senaduka/old-svijetlastrana
1
0
Fork 0
Code Issues Pull Requests 5 Actions Packages Projects Releases Wiki Activity

Compare commits

base: senaduka:self-register-validation
Branches Tags
senaduka:master senaduka:merge-1-6 senaduka:password-reset senaduka:ZIP-participation-enable-disable senaduka:NPI-error-message-fix senaduka:self-registration-fix senaduka:send-sms-on-self-register senaduka:send-email-on-self-register senaduka:merge-28-5 senaduka:self-register-validation senaduka:visit-reporter-policy senaduka:enforce-password-policy senaduka:ride_validation senaduka:check-zip-eligibility senaduka:verify-eligibility-API-message senaduka:eligibility-validation senaduka:zip-code-temp-branch senaduka:users-creation-fix senaduka:enforce_organization_managing_rules senaduka:sql_query_fix senaduka:enforce_organization_for_user_operations senaduka:authorization_casbin
..
compare: senaduka:verify-eligibility-API-message
Branches Tags
senaduka:merge-1-6 senaduka:master senaduka:password-reset senaduka:ZIP-participation-enable-disable senaduka:NPI-error-message-fix senaduka:self-registration-fix senaduka:send-sms-on-self-register senaduka:send-email-on-self-register senaduka:merge-28-5 senaduka:self-register-validation senaduka:visit-reporter-policy senaduka:enforce-password-policy senaduka:ride_validation senaduka:check-zip-eligibility senaduka:verify-eligibility-API-message senaduka:eligibility-validation senaduka:zip-code-temp-branch senaduka:users-creation-fix senaduka:enforce_organization_managing_rules senaduka:sql_query_fix senaduka:enforce_organization_for_user_operations senaduka:authorization_casbin

1 Commits
self-regis ... verify-eli

Author SHA1 Message Date
GotPPay
88d46b51f6 Change error messages according to instructions document 2018-05-28 10:47:18 +02:00
4 changed files with 54 additions and 140 deletions
Expand all files Collapse all files

7
server/router/routeutils/response.go
View File

@@ -39,7 +39,7 @@ func ResponseAPIErrorWithData(c echo.Context, status int, message string, redire
Error: true, Error: true,
Message: message, Message: message,
Redirect: redirect, Redirect: redirect,
Data: data, Data: data,
} }
return c.JSON(status, returnValue) return c.JSON(status, returnValue)
@@ -92,11 +92,12 @@ func ResponseAPINotFoundError(c echo.Context) error {
return ResponseAPIError(c, http.StatusNotFound, "Not Found", false) return ResponseAPIError(c, http.StatusNotFound, "Not Found", false)
} }
//ResponseAPINotEligible returns a standard API not eligible to the response //ResponseAPINotEligibleError returns a standard API not eligible to the response
func ResponseAPINotEligibleError(c echo.Context) error { func ResponseAPINotEligibleError(c echo.Context) error {
return ResponseAPIError(c, http.StatusForbidden, "Eligibility Not Found or Error", false) return ResponseAPIError(c, http.StatusForbidden, "Member does not have active insurance coverage", false)
} }
//ResponseAPINotEligibleWithMessageError returns a standard API not eligible to the response with custom message
func ResponseAPINotEligibleWithMessageError(c echo.Context, message string) error { func ResponseAPINotEligibleWithMessageError(c echo.Context, message string) error {
return ResponseAPIError(c, http.StatusForbidden, message, false) return ResponseAPIError(c, http.StatusForbidden, message, false)
} }

28
server/router/selfregisterroute/controller.go
View File

@@ -49,20 +49,44 @@ func (c *controller) handle(ctx echo.Context) error {
return routeutils.HandleAPIError(ctx, err) return routeutils.HandleAPIError(ctx, err)
} }
if user.PhoneNumber == nil || len(*user.PhoneNumber) == 0 {
return routeutils.ResponseAPIValidationError(ctx, "phonenumber is required")
}
if user.Email == nil || len(*user.Email) == 0 {
return routeutils.ResponseAPIValidationError(ctx, "email is required")
}
if len(user.Pass) == 0 {
return routeutils.ResponseAPIValidationError(ctx, "password is required")
}
pass, err := b64.StdEncoding.DecodeString(user.Pass) pass, err := b64.StdEncoding.DecodeString(user.Pass)
if err != nil { if err != nil {
return routeutils.ResponseAPIValidationError(ctx, "Invalid password") return routeutils.ResponseAPIValidationError(ctx, "Invalid password")
} }
user.Pass = string(pass) user.Pass = string(pass)
if validationErrors := validation.ValidateSelfregistration(&user); len(validationErrors) > 0 { if passwordValidationErrors := validation.ValidatePassword(&user); len(passwordValidationErrors) > 0 {
return routeutils.ResponseAPICustomValidationError(ctx, "Self registration failed", validationErrors) return routeutils.ResponseAPICustomValidationError(ctx, "Password not strong enough", passwordValidationErrors)
}
if len(user.Name) == 0 && len(user.First) == 0 && len(user.Last) == 0 {
return routeutils.ResponseAPIValidationError(ctx, "name is required")
} }
if len(user.First) != 0 && len(user.Last) != 0 { if len(user.First) != 0 && len(user.Last) != 0 {
user.Name = fmt.Sprintf("%s %s", user.First, user.Last) user.Name = fmt.Sprintf("%s %s", user.First, user.Last)
} }
if len(user.Provider.InternalID) == 0 || len(user.Provider.InternalID) > 10 {
return routeutils.ResponseAPIValidationError(ctx, "Provider NPI is invalid")
}
if len(user.Provider.OrganizatioName) == 0 {
return routeutils.ResponseAPIValidationError(ctx, "Provider Organization Name is invalid")
}
provider, err := c.svc.Provider.GetByNPI(user.Provider.InternalID, authUser) provider, err := c.svc.Provider.GetByNPI(user.Provider.InternalID, authUser)
if err != nil { if err != nil {
fmt.Println("Error to create organization", err) fmt.Println("Error to create organization", err)

48
server/router/usersroute/controller.go
View File

@@ -1,15 +1,15 @@
package usersroute package usersroute
import ( import (
"bytes"
b64 "encoding/base64" b64 "encoding/base64"
"encoding/json"
"fmt" "fmt"
"math/rand" "math/rand"
"net/http"
"strings"
"sync" "sync"
"time" "time"
"net/http"
"encoding/json"
"bytes"
"strings"
"bitbucket.org/nemt/nemt-portal-api/application/applicationservice" "bitbucket.org/nemt/nemt-portal-api/application/applicationservice"
"bitbucket.org/nemt/nemt-portal-api/application/third/eligibility/bcbsi" "bitbucket.org/nemt/nemt-portal-api/application/third/eligibility/bcbsi"
@@ -19,8 +19,8 @@ import (
"bitbucket.org/nemt/nemt-portal-api/infra/cache" "bitbucket.org/nemt/nemt-portal-api/infra/cache"
"bitbucket.org/nemt/nemt-portal-api/infra/config" "bitbucket.org/nemt/nemt-portal-api/infra/config"
"bitbucket.org/nemt/nemt-portal-api/server/authorization" "bitbucket.org/nemt/nemt-portal-api/server/authorization"
"bitbucket.org/nemt/nemt-portal-api/server/validation"
"bitbucket.org/nemt/nemt-portal-api/server/router/routeutils" "bitbucket.org/nemt/nemt-portal-api/server/router/routeutils"
"bitbucket.org/nemt/nemt-portal-api/server/validation"
"github.com/labstack/echo" "github.com/labstack/echo"
"golang.org/x/net/context" "golang.org/x/net/context"
"googlemaps.github.io/maps" "googlemaps.github.io/maps"
@@ -346,7 +346,7 @@ func (c *controller) handleMember(ctx echo.Context) error {
} }
//Validate member //Validate member
if validationErrors := validation.ValidateEligibility(&user) ; len(validationErrors) > 0 { if validationErrors := validation.ValidateEligibility(&user); len(validationErrors) > 0 {
return routeutils.ResponseAPICustomValidationError(ctx, "eligibility validation failed", validationErrors) return routeutils.ResponseAPICustomValidationError(ctx, "eligibility validation failed", validationErrors)
} }
@@ -409,44 +409,44 @@ func (c *controller) handleMember(ctx echo.Context) error {
eligibility.ServiceInfo.ServiceTypeCodes = []string{"30"} eligibility.ServiceInfo.ServiceTypeCodes = []string{"30"}
/* /*
resp, err := c.bcbsi.BXE.Get271(eligibility) resp, err := c.bcbsi.BXE.Get271(eligibility)
if err != nil { if err != nil {
fmt.Println("Eligibility Not Found or Error: ", err.Error()) fmt.Println("Eligibility Not Found or Error: ", err.Error())
return routeutils.ResponseAPINotEligibleError(ctx) return routeutils.ResponseAPINotEligibleError(ctx)
} }
*/ */
//This part is emulating eligibility check for testing purposes //This part is emulating eligibility check for testing purposes
client := &http.Client{} client := &http.Client{}
eligibilityJson, err := json.Marshal(eligibility) eligibilityJson, err := json.Marshal(eligibility)
if err != nil { if err != nil {
return routeutils.HandleAPIError(ctx, err) return routeutils.ResponseAPINotEligibleError(ctx)
} }
req, _ := http.NewRequest("POST", c.cfg.Eligibility.Url, bytes.NewBuffer(eligibilityJson)) req, _ := http.NewRequest("POST", c.cfg.Eligibility.Url, bytes.NewBuffer(eligibilityJson))
req.Header.Add("App", c.cfg.HTTP.Auth.AppKey) req.Header.Add("App", c.cfg.HTTP.Auth.AppKey)
req.Header.Add("Token", ctx.Request().Header.Get("Token")) req.Header.Add("Token", ctx.Request().Header.Get("Token"))
req.Header.Add("Content-Type", "application/json") req.Header.Add("Content-Type", "application/json")
resp, err := client.Do(req) resp, err := client.Do(req)
if err != nil { if err != nil {
return routeutils.HandleAPIError(ctx, err) return routeutils.ResponseAPINotEligibleError(ctx)
} }
defer resp.Body.Close() defer resp.Body.Close()
if resp.StatusCode < 200 || resp.StatusCode > 300 { if resp.StatusCode < 200 || resp.StatusCode > 300 {
return routeutils.ResponseAPINotEligibleWithMessageError(ctx, "Cannot check eligibility") return routeutils.ResponseAPINotEligibleError(ctx)
} }
eligibilityResponse := viewmodel.Interchange271{} eligibilityResponse := viewmodel.Interchange271{}
decoder := json.NewDecoder(resp.Body) decoder := json.NewDecoder(resp.Body)
err = decoder.Decode(&eligibilityResponse) err = decoder.Decode(&eligibilityResponse)
if err != nil { if err != nil {
return routeutils.ResponseAPINotEligibleWithMessageError(ctx, "Cannot check eligibility") return routeutils.ResponseAPINotEligibleError(ctx)
} }
//================================================================ //================================================================
if len(eligibilityResponse.Division.HealthCareEligibilityResponse.LoopHL0030) < 1 { if len(eligibilityResponse.Division.HealthCareEligibilityResponse.LoopHL0030) < 1 {
return routeutils.ResponseAPINotEligibleWithMessageError(ctx, "Cannot check eligibility") return routeutils.ResponseAPINotEligibleError(ctx)
} }
address := viewmodel.Address{} address := viewmodel.Address{}
@@ -467,17 +467,17 @@ func (c *controller) handleMember(ctx echo.Context) error {
if len(cleanZipcode) > zipcodeTrimLength { if len(cleanZipcode) > zipcodeTrimLength {
trimmedZipcode = cleanZipcode[:zipcodeTrimLength] trimmedZipcode = cleanZipcode[:zipcodeTrimLength]
} }
_, err = c.svc.Zipcodes.GetByParticipatingZipcode(trimmedZipcode) _, err = c.svc.Zipcodes.GetByParticipatingZipcode(trimmedZipcode)
if err != nil{ if err != nil {
return routeutils.ResponseAPINotEligibleWithMessageError(ctx, "Member's Home zipcode, " + trimmedZipcode + ", is not currently eligible for participation in this program") return routeutils.ResponseAPINotEligibleWithMessageError(ctx, "Member's Home zipcode, "+trimmedZipcode+", is not currently eligible for participation in this program")
} }
googleMapsAPI, err := maps.NewClient(maps.WithClientIDAndSignature("gme-bluecrossandblue1", "msqgD-jdqCyR0M_1u5C1HION5iI=")) googleMapsAPI, err := maps.NewClient(maps.WithClientIDAndSignature("gme-bluecrossandblue1", "msqgD-jdqCyR0M_1u5C1HION5iI="))
if err != nil { if err != nil {
fmt.Println("Error to instantiate googles api: ", err.Error()) fmt.Println("Error to instantiate googles api: ", err.Error())
return routeutils.HandleAPIError(ctx,err) return routeutils.HandleAPIError(ctx, err)
} }
r := &maps.GeocodingRequest{ r := &maps.GeocodingRequest{
@@ -487,7 +487,7 @@ func (c *controller) handleMember(ctx echo.Context) error {
result, err := googleMapsAPI.Geocode(context.Background(), r) result, err := googleMapsAPI.Geocode(context.Background(), r)
if err != nil { if err != nil {
fmt.Println("Error to instantiate googles api: ", err.Error()) fmt.Println("Error to instantiate googles api: ", err.Error())
return routeutils.HandleAPIError(ctx,err) return routeutils.HandleAPIError(ctx, err)
} }
if len(result) > 0 { if len(result) > 0 {
@@ -497,7 +497,7 @@ func (c *controller) handleMember(ctx echo.Context) error {
_, err := c.svc.Users.SaveAddress(address) _, err := c.svc.Users.SaveAddress(address)
if err != nil { if err != nil {
fmt.Println("Error to save address: ", err.Error()) fmt.Println("Error to save address: ", err.Error())
return routeutils.HandleAPIError(ctx,err) return routeutils.HandleAPIError(ctx, err)
} }
} }
@@ -597,7 +597,7 @@ func (c *controller) handlePortal(ctx echo.Context) error {
} }
user.Pass = string(pass) user.Pass = string(pass)
if passwordValidationErrors := validation.ValidatePassword(&user) ; len(passwordValidationErrors) > 0 { if passwordValidationErrors := validation.ValidatePassword(&user); len(passwordValidationErrors) > 0 {
return routeutils.ResponseAPICustomValidationError(ctx, "Password not strong enough", passwordValidationErrors) return routeutils.ResponseAPICustomValidationError(ctx, "Password not strong enough", passwordValidationErrors)
} }

111
server/validation/selfregister.go
View File

@@ -1,111 +0,0 @@
package validation
import (
"fmt"
"strings"
"bitbucket.org/nemt/nemt-portal-api/application/viewmodel"
"bitbucket.org/nemt/nemt-portal-api/infra/errors"
)
const (
minimumPasswordLength = 8
)
func validateSelfregistrationPassword(user *viewmodel.User, result *[]errors.ValidationError) {
if len(user.Pass) < minimumPasswordLength {
*result = append(*result, errors.ValidationError{Field: "password", Message: fmt.Sprint("Password must be at least ", minimumPasswordLength, " characters.")})
}
if strings.Contains(user.Pass, user.First) {
*result = append(*result, errors.ValidationError{Field: "password", Message: "Password cannot include your First Name."})
}
if strings.Contains(user.Pass, user.Last) {
*result = append(*result, errors.ValidationError{Field: "password", Message: "Password cannot include your Last Name."})
}
containsUpperCaseLetter := false
containsLowerCaseLetter := false
containsNumber := false
for _, character := range user.Pass {
containsUpperCaseLetter = containsUpperCaseLetter || characterIsUpperCase(character)
containsLowerCaseLetter = containsLowerCaseLetter || characterIsLowerCase(character)
containsNumber = containsNumber || characterIsNumber(character)
}
if !containsUpperCaseLetter || !containsLowerCaseLetter || !containsNumber {
*result = append(*result, errors.ValidationError{Field: "password", Message: "Password must contain one of EACH :"})
*result = append(*result, errors.ValidationError{Field: "password-tab", Message: "an uppercase letter"})
*result = append(*result, errors.ValidationError{Field: "password-tab", Message: "a lowercase letter"})
*result = append(*result, errors.ValidationError{Field: "password-tab", Message: "a number"})
}
}
func ValidateSelfregistration(user *viewmodel.User) []errors.ValidationError {
var result []errors.ValidationError
//Provider Organization Name validation
if len(user.Provider.OrganizatioName) < 1 {
result = append(result, errors.ValidationError{Field: "provider.org_name", Message: "Provider Organization Name is required"})
}
//Provider NPI validation
if len(user.Provider.InternalID) != 10 || !isNumeric(user.Provider.InternalID) {
result = append(result, errors.ValidationError{Field: "provider.internal_id", Message: "Provider NPI must be 10 digit number"})
}
//First name validation
if len(user.First) < 1 {
result = append(result, errors.ValidationError{Field: "first", Message: "First Name is required"})
}
if !isAlphabetic(user.First) {
result = append(result, errors.ValidationError{Field: "first", Message: "First Name contains non-alphabetic characters"})
}
if len(user.First) > firstNameMaxLength {
result = append(result, errors.ValidationError{Field: "first", Message: "First Name is too long"})
}
//Last name validation
if len(user.Last) < 1 {
result = append(result, errors.ValidationError{Field: "last", Message: "Last Name is required"})
}
if !isAlphabetic(user.Last) {
result = append(result, errors.ValidationError{Field: "last", Message: "Last Name contains non-alphabetic characters"})
}
if len(user.Last) > lastNameMaxLength {
result = append(result, errors.ValidationError{Field: "last", Message: "Last Name is too long"})
}
//Email validation
if user.Email != nil {
if len(*user.Email) < 1 {
result = append(result, errors.ValidationError{Field: "email", Message: "Email is required"})
}
if !isEmailValid(*user.Email) {
result = append(result, errors.ValidationError{Field: "email", Message: "Email is invalid"})
}
if len(*user.Email) > emailMaxLength {
result = append(result, errors.ValidationError{Field: "email", Message: "Email is too long"})
}
} else {
result = append(result, errors.ValidationError{Field: "email", Message: "Email is required"})
}
//Mobile validation
if (user.PhoneNumber == nil) || len(*user.PhoneNumber) < 1 {
result = append(result, errors.ValidationError{Field: "phonenumber", Message: "Phone number is required"})
}
//Password validation
validateSelfregistrationPassword(user, &result)
return result
}