ADR - Existing Azure Upload

[kishor-gupta]

Summary by Sourcery

Add a new architectural decision record (ADR 0019) for direct client Azure Blob uploads using SAS tokens and update the sidebar ordering for the existing ADR 0018.

Documentation:

• Introduce ADR 0019 detailing the context, decision drivers, options, chosen approach, implementation details, sequence diagram, and limitations for direct client uploads via Azure Blob SAS tokens
• Adjust sidebar_position for ADR 0018 to accommodate the new ADR entry

[sourcery-ai]

Reviewer's Guide

This PR adjusts the sidebar ordering for ADR 18 and introduces ADR 19 “Existing Azure Upload,” capturing the decision rationale and detailed implementation plan for direct client uploads to Azure Blob Storage using SAS tokens with malware scanning and versioning.

Sequence diagram for direct client upload to Azure Blob Storage with SAS tokens and malware scanning

sequenceDiagram
actor User
participant Frontend
participant Backend
participant Blob
User->>Frontend: Select image & click Save/Continue
Frontend->>Frontend: Sanitize & validate (type, size, dimensions)
Frontend->>Backend: Request SAS token (name, type, size)
Backend->>Backend: Build blob path + tags + metadata, validate upload rules
Backend-->>Frontend: AuthResult (blob URL + SAS token + x-ms-date + tags + metadata)
Frontend->>Blob: PUT file bytes (headers + auth + tags + metadata)
Blob-->>Frontend: 201 Created (x-ms-version-id)
Frontend->>Backend: Persist blob reference/version ID
Backend->>Backend: Process blob (versionId and blobURL)
alt Scan: No threats found
    Backend->>Frontend: Acknowledge success, retain blob
else Scan: Malicious
    Backend->>Blob: Delete current malicious version, promote previous version
    Backend->>Frontend: Acknowledge file replacement or deletion
end
Frontend-->>User: Show success / preview / error if malicious

Loading

Class diagram for AzureUpload React component and backend SAS token service

classDiagram
class AzureUpload {
  +beforeUpload(file)
  +customizeUpload(file, sasToken)
  -FileValidator
  -Axios
}
class FileValidator {
  +validateType(file)
  +validateSize(file)
  +validateDimensions(file)
}
class BackendSASTokenService {
  +identityVerificationCaseV1CreateAuthHeader(params)
  +getHeader(params)
}
class BlobStorageClient {
  +generateSASToken(blobPath, permissions, expiry)
  +deleteBlobVersion(blobVersionId)
  +copyBlob(sourceVersionId, targetVersionId)
}
AzureUpload --> FileValidator
AzureUpload --> BackendSASTokenService : requests SAS token
BackendSASTokenService --> BlobStorageClient : generates SAS token, manages blob versions

Loading

File-Level Changes

Change	Details	Files
Updated ADR 18 sidebar position	Decremented sidebar_position from 19 to 18	apps/docs/docs/decisions/0018-docusaurus-azure-pipeline-stages.md
Added ADR 19 “Existing Azure Upload”	Created frontmatter with metadata Documented context, decision drivers, considered options and chosen approach Outlined frontend AzureUpload component flow (file validation, SAS request, direct upload, progress tracking) Specified backend SAS token generation, metadata tagging and malware scanning logic Included sequence diagram and noted limitations	apps/docs/docs/decisions/0019-existing-azure-upload.md

Possibly linked issues

• #ADR - Existing Azure Upload: The PR creates the Architectural Decision Record for the existing Azure upload, directly resolving the issue.

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey there - I've reviewed your changes and they look great!

Prompt for AI Agents

Please address the comments from this code review:

## Individual Comments

### Comment 1
<location> `apps/docs/docs/decisions/0019-existing-azure-upload.md:45` </location>
<code_context>
+
+**Frontend Components:**
+- `AzureUpload` The AzureUpload React component is designed to enable direct client-side uploads to Azure Blob Storage with built-in file validation,authentication, and post-upload malware scanning.
+- It have two handler `beforeUpload` and `customizeUpload`
+    - `beforeUpload` Handler:
+        - Sanitizes and normalizes the file name.
</code_context>

<issue_to_address>
**issue (typo):** Incorrect verb agreement and pluralization: 'It have two handler' should be 'It has two handlers'.

The correct phrasing is: 'It has two handlers: `beforeUpload` and `customizeUpload`'.

```suggestion
- It has two handlers: `beforeUpload` and `customizeUpload`
```
</issue_to_address>

### Comment 2
<location> `apps/docs/docs/decisions/0019-existing-azure-upload.md:60` </location>
<code_context>
+
+**Backend Services:**
+- SAS Token Generation:
+    - The backend handles SAS token generation and validation for Azure Blob Storage uploads, ensuring secure and controlled access for file uploads. There are different- different mutation (pdf & image files). The backend service encapsulates all business logic enforcing file upload restrictions and security requirements before enabling clients to upload files directly to Azure Blob Storage with short-lived and carefully permissioned SAS tokens. For exmple
+        - `identityVerificationCaseV1CreateAuthHeader` method:
+            - Accepts upload parameters such as case ID, file name, content type, content length, and file specifications (max size, permitted content types).
</code_context>

<issue_to_address>
**issue (typo):** Awkward phrasing and typo: 'different- different mutation' and 'For exmple'.

Please update to: 'There are different mutations for PDF and image files.' Also, correct 'For exmple' to 'For example'.

```suggestion
    - The backend handles SAS token generation and validation for Azure Blob Storage uploads, ensuring secure and controlled access for file uploads. There are different mutations for PDF and image files. The backend service encapsulates all business logic enforcing file upload restrictions and security requirements before enabling clients to upload files directly to Azure Blob Storage with short-lived and carefully permissioned SAS tokens. For example
```
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}