PLT-6763 FE: Auditors sign certificates

[amnambiar]

https://input-output.atlassian.net/browse/PLT-6763

Across BE task - PLT-6367 / PR #74 (merged into master)

BE Revised fixes - feat/l1-certificate PR #90

@coderabbitai:ignore

Summary by CodeRabbit

• New Feature: Introduced CertificationForm component for dynamic certification form handling.
• New Feature: Added CertificationMetadata component to submit and manage certification metadata.
• New Feature: Integrated CertificationMetadata into CreateCertificate component, allowing users to review and submit certification metadata.
• Refactor: Updated ReportUpload component to use the new CertificationForm component, improving code modularity and maintainability.
• Refactor: Enhanced CreateCertificate component with improved state management and error handling.
• Style: Adjusted CSS styles across various components for better UI consistency.

@coderabbitai: ignore

[coderabbitai]

Walkthrough

This pull request introduces a new certification form component with dynamic field handling, and integrates it into the existing CreateCertificate and ReportUpload components. It also adds a metadata modal to the CreateCertificate component and refactors various parts of the code for better readability and maintainability.

Changes

File(s)	Summary
src/components/CertificationForm/... src/pages/certification/components/certificationMetadata/...	Introduced a new CertificationForm component and a CertificationMetadata component for handling certification data.
src/components/CreateCertificate/... src/pages/auditing/reportUpload/...	Refactored the CreateCertificate and ReportUpload components to use the new CertificationForm. Added a metadata modal to the CreateCertificate component.
src/components/DAPPScript/...	Updated the DAPPScript component to render dynamic inputs based on a configuration prop.
src/components/Modal/Modal.tsx	Enhanced the Modal component with additional props for more customization.
Various .scss files	Made several CSS changes to accommodate the new components and enhance the user interface.

"In the land of code, where logic is king, 🤴👑

A rabbit hopped in, with new features to bring. 🐇💼

With forms that grow, and modals that show, 📝🎭

The user's journey, now has a better flow!" 🚀🌈

---

Tips

Chat with CodeRabbit Bot (@coderabbitai)

• Mention @coderabbitai in any review comment for bot assistance.
• Note: Review comments are made on code diffs or files, not on the PR overview.

Pause Incremental Reviews

• Insert @coderabbitai: ignore in the PR description to halt the bot's ongoing reviews. Remove the line to resume.

[coderabbitai]

Review Status

Actionable comments generated: 9

Commits

Files that changed from the base of the PR and between daab359 and 440aaab commits.

Files selected for processing (15)

• src/components/CertificationForm/CertificationForm.tsx (1 hunks)
• src/components/CreateCertificate/CreateCertificate.scss (1 hunks)
• src/components/CreateCertificate/CreateCertificate.tsx (4 hunks)
• src/components/DAPPScript/DAPPScript.scss (1 hunks)
• src/components/DAPPScript/DAPPScript.tsx (1 hunks)
• src/components/Modal/Modal.tsx (1 hunks)
• src/components/TextArea/TextArea.scss (1 hunks)
• src/pages/auditing/reportUpload/ReportUpload.scss (1 hunks)
• src/pages/auditing/reportUpload/ReportUpload.tsx (4 hunks)
• src/pages/auditing/reportUpload/config.ts (1 hunks)
• src/pages/certification/components/certificationMetadata/CertificationMetadata.scss (1 hunks)
• src/pages/certification/components/certificationMetadata/CertificationMetadata.tsx (1 hunks)
• src/pages/certification/components/certificationMetadata/certificationMetadata.interface.tsx (1 hunks)
• src/pages/certification/components/certificationMetadata/certificationMetadata.schema.tsx (1 hunks)
• src/pages/certification/components/certificationMetadata/config.ts (1 hunks)

Files skipped from review due to trivial changes (10)

• src/components/CreateCertificate/CreateCertificate.scss
• src/components/DAPPScript/DAPPScript.scss
• src/components/TextArea/TextArea.scss
• src/pages/auditing/reportUpload/ReportUpload.scss
• src/pages/auditing/reportUpload/ReportUpload.tsx
• src/pages/auditing/reportUpload/config.ts
• src/pages/certification/components/certificationMetadata/CertificationMetadata.scss
• src/pages/certification/components/certificationMetadata/certificationMetadata.interface.tsx
• src/pages/certification/components/certificationMetadata/certificationMetadata.schema.tsx
• src/pages/certification/components/certificationMetadata/config.ts

Additional comments (Suppressed): 9

src/components/Modal/Modal.tsx (2)

• 49-55: The addition of optional props className, fullWidth, and fullScreen to the Dialog component enhances its customization. Ensure that these new props are used correctly throughout the codebase.

• 56-57: No issues found, the title rendering remains unchanged.

src/components/DAPPScript/DAPPScript.tsx (4)

• 17-19: The DAPPScriptProps interface has been extended to include fieldArrayName and config. Ensure that all instances where the DAPPScript component is used have been updated to pass these new props.

• 21-72: The changes in this hunk are a significant improvement over the previous implementation. The use of config.scriptFields and config.smartContractInfo to dynamically generate form fields makes the component more flexible and easier to maintain. This approach adheres to the DRY (Don't Repeat Yourself) principle, reducing redundancy in the code.

• 60-68: The register function from react-hook-form is being spread into the Input component props. This is a good practice as it allows the form to automatically track the value of the input field and handle form submission.

• 36-43: The "Remove Script" button now only appears when there is more than one script in the form. This is a sensible change as it prevents users from removing the last remaining script, which could lead to an empty form state.

src/pages/certification/components/certificationMetadata/CertificationMetadata.tsx (1)

• 20-23: The uuid prop is defaulted to an empty string. If the uuid is not provided, it could lead to unexpected behavior when used in the fetchData.post call on line 94. Ensure that the uuid is always provided or handle the case where it might be undefined.

src/components/CreateCertificate/CreateCertificate.tsx (1)

• 114-120: The fetchRunDetails function is called after a timeout of 1000ms. However, this function is not defined within the provided code context. Please ensure that this function is properly defined and handles potential errors.

src/components/CertificationForm/CertificationForm.tsx (1)

• 192-197: Ensure that the onSubmit function passed to the Form component

[coderabbitai]

Review Status

Actionable comments generated: 9

Commits

Files that changed from the base of the PR and between 440aaab and 20e0eb0 commits.

Files selected for processing (3)

• src/components/CertificationForm/CertificationForm.tsx (1 hunks)
• src/components/CreateCertificate/CreateCertificate.tsx (4 hunks)
• src/pages/certification/components/certificationMetadata/CertificationMetadata.tsx (1 hunks)

Additional comments (Suppressed): 2

src/pages/certification/components/certificationMetadata/CertificationMetadata.tsx (1)

• 20-23: The uuid prop is defaulted to an empty string. However, it's used in the API call at line 93. If uuid is not provided, the API endpoint will be incorrect and likely cause a failure. Ensure that uuid is always provided when using this component or handle the case where it might not be.

src/components/CreateCertificate/CreateCertificate.tsx (1)

• 162-193: This part of the code has become quite complex due to conditional rendering. Consider breaking down the JSX into smaller, more manageable components or functions for better readability and maintainability.

- {subscribedFeatures?.indexOf("l2-upload-report") === -1 ? <>
-     {certified || disableCertify ? null : (<Button
-         displayStyle="gradient"
-         onClick={() => triggerGetCertificate()}
-         buttonLabel={"Purchase a Certificate" + (certificationPrice ? " (" + (certificationPrice / 1000000).toString() + " ADA)" : "")}
-         showLoader={certifying}
-     />)}
-     {transactionId ? (
-         <Modal open={openModal} title="Certification Successful" onCloseModal={onCloseModal}>
-             <span>
-                 View your certification broadcasted on-chain&nbsp;
-                 <a target="_blank" rel="noreferrer" href={`https://preprod.cardanoscan.io/transaction/${transactionId}`}>here</a>!
-             </span>
-         </Modal>
-     ) : null}
- </> : <>
-     <Button
-         displayStyle="gradient"
-         onClick={() => setMetadataModalStatus(true)}
-         buttonLabel={"Review Certification Metadata"}
-         showLoader={certifying}
-     />
-     <Modal
-         open={openMetadataModal}
-         title="Certification Metadata"
-         className="certification-metadata"
-         onCloseModal={()=> {}}
-         fullWidth
-     >
-         <CertificationMetadata uuid={uuid} onCloseForm={onCloseMetadataForm}/>
-     </Modal>
- </>}
+ const PurchaseButton = () => {
+     if (certified || disableCertify) return null;
+     return (
+         <Button
+             displayStyle="gradient"
+             onClick={() => triggerGet


</blockquote></details></blockquote></details>



</details>

[coderabbitai]

Review Status

Actionable comments generated: 2

Commits

Files that changed from the base of the PR and between 20e0eb0 and 62c5b34 commits.

Files selected for processing (1)

• src/components/CreateCertificate/CreateCertificate.tsx (4 hunks)

Additional comments (Suppressed): 1

src/components/CreateCertificate/CreateCertificate.tsx (1)

• 43-57: The new state variable openMetadataModal is introduced to handle the opening and closing of a metadata modal. This is a good practice as it allows for better control over the modal's visibility in the component. However, ensure that all instances where this modal should be closed are correctly setting this state to false.

[coderabbitai]

Review Status

Actionable comments generated: 5

Commits

Files that changed from the base of the PR and between 62c5b34 and 8910510 commits.

Files selected for processing (2)

• src/components/CreateCertificate/CreateCertificate.tsx (4 hunks)
• src/pages/certification/components/certificationMetadata/CertificationMetadata.tsx (1 hunks)

Additional comments (Suppressed): 4

src/pages/certification/components/certificationMetadata/CertificationMetadata.tsx (1)

• 20-23: The uuid prop is defaulted to an empty string. However, it's used in the API call at line 92. If uuid is not provided, the API call will likely fail. Ensure that a valid uuid is always passed as a prop.

src/components/CreateCertificate/CreateCertificate.tsx (3)

• 43-57: The new state variable openMetadataModal has been introduced to handle the display of a metadata modal. Ensure that this state variable is being updated correctly throughout the component and that it is being reset when necessary.

• 119-125: Ensure that the recursive call to fetchRunDetails() does not lead to an infinite loop in case of repeated failures. Consider adding a retry limit or delay increment.

• 157-218: The conditional rendering based on subscribedFeatures is a good practice for feature flagging. However, ensure that the indexOf check is robust against potential changes in the subscribedFeatures array structure or content.

[bogdan-manole]

After I bought the subscription, I had to refresh several times to see the Auditing menu

[bogdan-manole]

Validation error in the case of valid value

[bogdan-manole]

I wasn't able to submit it even if the form didn't show any validation error or unfilled mandatory field

Screen.Recording.2023-09-08.at.14.17.01.mov

[bogdan-manole]

Subject inpute accepts in the field invalid format

Please consult the Swagger api data model specification

[amnambiar]

@bogdan-manole

After I bought the subscription, I had to refresh several times to see the Auditing menu

Already resolved with a temporary hack (since in revamp the handling of subscriptions will be moved to before entering the pages) in PR#10 PLT-7439 - Fix for Blank page in the tool at times

Validation error in the case of valid value

:) See it isn't a valid value. A valid http(s):// URL must have .json or .pdf.

I wasn't able to submit it even if the form didn't show any validation error or unfilled mandatory field

Thought is was resolved, checking it, will resolve. Issue - Script Hash not showing validation errors

Subject inpute accepts in the field invalid format

Per PLT-4386 - Subject [1-64 chars], and also discussion with @RSoulatIOHK (missed to pass the info to you 🙏 )

[bogdan-manole]

:) See it isn't a valid value. A valid http(s):// URL must have .json or .pdf.

an URL could be a PDF without being specified as so. Please follow the Regex pattern specified by the Swagger for that field or let's agree on changing in the BE, anyway both FE and BE should follow the same validation pattern

[RSoulatIOHK]

Level 0 certification

I don't get L0 audit when submitting and auditor report for L0 audit
{"1304":{"metadata":[["ipfs://bafkreiaerryd4ou6edxrygimjxzgtv4wyjmlhcqqtg47cosz5oygzdnf","le"]],"rootHash":"64346f7e71cdc0b790c3992114f3ab3b15dddb7e4b5ffc10269a06fbb5484828","schemaVersion":1,"subject":"test","type":{"action":"CERTIFY","certificateIssuer":"test","certificationLevel":"l2"}}}

Instead I should get:
{"1304":{"metadata":[["ipfs://bafkreiaerryd4ou6edxrygimjxzgtv4wyjmlhcqqtg47cosz5oygzdnf","le"]],"rootHash":"64346f7e71cdc0b790c3992114f3ab3b15dddb7e4b5ffc10269a06fbb5484828","schemaVersion":1,"subject":"test","type":{"action":"**AUDIT**","certificateIssuer":"test","certificationLevel":**0**}}}

Note: certificationLevel should be an int with just the certification level and not a str.

Level 1 certification

I get "Undefined" in on/off chain metadata

Level 2 certification

Everything looks OK. Just the need for BE to change certificationLevel which should be an int with just the certification level and not a str.

[RSoulatIOHK]

In DAPP Script (which should be DApp script I think from IOG standard), there is no display when a regex fails.

But you can't submit the report so the check is actually done. I found that repository URL needs to be a valid URL and Script Hash needs to be a valid Hash.

Contract address seems to have no check.

Don't force the "@" for twitter handle. I know I'm the one that added it a long time ago. Don't blame me plz :'(

To Sum up

• Change DAPP to DApp
• Display when a regex fails for DApp Scripts (Repository URL and Script hash look missing)
• Check that Contract address is a valid address
• Remove the needs for an "@" in the twitter handle.

[RSoulatIOHK]

Just a few more light changes.

[amnambiar]

@bogdan-manole

#8 (comment)

Can you fix the validation in BE. The regex used in FE is /^(https?:\/\/)?(www\.)?[-a-zA-Z0-9@:%._\+~#=]{1,255}\.[a-z]{2,6}(\b([-a-zA-Z0-9@:%_\+.~#()?&\/\/=]*))?\.(?:jpg|jpeg|png|gif|bmp|svg|webp|tiff|tif)$/

Website URL regex pattern

/^(https?://)?(www.)?[-a-zA-Z0-9@:%.+~#=]{1,255}.[a-z]{2,6}(\b([-a-zA-Z0-9@:%+.~#()?&//=]*))?$/

@RSoulatIOHK ,

Check that Contract address is a valid address

Contact Address under DApp Script will be validated across pattern ^(addr_test1|addr1)[a-zA-Z0-9]{53,}$; and will be non-mandatory

Display when a regex fails for DApp Scripts (Repository URL and Script hash look missing)

Able to see errors now with a minor fix, unable to reproduce the scenario when the errors weren't visible. Can you recheck

review-cert-metadata.mp4

Note -

• Received undefined in off-chain and on-chain downloaded JSONs - because the APIs returned 204 No Content and FE didn't handle it properly. I'm on it, will verify once the API service is up and running, and comment
• BE is pointed towards https://dapps-certification-web.scdev.aws.iohkdev.io/ now, and not excuse.ro ( it has latest profile/subscription API updates for the moment)

[amnambiar]

@RSoulatIOHK ,

Received undefined in off-chain and on-chain downloaded JSONs -
because the APIs returned 204 No Content and FE didn't handle it properly. I'm on it, will verify once the API service is up and running, and comment

Resolved this issue - at least by handling the response, and throwing an error to retry (instead of downloading invalid JSONs)

PR is ready for re-review

[RSoulatIOHK]

I'll pull it this morning for test. Which BE version should I be using?

[RSoulatIOHK]

On a failed testing, we should not be able to review Certification metadata because we should not issue any.

However we should be able to view the full html report, we currently only view the failed unit tests:

vs

@amnambiar, @EehMauro Do you want me to move those to Issues so we can revisit that after the revamp?

[RSoulatIOHK]

I don't know if the online deployment is the right BE but I can't get "L1" metadata. I get "Something went wrong message"

Also, when you get this message, you can never retry as it says " Forbidden - Certification already started". This should fix.

I can also get this as an issue to revisit after revamp

[amnambiar]

@RSoulatIOHK ,

"Something went wrong message"

Due to 204 no content in POST api. Must be because the BE API is not the right one. Neither of the deployments excuse.ro nor aws has the right branch for this. Bogdan needs to confirm the branch that this needs to be verified across.

On a failed testing, we should not be able to review Certification metadata because we should not issue any.

Is it OK to ensure this in revamp?

After something went wrong message, you can never retry as it says " Forbidden - Certification already started". This should fix.

Need some clarifications over the workflow, will address in revamp once that is clear

However we should be able to view the full html report, we currently only view the failed unit tests:

Will handle in revamp, as this will be a tabular view

[bogdan-manole]

The report upload schema is not in accordance with the latest BE AutditorInput expected schema. @RSoulatIOHK @amnambiar for any changes in BE please comment in order to make the changes.
I will write down what BE expects for the moment and what is different in FE :

• certificationLevel is expected to be a number now, not a string. I'm looking in the reportUpload.schema.tsx, is the transformation to the number made later?
• summary is not required on the BE
• same for disclaimer
• subject matches ^[A-Za-z0-9_]{1,64}$ ( I know it fits the current one, but let's keep the same regex on both sides.
• discord is different on BE (^.{3,32}#[0-9]{4}$) but I guess that's where the modification should be changed, not in the FE
• the reportUrl is different and has a pdf or txt mandatory suffix, though, a valid pdf URL could not necessarily include the pdf/txt extension. Should we enforce this on BE as well?
• repository in CIP has no validation pattern, in FE has /^(?:https?:\/\/)?(?:www\.)?github\.com\/[\w-]+\/[\w.-]+$/. @RSoulatIOHK what solution should we choose:
  • we can keep it as it is in both places
  • we can remove the validation in FE
  • we can add the validation in the BE

UPDATE 1: I verified certificationLevel it's transmitted as number, it's ok

UPDATE 2:

• social.website, social.github, social.link gets the same value from the website form field
• the social.link does not exist in CIP or BE
• social.github on the backend is just the account name with pattern ^(?=.{1,39}$)[a-zA-Z0-9]+(-[a-zA-Z0-9]+)*$
  UPDATE 3:
• social.discord is not sent into the request

[bogdan-manole]

Optional fields are sent as empty strings instead of null/key-missing. (Eg. twitter, github, logo etc)

[RSoulatIOHK]

summary is not required on the BE

It should be, sorry for missing that

same for disclaimer

Same, it should be.

subject matches ^[A-Za-z0-9_]{1,64}$ ( I know it fits the current one, but let's keep the same regex on both sides.

Agreed

discord is different on BE (^.{3,32}#[0-9]{4}$) but I guess that's where the modification should be changed, not in the FE

I don't have a strong opinion but let's take the one from CIP-0096.

the reportUrl is different and has a pdf or txt mandatory suffix, though, a valid pdf URL could not necessarily include the pdf/txt extension. Should we enforce this on BE as well?

Good point, no then. Let's have the most open solution in place and remove the pdf/txt mandatory suffixes and maybe the report could be a json file as well so let's not complicate at the moment.

repository in CIP has no validation pattern, in FE has /^(?:https?://)?(?:www.)?github.com/[\w-]+/[\w.-]+$/.

Yes but we have one that is imposed by our tool only being able to verify github repos at the moment.

[RSoulatIOHK]

• social.website, social.github, social.link gets the same value from the website form field

To fix then.

• the social.link does not exist in CIP or BE

Good catch, it got removed.

[amnambiar]

subject matches ^[A-Za-z0-9_]{1,64}$ ( I know it fits the current one, but let's keep the same regex on both sides.

Updated the FE validation to be .required(...).max(64, ...).matches(/^[A-Za-z0-9_]+$/, .... just to ensure the form errors are thrown properly

Other fixes done -

• remove mandatory json/pdf extension checks at the reportUrl
• update social.github pattern to ^(?=.{1,39}$)[a-zA-Z0-9]+(-[a-zA-Z0-9]+)*$ rather than url
• social has properties - twitter, github, contact*, website*, discord ; fixed value mapping in these fields
• ensure optional fields not sent as empty-strings in payload; they are either null or not existing
• Github - field was missing in Auditor Report Upload, added it there.

Cc: @bogdan-manole @RSoulatIOHK

[amnambiar]

Created https://input-output.atlassian.net/browse/PLT-7608 to ensure/handle fixes in revamp

[bogdan-manole]

lgtm

[RSoulatIOHK]

Looks good