Merge pull request #2181 from MeasureAuthoringTool/bonnie-on-fhir

Stage Bonnie FHIR to TEST

.github/workflows/build.yml

@@ -29,13 +29,10 @@ jobs:
           ruby-version: 2.7.2
           bundler-cache: true
 
-      - name: Use Node.js 14.x
+      - name: Use Node.js 16.x
         uses: actions/setup-node@v2
         with:
-          node-version: 14.x
-
-      - name: Use latest npm
-        run: npm install -g npm
+          node-version: 16.x
 
       - name: Install bundler & bundle-audit
         run: |
@@ -89,13 +86,10 @@ jobs:
           ruby-version: 2.7.2
           bundler-cache: true
 
-      - name: Use Node.js 14.x
+      - name: Use Node.js 16.x
         uses: actions/setup-node@v2
         with:
-          node-version: 14.x
-
-      - name: Use latest npm
-        run: npm install -g npm
+          node-version: 16.x
 
       - name: Install bundler & bundle-audit
         run: |

Dockerfile

@@ -14,7 +14,7 @@ RUN bash -lc "rvm install ruby-${RUBY_VERSION} && rvm --default use ruby-${RUBY_
 RUN rm -f /etc/service/nginx/down \
     && rm -f /etc/nginx/sites-enabled/default \
     && apt update \
-    && curl -fsSL https://deb.nodesource.com/setup_14.x | bash - \
+    && curl -fsSL https://deb.nodesource.com/setup_20.x | bash - \
     && apt-get install -y nodejs \
     && npm install -g npm@latest \
     && apt-get install shared-mime-info -y

Gemfile.lock

@@ -1,6 +1,6 @@
 GIT
   remote: https://github.com/projecttacoma/cqm-parsers.git
-  revision: 7fcb3c10ae648b137c668bffbf148088baee4cc4
+  revision: 358658c5d88406c3d2da4a0d756cd5a1977a2945
   branch: bonnie-on-fhir
   specs:
     cqm-parsers (0.2.1.1)

app/assets/javascripts/views/import_measure_view.js.coffee

@@ -72,11 +72,6 @@ class Thorax.Views.ImportMeasure extends Thorax.Views.BonnieView
           $('#vsac-query-settings').removeClass('hidden')
           $('#vsacCachedMsg').removeClass('hidden')
           $('#loadButton').prop('disabled', false)
-          # If the measure import window is open long enough for the VSAC
-          # credentials to expire, we need to reshow the vsacApiKey dialog.
-          setTimeout ->
-            @clearCachedVSACTicket()
-          , new Date(data.expires) - new Date()
         else
           $('#vsacSignIn').removeClass('hidden')
           $('#vsac-query-settings').removeClass('hidden')

app/controllers/api_v1/measures_controller.rb

@@ -81,8 +81,6 @@ def description
       param :population_titles, Array, of: String, :required => false, :desc => "The titles of the populations. If this is not included, populations will assume default values. i.e. \"Population 1\", \"Population 2\", etc."
       param :calculate_sdes, %w[true false], :required => false, :desc => "Should Supplemental Data Elements be included in calculations. Defaults to 'false' if not supplied."
 
-      param :vsac_tgt, String, :required => true, :desc => "VSAC ticket granting ticket. See https://www.nlm.nih.gov/vsac/support/"
-      param :vsac_tgt_expires_at, Integer, :required => true, :desc => "VSAC ticket granting ticket expiration time in seconds since epoch."
       param :vsac_query_type, %w[release profile], :required => false, :desc => "The type of VSAC query, either 'release', or 'profile'. Default to 'profile' if not supplied."
       param :vsac_query_include_draft, %w[true false], :required => false, :desc => "If VSAC should fetch draft value sets. Defaults to 'true' if not supplied."
       param :vsac_query_release, String, :required => false, :desc => "The program release used to retrieve value sets. Defaults to latest release for the eCQM program."

app/controllers/measures_controller.rb

@@ -29,7 +29,7 @@ def create
 
     begin
       scan_for_viruses(params[:measure_file])
-      vsac_tgt = obtain_ticket_granting_ticket
+      set_vsac_api_key
     rescue VirusFoundError => e
       logger.error "VIRSCAN: error message: #{e.message}"
       raise MeasurePackageVirusFoundError.new
@@ -41,13 +41,11 @@ def create
       raise convert_vsac_error_into_shared_error(e)
     end
 
-    params[:vsac_tgt] = vsac_tgt[:ticket]
-    params[:vsac_tgt_expires_at] = vsac_tgt[:expires]
     persist_measure(params[:measure_file], params.permit!.to_h, current_user)
     redirect_to "#{root_path}##{params[:redirect_route]}"
   rescue StandardError => e
-    # also clear the ticket granting ticket in the session if it was a VSACTicketExpiredError
-    session[:vsac_tgt] = nil if e.is_a?(VSACTicketExpiredError)
+    # also clear the vsac api key in the session if it was a VSACInvalidCredentialsError
+    session[:vsac_api_key] = nil if e.is_a?(VSACInvalidCredentialsError)
     flash[:error] = turn_exception_into_shared_error_if_needed(e).front_end_version
     redirect_to "#{root_path}##{params[:redirect_route]}"
   end
@@ -131,6 +129,15 @@ def retrieve_measure_details(params)
     }
   end
 
+  def set_vsac_api_key
+    if session[:vsac_api_key].nil?
+      raise Util::VSAC::VSACNoCredentialsError.new if params[:vsac_api_key].nil?
+      session[:vsac_api_key] = params[:vsac_api_key]
+    else
+      params[:vsac_api_key] = session[:vsac_api_key]
+    end
+  end
+
   def shift_years(measure, year_shift)
     return true
     # TODO: not implemented for patients and data elements yet
@@ -173,33 +180,4 @@ def shift_birth_datetime(birth_datetime, year_shift)
       birth_datetime.change(year: year_shift + birth_datetime.year)
     end
   end
-
-  def obtain_ticket_granting_ticket
-    # Retrieve a (possibly) existing ticket granting ticket
-    ticket_granting_ticket = session[:vsac_tgt]
-
-    # If the ticket granting ticket doesn't exist (or has expired), get a new one
-    if ticket_granting_ticket.nil?
-      # The user could open a second browser window and remove their ticket_granting_ticket in the session after they
-      # prepared a measure upload assuming ticket_granting_ticket in the session in the first tab
-
-      # First make sure we have credentials to attempt getting a ticket with. Throw an error if there are no credentials.
-      if params[:vsac_api_key].nil?
-        raise Util::VSAC::VSACNoCredentialsError.new
-      end
-
-      # Retrieve a new ticket granting ticket by creating the api class.
-      api = Util::VSAC::VSACAPI.new(config: APP_CONFIG['vsac'], api_key: params[:vsac_api_key])
-      ticket_granting_ticket = api.ticket_granting_ticket
-
-      # Create a new ticket granting ticket session variable
-      session[:vsac_tgt] = ticket_granting_ticket
-      return ticket_granting_ticket
-
-    # If it does exist, let the api test it
-    else
-      api = Util::VSAC::VSACAPI.new(config: APP_CONFIG['vsac'], ticket_granting_ticket: ticket_granting_ticket)
-      return api.ticket_granting_ticket
-    end
-  end
 end

app/controllers/vsac_util_controller.rb

@@ -51,26 +51,20 @@ def program_release_names
   ##
   # GET /vsac_util/auth_valid
   #
-  # Gets the status of the ticket_granting_ticket in the session. Returns JSON:
-  # { valid: boolean, expires: DateTime }
+  # Gets the status of the API KEY in the session. Returns JSON:
+  # { valid: boolean }
   def auth_valid
-    # If VSAC TGT is still valid, return its expiration date/time
-    ticket_granting_ticket = session[:vsac_tgt]
+    vsac_api_key = session[:vsac_api_key]
 
-    # If there is no VSAC ticket granting ticket then return false.
-    if ticket_granting_ticket.nil? || ticket_granting_ticket.empty?
-      session[:vsac_tgt] = nil
-      render :json => {valid: false}
-
-    # If it exists then check it using the API
+    if vsac_api_key.nil? || vsac_api_key.empty?
+      session[:vsac_api_key] = nil
+      render :json => {valid:false}
     else
       begin
-        Util::VSAC::VSACAPI.new(config: APP_CONFIG['vsac'], ticket_granting_ticket: ticket_granting_ticket)
-        render :json => {valid: true, expires: ticket_granting_ticket[:expires]}
-
-      # API will throw an error if it has expired
-      rescue Util::VSAC::VSACTicketExpiredError
-        session[:vsac_tgt] = nil
+        Util::VSAC::VSACAPI.new(config: APP_CONFIG['vsac'], api_key: vsac_api_key)
+        render :json => {valid: true}
+      rescue Util::VSAC::VSACInvalidCredentialsError
+        session[:vsac_api_key] = nil
         render :json => {valid: false}
       end
     end
@@ -79,10 +73,10 @@ def auth_valid
   ##
   # POST /vsac_util/auth_expire
   #
-  # Dumps the ticket_granting_ticket in the user session if there is one. Always returns JSON {}.
+  # Sets the vsac_api_key in the user session to nil. Always returns JSON {}.
   def auth_expire
     # Force expire the VSAC session
-    session[:vsac_tgt] = nil
+    session[:vsac_api_key] = nil
     render :json => {}
   end
 end

app/helpers/measure_helper.rb

@@ -253,11 +253,9 @@ def retrieve_vasc_options(params, get_defaults_from_vsac = false)
   end
 
   def build_vs_loader(params, get_defaults_from_vsac)
-    vsac_tgt_object = {ticket: params[:vsac_tgt], expires: Time.at(params[:vsac_tgt_expires_at].to_i)} if params[:vsac_tgt].present? && params[:vsac_tgt_expires_at].present?
-
-    return Measures::VSACValueSetLoader.new(
+    Measures::VSACValueSetLoader.new(
       options: retrieve_vasc_options(params, get_defaults_from_vsac),
-      ticket_granting_ticket: vsac_tgt_object
+      vsac_api_key: params[:vsac_api_key]
     )
   end
 

config/bonnie.yml

@@ -1,5 +1,5 @@
 defaults: &defaults
-  version: 6.2.5
+  version: 6.2.6
   enable_logging: true
   enable_rationale: true
   check_crosswalk: false
@@ -38,7 +38,7 @@ defaults: &defaults
   # DEV
   # Spreadsheet Example: https://docs.google.com/spreadsheets/d/15Tje3oiUfYgU24RiX-fUs-hH08dFOvW7_ysyAN8vxuc/edit#gid=0
   # Spreadsheet's JSON:  https://spreadsheets.google.com/feeds/list/15Tje3oiUfYgU24RiX-fUs-hH08dFOvW7_ysyAN8vxuc/od6/public/values?alt=json
-  spreadsheet_location: 'https://spreadsheets.google.com/feeds/list/15Tje3oiUfYgU24RiX-fUs-hH08dFOvW7_ysyAN8vxuc/od6/public/values?alt=json'
+  spreadsheet_location: 'http://127.0.0.1:5555/codeset_values.json'
 
 development:
   <<: *defaults