Merge pull request #174 from xeptagondev/main

Main
undp · Oct 6, 2023 · b3c47d5 · b3c47d5
2 parents e9096b4 + d4b1fd8
commit b3c47d5
Show file tree

Hide file tree

Showing 9 changed files with 53 additions and 31 deletions.
diff --git a/.github/workflows/frontend-deployment-prod.yml b/.github/workflows/frontend-deployment-prod.yml
@@ -11,8 +11,8 @@ jobs:
     runs-on: ubuntu-latest
     env:
       REACT_APP_BACKEND: https://api.carbreg.org
-      COUNTRY_NAME: 'CountryX'
-      COUNTRY_FLAG_URL: 'https://carbon-common-prod.s3.amazonaws.com/flag.png'
+      REACT_APP_COUNTRY_NAME: 'UNDP Digital Public Good National'
+      REACT_APP_COUNTRY_FLAG_URL: 'https://carbon-common-prod.s3.amazonaws.com/flag.png'
       COUNTRY_CODE: 'NG'
       REACT_APP_MAPBOXGL_ACCESS_TOKEN: ${{ secrets.MAPBOXGL_ACCESS_TOKEN }}
       REACT_APP_MAP_TYPE : "Mapbox"

diff --git a/backend/services/.env.dev b/backend/services/.env.dev
@@ -11,7 +11,7 @@ LEDGER_TYPE=QLDB
 FILE_SERVICE=S3
 LOCATION_SERVICE=MAPBOX
 ASYNC_OPERATIONS_TYPE=Queue
-DISABLE_LOW_PRIORITY_EMAIL=true
+DISABLE_LOW_PRIORITY_EMAIL=false
 ASYNC_QUEUE_NAME=https://sqs.us-east-1.amazonaws.com/302213478610/AsyncQueuedev.fifo
 DOMAIN_MAP=false
 EXPIRES_IN=7200

diff --git a/backend/services/.env.prod b/backend/services/.env.prod
@@ -15,5 +15,7 @@ DISABLE_LOW_PRIORITY_EMAIL=true
 ASYNC_QUEUE_NAME=https://sqs.us-east-1.amazonaws.com/302213478610/AsyncQueueprod.fifo
 DOMAIN_MAP=true
 EXPIRES_IN=3600
-SMTP_ENDPOINT=vpce-09f436c29698877f7-1edt380c.email-smtp.us-east-1.vpce.amazonaws.com
-SMTP_USERNAME=AKIAUMXKTXDJLKSXTF3U
+SMTP_ENDPOINT=vpce-02cef9e74f152b675-b00ybiai.email-smtp.us-east-1.vpce.amazonaws.com
+SMTP_USERNAME=AKIAUMXKTXDJLKSXTF3U
+systemCountryName="UNDP Digital Public Good National"
+HOST=https://demo.carbreg.org
diff --git a/backend/services/src/national-api/company.controller.ts b/backend/services/src/national-api/company.controller.ts
@@ -23,6 +23,7 @@ import { FindOrganisationQueryDto } from "../shared/dto/find.organisation.dto";
 import { OrganisationUpdateDto } from "../shared/dto/organisation.update.dto";
 import { CountryService } from "../shared/util/country.service";
 import { HelperService } from "../shared/util/helpers.service";
+import { ApiKeyJwtAuthGuard } from "../shared/auth/guards/api-jwt-key.guard";
 
 @ApiTags("Organisation")
 @ApiBearerAuth()
@@ -44,7 +45,8 @@ export class CompanyController {
   }
 
   @ApiBearerAuth()
-  @UseGuards(JwtAuthGuard, PoliciesGuardEx(true, Action.Read, Company, true))
+  @ApiBearerAuth('api_key')
+  @UseGuards(ApiKeyJwtAuthGuard, PoliciesGuardEx(true, Action.Read, Company, true))
   @Post("queryNames")
   queryNames(@Body() query: QueryDto, @Request() req) {
     console.log(req.abilityCondition);
@@ -102,7 +104,8 @@ export class CompanyController {
   }
 
   @ApiBearerAuth()
-  @UseGuards(JwtAuthGuard, PoliciesGuardEx(true, Action.Read, Company))
+  @ApiBearerAuth('api_key')
+  @UseGuards(ApiKeyJwtAuthGuard, PoliciesGuardEx(true, Action.Read, Company))
   @Post("findByIds")
   async findByCompanyId(
     @Body() body: FindOrganisationQueryDto,
@@ -118,20 +121,26 @@ export class CompanyController {
   }
 
   @ApiBearerAuth()
-  @UseGuards(JwtAuthGuard, PoliciesGuardEx(true, Action.Update, Company))
+  @ApiBearerAuth('api_key')
+  @UseGuards(ApiKeyJwtAuthGuard, PoliciesGuardEx(true, Action.Update, Company))
   @Put("update")
   async updateCompany(@Body() company: OrganisationUpdateDto, @Request() req) {
     global.baseUrl = `${req.protocol}://${req.get("Host")}`;
     return await this.companyService.update(company, req.abilityCondition);
   }
 
-  @UseGuards(JwtAuthGuard)
+
+  @ApiBearerAuth()
+  @ApiBearerAuth('api_key')
+  @UseGuards(ApiKeyJwtAuthGuard)
   @Post("countries")
   async getCountries(@Body() query: QueryDto, @Request() req) {
     return await this.countryService.getCountryList(query);
   }
 
-  @UseGuards(JwtAuthGuard)
+  @ApiBearerAuth()
+  @ApiBearerAuth('api_key')
+  @UseGuards(ApiKeyJwtAuthGuard)
   @Get("countries")
   async getAvailableCountries(@Request() req) {
     return await this.countryService.getAvailableCountries();

diff --git a/backend/services/src/national-api/programme.controller.ts b/backend/services/src/national-api/programme.controller.ts
@@ -85,6 +85,7 @@ export class ProgrammeController {
     }
 
     @ApiBearerAuth()
+    @ApiBearerAuth('api_key')
     @UseGuards(ApiKeyJwtAuthGuard, PoliciesGuardEx(true, Action.Read, Programme, true))
     // @UseGuards(JwtAuthGuard, PoliciesGuardEx(true, Action.Read, User, true))
     @Post('query')
@@ -131,6 +132,7 @@ export class ProgrammeController {
     }
 
     @ApiBearerAuth()
+    @ApiBearerAuth('api_key')
     @UseGuards(TransferFreezeGuard, ApiKeyJwtAuthGuard, PoliciesGuardEx(true, Action.Update, ProgrammeTransferRequest))
     @Put('retire')
     async programmeRetire(@Body() body: ProgrammeRetire, @Request() req) {
@@ -152,34 +154,39 @@ export class ProgrammeController {
     }
 
     @ApiBearerAuth()
+    @ApiBearerAuth('api_key')
     @UseGuards(TransferFreezeGuard, ApiKeyJwtAuthGuard, PoliciesGuardEx(true, Action.Create, ProgrammeTransferRequest))
     @Post('transferRequest')
     async transferRequest(@Body() body: ProgrammeTransferRequest, @Request() req) {
         return this.programmeService.transferRequest(body, req.user)
     }
 
     @ApiBearerAuth()
+    @ApiBearerAuth('api_key')
     @UseGuards(TransferFreezeGuard, ApiKeyJwtAuthGuard, PoliciesGuardEx(true, Action.Create, ProgrammeTransferRequest))
     @Post('transferApprove')
     async transferApprove(@Body() body: ProgrammeTransferApprove, @Request() req) {
         return this.programmeService.transferApprove(body, req.user)
     }
 
     @ApiBearerAuth()
+    @ApiBearerAuth('api_key')
     @UseGuards(TransferFreezeGuard, ApiKeyJwtAuthGuard, PoliciesGuardEx(true, Action.Delete, ProgrammeTransfer))
     @Post('transferReject')
     async transferReject(@Body() body: ProgrammeTransferReject, @Request() req) {
         return this.programmeService.transferReject(body, req.user)
     }
 
     @ApiBearerAuth()
+    @ApiBearerAuth('api_key')
     @UseGuards(TransferFreezeGuard, ApiKeyJwtAuthGuard, PoliciesGuardEx(true, Action.Delete, ProgrammeTransfer))
     @Post('transferCancel')
     async transferCancel(@Body() body: ProgrammeTransferCancel, @Request() req) {
         return this.programmeService.transferCancel(body, req.user)
     }
 
     @ApiBearerAuth()
+    @ApiBearerAuth('api_key')
     @UseGuards(ApiKeyJwtAuthGuard, PoliciesGuardEx(true, Action.Read, ProgrammeTransfer, true))
     @Post('transferQuery')
     queryUser(@Body()query: QueryDto, @Request() req) {
@@ -188,6 +195,7 @@ export class ProgrammeController {
     }
 
     @ApiBearerAuth()
+    @ApiBearerAuth('api_key')
     @UseGuards(ApiKeyJwtAuthGuard, PoliciesGuardEx(true, Action.Read, ProgrammeTransfer, true))
     @Get('transfersByProgrammeId')
     transfersByProgrammeId(@Query('programmeId') programmeId: string, @Request() req) {

diff --git a/backend/services/src/shared/user/user.service.ts b/backend/services/src/shared/user/user.service.ts
@@ -538,7 +538,7 @@ export class UserService {
     }
 
     u.password = this.helperService.generateRandomPassword();
-    if (userDto.role == Role.Admin && u.companyRole == CompanyRole.API) {
+    if (userDto.role == Role.Admin) {
       u.apiKey = await this.generateApiKey(userDto.email);
     }
 

diff --git a/web/public/Assets/i18n/homepage/en.json b/web/public/Assets/i18n/homepage/en.json
@@ -22,7 +22,7 @@
     "reslist2":"Access all the codes through the Carbon Registry GitHub Space, and start tailoring the system. Online Community of Practice : Visit our online forum, where UNDP, D4C working group members, with countries and practitioners are sharing lessons learned on national digital enhanced transparency systems and carbon registries to progress toward a federated digital public infrastructure for transparency under the Paris Agreement.",
     "reslist3":"For national governments interested to learn more about the open source National Carbon Registry, Please email [email protected].",
     "footertext1":"National Carbon Registry: This is a demo. Countries may wish to add a tagline here.",
-    "antarctic":"CountryX",
+    "antarctic":"UNDP Digital Public Good National",
     "Cookie":"Cookie Policy",
     "codeconduct":"Code of Conduct",
     "terms":"Terms of Use",

diff --git a/web/src/Pages/CookiePolicy/cookiePolicy.tsx b/web/src/Pages/CookiePolicy/cookiePolicy.tsx
@@ -44,9 +44,9 @@ const CookiePolicy = () => {
             <div className="cookietitle">SAMPLE COOKIE POLICY</div>
             <div className="cookie-sub">Last updated February 02, 2023</div>
             <div className="cookie-body">
-              This Cookie Policy explains how CountryX (<b>"Company"</b>, "<b>we</b>","<b>us</b>",
-              and "<b>our</b>") uses cookies and similar technologies to recognize you when you
-              visit our websites at{' '}
+              This Cookie Policy explains how {process.env.REACT_APP_COUNTRY_NAME || 'CountryX'} (
+              <b>"Company"</b>, "<b>we</b>","<b>us</b>", and "<b>our</b>") uses cookies and similar
+              technologies to recognize you when you visit our websites at{' '}
               <a target="_blank" href="https://carbreg.org">
                 https://carbreg.org
               </a>
@@ -616,7 +616,7 @@ const CookiePolicy = () => {
               <br />
               <br />
               <br />
-              CountryX
+              {process.env.REACT_APP_COUNTRY_NAME || 'CountryX'}
               <br />
               Address
               <br />

diff --git a/web/src/Pages/PrivacyPolicy/privacyPolicy.tsx b/web/src/Pages/PrivacyPolicy/privacyPolicy.tsx
@@ -44,8 +44,9 @@ const PrivacyPolicy = () => {
             <div className="privacytitle">SAMPLE PRIVACY NOTICE</div>
             <div className="privacy-sub">Last updated February 02, 2023</div>
             <div className="privacy-body">
-              This privacy notice for CountryX (<b>"Company"</b>, <b>"we"</b>, <b>"us"</b>, and{' '}
-              <b>"our"</b>) describes how and why we might collect, store, use, and/or share ("
+              This privacy notice for {process.env.REACT_APP_COUNTRY_NAME || 'CountryX'} (
+              <b>"Company"</b>, <b>"we"</b>, <b>"us"</b>, and <b>"our"</b>) describes how and why we
+              might collect, store, use, and/or share ("
               <b>process</b>")your information when you use our services ("<b>Services</b>"), such
               as when you:
               <ul>
@@ -82,8 +83,9 @@ const PrivacyPolicy = () => {
               <p>
                 <b>What personal information do we process? </b>When you visit, use, or navigate our
                 Services, we may process personal information depending on how you interact with
-                CountryX and the Services, the choices you make, and the products and features you
-                use. Click<a href="#infocollect"> here</a> to learn more.
+                {process.env.REACT_APP_COUNTRY_NAME || 'CountryX'} and the Services, the choices you
+                make, and the products and features you use. Click<a href="#infocollect"> here</a>{' '}
+                to learn more.
               </p>
               <p>
                 <b>Do we process any sensitive personal information?</b> We do not process sensitive
@@ -132,8 +134,9 @@ const PrivacyPolicy = () => {
                 applicable data protection laws.
               </p>
               <p>
-                Want to learn more about what CountryX does with any information we collect? Click{' '}
-                <a href="#toc"> here</a> to review the notice in full.
+                Want to learn more about what {process.env.REACT_APP_COUNTRY_NAME || 'CountryX'}{' '}
+                does with any information we collect? Click <a href="#toc"> here</a> to review the
+                notice in full.
               </p>
             </div>
           </Col>
@@ -975,10 +978,10 @@ const PrivacyPolicy = () => {
                 is not considered to be "selling" of your personal information.
               </p>
               <p>
-                CountryX has not disclosed or sold any personal information to third parties for a
-                business or commercial purpose in the preceding twelve (12) months. CountryX will
-                not sell personal information in the future belonging to website visitors, users,
-                and other consumers.
+                {process.env.REACT_APP_COUNTRY_NAME || 'CountryX'} has not disclosed or sold any
+                personal information to third parties for a business or commercial purpose in the
+                preceding twelve (12) months. CountryX will not sell personal information in the
+                future belonging to website visitors, users, and other consumers.
               </p>
               <p>
                 <b>Your rights with respect to your personal data</b>
@@ -1111,7 +1114,7 @@ const PrivacyPolicy = () => {
                 Protection Officer (DPO) by email at [email protected], or by post to:
               </p>
               <p>
-                CountryX
+                {process.env.REACT_APP_COUNTRY_NAME || 'CountryX'}
                 <br />
                 1 United Nations Plaza
                 <br />
@@ -1120,10 +1123,10 @@ const PrivacyPolicy = () => {
               <p>
                 <b>
                   If you are a resident in the European Economic Area, the "data controller" of your
-                  personal information is CountryX. United Nations Development Programme has
-                  appointed DPO to be its representative in the EEA. You can contact them directly
-                  regarding the processing of your information by United Nations Development
-                  Programme, or by post to:
+                  personal information is {process.env.REACT_APP_COUNTRY_NAME || 'CountryX'}. United
+                  Nations Development Programme has appointed DPO to be its representative in the
+                  EEA. You can contact them directly regarding the processing of your information by
+                  United Nations Development Programme, or by post to:
                 </b>
               </p>
             </div>