub = box.api_connection.sub @obo = box.api_connection.box_obo(box) @api_token_private_key = OpenSSL::PKey::RSA.new(box.api_connection.api_token_private_key) diff --git a/app/lib/upvs/sk_api.rb b/app/lib/upvs/sk_api.rb new file mode 100644 index 000000000..6c8de5add --- /dev/null +++ b/app/lib/upvs/sk_api.rb @@ -0,0 +1,58 @@ +require 'jwt' + +module Upvs + class SkApi < Api + attr_reader :sub, :obo, :api_token_private_key, :url, :cep + + def initialize(url, box:, handler: Faraday) + raise "Box API connection is not of type SK API connection" unless box.api_connection.is_a?(SkApi::ApiConnection) + + @sub = box.api_connection.sub + @obo = box.api_connection.box_obo(box) + @api_token_private_key = OpenSSL::PKey::RSA.new(box.api_connection.api_token_private_key) + @url = url + @cep = Cep.new(self) + @handler = handler + @handler.options.timeout = 900_000 + end + + class Cep < Namespace + def sign(data) + response_status, response_body = @api.request(:post, "#{@api.url}/api/cep/sign", data.to_json, header) + response_body['signed_objects'] if sign_successful?(response_status, response_body) + end + + def sign_v2(data) + response_status, response_body = @api.request(:post, "#{@api.url}/api/cep/sign_v2", data.to_json, header) + response_body['signed_objects'] if sign_successful?(response_status, response_body) + end + + private + + def header + { + "Authorization": authorization_payload, + "Content-Type": "application/vnd.sktalk+json;type=SkTalk" + } + end + + def sign_successful?(response_status, response_body) + response_status == 200 && response_body['sign_description'] == 'OK' + end + end + + class Error < StandardError + attr_accessor :resource + + attr_reader :response + + def initialize(response) + @response = response + end + + def to_s + cause ? cause.to_s : 'Unknown error' + end + end + end +end diff --git a/app/lib/upvs_environment.rb b/app/lib/upvs_environment.rb index cc253c350..4b024b5a5 100644 --- a/app/lib/upvs_environment.rb +++ b/app/lib/upvs_environment.rb @@ -1,7 +1,11 @@ module UpvsEnvironment extend self - def upvs_client - @upvs_client ||= Upvs::GovboxApiClient.new + def upvs_api(box) + @upvs_api ||= if box.api_connection.is_a?(Govbox::ApiConnection) || box.api_connection.is_a?(Govbox::ApiConnectionWithOboSupport) + Upvs::GovboxApiClient.new.api(box) + elsif box.api_connection.is_a?(SkApi::ApiConnectionWithOboSupport) + Upvs::SkApiClient.new.api(box) + end end end diff --git a/app/services/upvs/sk_api_client.rb b/app/services/upvs/sk_api_client.rb new file mode 100644 index 000000000..db737f4b2 --- /dev/null +++ b/app/services/upvs/sk_api_client.rb @@ -0,0 +1,9 @@ +class Upvs::SkApiClient + def initialize(host: ENV.fetch('SK_API_URL')) + @host = host + end + + def api(box) + Upvs::SkApi.new(@host, box: box) + end +end diff --git a/db/migrate/20230802071745_update_message_subjects.rb b/db/migrate/20230802071745_update_message_subjects.rb index d64766ad3..00f65fbac 100644 --- a/db/migrate/20230802071745_update_message_subjects.rb +++ b/db/migrate/20230802071745_update_message_subjects.rb @@ -1,11 +1,9 @@ class UpdateMessageSubjects < ActiveRecord::Migration[7.0] def up - upvs_client = UpvsEnvironment.upvs_client - Message.find_each do |message| govbox_message = Govbox::Message.find_by(message_id: message.uuid) - edesk_api = upvs_client.api(govbox_message.folder.box).edesk + edesk_api = UpvsEnvironment.upvs_api(govbox_message.folder.box).edesk _, raw_message = edesk_api.fetch_message(govbox_message.edesk_message_id) govbox_message.update( diff --git a/db/migrate/20231012213434_update_message_metadata.rb b/db/migrate/20231012213434_update_message_metadata.rb index b0dece3ed..dc46f10ef 100644 --- a/db/migrate/20231012213434_update_message_metadata.rb +++ b/db/migrate/20231012213434_update_message_metadata.rb @@ -1,9 +1,7 @@ class UpdateMessageMetadata < ActiveRecord::Migration[7.0] def change - upvs_client = UpvsEnvironment.upvs_client - Govbox::Message.find_each do |govbox_message| - edesk_api = upvs_client.api(govbox_message.box).edesk + edesk_api = UpvsEnvironment.upvs_api(govbox_message.box).edesk response_status, raw_message = edesk_api.fetch_message(govbox_message.edesk_message_id) raise "Unable to fetch message" if response_status != 200 From 21dd3da323655238716aa1fbd2f7265082fd3d75 Mon Sep 17 00:00:00 2001 From: luciajanikova <19lucia99@gmail.com> Date: Thu, 21 Dec 2023 11:40:02 +0100 Subject: [PATCH 2/7] Update UPVS APIs --- app/lib/upvs/govbox_api.rb | 2 +- app/lib/upvs/sk_api.rb | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/app/lib/upvs/govbox_api.rb b/app/lib/upvs/govbox_api.rb index 946fc333c..e3d07ed6b 100644 --- a/app/lib/upvs/govbox_api.rb +++ b/app/lib/upvs/govbox_api.rb @@ -5,7 +5,7 @@ class GovboxApi < Api attr_reader :sub, :obo, :api_token_private_key, :url, :edesk, :sktalk def initialize(url, box:, handler: Faraday) - raise "Box API connection is not of type Govbox API connection" unless (box.api_connection.is_a?(Govbox::ApiConnection) || box.api_connection.is_a?(Govbox::ApiConnectionWithOboSupport)) + raise "Box API connection is not of type Govbox API connection" unless (box.api_connection.is_a?(::Govbox::ApiConnection) || box.api_connection.is_a?(::Govbox::ApiConnectionWithOboSupport)) @sub = box.api_connection.sub @obo = box.api_connection.box_obo(box) diff --git a/app/lib/upvs/sk_api.rb b/app/lib/upvs/sk_api.rb index 6c8de5add..db5c00ff5 100644 --- a/app/lib/upvs/sk_api.rb +++ b/app/lib/upvs/sk_api.rb @@ -5,7 +5,7 @@ class SkApi < Api attr_reader :sub, :obo, :api_token_private_key, :url, :cep def initialize(url, box:, handler: Faraday) - raise "Box API connection is not of type SK API connection" unless box.api_connection.is_a?(SkApi::ApiConnection) + raise "Box API connection is not of type SK API connection" unless box.api_connection.is_a?(::SkApi::ApiConnectionWithOboSupport) @sub = box.api_connection.sub @obo = box.api_connection.box_obo(box) @@ -32,7 +32,7 @@ def sign_v2(data) def header { "Authorization": authorization_payload, - "Content-Type": "application/vnd.sktalk+json;type=SkTalk" + "Content-Type": "application/json" } end From 01fb76780d6d13d9d4bae16a4f2a907298648f1b Mon Sep 17 00:00:00 2001 From: luciajanikova <19lucia99@gmail.com> Date: Thu, 21 Dec 2023 16:34:09 +0100 Subject: [PATCH 3/7] Update Signer & Create SigningCertificates --- app/lib/signer.rb | 63 +++++++++++++++++++ app/lib/upvs/sk_api.rb | 2 +- app/models/upvs/signing_certificate.rb | 13 ++++ ...134539_create_upvs_signing_certificates.rb | 10 +++ db/schema.rb | 11 +++- 5 files changed, 97 insertions(+), 2 deletions(-) create mode 100644 app/lib/signer.rb create mode 100644 app/models/upvs/signing_certificate.rb create mode 100644 db/migrate/20231221134539_create_upvs_signing_certificates.rb diff --git a/app/lib/signer.rb b/app/lib/signer.rb new file mode 100644 index 000000000..2f80c52ff --- /dev/null +++ b/app/lib/signer.rb @@ -0,0 +1,63 @@ +module Signer + def self.sign(message_object) + cep_api = UpvsEnvironment.upvs_api(message_object.message.thread.box).cep + certificate = Upvs::SigningCertificate.find_by!(box: message_object.message.thread.box) + + if message_object.mimetype == 'application/pdf' + data = { + objects: [ + { + certificate_type: 'Subject', + certificate_subject: certificate.subject, + signature_type: 'PAdES', + class: 'http://schemas.gov.sk/attachment/pdf', + mime_type: 'application/pdf', + encoding: 'Base64', + content: Base64.strict_encode64(message_object.content) + } + ] + } + signed_objects = cep_api.sign(data) + signed_data = signed_objects&.first + else + data = { + object_groups: [ + { + id: SecureRandom.uuid, + signing_certificate: { + type: 'Subject', + subject: certificate.subject, + }, + unsigned_objects: [ + { + id: message_object_id(message_object), + data: Base64.strict_encode64(message_object.content) + } + ], + } + ] + } + signed_objects = cep_api.sign_v2(data) + signed_data = signed_objects&.first + end + + signed_data + end + + private + + def message_object_id(object) + if object.form? + "http://schemas.gov.sk/form/#{object.message.metadata["posp_id"]}/#{object.message.metadata["posp_version"]}/form.xsd" + else + case object.mimetype + when 'text/plain' + 'http://schemas.gov.sk/attachment/txt' + when 'image/png' + 'http://schemas.gov.sk/attachment/png' + else + raise "Unsupported MimeType" + end + end + end +end diff --git a/app/lib/upvs/sk_api.rb b/app/lib/upvs/sk_api.rb index db5c00ff5..9bf235e2a 100644 --- a/app/lib/upvs/sk_api.rb +++ b/app/lib/upvs/sk_api.rb @@ -24,7 +24,7 @@ def sign(data) def sign_v2(data) response_status, response_body = @api.request(:post, "#{@api.url}/api/cep/sign_v2", data.to_json, header) - response_body['signed_objects'] if sign_successful?(response_status, response_body) + response_body['signed_object_groups'] if sign_successful?(response_status, response_body) end private diff --git a/app/models/upvs/signing_certificate.rb b/app/models/upvs/signing_certificate.rb new file mode 100644 index 000000000..10c2ba5ac --- /dev/null +++ b/app/models/upvs/signing_certificate.rb @@ -0,0 +1,13 @@ +# == Schema Information +# +# Table name: upvs_signing_certificates +# +# id :bigint not null, primary key +# subject :string not null +# created_at :datetime not null +# updated_at :datetime not null +# box_id :bigint not null +# +class Upvs::SigningCertificate < ApplicationRecord + belongs_to :box +end diff --git a/db/migrate/20231221134539_create_upvs_signing_certificates.rb b/db/migrate/20231221134539_create_upvs_signing_certificates.rb new file mode 100644 index 000000000..2c51aa45a --- /dev/null +++ b/db/migrate/20231221134539_create_upvs_signing_certificates.rb @@ -0,0 +1,10 @@ +class CreateUpvsSigningCertificates < ActiveRecord::Migration[7.1] + def change + create_table :upvs_signing_certificates do |t| + t.string :subject, null: false + t.references :box, null: false, foreign_key: true + + t.timestamps + end + end +end diff --git a/db/schema.rb b/db/schema.rb index 3051f0db1..32e2ae68e 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema[7.1].define(version: 2023_12_20_102044) do +ActiveRecord::Schema[7.1].define(version: 2023_12_21_134539) do # These are extensions that must be enabled in order to support this database enable_extension "pgcrypto" enable_extension "plpgsql" @@ -509,6 +509,14 @@ t.index ["identifier", "version"], name: "index_form_templates_on_identifier_and_version", unique: true end + create_table "upvs_signing_certificates", force: :cascade do |t| + t.string "subject", null: false + t.bigint "box_id", null: false + t.datetime "created_at", null: false + t.datetime "updated_at", null: false + t.index ["box_id"], name: "index_upvs_signing_certificates_on_box_id" + end + create_table "users", force: :cascade do |t| t.bigint "tenant_id" t.string "email", null: false @@ -572,5 +580,6 @@ add_foreign_key "tags", "tenants" add_foreign_key "tags", "users", column: "owner_id" add_foreign_key "upvs_form_template_related_documents", "upvs_form_templates" + add_foreign_key "upvs_signing_certificates", "boxes" add_foreign_key "users", "tenants" end From 4655c06704d6c859676708528abed67c7b74ecb8 Mon Sep 17 00:00:00 2001 From: luciajanikova <19lucia99@gmail.com> Date: Fri, 22 Dec 2023 12:58:30 +0100 Subject: [PATCH 4/7] First attempt of models --- app/models/autogram_signing_setting.rb | 11 ++++++ app/models/seal_signing_setting.rb | 13 +++++++ app/models/tenant.rb | 22 ++++++++---- app/models/tenant_signing_option.rb | 15 ++++++++ ...134539_create_upvs_signing_certificates.rb | 10 ------ ...222110755_create_tenant_signing_options.rb | 9 +++++ ...111222_create_autogram_signing_settings.rb | 8 +++++ ...1222111236_create_seal_signing_settings.rb | 10 ++++++ db/schema.rb | 34 +++++++++++++------ 9 files changed, 105 insertions(+), 27 deletions(-) create mode 100644 app/models/autogram_signing_setting.rb create mode 100644 app/models/seal_signing_setting.rb create mode 100644 app/models/tenant_signing_option.rb delete mode 100644 db/migrate/20231221134539_create_upvs_signing_certificates.rb create mode 100644 db/migrate/20231222110755_create_tenant_signing_options.rb create mode 100644 db/migrate/20231222111222_create_autogram_signing_settings.rb create mode 100644 db/migrate/20231222111236_create_seal_signing_settings.rb diff --git a/app/models/autogram_signing_setting.rb b/app/models/autogram_signing_setting.rb new file mode 100644 index 000000000..5e63aff1b --- /dev/null +++ b/app/models/autogram_signing_setting.rb @@ -0,0 +1,11 @@ +# == Schema Information +# +# Table name: autogram_signing_settings +# +# id :bigint not null, primary key +# created_at :datetime not null +# updated_at :datetime not null +# +class AutogramSigningSetting < ApplicationRecord + has_one :tenant_signing_options, as: :signing_setting +end diff --git a/app/models/seal_signing_setting.rb b/app/models/seal_signing_setting.rb new file mode 100644 index 000000000..2bed1f8f8 --- /dev/null +++ b/app/models/seal_signing_setting.rb @@ -0,0 +1,13 @@ +# == Schema Information +# +# Table name: seal_signing_settings +# +# id :bigint not null, primary key +# certificate_subject :string +# connection_sub :string +# created_at :datetime not null +# updated_at :datetime not null +# +class SealSigningSetting < ApplicationRecord + has_one :tenant_signing_options, as: :signing_setting +end diff --git a/app/models/tenant.rb b/app/models/tenant.rb index c0aa5a923..8a9ce3e80 100644 --- a/app/models/tenant.rb +++ b/app/models/tenant.rb @@ -2,12 +2,11 @@ # # Table name: tenants # -# id :bigint not null, primary key -# api_token_public_key :string -# feature_flags :string default([]), is an Array -# name :string not null -# created_at :datetime not null -# updated_at :datetime not null +# id :bigint not null, primary key +# feature_flags :string default([]), is an Array +# name :string not null +# created_at :datetime not null +# updated_at :datetime not null # class Tenant < ApplicationRecord has_many :users, dependent: :destroy @@ -18,6 +17,8 @@ class Tenant < ApplicationRecord has_many :groups, dependent: :destroy has_many :custom_groups + has_many :tenant_signing_options, dependent: :destroy + has_one :draft_tag has_one :everything_tag has_one :signature_requested_tag @@ -91,5 +92,14 @@ def create_default_objects create_signed_tag!(name: "Podpísané", visible: true, color: "green", icon: "fingerprint") make_admins_see_everything! + + create_default_signing_options! + end + + def create_default_signing_options! + autogram_siging_settings = AutogramSigningSetting.create! + tenant_signing_options.create!( + signing_setting: autogram_siging_settings + ) end end diff --git a/app/models/tenant_signing_option.rb b/app/models/tenant_signing_option.rb new file mode 100644 index 000000000..9ffac9c52 --- /dev/null +++ b/app/models/tenant_signing_option.rb @@ -0,0 +1,15 @@ +# == Schema Information +# +# Table name: tenant_signing_options +# +# id :bigint not null, primary key +# signing_setting_type :string +# created_at :datetime not null +# updated_at :datetime not null +# signing_setting_id :bigint +# tenant_id :bigint not null +# +class TenantSigningOption < ApplicationRecord + belongs_to :tenant + belongs_to :signing_setting, polymorphic: true +end diff --git a/db/migrate/20231221134539_create_upvs_signing_certificates.rb b/db/migrate/20231221134539_create_upvs_signing_certificates.rb deleted file mode 100644 index 2c51aa45a..000000000 --- a/db/migrate/20231221134539_create_upvs_signing_certificates.rb +++ /dev/null @@ -1,10 +0,0 @@ -class CreateUpvsSigningCertificates < ActiveRecord::Migration[7.1] - def change - create_table :upvs_signing_certificates do |t| - t.string :subject, null: false - t.references :box, null: false, foreign_key: true - - t.timestamps - end - end -end diff --git a/db/migrate/20231222110755_create_tenant_signing_options.rb b/db/migrate/20231222110755_create_tenant_signing_options.rb new file mode 100644 index 000000000..ddff533e4 --- /dev/null +++ b/db/migrate/20231222110755_create_tenant_signing_options.rb @@ -0,0 +1,9 @@ +class CreateTenantSigningOptions < ActiveRecord::Migration[7.1] + def change + create_table :tenant_signing_options do |t| + t.references :tenant, null: false + t.references :signing_setting, polymorphic: true + t.timestamps + end + end +end diff --git a/db/migrate/20231222111222_create_autogram_signing_settings.rb b/db/migrate/20231222111222_create_autogram_signing_settings.rb new file mode 100644 index 000000000..79c3c94ec --- /dev/null +++ b/db/migrate/20231222111222_create_autogram_signing_settings.rb @@ -0,0 +1,8 @@ +class CreateAutogramSigningSettings < ActiveRecord::Migration[7.1] + def change + create_table :autogram_signing_settings do |t| + + t.timestamps + end + end +end diff --git a/db/migrate/20231222111236_create_seal_signing_settings.rb b/db/migrate/20231222111236_create_seal_signing_settings.rb new file mode 100644 index 000000000..0e8516c73 --- /dev/null +++ b/db/migrate/20231222111236_create_seal_signing_settings.rb @@ -0,0 +1,10 @@ +class CreateSealSigningSettings < ActiveRecord::Migration[7.1] + def change + create_table :seal_signing_settings do |t| + t.string :certificate_subject + t.string :connection_sub + + t.timestamps + end + end +end diff --git a/db/schema.rb b/db/schema.rb index 34948f660..df701ec33 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema[7.1].define(version: 2023_12_21_134539) do +ActiveRecord::Schema[7.1].define(version: 2023_12_22_111236) do # These are extensions that must be enabled in order to support this database enable_extension "pgcrypto" enable_extension "plpgsql" @@ -98,6 +98,11 @@ t.index ["tenant_id"], name: "index_audit_logs_on_tenant_id" end + create_table "autogram_signing_settings", force: :cascade do |t| + t.datetime "created_at", null: false + t.datetime "updated_at", null: false + end + create_table "automation_actions", force: :cascade do |t| t.string "type" t.bigint "automation_rule_id", null: false @@ -458,6 +463,13 @@ t.index ["user_id"], name: "index_notifications_on_user_id" end + create_table "seal_signing_settings", force: :cascade do |t| + t.string "certificate_subject" + t.string "connection_sub" + t.datetime "created_at", null: false + t.datetime "updated_at", null: false + end + create_table "searchable_message_threads", force: :cascade do |t| t.integer "message_thread_id", null: false t.text "title", null: false @@ -502,12 +514,21 @@ t.index ["tenant_id"], name: "index_tags_on_tenant_id" end + create_table "tenant_signing_options", force: :cascade do |t| + t.bigint "tenant_id", null: false + t.string "signing_setting_type" + t.bigint "signing_setting_id" + t.datetime "created_at", null: false + t.datetime "updated_at", null: false + t.index ["signing_setting_type", "signing_setting_id"], name: "index_tenant_signing_options_on_signing_setting" + t.index ["tenant_id"], name: "index_tenant_signing_options_on_tenant_id" + end + create_table "tenants", force: :cascade do |t| t.string "name", null: false t.datetime "created_at", null: false t.datetime "updated_at", null: false t.string "feature_flags", default: [], array: true - t.string "api_token_public_key" end create_table "upvs_form_template_related_documents", force: :cascade do |t| @@ -529,14 +550,6 @@ t.index ["identifier", "version"], name: "index_form_templates_on_identifier_and_version", unique: true end - create_table "upvs_signing_certificates", force: :cascade do |t| - t.string "subject", null: false - t.bigint "box_id", null: false - t.datetime "created_at", null: false - t.datetime "updated_at", null: false - t.index ["box_id"], name: "index_upvs_signing_certificates_on_box_id" - end - create_table "users", force: :cascade do |t| t.bigint "tenant_id" t.string "email", null: false @@ -602,6 +615,5 @@ add_foreign_key "tags", "tenants" add_foreign_key "tags", "users", column: "owner_id" add_foreign_key "upvs_form_template_related_documents", "upvs_form_templates" - add_foreign_key "upvs_signing_certificates", "boxes" add_foreign_key "users", "tenants" end From 62a0f5edbf3f866592d7d243ec5b233d637138f1 Mon Sep 17 00:00:00 2001 From: luciajanikova <19lucia99@gmail.com> Date: Fri, 22 Dec 2023 15:39:28 +0100 Subject: [PATCH 5/7] Update models & Signer --- app/lib/signer.rb | 14 ++++++---- app/lib/upvs/govbox_api.rb | 28 ++++++++++++++++++- app/lib/upvs/sk_api.rb | 10 +++---- app/lib/upvs_environment.rb | 2 +- ..._setting.rb => autogram_signing_option.rb} | 7 +++-- app/models/seal_signing_option.rb | 20 +++++++++++++ app/models/seal_signing_setting.rb | 13 --------- app/models/signing_option.rb | 12 ++++++++ .../sk_api/api_connection_with_obo_support.rb | 5 ++-- app/models/tenant.rb | 4 +-- app/models/tenant_signing_option.rb | 13 ++++----- app/services/upvs/sk_api_client.rb | 4 +-- ...111222_create_autogram_signing_settings.rb | 8 ------ .../20231222111223_create_signing_options.rb | 10 +++++++ ...1222111236_create_seal_signing_settings.rb | 10 ------- ...22111755_create_tenant_signing_options.rb} | 2 +- db/schema.rb | 26 +++++++---------- 17 files changed, 111 insertions(+), 77 deletions(-) rename app/models/{autogram_signing_setting.rb => autogram_signing_option.rb} (53%) create mode 100644 app/models/seal_signing_option.rb delete mode 100644 app/models/seal_signing_setting.rb create mode 100644 app/models/signing_option.rb delete mode 100644 db/migrate/20231222111222_create_autogram_signing_settings.rb create mode 100644 db/migrate/20231222111223_create_signing_options.rb delete mode 100644 db/migrate/20231222111236_create_seal_signing_settings.rb rename db/migrate/{20231222110755_create_tenant_signing_options.rb => 20231222111755_create_tenant_signing_options.rb} (78%) diff --git a/app/lib/signer.rb b/app/lib/signer.rb index 2f80c52ff..7f3ab43ac 100644 --- a/app/lib/signer.rb +++ b/app/lib/signer.rb @@ -1,14 +1,16 @@ module Signer - def self.sign(message_object) + def self.sign(message_object, signing_option) + raise "Invalid signing option" unless signing_option.is_a?(SealSigningOption) + cep_api = UpvsEnvironment.upvs_api(message_object.message.thread.box).cep - certificate = Upvs::SigningCertificate.find_by!(box: message_object.message.thread.box) + cep_api_connection = ApiConnection.find(signing_option.settings["api_connection_id"]) if message_object.mimetype == 'application/pdf' data = { objects: [ { certificate_type: 'Subject', - certificate_subject: certificate.subject, + certificate_subject: signing_option.settings["certificate_subject"], signature_type: 'PAdES', class: 'http://schemas.gov.sk/attachment/pdf', mime_type: 'application/pdf', @@ -17,7 +19,7 @@ def self.sign(message_object) } ] } - signed_objects = cep_api.sign(data) + signed_objects = cep_api.sign(data, cep_api_connection) signed_data = signed_objects&.first else data = { @@ -26,7 +28,7 @@ def self.sign(message_object) id: SecureRandom.uuid, signing_certificate: { type: 'Subject', - subject: certificate.subject, + subject: signing_option.settings["certificate_subject"], }, unsigned_objects: [ { @@ -37,7 +39,7 @@ def self.sign(message_object) } ] } - signed_objects = cep_api.sign_v2(data) + signed_objects = cep_api.sign_v2(data, cep_api_connection) signed_data = signed_objects&.first end diff --git a/app/lib/upvs/govbox_api.rb b/app/lib/upvs/govbox_api.rb index e3d07ed6b..23213ba5d 100644 --- a/app/lib/upvs/govbox_api.rb +++ b/app/lib/upvs/govbox_api.rb @@ -2,7 +2,7 @@ module Upvs class GovboxApi < Api - attr_reader :sub, :obo, :api_token_private_key, :url, :edesk, :sktalk + attr_reader :sub, :obo, :api_token_private_key, :url, :edesk, :sktalk, :cep def initialize(url, box:, handler: Faraday) raise "Box API connection is not of type Govbox API connection" unless (box.api_connection.is_a?(::Govbox::ApiConnection) || box.api_connection.is_a?(::Govbox::ApiConnectionWithOboSupport)) @@ -13,6 +13,7 @@ def initialize(url, box:, handler: Faraday) @url = url @edesk = Edesk.new(self) @sktalk = SkTalk.new(self) + @cep = Cep.new(self) @handler = handler @handler.options.timeout = 900_000 end @@ -69,6 +70,31 @@ def submit_successful?(response_status, receive_result, save_to_outbox_result) end end + class Cep < Namespace + def sign(data, api_connection) + cep_sk_api = Upvs::SkApiClient.new.api(api_connection: api_connection).cep + cep_sk_api.sign(data) + end + + def sign_v2(data, api_connection) + cep_sk_api = Upvs::SkApiClient.new.api(api_connection: api_connection).cep + cep_sk_api.sign_v2(data) + end + + private + + def header + { + "Authorization": authorization_payload, + "Content-Type": "application/json" + } + end + + def sign_successful?(response_status, response_body) + response_status == 200 && response_body['sign_description'] == 'OK' + end + end + class Error < StandardError attr_accessor :resource diff --git a/app/lib/upvs/sk_api.rb b/app/lib/upvs/sk_api.rb index 9bf235e2a..0993176c4 100644 --- a/app/lib/upvs/sk_api.rb +++ b/app/lib/upvs/sk_api.rb @@ -4,12 +4,12 @@ module Upvs class SkApi < Api attr_reader :sub, :obo, :api_token_private_key, :url, :cep - def initialize(url, box:, handler: Faraday) - raise "Box API connection is not of type SK API connection" unless box.api_connection.is_a?(::SkApi::ApiConnectionWithOboSupport) + def initialize(url, box: nil, api_connection: nil, handler: Faraday) + raise "Box API connection is not of type SK API connection" unless box&.api_connection.is_a?(::SkApi::ApiConnectionWithOboSupport) || api_connection.is_a?(::SkApi::ApiConnectionWithOboSupport) - @sub = box.api_connection.sub - @obo = box.api_connection.box_obo(box) - @api_token_private_key = OpenSSL::PKey::RSA.new(box.api_connection.api_token_private_key) + @sub = api_connection&.sub || box&.api_connection&.sub + @obo = api_connection&.box_obo(box) || box&.api_connection&.box_obo(box) + @api_token_private_key = OpenSSL::PKey::RSA.new(api_connection&.api_token_private_key || box&.api_connection.api_token_private_key) @url = url @cep = Cep.new(self) @handler = handler diff --git a/app/lib/upvs_environment.rb b/app/lib/upvs_environment.rb index 1a3151fb6..0f193df8e 100644 --- a/app/lib/upvs_environment.rb +++ b/app/lib/upvs_environment.rb @@ -5,7 +5,7 @@ def upvs_api(box) @upvs_api ||= if box.api_connection.is_a?(Govbox::ApiConnection) || box.api_connection.is_a?(Govbox::ApiConnectionWithOboSupport) Upvs::GovboxApiClient.new.api(box) elsif box.api_connection.is_a?(SkApi::ApiConnectionWithOboSupport) - Upvs::SkApiClient.new.api(box) + Upvs::SkApiClient.new.api(box: box) end end diff --git a/app/models/autogram_signing_setting.rb b/app/models/autogram_signing_option.rb similarity index 53% rename from app/models/autogram_signing_setting.rb rename to app/models/autogram_signing_option.rb index 5e63aff1b..c23c37a27 100644 --- a/app/models/autogram_signing_setting.rb +++ b/app/models/autogram_signing_option.rb @@ -1,11 +1,12 @@ # == Schema Information # -# Table name: autogram_signing_settings +# Table name: signing_options # # id :bigint not null, primary key +# settings :jsonb +# type :string # created_at :datetime not null # updated_at :datetime not null # -class AutogramSigningSetting < ApplicationRecord - has_one :tenant_signing_options, as: :signing_setting +class AutogramSigningOption < SigningOption end diff --git a/app/models/seal_signing_option.rb b/app/models/seal_signing_option.rb new file mode 100644 index 000000000..68739211f --- /dev/null +++ b/app/models/seal_signing_option.rb @@ -0,0 +1,20 @@ +# == Schema Information +# +# Table name: signing_options +# +# id :bigint not null, primary key +# settings :jsonb +# type :string +# created_at :datetime not null +# updated_at :datetime not null +# +class SealSigningOption < SigningOption + validate :validate_settings + + private + + def validate_settings + errors.add(:settings, :invalid) unless settings["certificate_subject"].present? + errors.add(:settings, :invalid) unless settings["api_connection_id"].present? + end +end diff --git a/app/models/seal_signing_setting.rb b/app/models/seal_signing_setting.rb deleted file mode 100644 index 2bed1f8f8..000000000 --- a/app/models/seal_signing_setting.rb +++ /dev/null @@ -1,13 +0,0 @@ -# == Schema Information -# -# Table name: seal_signing_settings -# -# id :bigint not null, primary key -# certificate_subject :string -# connection_sub :string -# created_at :datetime not null -# updated_at :datetime not null -# -class SealSigningSetting < ApplicationRecord - has_one :tenant_signing_options, as: :signing_setting -end diff --git a/app/models/signing_option.rb b/app/models/signing_option.rb new file mode 100644 index 000000000..2b3c5909d --- /dev/null +++ b/app/models/signing_option.rb @@ -0,0 +1,12 @@ +# == Schema Information +# +# Table name: signing_options +# +# id :bigint not null, primary key +# settings :jsonb +# type :string +# created_at :datetime not null +# updated_at :datetime not null +# +class SigningOption < ApplicationRecord +end diff --git a/app/models/sk_api/api_connection_with_obo_support.rb b/app/models/sk_api/api_connection_with_obo_support.rb index 6388d9784..f79aa76e9 100644 --- a/app/models/sk_api/api_connection_with_obo_support.rb +++ b/app/models/sk_api/api_connection_with_obo_support.rb @@ -12,9 +12,10 @@ # class SkApi::ApiConnectionWithOboSupport < ::ApiConnection def box_obo(box) - raise "OBO not allowed!" if invalid_obo?(box) + raise "OBO not allowed!" if box && invalid_obo?(box) - box.settings["obo"] if box.settings + box.settings["obo"] if box&.settings + obo end def destroy_with_box? diff --git a/app/models/tenant.rb b/app/models/tenant.rb index 8a9ce3e80..79c6a1814 100644 --- a/app/models/tenant.rb +++ b/app/models/tenant.rb @@ -97,9 +97,9 @@ def create_default_objects end def create_default_signing_options! - autogram_siging_settings = AutogramSigningSetting.create! + autogram_signing = AutogramSigningOption.create! tenant_signing_options.create!( - signing_setting: autogram_siging_settings + signing_option: autogram_signing ) end end diff --git a/app/models/tenant_signing_option.rb b/app/models/tenant_signing_option.rb index 9ffac9c52..693636cd5 100644 --- a/app/models/tenant_signing_option.rb +++ b/app/models/tenant_signing_option.rb @@ -2,14 +2,13 @@ # # Table name: tenant_signing_options # -# id :bigint not null, primary key -# signing_setting_type :string -# created_at :datetime not null -# updated_at :datetime not null -# signing_setting_id :bigint -# tenant_id :bigint not null +# id :bigint not null, primary key +# created_at :datetime not null +# updated_at :datetime not null +# signing_option_id :bigint not null +# tenant_id :bigint not null # class TenantSigningOption < ApplicationRecord belongs_to :tenant - belongs_to :signing_setting, polymorphic: true + belongs_to :signing_option end diff --git a/app/services/upvs/sk_api_client.rb b/app/services/upvs/sk_api_client.rb index db737f4b2..b0ecaaee9 100644 --- a/app/services/upvs/sk_api_client.rb +++ b/app/services/upvs/sk_api_client.rb @@ -3,7 +3,7 @@ def initialize(host: ENV.fetch('SK_API_URL')) @host = host end - def api(box) - Upvs::SkApi.new(@host, box: box) + def api(box: nil, api_connection: nil) + Upvs::SkApi.new(@host, box: box, api_connection: api_connection) end end diff --git a/db/migrate/20231222111222_create_autogram_signing_settings.rb b/db/migrate/20231222111222_create_autogram_signing_settings.rb deleted file mode 100644 index 79c3c94ec..000000000 --- a/db/migrate/20231222111222_create_autogram_signing_settings.rb +++ /dev/null @@ -1,8 +0,0 @@ -class CreateAutogramSigningSettings < ActiveRecord::Migration[7.1] - def change - create_table :autogram_signing_settings do |t| - - t.timestamps - end - end -end diff --git a/db/migrate/20231222111223_create_signing_options.rb b/db/migrate/20231222111223_create_signing_options.rb new file mode 100644 index 000000000..b79f880aa --- /dev/null +++ b/db/migrate/20231222111223_create_signing_options.rb @@ -0,0 +1,10 @@ +class CreateSigningOptions < ActiveRecord::Migration[7.1] + def change + create_table :signing_options do |t| + t.string :type + t.jsonb :settings + + t.timestamps + end + end +end diff --git a/db/migrate/20231222111236_create_seal_signing_settings.rb b/db/migrate/20231222111236_create_seal_signing_settings.rb deleted file mode 100644 index 0e8516c73..000000000 --- a/db/migrate/20231222111236_create_seal_signing_settings.rb +++ /dev/null @@ -1,10 +0,0 @@ -class CreateSealSigningSettings < ActiveRecord::Migration[7.1] - def change - create_table :seal_signing_settings do |t| - t.string :certificate_subject - t.string :connection_sub - - t.timestamps - end - end -end diff --git a/db/migrate/20231222110755_create_tenant_signing_options.rb b/db/migrate/20231222111755_create_tenant_signing_options.rb similarity index 78% rename from db/migrate/20231222110755_create_tenant_signing_options.rb rename to db/migrate/20231222111755_create_tenant_signing_options.rb index ddff533e4..8de5091b1 100644 --- a/db/migrate/20231222110755_create_tenant_signing_options.rb +++ b/db/migrate/20231222111755_create_tenant_signing_options.rb @@ -2,7 +2,7 @@ class CreateTenantSigningOptions < ActiveRecord::Migration[7.1] def change create_table :tenant_signing_options do |t| t.references :tenant, null: false - t.references :signing_setting, polymorphic: true + t.references :signing_option, null: false t.timestamps end end diff --git a/db/schema.rb b/db/schema.rb index df701ec33..acaa70dd5 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema[7.1].define(version: 2023_12_22_111236) do +ActiveRecord::Schema[7.1].define(version: 2023_12_22_111755) do # These are extensions that must be enabled in order to support this database enable_extension "pgcrypto" enable_extension "plpgsql" @@ -98,11 +98,6 @@ t.index ["tenant_id"], name: "index_audit_logs_on_tenant_id" end - create_table "autogram_signing_settings", force: :cascade do |t| - t.datetime "created_at", null: false - t.datetime "updated_at", null: false - end - create_table "automation_actions", force: :cascade do |t| t.string "type" t.bigint "automation_rule_id", null: false @@ -463,13 +458,6 @@ t.index ["user_id"], name: "index_notifications_on_user_id" end - create_table "seal_signing_settings", force: :cascade do |t| - t.string "certificate_subject" - t.string "connection_sub" - t.datetime "created_at", null: false - t.datetime "updated_at", null: false - end - create_table "searchable_message_threads", force: :cascade do |t| t.integer "message_thread_id", null: false t.text "title", null: false @@ -487,6 +475,13 @@ t.index ["message_thread_id"], name: "index_searchable_message_threads_on_message_thread_id", unique: true end + create_table "signing_options", force: :cascade do |t| + t.string "type" + t.jsonb "settings" + t.datetime "created_at", null: false + t.datetime "updated_at", null: false + end + create_table "tag_groups", force: :cascade do |t| t.bigint "group_id", null: false t.bigint "tag_id", null: false @@ -516,11 +511,10 @@ create_table "tenant_signing_options", force: :cascade do |t| t.bigint "tenant_id", null: false - t.string "signing_setting_type" - t.bigint "signing_setting_id" + t.bigint "signing_option_id", null: false t.datetime "created_at", null: false t.datetime "updated_at", null: false - t.index ["signing_setting_type", "signing_setting_id"], name: "index_tenant_signing_options_on_signing_setting" + t.index ["signing_option_id"], name: "index_tenant_signing_options_on_signing_option_id" t.index ["tenant_id"], name: "index_tenant_signing_options_on_tenant_id" end From e3922c99b7c923959018c7d2402225504f0277aa Mon Sep 17 00:00:00 2001 From: luciajanikova <19lucia99@gmail.com> Date: Fri, 22 Dec 2023 16:08:53 +0100 Subject: [PATCH 6/7] Updates on model, creating UpvsApi --- app/lib/signer.rb | 2 -- app/lib/upvs/govbox_api.rb | 2 -- app/lib/upvs/sk_api.rb | 2 -- app/lib/upvs_environment.rb | 6 +----- app/models/api_connection.rb | 4 ++++ app/models/autogram_signing_option.rb | 1 + app/models/govbox/api_connection.rb | 4 ++++ app/models/govbox/api_connection_with_obo_support.rb | 4 ++++ app/models/seal_signing_option.rb | 1 + app/models/signing_option.rb | 2 ++ app/models/sk_api/api_connection_with_obo_support.rb | 4 ++++ app/models/tenant.rb | 7 +++---- db/migrate/20231222111223_create_signing_options.rb | 1 + .../20231222111755_create_tenant_signing_options.rb | 9 --------- db/schema.rb | 11 ++--------- 15 files changed, 27 insertions(+), 33 deletions(-) delete mode 100644 db/migrate/20231222111755_create_tenant_signing_options.rb diff --git a/app/lib/signer.rb b/app/lib/signer.rb index 7f3ab43ac..d2f4ca998 100644 --- a/app/lib/signer.rb +++ b/app/lib/signer.rb @@ -1,7 +1,5 @@ module Signer def self.sign(message_object, signing_option) - raise "Invalid signing option" unless signing_option.is_a?(SealSigningOption) - cep_api = UpvsEnvironment.upvs_api(message_object.message.thread.box).cep cep_api_connection = ApiConnection.find(signing_option.settings["api_connection_id"]) diff --git a/app/lib/upvs/govbox_api.rb b/app/lib/upvs/govbox_api.rb index 23213ba5d..507d3a1de 100644 --- a/app/lib/upvs/govbox_api.rb +++ b/app/lib/upvs/govbox_api.rb @@ -5,8 +5,6 @@ class GovboxApi < Api attr_reader :sub, :obo, :api_token_private_key, :url, :edesk, :sktalk, :cep def initialize(url, box:, handler: Faraday) - raise "Box API connection is not of type Govbox API connection" unless (box.api_connection.is_a?(::Govbox::ApiConnection) || box.api_connection.is_a?(::Govbox::ApiConnectionWithOboSupport)) - @sub = box.api_connection.sub @obo = box.api_connection.box_obo(box) @api_token_private_key = OpenSSL::PKey::RSA.new(box.api_connection.api_token_private_key) diff --git a/app/lib/upvs/sk_api.rb b/app/lib/upvs/sk_api.rb index 0993176c4..b513f7700 100644 --- a/app/lib/upvs/sk_api.rb +++ b/app/lib/upvs/sk_api.rb @@ -5,8 +5,6 @@ class SkApi < Api attr_reader :sub, :obo, :api_token_private_key, :url, :cep def initialize(url, box: nil, api_connection: nil, handler: Faraday) - raise "Box API connection is not of type SK API connection" unless box&.api_connection.is_a?(::SkApi::ApiConnectionWithOboSupport) || api_connection.is_a?(::SkApi::ApiConnectionWithOboSupport) - @sub = api_connection&.sub || box&.api_connection&.sub @obo = api_connection&.box_obo(box) || box&.api_connection&.box_obo(box) @api_token_private_key = OpenSSL::PKey::RSA.new(api_connection&.api_token_private_key || box&.api_connection.api_token_private_key) diff --git a/app/lib/upvs_environment.rb b/app/lib/upvs_environment.rb index 0f193df8e..f5ce8179d 100644 --- a/app/lib/upvs_environment.rb +++ b/app/lib/upvs_environment.rb @@ -2,11 +2,7 @@ module UpvsEnvironment extend self def upvs_api(box) - @upvs_api ||= if box.api_connection.is_a?(Govbox::ApiConnection) || box.api_connection.is_a?(Govbox::ApiConnectionWithOboSupport) - Upvs::GovboxApiClient.new.api(box) - elsif box.api_connection.is_a?(SkApi::ApiConnectionWithOboSupport) - Upvs::SkApiClient.new.api(box: box) - end + @upvs_api ||= box.api_connection.upvs_api(box) end def sso_settings diff --git a/app/models/api_connection.rb b/app/models/api_connection.rb index 949f1dfe9..ddb1983e4 100644 --- a/app/models/api_connection.rb +++ b/app/models/api_connection.rb @@ -13,6 +13,10 @@ class ApiConnection < ApplicationRecord has_many :boxes + def upvs_api(box) + raise NotImplementedError + end + def box_obo(box) raise NotImplementedError end diff --git a/app/models/autogram_signing_option.rb b/app/models/autogram_signing_option.rb index c23c37a27..6871eba9f 100644 --- a/app/models/autogram_signing_option.rb +++ b/app/models/autogram_signing_option.rb @@ -7,6 +7,7 @@ # type :string # created_at :datetime not null # updated_at :datetime not null +# tenant_id :bigint not null # class AutogramSigningOption < SigningOption end diff --git a/app/models/govbox/api_connection.rb b/app/models/govbox/api_connection.rb index 10c1e7657..ae0e14efd 100644 --- a/app/models/govbox/api_connection.rb +++ b/app/models/govbox/api_connection.rb @@ -11,6 +11,10 @@ # updated_at :datetime not null # class Govbox::ApiConnection < ::ApiConnection + def upvs_api(box) + Upvs::GovboxApiClient.new.api(box) + end + def box_obo(box) raise "OBO not allowed!" if invalid_obo?(box) obo diff --git a/app/models/govbox/api_connection_with_obo_support.rb b/app/models/govbox/api_connection_with_obo_support.rb index 2d2f00092..52f1227f3 100644 --- a/app/models/govbox/api_connection_with_obo_support.rb +++ b/app/models/govbox/api_connection_with_obo_support.rb @@ -11,6 +11,10 @@ # updated_at :datetime not null # class Govbox::ApiConnectionWithOboSupport < ::ApiConnection + def upvs_api(box) + Upvs::GovboxApiClient.new.api(box) + end + def box_obo(box) raise "OBO not allowed!" if invalid_obo?(box) diff --git a/app/models/seal_signing_option.rb b/app/models/seal_signing_option.rb index 68739211f..5320d9338 100644 --- a/app/models/seal_signing_option.rb +++ b/app/models/seal_signing_option.rb @@ -7,6 +7,7 @@ # type :string # created_at :datetime not null # updated_at :datetime not null +# tenant_id :bigint not null # class SealSigningOption < SigningOption validate :validate_settings diff --git a/app/models/signing_option.rb b/app/models/signing_option.rb index 2b3c5909d..eb5b5718f 100644 --- a/app/models/signing_option.rb +++ b/app/models/signing_option.rb @@ -7,6 +7,8 @@ # type :string # created_at :datetime not null # updated_at :datetime not null +# tenant_id :bigint not null # class SigningOption < ApplicationRecord + belongs_to :tenant end diff --git a/app/models/sk_api/api_connection_with_obo_support.rb b/app/models/sk_api/api_connection_with_obo_support.rb index f79aa76e9..ad262ab20 100644 --- a/app/models/sk_api/api_connection_with_obo_support.rb +++ b/app/models/sk_api/api_connection_with_obo_support.rb @@ -11,6 +11,10 @@ # updated_at :datetime not null # class SkApi::ApiConnectionWithOboSupport < ::ApiConnection + def upvs_api(box) + Upvs::SkApiClient.new.api(box: box) + end + def box_obo(box) raise "OBO not allowed!" if box && invalid_obo?(box) diff --git a/app/models/tenant.rb b/app/models/tenant.rb index 79c6a1814..03188457a 100644 --- a/app/models/tenant.rb +++ b/app/models/tenant.rb @@ -17,7 +17,7 @@ class Tenant < ApplicationRecord has_many :groups, dependent: :destroy has_many :custom_groups - has_many :tenant_signing_options, dependent: :destroy + has_many :signing_options, dependent: :destroy has_one :draft_tag has_one :everything_tag @@ -97,9 +97,8 @@ def create_default_objects end def create_default_signing_options! - autogram_signing = AutogramSigningOption.create! - tenant_signing_options.create!( - signing_option: autogram_signing + signing_options.create!( + type: 'AutogramSigningOption', ) end end diff --git a/db/migrate/20231222111223_create_signing_options.rb b/db/migrate/20231222111223_create_signing_options.rb index b79f880aa..e66adc214 100644 --- a/db/migrate/20231222111223_create_signing_options.rb +++ b/db/migrate/20231222111223_create_signing_options.rb @@ -1,6 +1,7 @@ class CreateSigningOptions < ActiveRecord::Migration[7.1] def change create_table :signing_options do |t| + t.references :tenant, null: false t.string :type t.jsonb :settings diff --git a/db/migrate/20231222111755_create_tenant_signing_options.rb b/db/migrate/20231222111755_create_tenant_signing_options.rb deleted file mode 100644 index 8de5091b1..000000000 --- a/db/migrate/20231222111755_create_tenant_signing_options.rb +++ /dev/null @@ -1,9 +0,0 @@ -class CreateTenantSigningOptions < ActiveRecord::Migration[7.1] - def change - create_table :tenant_signing_options do |t| - t.references :tenant, null: false - t.references :signing_option, null: false - t.timestamps - end - end -end diff --git a/db/schema.rb b/db/schema.rb index e832777b7..cd7b249b3 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -476,10 +476,12 @@ end create_table "signing_options", force: :cascade do |t| + t.bigint "tenant_id", null: false t.string "type" t.jsonb "settings" t.datetime "created_at", null: false t.datetime "updated_at", null: false + t.index ["tenant_id"], name: "index_signing_options_on_tenant_id" end create_table "tag_groups", force: :cascade do |t| @@ -509,15 +511,6 @@ t.index ["tenant_id"], name: "index_tags_on_tenant_id" end - create_table "tenant_signing_options", force: :cascade do |t| - t.bigint "tenant_id", null: false - t.bigint "signing_option_id", null: false - t.datetime "created_at", null: false - t.datetime "updated_at", null: false - t.index ["signing_option_id"], name: "index_tenant_signing_options_on_signing_option_id" - t.index ["tenant_id"], name: "index_tenant_signing_options_on_tenant_id" - end - create_table "tenants", force: :cascade do |t| t.string "name", null: false t.datetime "created_at", null: false From 54cbb7991ee6c4beb668fb221b8d09fe72af3fa7 Mon Sep 17 00:00:00 2001 From: luciajanikova <19lucia99@gmail.com> Date: Fri, 22 Dec 2023 16:26:59 +0100 Subject: [PATCH 7/7] Small updates --- app/lib/upvs/govbox_api.rb | 13 ------------- app/models/upvs/signing_certificate.rb | 13 ------------- 2 files changed, 26 deletions(-) delete mode 100644 app/models/upvs/signing_certificate.rb diff --git a/app/lib/upvs/govbox_api.rb b/app/lib/upvs/govbox_api.rb index 507d3a1de..8d66a5f56 100644 --- a/app/lib/upvs/govbox_api.rb +++ b/app/lib/upvs/govbox_api.rb @@ -78,19 +78,6 @@ def sign_v2(data, api_connection) cep_sk_api = Upvs::SkApiClient.new.api(api_connection: api_connection).cep cep_sk_api.sign_v2(data) end - - private - - def header - { - "Authorization": authorization_payload, - "Content-Type": "application/json" - } - end - - def sign_successful?(response_status, response_body) - response_status == 200 && response_body['sign_description'] == 'OK' - end end class Error < StandardError diff --git a/app/models/upvs/signing_certificate.rb b/app/models/upvs/signing_certificate.rb deleted file mode 100644 index 10c2ba5ac..000000000 --- a/app/models/upvs/signing_certificate.rb +++ /dev/null @@ -1,13 +0,0 @@ -# == Schema Information -# -# Table name: upvs_signing_certificates -# -# id :bigint not null, primary key -# subject :string not null -# created_at :datetime not null -# updated_at :datetime not null -# box_id :bigint not null -# -class Upvs::SigningCertificate < ApplicationRecord - belongs_to :box -end