Release 1.26 (#198)

* NuGet package upgrade (#192) * TTV model update 2023-08-02 (#193) * CSCTTV-2944 revoke orcid access token (#194) * Add Http client for making ORCID token revoke API calls * TTV model update 2023-08-02 (#193) Main change is in table dim_publication in fields international_collaboration, business_collaboration and self_archived_code (bit null). Other changes are due to changes in automatic Entity Framework model generation. * CSCTTV-2944 Revoke user’s ORCID token when user deletes profile. https://info.orcid.org/ufaqs/how-can-i-revoke-tokens/ * Remove Moq NuGet package because of security issue https://snyk.io/blog/moq-package-exfiltrates-user-emails/ (#195)
CSCfi · Aug 17, 2023 · 142826d · 142826d
1 parent 50caa5e
commit 142826d
Show file tree

Hide file tree

Showing 78 changed files with 7,599 additions and 7,624 deletions.
diff --git a/aspnetcore/src/api.Tests/Services_Tests/OrcidApiServicetest.cs b/aspnetcore/src/api.Tests/Services_Tests/OrcidApiServicetest.cs
@@ -1,10 +1,7 @@
 using Xunit;
-using Moq;
 using api.Services;
 using Microsoft.Extensions.Configuration;
 using System.Collections.Generic;
-using static System.Net.WebRequestMethods;
-using System.Security.Cryptography;
 using System.Collections;
 
 namespace api.Tests

diff --git a/aspnetcore/src/api.Tests/api.Tests.csproj b/aspnetcore/src/api.Tests/api.Tests.csproj
@@ -7,15 +7,14 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.4.1" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.6.2" />
     <PackageReference Include="xunit" Version="2.4.2" />
     <PackageReference Include="xunit.runner.visualstudio" Version="2.4.5"><IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
 <PrivateAssets>all</PrivateAssets>
 </PackageReference>
-    <PackageReference Include="coverlet.collector" Version="3.2.0"><IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
+    <PackageReference Include="coverlet.collector" Version="6.0.0"><IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
 <PrivateAssets>all</PrivateAssets>
 </PackageReference>
-    <PackageReference Include="Moq" Version="4.18.3" />
   </ItemGroup>
 
   <ItemGroup>

diff --git a/aspnetcore/src/api/Controllers/UserProfileController.cs b/aspnetcore/src/api/Controllers/UserProfileController.cs
@@ -1,6 +1,7 @@
 using api.Services;
 using api.Models.Api;
 using api.Models.Log;
+using api.Models.Ttv;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using System.Threading.Tasks;
@@ -112,21 +113,7 @@ public async Task<IActionResult> Create()
             {
                 try
                 {
-                    _logger.LogInformation(
-                        LogContent.MESSAGE_TEMPLATE,
-                        this.GetLogUserIdentification(),
-                        new LogApiInfo(
-                            action: LogContent.Action.ORCID_WEBHOOK_REGISTER,
-                            state: LogContent.ActionState.START));
-
                     await _orcidApiService.RegisterOrcidWebhook(orcidId: orcidId);
-
-                    _logger.LogInformation(
-                        LogContent.MESSAGE_TEMPLATE,
-                        this.GetLogUserIdentification(),
-                        new LogApiInfo(
-                            action: LogContent.Action.ORCID_WEBHOOK_REGISTER,
-                            state: LogContent.ActionState.COMPLETE));
                 }
                 catch (Exception ex)
                 {
@@ -147,8 +134,8 @@ public async Task<IActionResult> Create()
                     this.GetLogUserIdentification(),
                     new LogApiInfo(
                         action: LogContent.Action.ORCID_WEBHOOK_REGISTER,
-                        state: LogContent.ActionState.FAILED,
-                        error: true,
+                        state: LogContent.ActionState.CANCELLED,
+                        error: false,
                         message: "disabled in configuration"));
             }
 
@@ -196,14 +183,14 @@ public async Task<IActionResult> Delete()
                 return Ok(new ApiResponse(success: true));
             }
 
-            // Get userprofile id.
-            int userprofileId = await _userProfileService.GetUserprofileId(orcidId);
+            // Get userprofile
+            DimUserProfile userProfile = await _userProfileService.GetUserprofile(orcidId);
 
             // Delete profile data from database
             bool deleteSuccess = false;
             try
             {
-                deleteSuccess = await _userProfileService.DeleteProfileDataAsync(userprofileId: userprofileId, logUserIdentification: this.GetLogUserIdentification());
+                deleteSuccess = await _userProfileService.DeleteProfileDataAsync(userprofileId: userProfile.Id, logUserIdentification: this.GetLogUserIdentification());
             }
             catch (Exception ex)
             {
@@ -219,14 +206,6 @@ public async Task<IActionResult> Delete()
 
             if (deleteSuccess)
             {
-                // Log deletion
-                _logger.LogInformation(
-                    LogContent.MESSAGE_TEMPLATE,
-                    logUserIdentification,
-                    new LogApiInfo(
-                        action: LogContent.Action.PROFILE_DELETE,
-                        state: LogContent.ActionState.START));
-
                 // Remove cached profile data response. Cache key is ORCID ID.
                 _cache.Remove(orcidId);
 
@@ -246,32 +225,18 @@ await _userProfileService.DeleteProfileFromElasticsearch(
                 {
                     try
                     {
-                        _logger.LogInformation(
-                            LogContent.MESSAGE_TEMPLATE,
-                            logUserIdentification,
-                            new LogApiInfo(
-                                action: LogContent.Action.ORCID_WEBHOOK_UNREGISTER,
-                                state: LogContent.ActionState.START));
-
-                        await _orcidApiService.UnregisterOrcidWebhook(orcidId: orcidId);
-
-                        _logger.LogInformation(
-                            LogContent.MESSAGE_TEMPLATE,
-                            logUserIdentification,
-                            new LogApiInfo(
-                                action: LogContent.Action.ORCID_WEBHOOK_UNREGISTER,
-                                state: LogContent.ActionState.COMPLETE));
+                        await _orcidApiService.UnregisterOrcidWebhook(orcidId);
                     }
                     catch (Exception ex)
                     {
                         _logger.LogError(
                             LogContent.MESSAGE_TEMPLATE,
                             logUserIdentification,
                             new LogApiInfo(
-                                action: LogContent.Action.ORCID_WEBHOOK_UNREGISTER,
+                                action: LogContent.Action.ADMIN_WEBHOOK_ORCID_UNREGISTER,
                                 state: LogContent.ActionState.FAILED,
                                 error: true,
-                                message: ex.ToString()));    
+                                message: ex.ToString()));
                     }
                 }
                 else
@@ -281,11 +246,35 @@ await _userProfileService.DeleteProfileFromElasticsearch(
                         logUserIdentification,
                         new LogApiInfo(
                             action: LogContent.Action.ORCID_WEBHOOK_UNREGISTER,
+                            state: LogContent.ActionState.CANCELLED,
+                            error: false,
+                            message: "disabled in configuration"));
+                }
+
+                // Revoke ORCID access token
+                try
+                {
+                    await _orcidApiService.RevokeToken(logUserIdentification, userProfile.OrcidRefreshToken);
+                }
+                catch (Exception ex)
+                {
+                    _logger.LogError(
+                        LogContent.MESSAGE_TEMPLATE,
+                        logUserIdentification,
+                        new LogApiInfo(
+                            action: LogContent.Action.ORCID_REVOKE_TOKEN,
                             state: LogContent.ActionState.FAILED,
                             error: true,
-                            message: "disabled in configuration"));
+                            message: ex.ToString()));
                 }
 
+                _logger.LogInformation(
+                    LogContent.MESSAGE_TEMPLATE,
+                    logUserIdentification,
+                    new LogApiInfo(
+                        action: LogContent.Action.PROFILE_DELETE,
+                        state: LogContent.ActionState.COMPLETE));
+
                 return Ok(new ApiResponse(success: true));
             }
             else

diff --git a/aspnetcore/src/api/Models/StructuredLog/LogContent.cs b/aspnetcore/src/api/Models/StructuredLog/LogContent.cs
@@ -35,6 +35,7 @@ public static class Action
             public const string ORCID_RECORD_GET_PUBLIC_API = "ORCID: record: get from public API";
             public const string ORCID_RECORD_IMPORT = "ORCID: record: import";
             public const string ORCID_RECORD_IMPORT_ADDITIONAL = "ORCID: record: import additional";
+            public const string ORCID_REVOKE_TOKEN = "ORCID: revoke token";
             public const string ORCID_WEBHOOK_REGISTER = "ORCID: webhook: register";
             public const string ORCID_WEBHOOK_UNREGISTER = "ORCID: webhook: unregister";
             public const string ORCID_WEBHOOK_RECEIVED = "ORCID: webhook: received";

diff --git a/aspnetcore/src/api/Models/Ttv/BrDatasetDatasetRelationship.cs b/aspnetcore/src/api/Models/Ttv/BrDatasetDatasetRelationship.cs
@@ -1,15 +1,17 @@
-using System;
-using System.Collections.Generic;
-
-namespace api.Models.Ttv
-{
-    public partial class BrDatasetDatasetRelationship
-    {
-        public int DimResearchDatasetId { get; set; }
-        public int DimResearchDatasetId2 { get; set; }
-        public string Type { get; set; }
-
-        public virtual DimResearchDataset DimResearchDataset { get; set; }
-        public virtual DimResearchDataset DimResearchDatasetId2Navigation { get; set; }
-    }
-}
+using System;
+using System.Collections.Generic;
+
+namespace api.Models.Ttv;
+
+public partial class BrDatasetDatasetRelationship
+{
+    public int DimResearchDatasetId { get; set; }
+
+    public int DimResearchDatasetId2 { get; set; }
+
+    public string Type { get; set; }
+
+    public virtual DimResearchDataset DimResearchDataset { get; set; }
+
+    public virtual DimResearchDataset DimResearchDatasetId2Navigation { get; set; }
+}
diff --git a/aspnetcore/src/api/Models/Ttv/BrFundingConsortiumParticipation.cs b/aspnetcore/src/api/Models/Ttv/BrFundingConsortiumParticipation.cs
@@ -1,17 +1,21 @@
-using System;
-using System.Collections.Generic;
+using System;
+using System.Collections.Generic;
 
-namespace api.Models.Ttv
-{
-    public partial class BrFundingConsortiumParticipation
-    {
-        public int DimFundingDecisionId { get; set; }
-        public int DimOrganizationid { get; set; }
-        public string RoleInConsortium { get; set; }
-        public decimal? ShareOfFundingInEur { get; set; }
-        public bool? EndOfParticipation { get; set; }
+namespace api.Models.Ttv;
+
+public partial class BrFundingConsortiumParticipation
+{
+    public int DimFundingDecisionId { get; set; }
 
-        public virtual DimFundingDecision DimFundingDecision { get; set; }
-        public virtual DimOrganization DimOrganization { get; set; }
-    }
-}
+    public int DimOrganizationid { get; set; }
+
+    public string RoleInConsortium { get; set; }
+
+    public decimal? ShareOfFundingInEur { get; set; }
+
+    public bool? EndOfParticipation { get; set; }
+
+    public virtual DimFundingDecision DimFundingDecision { get; set; }
+
+    public virtual DimOrganization DimOrganization { get; set; }
+}
diff --git a/aspnetcore/src/api/Models/Ttv/BrGrantedPermission.cs b/aspnetcore/src/api/Models/Ttv/BrGrantedPermission.cs
@@ -1,16 +1,19 @@
-using System;
-using System.Collections.Generic;
+using System;
+using System.Collections.Generic;
 
-namespace api.Models.Ttv
-{
-    public partial class BrGrantedPermission
-    {
-        public int DimUserProfileId { get; set; }
-        public int DimExternalServiceId { get; set; }
-        public int DimPermittedFieldGroup { get; set; }
+namespace api.Models.Ttv;
+
+public partial class BrGrantedPermission
+{
+    public int DimUserProfileId { get; set; }
 
-        public virtual DimPurpose DimExternalService { get; set; }
-        public virtual DimReferencedatum DimPermittedFieldGroupNavigation { get; set; }
-        public virtual DimUserProfile DimUserProfile { get; set; }
-    }
-}
+    public int DimExternalServiceId { get; set; }
+
+    public int DimPermittedFieldGroup { get; set; }
+
+    public virtual DimPurpose DimExternalService { get; set; }
+
+    public virtual DimReferencedatum DimPermittedFieldGroupNavigation { get; set; }
+
+    public virtual DimUserProfile DimUserProfile { get; set; }
+}
diff --git a/aspnetcore/src/api/Models/Ttv/BrParticipatesInFundingGroup.cs b/aspnetcore/src/api/Models/Ttv/BrParticipatesInFundingGroup.cs
@@ -1,20 +1,27 @@
-using System;
-using System.Collections.Generic;
-
-namespace api.Models.Ttv
-{
-    public partial class BrParticipatesInFundingGroup
-    {
-        public int DimFundingDecisionid { get; set; }
-        public int DimNameId { get; set; }
-        public int DimOrganizationId { get; set; }
-        public string RoleInFundingGroup { get; set; }
-        public decimal? ShareOfFundingInEur { get; set; }
-        public string SourceId { get; set; }
-        public bool? EndOfParticipation { get; set; }
-
-        public virtual DimFundingDecision DimFundingDecision { get; set; }
-        public virtual DimName DimName { get; set; }
-        public virtual DimOrganization DimOrganization { get; set; }
-    }
-}
+using System;
+using System.Collections.Generic;
+
+namespace api.Models.Ttv;
+
+public partial class BrParticipatesInFundingGroup
+{
+    public int DimFundingDecisionid { get; set; }
+
+    public int DimNameId { get; set; }
+
+    public int DimOrganizationId { get; set; }
+
+    public string RoleInFundingGroup { get; set; }
+
+    public decimal? ShareOfFundingInEur { get; set; }
+
+    public string SourceId { get; set; }
+
+    public bool? EndOfParticipation { get; set; }
+
+    public virtual DimFundingDecision DimFundingDecision { get; set; }
+
+    public virtual DimName DimName { get; set; }
+
+    public virtual DimOrganization DimOrganization { get; set; }
+}
diff --git a/aspnetcore/src/api/Models/Ttv/BrParticipatesInFundingGroupBcPoistetut.cs b/aspnetcore/src/api/Models/Ttv/BrParticipatesInFundingGroupBcPoistetut.cs
@@ -1,16 +1,21 @@
-using System;
-using System.Collections.Generic;
+using System;
+using System.Collections.Generic;
 
-namespace api.Models.Ttv
-{
-    public partial class BrParticipatesInFundingGroupBcPoistetut
-    {
-        public int DimFundingDecisionid { get; set; }
-        public int DimNameId { get; set; }
-        public int DimOrganizationId { get; set; }
-        public string RoleInFundingGroup { get; set; }
-        public decimal? ShareOfFundingInEur { get; set; }
-        public string SourceId { get; set; }
-        public bool? EndOfParticipation { get; set; }
-    }
-}
+namespace api.Models.Ttv;
+
+public partial class BrParticipatesInFundingGroupBcPoistetut
+{
+    public int DimFundingDecisionid { get; set; }
+
+    public int DimNameId { get; set; }
+
+    public int DimOrganizationId { get; set; }
+
+    public string RoleInFundingGroup { get; set; }
+
+    public decimal? ShareOfFundingInEur { get; set; }
+
+    public string SourceId { get; set; }
+
+    public bool? EndOfParticipation { get; set; }
+}