feat: user document storage

Author: mikewolfd

api/.env-template

@@ -7,3 +7,4 @@ FORMATION_API_ACCOUNT=
 FORMATION_API_KEY=
 FORMATION_API_BASE_URL=
 BUSINESS_NAME_BASE_URL=
+DOCUMENT_S3_BUCKET=

api/package.json

@@ -33,6 +33,7 @@
   },
   "dependencies": {
     "@aws-sdk/client-dynamodb": "3.58.0",
+    "@aws-sdk/client-s3": "^3.58.0",
     "@aws-sdk/lib-dynamodb": "3.58.0",
     "@aws-sdk/util-dynamodb": "3.58.0",
     "airtable": "0.11.3",

api/serverless.ts

@@ -38,6 +38,8 @@ const myNJServiceUrl = process.env.MYNJ_SERVICE_URL || "";
 const useFakeSelfReg = process.env.USE_FAKE_SELF_REG || "";
 const intercomHashSecret = process.env.INTERCOM_HASH_SECRET || "";
 
+const documentS3Bucket = `nj-bfs-user-documents-${ssmLocation}`;
+
 const serverlessConfiguration: AWS = {
   useDotenv: true,
   service: "businessnjgov-api",
@@ -100,6 +102,11 @@ const serverlessConfiguration: AWS = {
             Action: ["s3:GetObject"],
             Resource: "arn:aws:s3:::*/*",
           },
+          {
+            Effect: "Allow",
+            Action: ["s3:PutObject", "s3:ListBucket", "s3:GetObject"],
+            Resource: `arn:aws:s3:::${documentS3Bucket}/*`,
+          },
           {
             Effect: "Allow",
             Action: ["secretsmanager:GetSecretValue"],
@@ -116,6 +123,7 @@ const serverlessConfiguration: AWS = {
       AWS_NODEJS_CONNECTION_REUSE_ENABLED: "1",
       USERS_TABLE: usersTable,
       LICENSE_STATUS_BASE_URL: licenseStatusBaseUrl,
+      DOCUMENT_S3_BUCKET: documentS3Bucket,
       CMS_OAUTH_CLIENT_ID: cmsoAuthClientId,
       CMS_OAUTH_CLIENT_SECRET: cmsoAuthClientSecret,
       BUSINESS_NAME_BASE_URL: businessNameBaseUrl,

api/src/api/formationRouter.test.ts

@@ -9,14 +9,23 @@ import {
   generateGetFilingResponse,
   generateUserData,
 } from "../../test/factories";
+import { saveFileFromUrl } from "../domain/s3Writer";
 import { FormationClient, UserDataClient } from "../domain/types";
 import { formationRouterFactory } from "./formationRouter";
-import { getSignedInUserId } from "./userRouter";
+import { getSignedInUser, getSignedInUserId } from "./userRouter";
 
 jest.mock("./userRouter", () => ({
   getSignedInUserId: jest.fn(),
+  getSignedInUser: jest.fn(),
 }));
+
+jest.mock("../domain/s3Writer.ts", () => ({
+  saveFileFromUrl: jest.fn(),
+}));
+
+const fakeSaveFileFromUrl = saveFileFromUrl as jest.Mock;
 const fakeSignedInUserId = getSignedInUserId as jest.Mock;
+const fakeSignedInUser = getSignedInUser as jest.Mock;
 
 describe("formationRouter", () => {
   let app: Express;
@@ -26,6 +35,13 @@ describe("formationRouter", () => {
   beforeEach(async () => {
     jest.resetAllMocks();
     fakeSignedInUserId.mockReturnValue("some-id");
+    fakeSignedInUser.mockReturnValue({
+      sub: "1234",
+      "custom:myNJUserKey": "1234myNJUserKey",
+      "custom:identityId": "us-east-1:identityId",
+      email: "whatever@gmail.com",
+      identities: undefined,
+    });
     stubFormationClient = {
       form: jest.fn(),
       getCompletedFiling: jest.fn(),
@@ -99,6 +115,18 @@ describe("formationRouter", () => {
   });
 
   describe("/completed-filing", () => {
+    let dateNowSpy: jest.SpyInstance;
+    beforeEach(() => {
+      dateNowSpy = jest.spyOn(Date, "now").mockImplementation(() => 1487076708000);
+      fakeSaveFileFromUrl.mockReset();
+      fakeSaveFileFromUrl.mockImplementation((link, location, bucket) =>
+        Promise.resolve(`http://${location}`)
+      );
+    });
+    afterAll(() => {
+      dateNowSpy.mockRestore();
+    });
+
     it("saves and returns updated user data with get-filing response", async () => {
       const getFilingResponse = generateGetFilingResponse({ success: true });
       stubFormationClient.getCompletedFiling.mockResolvedValue(getFilingResponse);
@@ -127,9 +155,19 @@ describe("formationRouter", () => {
           ...userData.profileData,
           entityId: getFilingResponse.entityId,
           dateOfFormation: userData.formationData.formationFormData.businessStartDate,
+          documents: {
+            ...userData.profileData.documents,
+            formationDoc: `http://us-east-1:identityId/formationDoc-1487076708000.pdf`,
+            certifiedDoc: `http://us-east-1:identityId/certifiedDoc-1487076708000.pdf`,
+            standingDoc: `http://us-east-1:identityId/standingDoc-1487076708000.pdf`,
+          },
         },
       };
-
+      expect(fakeSaveFileFromUrl).toHaveBeenCalledWith(
+        getFilingResponse.formationDoc,
+        `us-east-1:identityId/formationDoc-1487076708000.pdf`,
+        undefined
+      );
       expect(response.body).toEqual(expectedNewUserData);
       expect(stubUserDataClient.put).toHaveBeenCalledWith(expectedNewUserData);
       expect(stubFormationClient.getCompletedFiling).toHaveBeenCalledWith("some-formation-id");
@@ -155,5 +193,57 @@ describe("formationRouter", () => {
         },
       });
     });
+
+    it("only fetches files that are in the filingResponse", async () => {
+      const getFilingResponse = generateGetFilingResponse({ success: true, certifiedDoc: "" });
+      stubFormationClient.getCompletedFiling.mockResolvedValue(getFilingResponse);
+
+      const userData = generateUserData({
+        formationData: generateFormationData({
+          formationResponse: generateFormationSubmitResponse({ formationId: "some-formation-id" }),
+        }),
+      });
+      stubUserDataClient.get.mockResolvedValue(userData);
+      await request(app).get(`/completed-filing`).send();
+
+      const expectedNewUserData = {
+        ...userData,
+        formationData: {
+          ...userData.formationData,
+          getFilingResponse: getFilingResponse,
+        },
+        taskProgress: {
+          ...userData.taskProgress,
+          "form-business-entity": "COMPLETED",
+        },
+        profileData: {
+          ...userData.profileData,
+          entityId: getFilingResponse.entityId,
+          dateOfFormation: userData.formationData.formationFormData.businessStartDate,
+          documents: {
+            ...userData.profileData.documents,
+            formationDoc: `http://us-east-1:identityId/formationDoc-1487076708000.pdf`,
+            standingDoc: `http://us-east-1:identityId/standingDoc-1487076708000.pdf`,
+          },
+        },
+      };
+
+      expect(fakeSaveFileFromUrl).toHaveBeenCalledWith(
+        getFilingResponse.formationDoc,
+        `us-east-1:identityId/formationDoc-1487076708000.pdf`,
+        process.env.DOCUMENT_S3_BUCKET
+      );
+      expect(fakeSaveFileFromUrl).toHaveBeenCalledWith(
+        getFilingResponse.standingDoc,
+        `us-east-1:identityId/standingDoc-1487076708000.pdf`,
+        process.env.DOCUMENT_S3_BUCKET
+      );
+      expect(fakeSaveFileFromUrl).not.toHaveBeenCalledWith(
+        getFilingResponse.certifiedDoc,
+        `us-east-1:identityId/certifiedDoc-1487076708000.pdf`,
+        process.env.DOCUMENT_S3_BUCKET
+      );
+      expect(stubUserDataClient.put).toHaveBeenCalledWith(expectedNewUserData);
+    });
   });
 });

api/src/api/formationRouter.ts

@@ -1,7 +1,9 @@
 import { FormationSubmitResponse, GetFilingResponse } from "@shared/formationData";
+import { ProfileDocuments } from "@shared/profileData";
 import { Router } from "express";
+import { saveFileFromUrl } from "../domain/s3Writer";
 import { FormationClient, UserDataClient } from "../domain/types";
-import { getSignedInUserId } from "./userRouter";
+import { getSignedInUser, getSignedInUserId } from "./userRouter";
 
 export const formationRouterFactory = (
   formationClient: FormationClient,
@@ -32,6 +34,7 @@ export const formationRouterFactory = (
   });
 
   router.get("/completed-filing", async (req, res) => {
+    const signedInUser = getSignedInUser(req);
     const signedInUserId = getSignedInUserId(req);
     const userData = await userDataClient.get(signedInUserId);
 
@@ -46,10 +49,34 @@ export const formationRouterFactory = (
         const taskProgress = userData.taskProgress;
         let entityId = userData.profileData.entityId;
         let dateOfFormation = userData.profileData.dateOfFormation;
+        const documents: Partial<ProfileDocuments> = {};
+
         if (getFilingResponse.success) {
           taskProgress["form-business-entity"] = "COMPLETED";
           entityId = getFilingResponse.entityId;
           dateOfFormation = userData.formationData.formationFormData.businessStartDate;
+
+          documents["formationDoc"] = await saveFileFromUrl(
+            getFilingResponse.formationDoc,
+            `${signedInUser["custom:identityId"]}/formationDoc-${Date.now()}.pdf`,
+            process.env.DOCUMENT_S3_BUCKET as string
+          );
+
+          if (getFilingResponse.certifiedDoc) {
+            documents["certifiedDoc"] = await saveFileFromUrl(
+              getFilingResponse.certifiedDoc,
+              `${signedInUser["custom:identityId"]}/certifiedDoc-${Date.now()}.pdf`,
+              process.env.DOCUMENT_S3_BUCKET as string
+            );
+          }
+
+          if (getFilingResponse.standingDoc) {
+            documents["standingDoc"] = await saveFileFromUrl(
+              getFilingResponse.standingDoc,
+              `${signedInUser["custom:identityId"]}/standingDoc-${Date.now()}.pdf`,
+              process.env.DOCUMENT_S3_BUCKET as string
+            );
+          }
         }
         const userDataWithResponse = {
           ...userData,
@@ -62,12 +89,14 @@ export const formationRouterFactory = (
             ...userData.profileData,
             entityId,
             dateOfFormation,
+            documents: { ...userData.profileData.documents, ...documents },
           },
         };
         await userDataClient.put(userDataWithResponse);
         res.json(userDataWithResponse);
       })
-      .catch(() => {
+      .catch((error) => {
+        console.error(error);
         res.status(500).json();
       });
   });

api/src/api/userRouter.ts

@@ -16,6 +16,7 @@ const getTokenFromHeader = (req: Request): string => {
 type CognitoJWTPayload = {
   sub: string;
   "custom:myNJUserKey": string;
+  "custom:identityId": string | undefined;
   email: string;
   identities: CognitoIdentityPayload[] | undefined;
 };
@@ -29,8 +30,11 @@ type CognitoIdentityPayload = {
   userId: string;
 };
 
+export const getSignedInUser = (req: Request): CognitoJWTPayload =>
+  jwt.decode(getTokenFromHeader(req)) as CognitoJWTPayload;
+
 export const getSignedInUserId = (req: Request): string => {
-  const signedInUser = jwt.decode(getTokenFromHeader(req)) as CognitoJWTPayload;
+  const signedInUser = getSignedInUser(req);
   const myNJIdentityPayload = signedInUser.identities?.find((it) => it.providerName === "myNJ");
   return myNJIdentityPayload?.userId || signedInUser.sub;
 };

api/src/db/migrations/migrations.ts

@@ -40,6 +40,7 @@ import { migrate_v42_to_v43 } from "./v43_add_initial_flow_to_profile_data";
 import { migrate_v43_to_v44 } from "./v44_add_cannabis_license_to_profile_data";
 import { migrate_v44_to_v45 } from "./v45_add_hidden_opportunities_to_preferences";
 import { migrate_v45_to_v46 } from "./v46_add_task_item_checklist";
+import { migrate_v46_to_v47 } from "./v47_add_profile_documents";
 import { migrate_v3_to_v4 } from "./v4_add_municipality";
 import { migrate_v4_to_v5 } from "./v5_add_liquor_license";
 import { migrate_v5_to_v6 } from "./v6_add_home_based_business";
@@ -97,6 +98,7 @@ export const Migrations: MigrationFunction[] = [
   migrate_v43_to_v44,
   migrate_v44_to_v45,
   migrate_v45_to_v46,
+  migrate_v46_to_v47,
 ];
 
 export const CURRENT_VERSION = Migrations.length;