Persist inbound approvals

narval-xyz · Jan 19, 2024 · 9aec427 · 9aec427
1 parent 8276fd4
commit 9aec427
Show file tree

Hide file tree

Showing 4 changed files with 49 additions and 18 deletions.
diff --git a/apps/orchestration/src/policy-engine/core/type/domain.type.ts b/apps/orchestration/src/policy-engine/core/type/domain.type.ts
@@ -1,5 +1,5 @@
 import { Action, TransactionRequest } from '@narval/authz-shared'
-import { SetOptional } from 'type-fest'
+import { OverrideProperties, SetOptional } from 'type-fest'
 
 /**
  * AuthZ actions currently supported by the Orchestration.
@@ -69,7 +69,14 @@ export type SignMessageAuthorizationRequest = SharedAuthorizationRequest & {
 
 export type AuthorizationRequest = SignTransactionAuthorizationRequest | SignMessageAuthorizationRequest
 
-export type CreateAuthorizationRequest = SetOptional<AuthorizationRequest, 'id' | 'status' | 'createdAt' | 'updatedAt'>
+export type CreateApproval = SetOptional<Approval, 'id' | 'createdAt'>
+
+export type CreateAuthorizationRequest = OverrideProperties<
+  SetOptional<AuthorizationRequest, 'id' | 'status' | 'createdAt' | 'updatedAt'>,
+  {
+    approvals: CreateApproval[]
+  }
+>
 
 export function isSignTransaction(request: AuthorizationRequest): request is SignTransactionAuthorizationRequest {
   return (request as SignTransactionAuthorizationRequest).action === SupportedAction.SIGN_TRANSACTION

diff --git a/apps/orchestration/src/policy-engine/http/rest/dto/signature.dto.ts b/apps/orchestration/src/policy-engine/http/rest/dto/signature.dto.ts
@@ -19,5 +19,5 @@ export class SignatureDto {
     enum: ['ES256K'],
     required: false
   })
-  alg?: string = 'ES256K'
+  alg: string = 'ES256K'
 }
diff --git a/apps/orchestration/src/policy-engine/http/rest/util.ts b/apps/orchestration/src/policy-engine/http/rest/util.ts
@@ -1,4 +1,8 @@
-import { CreateAuthorizationRequest, SupportedAction } from '@app/orchestration/policy-engine/core/type/domain.type'
+import {
+  CreateApproval,
+  CreateAuthorizationRequest,
+  SupportedAction
+} from '@app/orchestration/policy-engine/core/type/domain.type'
 import { AuthorizationRequestDto } from '@app/orchestration/policy-engine/http/rest/dto/authorization-request.dto'
 import { plainToInstance } from 'class-transformer'
 
@@ -10,11 +14,13 @@ export const toCreateAuthorizationRequest = (
   body: AuthorizationRequestDto
 ): CreateAuthorizationRequest => {
   const dto = plainToInstance(AuthorizationRequestDto, body)
+  const approvals: CreateApproval[] = dto.approvals
+
   const shared = {
     orgId,
     initiatorId: '97389cac-20f0-4d02-a3a9-b27c564ffd18',
     hash: dto.hash,
-    approvals: [],
+    approvals,
     evaluations: []
   }
 

diff --git a/...rchestration/src/policy-engine/persistence/repository/authorization-request.repository.ts b/...rchestration/src/policy-engine/persistence/repository/authorization-request.repository.ts
@@ -12,29 +12,21 @@ import {
 import { PrismaService } from '@app/orchestration/shared/module/persistence/service/prisma.service'
 import { Injectable } from '@nestjs/common'
 import { EvaluationLog } from '@prisma/client/orchestration'
-
-const toEvaluationLogs = (orgId?: string, evaluations?: Evaluation[]): Omit<EvaluationLog, 'requestId'>[] => {
-  return orgId && evaluations?.length
-    ? evaluations.map((evaluation) => ({
-        ...evaluation,
-        orgId
-      }))
-    : []
-}
+import { v4 as uuid } from 'uuid'
 
 @Injectable()
 export class AuthorizationRequestRepository {
   constructor(private prismaService: PrismaService) {}
 
   async create(input: CreateAuthorizationRequest): Promise<AuthorizationRequest> {
     const { id, action, request, orgId, hash, status, idempotencyKey, createdAt, updatedAt, evaluations, approvals } =
-      createAuthorizationRequestSchema.parse(input)
-    const evaluationLogs = toEvaluationLogs(orgId, evaluations)
+      createAuthorizationRequestSchema.parse(this.getDefaults(input))
+    const evaluationLogs = this.toEvaluationLogs(orgId, evaluations)
 
     const model = await this.prismaService.authorizationRequest.create({
       data: {
-        status: status || AuthorizationRequestStatus.CREATED,
         id,
+        status,
         orgId,
         action,
         request,
@@ -77,7 +69,7 @@ export class AuthorizationRequestRepository {
   ): Promise<AuthorizationRequest> {
     const { id } = input
     const { orgId, status, evaluations, approvals } = updateAuthorizationRequestSchema.parse(input)
-    const evaluationLogs = toEvaluationLogs(orgId, evaluations)
+    const evaluationLogs = this.toEvaluationLogs(orgId, evaluations)
 
     const model = await this.prismaService.authorizationRequest.update({
       where: { id },
@@ -137,4 +129,30 @@ export class AuthorizationRequestRepository {
     // decoding of all models.
     return models.map(decodeAuthorizationRequest)
   }
+
+  private getDefaults(input: CreateAuthorizationRequest): AuthorizationRequest {
+    const now = new Date()
+
+    return {
+      ...input,
+      id: input.id || uuid(),
+      status: input.status || AuthorizationRequestStatus.CREATED,
+      createdAt: input.createdAt || now,
+      updatedAt: input.updatedAt || now,
+      approvals: input.approvals.map((approval) => ({
+        ...approval,
+        id: approval.id || uuid(),
+        createdAt: approval.createdAt || now
+      }))
+    }
+  }
+
+  private toEvaluationLogs(orgId?: string, evaluations?: Evaluation[]): Omit<EvaluationLog, 'requestId'>[] {
+    return orgId && evaluations?.length
+      ? evaluations.map((evaluation) => ({
+          ...evaluation,
+          orgId
+        }))
+      : []
+  }
 }