fix(j-s): Defender Subpoena

[gudjong]

Defender Subpoena

Verjandi sér fyrirkall en getur ekki opnað það

What

• Fixes defender access to generated subpoena PDF.

Why

• Verified bug.

Screenshots / Gifs

Screen.Recording.2024-10-02.at.10.26.03.mov

Checklist:

• I have performed a self-review of my own code
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• Formatting passes locally with my changes
• I have rebased against main before asking for a review

Summary by CodeRabbit

• New Features

  • The getSubpoenaPdf method now accepts an optional subpoenaId, allowing for more flexible subpoena retrieval.
  • Simplified URL structure for retrieving subpoenas, enhancing user experience.

• Bug Fixes

  • Improved logging for better traceability of subpoena retrieval actions.

• Tests

  • Updated test cases to reflect changes in the getSubpoenaPdf method, ensuring accurate PDF generation verification.

[coderabbitai]

Walkthrough

The changes in this pull request involve modifications to the getSubpoenaPdf method across three controllers: FileController, LimitedAccessFileController, and LimitedAccessSubpoenaController. The updates include making the subpoenaId parameter optional in FileController, adding it as a required parameter in LimitedAccessFileController, and removing several query parameters in LimitedAccessSubpoenaController. Additionally, logging statements have been adjusted to reflect these changes. The test suite for LimitedAccessSubpoenaController has also been updated to align with the new method signatures.

Changes

File	Change Summary
apps/judicial-system/api/src/app/modules/file/file.controller.ts	Updated getSubpoenaPdf method to make subpoenaId optional and adjust logging accordingly.
apps/judicial-system/api/src/app/modules/file/limitedAccessFile.controller.ts	Modified getSubpoenaPdf method to include subpoenaId as a required parameter and updated logging and URL structure.
apps/judicial-system/backend/src/app/modules/subpoena/limitedAccessSubpoena.controller.ts	Removed query parameters from getSubpoenaPdf method, leaving only essential parameters and simplified logging.
apps/judicial-system/backend/src/app/modules/subpoena/test/limitedAccessSubpoenaController/getSubpoenaPdf.spec.ts	Adjusted test cases to remove unnecessary parameters from mockPdfService.getSubpoenaPdf calls.

Possibly related PRs

• feat(j-s): Select subpoena type #15164: This PR introduces a feature to select subpoena types, which is directly related to the changes made in the main PR regarding the handling of subpoenas.
• feat(j-s): Add subpoenaType to Defendant table #15198: This PR adds a subpoenaType field to the Defendant table, which aligns with the changes in the main PR that involve modifying how subpoenas are processed and represented.
• feat(j-s): Subpoena PDF #15201: This PR introduces functionality for creating and managing subpoenas, which is closely related to the changes in the main PR that modify the getSubpoenaPdf method.
• feat(j-s): Subpoena PDF #16098: This PR enhances the visibility of subpoenas in case overviews, which is directly related to the changes made in the main PR regarding the getSubpoenaPdf method and its parameters.
• feat(j-s): New Subpoena #16168: This PR introduces a new Subpoena model and updates the Defendant class to include a list of subpoenas, which is relevant to the changes in the main PR that involve handling subpoenas.

Suggested labels

automerge

Suggested reviewers

• unakb
• oddsson

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Outside diff range and nitpick comments (2)

apps/judicial-system/backend/src/app/modules/subpoena/limitedAccessSubpoena.controller.ts (1)

Issues Found: Removed parameters are still in use elsewhere

The arraignmentDate, location, and subpoenaType parameters have remaining usages in multiple files across the codebase:

• Subpoena.tsx
• Overview.tsx
• subpoenaPdf.ts
• subpoena.controller.ts
• file.controller.ts
• subpoena.response.ts

Removing these parameters from the getSubpoenaPdf method may impact these areas. Please review and address these dependencies to ensure functionality is not broken.

🔗 Analysis chain

Line range hint 60-85: Simplified method signature and logging

The getSubpoenaPdf method has been refactored:

1. Removed query parameters: arraignmentDate, location, and subpoenaType.
2. Simplified the logging statement.

These changes suggest that the subpoena data is now fully determined by the subpoenaId, which is a more robust approach. The code maintains type safety and improves readability.

However, please verify that this change doesn't break any existing functionality that might have relied on the removed query parameters.

Let's check for any usages of the removed parameters in other parts of the codebase:

---

The previous script encountered syntax errors. Please find below a corrected shell script to verify the usages of the removed parameters:

---

The previous script encountered an issue with the file type recognition. Please find below a corrected shell script that searches within .ts and .tsx files for the removed parameters:

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for usages of removed parameters

# Test: Search for usages of arraignmentDate, location, and subpoenaType in relation to subpoena
rg -t typescript 'subpoena.*arraignmentDate|subpoena.*location|subpoena.*subpoenaType'

Length of output: 378

---

Script:

#!/bin/bash
# Description: Check for usages of removed parameters: arraignmentDate, location, subpoenaType in relation to subpoena

rg -t typescript '(subpoena.*arraignmentDate|subpoena.*location|subpoena.*subpoenaType)'

Length of output: 125

---

Script:

#!/bin/bash
# Description: Check for usages of removed parameters: arraignmentDate, location, subpoenaType in relation to subpoena

rg '(subpoena.*arraignmentDate|subpoena.*location|subpoena.*subpoenaType)' -g '*.ts' -g '*.tsx'

Length of output: 1657

apps/judicial-system/api/src/app/modules/file/file.controller.ts (1)

188-196: Approved: Improved flexibility and adherence to best practices

The changes to the getSubpoenaPdf method are well-implemented and provide several benefits:

1. Making subpoenaId optional allows the method to handle both draft and finalized subpoenas.
2. The addition of optional query parameters (arraignmentDate, location, subpoenaType) provides more context for subpoena generation.
3. The updated logging statement correctly handles the optional subpoenaId.
4. The URL construction has been appropriately modified to accommodate the optional subpoenaId and new query parameters.

These changes adhere to TypeScript and NextJS API route best practices, improving the overall flexibility and functionality of the method.

Consider extracting the URL construction logic into a separate private method to improve readability:

private constructSubpoenaUrl(
  defendantId: string,
  subpoenaId?: string,
  arraignmentDate?: string,
  location?: string,
  subpoenaType?: SubpoenaType
): string {
  const subpoenaIdInjection = subpoenaId ? `/${subpoenaId}` : ''
  const queryInjection = arraignmentDate
    ? `?arraignmentDate=${arraignmentDate}&location=${location}&subpoenaType=${subpoenaType}`
    : ''
  return `defendant/${defendantId}/subpoena${subpoenaIdInjection}${queryInjection}`
}

Then, you can use it in the getSubpoenaPdf method:

return this.fileService.tryGetFile(
  user.id,
  AuditedAction.GET_SUBPOENA_PDF,
  id,
  this.constructSubpoenaUrl(defendantId, subpoenaId, arraignmentDate, location, subpoenaType),
  req,
  res,
  'pdf',
)

This refactoring would improve code organization and make the getSubpoenaPdf method more concise.

Also applies to: 199-203

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between 148403d and db4918f.

📒 Files selected for processing (4)

• apps/judicial-system/api/src/app/modules/file/file.controller.ts (1 hunks)
• apps/judicial-system/api/src/app/modules/file/limitedAccessFile.controller.ts (1 hunks)
• apps/judicial-system/backend/src/app/modules/subpoena/limitedAccessSubpoena.controller.ts (2 hunks)
• apps/judicial-system/backend/src/app/modules/subpoena/test/limitedAccessSubpoenaController/getSubpoenaPdf.spec.ts (0 hunks)

💤 Files with no reviewable changes (1)

• apps/judicial-system/backend/src/app/modules/subpoena/test/limitedAccessSubpoenaController/getSubpoenaPdf.spec.ts

🧰 Additional context used

📓 Path-based instructions (3)

apps/judicial-system/api/src/app/modules/file/file.controller.ts (1)

Pattern apps/**/*: "Confirm that the code adheres to the following:

• NextJS best practices, including file structure, API routes, and static generation methods.
• Efficient state management and server-side rendering techniques.
• Optimal use of TypeScript for component and utility type safety."

apps/judicial-system/api/src/app/modules/file/limitedAccessFile.controller.ts (1)

Pattern apps/**/*: "Confirm that the code adheres to the following:

• NextJS best practices, including file structure, API routes, and static generation methods.
• Efficient state management and server-side rendering techniques.
• Optimal use of TypeScript for component and utility type safety."

apps/judicial-system/backend/src/app/modules/subpoena/limitedAccessSubpoena.controller.ts (1)

Pattern apps/**/*: "Confirm that the code adheres to the following:

• NextJS best practices, including file structure, API routes, and static generation methods.
• Efficient state management and server-side rendering techniques.
• Optimal use of TypeScript for component and utility type safety."

🔇 Additional comments (4)

apps/judicial-system/backend/src/app/modules/subpoena/limitedAccessSubpoena.controller.ts (3)

Line range hint 1-85: Summary of changes and their impact

The changes in this file improve the LimitedAccessSubpoenaController:

1. Simplified the getSubpoenaPdf method signature by removing unnecessary query parameters.
2. Improved logging for better clarity.
3. Maintained adherence to NestJS best practices and effective use of TypeScript.

These changes should lead to more maintainable and robust code. However, ensure that:

1. The removal of query parameters doesn't break existing functionality elsewhere in the application.
2. Adequate error handling is implemented.
3. The changes are reflected in the API documentation, if any exists.

Overall, the modifications appear to be a positive step towards a more streamlined API.

---

Line range hint 1-85: Overall structure and best practices

The controller is well-structured and follows NestJS best practices:

1. Effective use of decorators and guards.
2. Clear separation of concerns.
3. Proper use of dependency injection.

Suggestions for improvement:

1. Consider adding explicit error handling in the getSubpoenaPdf method.
2. Add input validation for the caseId, defendantId, and subpoenaId parameters.
3. Consider adding unit tests for this controller if not already present.

Here's a suggestion for adding error handling:

async getSubpoenaPdf(
  // ... existing parameters
): Promise<void> {
  try {
    this.logger.debug(
      `Getting subpoena ${subpoenaId} for defendant ${defendantId} of case ${caseId} as a pdf document`,
    )

    const pdf = await this.pdfService.getSubpoenaPdf(
      theCase,
      defendant,
      subpoena,
    )

    res.end(pdf)
  } catch (error) {
    this.logger.error(`Error getting subpoena PDF: ${error.message}`, error)
    res.status(500).json({ message: 'Error generating subpoena PDF' })
  }
}

Let's check for existing error handling patterns in the codebase:

#!/bin/bash
# Description: Check for error handling patterns

# Test: Search for try-catch blocks in controller files
rg -t typescript 'try\s*{.*}\s*catch' --glob '*controller.ts'

---

Line range hint 1-42: Clarification on framework usage

This file uses NestJS, a backend framework, rather than NextJS as mentioned in the coding guidelines. The TypeScript usage and overall structure are appropriate for a NestJS backend controller. However, the NextJS-specific best practices mentioned in the guidelines are not directly applicable to this backend code.

To confirm this is indeed a NestJS backend file, let's check for other NestJS-related files:

✅ Verification successful

Confirmation of NestJS Framework Usage

The shell script results confirm that the project extensively uses NestJS, as evidenced by the presence of multiple app.module.ts and main.ts files across various applications and the inclusion of @nestjs/* dependencies in package.json. The initial review comment accurately identified the framework, and no issues were found.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify NestJS usage in the project

# Test: Search for NestJS-specific files
fd -e ts 'main.ts|app.module.ts'

# Test: Check for NestJS dependencies in package.json
rg '"@nestjs/' package.json

Length of output: 4285

apps/judicial-system/api/src/app/modules/file/limitedAccessFile.controller.ts (1)

Line range hint 179-201: Improved subpoena retrieval specificity. LGTM!

The changes to the getSubpoenaPdf method enhance the specificity of subpoena retrieval by including the subpoenaId in the route and file path. This aligns well with RESTful design principles and should address the issue mentioned in the PR objectives.

Consider adding a brief comment explaining the purpose and format of the subpoenaId for future maintainers.

Please ensure that any related API documentation or specifications are updated to reflect this change in the endpoint structure.

If the script returns any results, it indicates that there might be client code still using the old endpoint structure, which would need to be updated.

✅ Verification successful

Subpoena retrieval endpoint changes verified: No impact on existing client code.

The updated getSubpoenaPdf method and endpoint structure do not affect any existing client code, as no usages of the old subpoena endpoint were found. The changes enhance the API's specificity and align with RESTful principles.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for potential impacts on existing client code

# Test: Search for calls to the old subpoena endpoint
rg --type typescript --type javascript 'GET.*subpoena/[^/]+$' --glob '!**/limitedAccessFile.controller.ts'

Length of output: 143

---

Script:

#!/bin/bash
# Description: Check for potential impacts on existing client code by searching old subpoena endpoint usage

# Search within .ts and .js files for GET requests to the old subpoena endpoint, excluding the specified controller
rg --glob '**/*.ts' --glob '**/*.js' 'GET.*subpoena/[^/]+$' --glob '!apps/judicial-system/api/src/app/modules/file/limitedAccessFile.controller.ts'

Length of output: 149

[codecov]

Codecov Report

Attention: Patch coverage is 50.00000% with 1 line in your changes missing coverage. Please review.

Project coverage is 36.74%. Comparing base (0017501) to head (89c3372).
Report is 1 commits behind head on main.

Files with missing lines	Patch %	Lines
...system/api/src/app/modules/file/file.controller.ts	0.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #16229      +/-   ##
==========================================
- Coverage   36.74%   36.74%   -0.01%     
==========================================
  Files        6778     6778              
  Lines      139855   139849       -6     
  Branches    39770    39764       -6     
==========================================
- Hits        51394    51388       -6     
  Misses      88461    88461              

Flag	Coverage Δ
air-discount-scheme-backend	54.22% <ø> (ø)
air-discount-scheme-web	0.00% <ø> (ø)
api	3.37% <ø> (ø)
api-domains-air-discount-scheme	36.95% <ø> (ø)
api-domains-assets	26.71% <ø> (ø)
api-domains-auth-admin	48.77% <ø> (ø)
api-domains-communications	39.92% <ø> (ø)
api-domains-criminal-record	47.93% <ø> (ø)
api-domains-driving-license	44.48% <ø> (ø)
api-domains-education	31.74% <ø> (ø)
api-domains-health-insurance	34.78% <ø> (ø)
api-domains-mortgage-certificate	35.71% <ø> (ø)
api-domains-payment-schedule	41.22% <ø> (ø)
application-api-files	57.91% <ø> (ø)
application-core	71.62% <ø> (+0.32%)	⬆️
application-system-api	41.62% <ø> (ø)
application-template-api-modules	23.75% <ø> (ø)
application-templates-accident-notification	22.14% <ø> (ø)
application-templates-car-recycling	3.12% <ø> (ø)
application-templates-criminal-record	26.63% <ø> (ø)
application-templates-driving-license	18.70% <ø> (ø)
application-templates-estate	12.33% <ø> (ø)
application-templates-example-payment	25.41% <ø> (ø)
application-templates-financial-aid	14.34% <ø> (ø)
application-templates-general-petition	23.68% <ø> (ø)
application-templates-health-insurance	26.62% <ø> (ø)
application-templates-inheritance-report	6.45% <ø> (ø)
application-templates-marriage-conditions	15.23% <ø> (ø)
application-templates-mortgage-certificate	43.96% <ø> (ø)
application-templates-parental-leave	30.15% <ø> (ø)
application-types	6.71% <ø> (ø)
application-ui-components	1.28% <ø> (ø)
application-ui-shell	21.29% <ø> (ø)
auth-nest-tools	31.31% <ø> (ø)
auth-react	22.80% <ø> (ø)
clients-charge-fjs-v2	24.11% <ø> (ø)
clients-driving-license	40.73% <ø> (ø)
clients-driving-license-book	43.90% <ø> (ø)
clients-financial-statements-inao	49.25% <ø> (ø)
clients-license-client	1.83% <ø> (ø)
clients-middlewares	73.02% <ø> (-0.09%)	⬇️
clients-regulations	42.71% <ø> (ø)
clients-rsk-company-registry	29.76% <ø> (ø)
clients-syslumenn	49.64% <ø> (ø)
cms	0.43% <ø> (ø)
cms-translations	39.05% <ø> (ø)
download-service	44.09% <ø> (ø)
financial-aid-backend	56.53% <ø> (ø)
icelandic-names-registry-backend	54.55% <ø> (ø)
judicial-system-api	18.30% <0.00%> (-0.01%)	⬇️
license-api	42.68% <ø> (+0.07%)	⬆️
nest-audit	68.20% <ø> (ø)
nest-feature-flags	51.95% <ø> (ø)
nest-problem	46.34% <ø> (ø)
nest-swagger	51.71% <ø> (ø)
portals-admin-regulations-admin	1.88% <ø> (ø)
portals-core	16.17% <ø> (ø)
reference-backend	50.41% <ø> (ø)
services-auth-admin-api	51.98% <ø> (ø)
services-auth-ids-api	51.87% <ø> (-0.01%)	⬇️
services-auth-personal-representative	45.55% <ø> (+0.03%)	⬆️
services-auth-personal-representative-public	41.64% <ø> (ø)
services-auth-public-api	49.37% <ø> (+0.01%)	⬆️
services-documents	61.17% <ø> (ø)
services-endorsements-api	55.22% <ø> (ø)
services-sessions	65.79% <ø> (+0.04%)	⬆️
services-university-gateway	48.50% <ø> (+0.08%)	⬆️
services-user-notification	47.07% <ø> (ø)
services-user-profile	62.26% <ø> (-0.10%)	⬇️
shared-components	27.68% <ø> (ø)
shared-form-fields	31.63% <ø> (ø)
skilavottord-ws	24.24% <ø> (ø)
web	1.83% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines	Coverage Δ
...c/app/modules/file/limitedAccessFile.controller.ts	0.00% <ø> (ø)
...dules/subpoena/limitedAccessSubpoena.controller.ts	100.00% <100.00%> (ø)
...system/api/src/app/modules/file/file.controller.ts	0.00% <0.00%> (ø)

... and 3 files with indirect coverage changes

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 0017501...89c3372. Read the comment docs.

[datadog-island-is]

Datadog Report

All test runs 9ec7296 🔗

❌ 74 Total Test Services: 1 Failed, 71 Passed
🔻 Test Sessions change in coverage: 2 decreased, 3 increased, 195 no change

Test Services

This report shows up to 10 services

Service Name	Failed	Known Flaky	New Flaky	Passed	Skipped	Total Time	Code Coverage Change	Test Service View
services-auth-delegation-api	1	0	0	211	0	0s	N/A	Link
air-discount-scheme-backend	0	0	0	81	0	31.18s	N/A	Link
air-discount-scheme-web	0	0	0	2	0	8.46s	1 no change	Link
api	0	0	0	4	0	2.62s	N/A	Link
api-domains-air-discount-scheme	0	0	0	6	0	16.99s	N/A	Link
api-domains-assets	0	0	0	3	0	11.04s	1 no change	Link
api-domains-auth-admin	0	0	0	18	0	14.65s	N/A	Link
api-domains-communications	0	0	0	5	0	34.94s	1 no change	Link
api-domains-criminal-record	0	0	0	5	0	10.9s	1 no change	Link
api-domains-driving-license	0	0	0	23	0	31.07s	1 no change	Link

❌ Failed Tests (1)

• ScopesController withAuth GET /scopes/scope-tree should correctly sort scopes and groups - apps/services/auth/delegation-api/src/app/scopes/test/scopes.controller.spec.ts - Details

  Expand for error

   terminating connection due to administrator command
  

🔻 Code Coverage Decreases vs Default Branch (2)

• clients-middlewares - jest 75.6% (-0.1%) - Details
• services-user-profile - jest 52.79% (-0.04%) - Details