resolving merge conflicts on a deleted file

.github/CODEOWNERS

@@ -109,6 +109,7 @@ libs/clients/rsk/relationships/
 /libs/service-portal/sessions                                                                            @island-is/aranja
 /apps/native/app/                                                                                        @island-is/aranja-app
 codemagic.yaml                                                                                           @island-is/aranja-app
+/apps/web/public/.well-known/                                                                            @island-is/aranja-app
 
 /apps/judicial-system/                                                                                   @island-is/kolibri-justice-league
 /libs/judicial-system/                                                                                   @island-is/kolibri-justice-league

README.md

@@ -32,9 +32,8 @@ If you want to contribute to the repository, please make sure to follow [this gu
 - You have [gcc](https://gcc.gnu.org/) installed (Linux MacOs).
 - You have [g++](https://gcc.gnu.org/) installed (Linux MacOs).
 
-{% hint style="info" %}
-If you are running on Windows we recommend using [Docker and WSL2](https://docs.docker.com/desktop/windows/wsl/)
-{% endhint %}
+> [!NOTE]
+> If you are running on Windows we recommend using [Docker and WSL2](https://docs.docker.com/desktop/windows/wsl/)
 
 ### For fetching secrets
 

apps/application-system/api/infra/application-system-api.ts

@@ -113,7 +113,7 @@ export const workerSetup =
       })
       .resources({
         limits: { cpu: '400m', memory: '768Mi' },
-        requests: { cpu: '100m', memory: '384Mi' },
+        requests: { cpu: '150m', memory: '384Mi' },
       })
 
 export const serviceSetup = (services: {

apps/application-system/api/src/app/modules/application/utils/delegationUtils.ts

@@ -1,10 +1,10 @@
 import { User } from '@island.is/auth-nest-tools'
 import { Application } from '@island.is/application/types'
 
-export function isNewActor(
+export const isNewActor = (
   application: Pick<Application, 'applicantActors' | 'applicant'>,
   user: User,
-) {
+) => {
   if (!user.actor) {
     return false
   } else if (

apps/application-system/api/src/app/modules/application/utils/tokenUtils.ts

@@ -2,7 +2,7 @@ import jwt from 'jsonwebtoken'
 
 import { environment } from '../../../../environments'
 
-export function verifyToken<T>(token: string): T | null {
+export const verifyToken = <T>(token: string): T | null => {
   try {
     const decoded = jwt.verify(
       token,

apps/application-system/form/src/utils/index.ts

@@ -10,8 +10,8 @@
  * - https://github.com/airbnb/lottie-web/issues/360#issuecomment-320243980
  *
  */
-export function fixSvgUrls(_baseUrl: string) {
-  function fixForAttribute(attrib: string) {
+export const fixSvgUrls = (_baseUrl: string) => {
+  const fixForAttribute = (attrib: string) => {
     const baseUrl = window.location.href
 
     /**

apps/portals/admin/src/auth.ts

@@ -38,6 +38,8 @@ if (userMocked) {
       AdminPortalScope.signatureCollectionProcess,
       AdminPortalScope.formSystem,
       AdminPortalScope.formSystemSuperUser,
+      AdminPortalScope.delegationSystem,
+      AdminPortalScope.delegationSystemAdmin,
     ],
     post_logout_redirect_uri: `${window.location.origin}`,
     userStorePrefix: 'ap.',

apps/portals/admin/src/lib/masterNavigation.ts

@@ -14,6 +14,7 @@ import { signatureCollectionNavigation } from '@island.is/portals/admin/signatur
 import { serviceDeskNavigation } from '@island.is/portals/admin/service-desk'
 import { petitionNavigation } from '@island.is/portals/admin/petition'
 import { formSystemNavigation } from '@island.is/form-system'
+import { delegationAdminNav } from 'delegation-admin'
 
 export const rootNavigationItem: PortalNavigationItem = {
   name: coreMessages.overview,
@@ -44,7 +45,10 @@ export const TOP_NAVIGATION: PortalNavigationItem = {
     serviceDeskNavigation,
     // Meðmælasöfnun
     signatureCollectionNavigation,
+    // Formakerfi
     formSystemNavigation,
+    // Aðgangsstýring umboð
+    delegationAdminNav,
   ],
 }
 export const BOTTOM_NAVIGATION: PortalNavigationItem = {

apps/portals/admin/src/lib/modules.ts

@@ -10,6 +10,7 @@ import { petitionModule } from '@island.is/portals/admin/petition'
 import { serviceDeskModule } from '@island.is/portals/admin/service-desk'
 import { signatureCollectionModule } from '@island.is/portals/admin/signature-collection'
 import { formSystemModule } from '@island.is/form-system'
+import { delegationAdminModule } from 'delegation-admin'
 
 /**
  * NOTE:
@@ -30,4 +31,5 @@ export const modules: PortalModule[] = [
   serviceDeskModule,
   signatureCollectionModule,
   formSystemModule,
+  delegationAdminModule,
 ]

apps/services/auth/admin-api/infra/auth-admin-api.ts

@@ -1,4 +1,21 @@
-import { json, service, ServiceBuilder } from '../../../../../infra/src/dsl/dsl'
+import {
+  json,
+  ref,
+  service,
+  ServiceBuilder,
+} from '../../../../../infra/src/dsl/dsl'
+
+const REDIS_NODE_CONFIG = {
+  dev: json([
+    'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379',
+  ]),
+  staging: json([
+    'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379',
+  ]),
+  prod: json([
+    'clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379',
+  ]),
+}
 
 export const serviceSetup = (): ServiceBuilder<'services-auth-admin-api'> => {
   return service('services-auth-admin-api')
@@ -25,10 +42,29 @@ export const serviceSetup = (): ServiceBuilder<'services-auth-admin-api'> => {
         ]),
         prod: json(['https://innskra.island.is']),
       },
+      XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true',
+      XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true',
+      XROAD_NATIONAL_REGISTRY_SERVICE_PATH: {
+        dev: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1',
+        staging: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1',
+        prod: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1',
+      },
+      XROAD_NATIONAL_REGISTRY_REDIS_NODES: REDIS_NODE_CONFIG,
+      XROAD_RSK_PROCURING_REDIS_NODES: REDIS_NODE_CONFIG,
+      COMPANY_REGISTRY_XROAD_PROVIDER_ID: {
+        dev: 'IS-DEV/GOV/10006/Skatturinn/ft-v1',
+        staging: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1',
+        prod: 'IS/GOV/5402696029/Skatturinn/ft-v1',
+      },
+      COMPANY_REGISTRY_REDIS_NODES: REDIS_NODE_CONFIG,
     })
     .secrets({
       CLIENT_SECRET_ENCRYPTION_KEY:
         '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY',
+      IDENTITY_SERVER_CLIENT_SECRET:
+        '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET',
+      NATIONAL_REGISTRY_IDS_CLIENT_SECRET:
+        '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET',
     })
     .ingress({
       primary: {

apps/services/auth/admin-api/src/app/app.module.ts

@@ -3,6 +3,7 @@ import { ConfigModule } from '@nestjs/config'
 import { SequelizeModule } from '@nestjs/sequelize'
 
 import {
+  DelegationApiUserSystemNotificationConfig,
   DelegationConfig,
   SequelizeConfigService,
 } from '@island.is/auth-api-lib'
@@ -24,6 +25,12 @@ import { ClientSecretsModule } from './v2/secrets/client-secrets.module'
 import { TenantsModule } from './v2/tenants/tenants.module'
 import { ScopesModule } from './v2/scopes/scopes.module'
 import { ProvidersModule } from './v2/providers/providers.module'
+import { DelegationAdminModule } from './v2/delegations/delegation-admin.module'
+import { RskRelationshipsClientConfig } from '@island.is/clients-rsk-relationships'
+import { FeatureFlagConfig } from '@island.is/nest/feature-flags'
+import { IdsClientConfig, XRoadConfig } from '@island.is/nest/config'
+import { NationalRegistryClientConfig } from '@island.is/clients/national-registry-v2'
+import { CompanyRegistryConfig } from '@island.is/clients/rsk/company-registry'
 
 @Module({
   imports: [
@@ -46,9 +53,18 @@ import { ProvidersModule } from './v2/providers/providers.module'
     ProblemModule,
     ProvidersModule,
     ScopesModule,
+    DelegationAdminModule,
     ConfigModule.forRoot({
       isGlobal: true,
-      load: [DelegationConfig],
+      load: [
+        DelegationConfig,
+        RskRelationshipsClientConfig,
+        NationalRegistryClientConfig,
+        CompanyRegistryConfig,
+        FeatureFlagConfig,
+        XRoadConfig,
+        IdsClientConfig,
+      ],
       envFilePath: ['.env', '.env.secret'],
     }),
   ],

apps/services/auth/admin-api/src/app/v2/delegations/delegation-admin.controller.ts

@@ -0,0 +1,98 @@
+import {
+  Controller,
+  Delete,
+  Get,
+  Headers,
+  Param,
+  UseGuards,
+} from '@nestjs/common'
+import { ApiTags } from '@nestjs/swagger'
+
+import {
+  CurrentUser,
+  IdsUserGuard,
+  Scopes,
+  ScopesGuard,
+  User,
+} from '@island.is/auth-nest-tools'
+import {
+  DelegationAdminCustomDto,
+  DelegationAdminCustomService,
+} from '@island.is/auth-api-lib'
+import { Documentation } from '@island.is/nest/swagger'
+import { Audit, AuditService } from '@island.is/nest/audit'
+import { DelegationAdminScopes } from '@island.is/auth/scopes'
+import flatMap from 'lodash/flatMap'
+import { isDefined } from '@island.is/shared/utils'
+
+const namespace = '@island.is/auth/delegation-admin'
+
+@UseGuards(IdsUserGuard, ScopesGuard)
+@Scopes(DelegationAdminScopes.read)
+@ApiTags('delegation-admin')
+@Controller('delegation-admin')
+@Audit({ namespace })
+export class DelegationAdminController {
+  constructor(
+    private readonly delegationAdminService: DelegationAdminCustomService,
+    private readonly auditService: AuditService,
+  ) {}
+
+  @Get()
+  @Documentation({
+    response: { status: 200, type: DelegationAdminCustomDto },
+    request: {
+      header: {
+        'X-Query-National-Id': {
+          required: true,
+          description: 'fetch delegations for this national id',
+        },
+      },
+    },
+  })
+  @Audit<DelegationAdminCustomDto>({
+    resources: (delegation) =>
+      flatMap([
+        ...delegation.incoming.map((d) => d.id ?? undefined),
+        ...delegation.outgoing.map((d) => d.id ?? undefined),
+      ]).filter(isDefined),
+  })
+  async getDelegationAdmin(
+    @Headers('X-Query-National-Id') nationalId: string,
+  ): Promise<DelegationAdminCustomDto> {
+    return await this.delegationAdminService.getAllDelegationsByNationalId(
+      nationalId,
+    )
+  }
+
+  @Delete(':delegationId')
+  @Scopes(DelegationAdminScopes.admin)
+  @Documentation({
+    response: { status: 204 },
+    request: {
+      params: {
+        delegationId: {
+          required: true,
+          description: 'The id of the delegation to delete',
+        },
+      },
+    },
+  })
+  delete(
+    @CurrentUser() user: User,
+    @Param('delegationId') delegationId: string,
+  ) {
+    return this.auditService.auditPromise(
+      {
+        auth: user,
+        namespace,
+        action: 'delete',
+        resources: delegationId,
+        meta: (deleted) => ({
+          deleted,
+        }),
+      },
+      this.delegationAdminService.deleteDelegation(user, delegationId),
+    )
+  }
+}

apps/services/auth/admin-api/src/app/v2/delegations/delegation-admin.module.ts

@@ -0,0 +1,12 @@
+import { Module } from '@nestjs/common'
+
+import { DelegationsModule as AuthDelegationsModule } from '@island.is/auth-api-lib'
+import { FeatureFlagModule } from '@island.is/nest/feature-flags'
+import { DelegationAdminController } from './delegation-admin.controller'
+
+@Module({
+  imports: [AuthDelegationsModule, FeatureFlagModule],
+  controllers: [DelegationAdminController],
+  providers: [],
+})
+export class DelegationAdminModule {}

apps/services/auth/admin-api/src/app/v2/scopes/test/me-scopes.spec.ts

@@ -11,6 +11,7 @@ import {
   TranslatedValueDto,
   ApiScopeDelegationType,
   AdminPatchScopeDto,
+  ApiScope,
 } from '@island.is/auth-api-lib'
 import { FixtureFactory } from '@island.is/services/auth/testing'
 import {
@@ -763,6 +764,7 @@ describe('MeScopesController', () => {
     let app: TestApp
     let server: request.SuperTest<request.Test>
     let apiScopeDelegationTypeModel: typeof ApiScopeDelegationType
+    let fixtureFactory: FixtureFactory
 
     beforeAll(async () => {
       app = await setupApp({
@@ -772,6 +774,7 @@ describe('MeScopesController', () => {
         dbType: 'postgres',
       })
       server = request(app.getHttpServer())
+      fixtureFactory = new FixtureFactory(app)
 
       apiScopeDelegationTypeModel = await app.get(
         getModelToken(ApiScopeDelegationType),
@@ -886,6 +889,59 @@ describe('MeScopesController', () => {
         },
       })
     })
+
+    it('should only update requested delegation setting fields', async () => {
+      // Arrange
+      // Create new subject under testing test data to control initial state of delegation settings.
+      const sutScope = await fixtureFactory.createApiScope({
+        domainName: TENANT_ID,
+        allowExplicitDelegationGrant: true,
+        supportedDelegationTypes: [AuthDelegationType.Custom],
+      })
+
+      // Act - Update partially delegation setting
+      const response = await server
+        .patch(
+          `/v2/me/tenants/${TENANT_ID}/scopes/${encodeURIComponent(
+            sutScope.name,
+          )}`,
+        )
+        .send({
+          addedDelegationTypes: [AuthDelegationType.ProcurationHolder],
+        })
+
+      // Assert that we only updated requested delegation setting fields
+      expect(response.status).toEqual(200)
+      expect(response.body).toMatchObject({
+        ...sutScope.toDTO(),
+        displayName: [
+          {
+            locale: 'is',
+            value: sutScope.displayName,
+          },
+        ],
+        description: [
+          {
+            locale: 'is',
+            value: sutScope.description,
+          },
+        ],
+        grantToProcuringHolders: true,
+        supportedDelegationTypes: expect.arrayContaining([
+          AuthDelegationType.Custom,
+          AuthDelegationType.ProcurationHolder,
+        ]),
+      } as AdminScopeDTO)
+      const apiScopeDelegationTypes = await apiScopeDelegationTypeModel.findAll(
+        {
+          where: {
+            apiScopeName: sutScope.name,
+          },
+        },
+      )
+
+      expect(apiScopeDelegationTypes).toHaveLength(2)
+    })
   })
 
   describe('POST: /v2/me/tenants/:tenantId/scopes', () => {