Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build: release v6.72.0 #6649

Merged
merged 10 commits into from
Aug 23, 2023
Merged

build: release v6.72.0 #6649

merged 10 commits into from
Aug 23, 2023

Conversation

wanlingt
Copy link
Contributor

@wanlingt wanlingt commented Aug 23, 2023
edited
Loading

New

  • feat: dashboard infobox message for e2ee #6647
  • fix: prevent saving empty product items #6646
  • feat: ui review changes #6637
  • feat: enable ownership transfer of all forms with a single action #6087
  • feat: storage submission validation with encryption shift endpoint #6595
  • feat: add formId for deprecatedCheck logs #6641
  • feat: upgrade sgid sdk #6584
  • build: merge release v6.71.0 into develop #6636
  • build: release v6.71.0 #6635

Dependencies

  • fix(deps): bump zod from 3.22.1 to 3.22.2 in /shared #6643

Dev-Dependencies

Tests

feat: dashboard infobox message for e2ee #6647

@wanlingt

  • Check that the dashboard infobox has been updated with the right copy.

fix: prevent saving empty product items #6646

@foochifa

Regression

  • On admin view, deleting product items removes the deleted product
  • On admin view, deleting payment component removes the payment component
    • On responder view, the form should not have payment component

Feature Test

  • On admin view, SaveButton is not interactive if there are no ProductItems
  • On admin view, the final ProductItem cannot be deleted (As discussed with @KenLSM this will be fixed in a future PR)

feat: ui review changes #6637

@foochifa

Admin individual response page

  • Observe that mouse-over on badge doesn't trigger any on-hover visual changes
  • Observe that mouse-over tooltip will show payout information above the tooltip

Admin response table
On payment forms

  • Observe that only headers have currency symbols

On non-payment forms

  • Observe that payment headers are not rendered

Variable payment preview
Create and build page

  • Observe that input hint is shown when paymentMax is not populated

feat: enable ownership transfer of all forms with a single action [#6087] (#6087)

@LinHuiqing

  • Log into the FormSG dashboard. Check that the following forms exist
    - Form A: Another admin (can use your email address with + as a suffix, for example wanling+@open.gov.sg) has been added as a collaborator with 'read' permissions
    - Form B: That other admin (wanling+@open.gov.sg) is not a collaborator
  • Click your avatar on the top right and click "Transfer All Forms". A modal should appear
  • Transfer all forms to the email of that other existing admin
  • In your dashboard, you should still see all the forms you were an owner of. Check the form permission list of a random form, you should now be an editor instead of an owner.
  • Log in as the other admin (wanling+@open.gov.sg). You should see all the forms that were transferred to you.
  • Check the permission list of the following forms:
    - Forms A and B: you should be an 'Owner' of both forms

feat: storage submission validation with encryption shift endpoint #6595

@wanlingt

To check that existing email submission validation works:

  • Create a email mode form with logic and switch off captcha.
  • Go to the respondent form and open the network tab before making a submission on the form.
  • Copy and save the corresponding curl request for the email submission made.
  • Make an invalid edit to the email submission curl request:
    • Add an invalid value to a field before any logic. It should throw an appropriate validation error.
    • Add a value to a field that is hidden by logic. It should throw a validation error saying that the you're trying to submit with a value on a hidden field.
  • To the previous request, edit it such that the field previously hidden by logic will be shown. The submission should now succeed.

To check that new endpoint is still able to make valid submissions:

  • Duplicate the form to create the exact same form, but in storage mode. Make sure captcha is off.
  • Make the following edits to the curl request previously saved:
    • formId should be updated to the storage mode form's
    • update endpoint to be /submissions/storage
    • Add "version":1 to the response body
  • Perform the curl request. The request should return an error saying "This endpoint has not been enabled for this form."
  • Go to the form's document on the DB and add a "encryptionBoundaryShift" set to true.
  • Perform the curl request. Check for the following:
    • The response should say "Form submission successful."
    • The submission should show up in the form's results page.

To check that submission validation for new endpoint works:

  • Modify the curl request with invalid submissions.
    • Add an invalid value to a field before any logic. It should throw an appropriate validation error.
    • Add a value to a field that is hidden by logic. It should throw a validation error saying that the you're trying to submit with a value on a hidden field.
  • To the previous request, edit it such that the field previously hidden by logic will be shown. The submission should now succeed.

Regression tests:

  • Submit a response on an email mode form. You should receive the corresponding email for the submission.
  • Submit a response on a storage mode form. You should see that the corresponding submission entry should show up on the admin results page.
  • Go to an email mode form's preview page. Make a submission. The app should not crash and you should receive a corresponding email for the submission.

feat: upgrade sgid sdk #6584

@LinHuiqing

  • Created unit tests for test paths where code_verifier cookie is missing.
  • Updated existing test cases based on the breaking changes.
  • Manually tested against sgID's staging environment:
  • Log in to FormSG via the /ogp-login route. This should work correctly.
  • Create and submit a form with SGID authentication. This should work correctly.
  • Create and submit a form with SGID MyInfo. This should work correctly.

Deploy Notes

New environment variables:

  • SGID_HOSTNAME in docker-compose.yml : updated accordingly to Mockpass' changes. No changes required for staging/prod env vars.

New dependencies:

  • @opengovsg/sgid-client : Bumped from ^1.0.4 to v2.0.0.
  • mockpass: Bumped from v3.1.3 to v4.0.4.

KenLSM and others added 10 commits August 17, 2023 22:26
@KenLSM
Merge pull request #6636 from opengovsg/release-al2
b4afaca 
build: merge release v6.71.0 into develop
@kschiew @justynoh
feat: upgrade sgid sdk (#6584)
5c79ac8 
* feat: upgrade to sgID v2 SDK

* chore: update docker setup

* chore: update package.json

* fix: update bson version for tests

* chore: update package-lock.json

* chore: commit package.json files with no-verify

* chore: remove console logs

* chore: update package-lock

* chore: update package-lock

* chore: change node version

* chore: change npm version

* chore: pin bson version

* chore: actually pin bson versoin

* fix: fix helmet type import

* chore: update deps

* chore: update mockpass dev dependency version

* chore: revert out-of-scope changes

* chore: refactors

* chore: remove unneeded packages

* test: update sgid service tests with generatePkcePair mocks

* test: fix tests again

---------

Co-authored-by: Justyn Oh <justynoh@gmail.com>
@dependabot
fix(deps): bump zod from 3.22.1 to 3.22.2 in /shared (#6643)
28721e8 
Bumps [zod](https://github.com/colinhacks/zod) from 3.22.1 to 3.22.2.
- [Release notes](https://github.com/colinhacks/zod/releases)
- [Changelog](https://github.com/colinhacks/zod/blob/master/CHANGELOG.md)
- [Commits](colinhacks/zod@v3.22.1...v3.22.2)

---
updated-dependencies:
- dependency-name: zod
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@LinHuiqing
feat: add formId for deprecatedCheck logs (#6641)
e34e650 
- fix: rm storage isPreview deprecatedCheck
- fix: rm unused EncryptSubmissionBodyAfterProcess
@LinHuiqing
feat: storage submission validation with encryption shift endpoint (#…
55a6f52 
…6595)

* refactor: mv encryptSubmission in submitEncryptModeForm

* fix: separate submit for encrypt and storage

* feat: storage submission validation

* fix: getResponseModeFilter tests

* fix: remove guardrail for submitEncryptModeForm

* fix: Gone error message if public form is deleted

* refactor: extract checks into ensure pipelines

* fix: next() to be awaited

* refactor: steps for encrypted submissions

* refactor: extract steps into middleware file

* refactor: pass context with req.body

* fix: send error responses

* fix: filter nomenclature

* refactor: move flag str to constants file

* docs: add TODOs to remove filters

* refactor: use isEncryptedMode bool const

* fix: restore retrieveForm step

* fix: storage mode submission

* refactor: controller handler types

* refactor: mv code used by new endpoint out from email-submission

- validateAttachments + ParsedResponsesObject

* fix: filter name in tests

* fix: tests for refactored email submission code

* test: filteredResponses in IncomingEncryptSubmission

* fix: rm isVisible set for Encrypt in ParsedResponsesObject

- only used for new storage endpoint

* fix: newEncryptionBoundary prop and isVisible

* fix: form model default newEncryptionBoundary val

* fix: validateAttachments check limits based on type

* refactor: rm newEncryptionBoundaryFlag constant

* fix: type newEncryptionBoundary to never for email

* fix: tests after newEncryptionBoundary rm from email

* refactor: middleware for better compile type checks

* docs: remove dangling comment

* fix: newEncryptionBoundary typing

* refactor: use FormResponseMode for fileSizeLimit

* refactor: use encryptionBoundaryShift as flag

* fix: Gone when submission is tried on deleted form

* feat: catch-all res for ensures

* refactor: use req.formsg to store context

* refactor: use NextFunction typing

* revert: "feat: catch-all res for ensures"

This reverts commit 64ca3e8.

* feat: ensures catch-all res return
@jia1 @wanlingt
feat: enable ownership transfer of all forms with a single action (#6087
a242e34 
)

* feat: create TransferOwnershipModal story (note pending TODO/FIXME)

* feat: make email address bold and danger.500 when confirming submission and add TODO/FIXME

* feat: prevent self-transfer and add unit tests (todo: fix mutation)

* feat: add route for getting owned forms

* fix: partially fix frontend typing for mutation

* feat: fix mutation

* chore: add missing FIXME

* fix: fix type, route and add fixmes for mocking endpoints

* feat: mock endpoints relevant to transfer-ownership and remove unneeded FIXME

* fix: fix endpoint mock bug (remove Default.parameters override) and add other FIXMEs

* feat: add TransferOwnershipModal to AdminNavBar and fix wiring

* test: add /owned unit tests and add DRY FIXMEs

* fix: remove unwanted diff

* fix: remove catch block so that the promise remains rejected

* feat: return a rejected promise in UserService/transferOwnership if there are no owned forms

* chore: remove irrelevant fixme

* fix: fix types

* fix: fix transferOwnership mock response from array to single form

* test: wait for toast to appear in TransferOwnershipModal test

* test: add tests for GET /admin/forms/owned

* chore: remove non-applicable and low-priority FIXMEs/TODOs

* fix: add missing filter and spy on the correct method

* refactor: rename /owned to /mine and getFormsOwnedByUserId to retrieveFormsOwnedByUserId

* refactor: add Please try again to error msg

* feat: include archived forms in /mine

* fix: revert wrongly edited test

* feat: add new route to transfer all forms belonging to a single admin

* fix: update endpoint used in transferOwnership

* test: replace /mine tests with /all-transfer-owner

* ref: remove redundant findUserByEmail query

* test: add tests for transferAllFormsOwnership in admin-form.controller

* feat: refetch forms when transfer is successful

* feat: update permission list

* feat: trim emails

---------

Co-authored-by: wanlingt <wanling@open.gov.sg>
@KenLSM @LinHuiqing
feat: ui review changes (#6637)
3a2dfcd 
* chore: update copy for product modal errors

* chore: update copy for variable payment preview

* chore: update table width, ordering, and copy for response table

* chore: update ui admin inidivual response page

* chore: remove extra characters

* fix: typo for minimum amount error message

---------

Co-authored-by: Lin Huiqing <37061143+LinHuiqing@users.noreply.github.com>
@KenLSM
fix: prevent saving empty product items (#6646)
7a0abac 
* fix: disable save button when no there are no products

* fix: add be validation on product count before saving
@LinHuiqing @wanlingt
feat: dashboard infobox message for e2ee (#6647)
03bf4f5 
* feat: dashboard infobox for e2ee

* docs: add todo for dashboard message env var

---------

Co-authored-by: wanlingt <wanling@open.gov.sg>
@wanlingt
chore: bump version to v6.72.0
9392c77
@foochifa
Copy link
Contributor

foochifa commented Aug 23, 2023
edited
Loading

Ohh so if i delete the payment field on a form that previous have payments, the payment headers will still disappear in the reconciliation dashboard, eventhough the responses have payment details in them

I think it's non-blocking, but do you think we should display the headers based on whether there is a response with payment rather than if payment field is enabled? @KenLSM

@wanlingt wanlingt merged commit 100fe78 into release-al2 Aug 23, 2023
83 checks passed
@wanlingt wanlingt deleted the release_v6.72.0 branch August 23, 2023 05:23
This was referenced Aug 24, 2023
Closed
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@foochifa foochifa foochifa approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@wanlingt @foochifa @KenLSM @kschiew @LinHuiqing @jia1