SIMSBIOHUB-494: Secure data validation with Survey ID

[curtisupshall]

Links to Jira Tickets

• SIMSBIOHUB-494

Description of Changes

• Added projectId or surveyId as a required parameter for functions that get or modify project- or survey-adjacent data, e.g. observations, sampling sites, project participants etc.
  • Modified several SQL queries to facilitate this.
  • Added ancillary service/repo methods to facilitate this, when needed.
• Replaced references to req.body.surveyId with req.params.surveyId.
• Noted outstanding technical debt with some @TODO comments.
• Minor tech debt changes:
  • Renamed functions found in utils/pagination.
  • Renamed service and repo methods associated with deleting project and survey attachments.
  • Refactored endpoint logic for modifying participants on surveys and projects, as well as some service/repo method renaming.
  • Cleaned up endpoints associated with survey critters.
  • Refactored code related to getting observation counts for surveys and sampling sites.
  • Replaced all instances of return await with return.

Testing Notes

Because this PR touches more than 35 endpoints, thorough testing of all features in the app should be peformed.

[github-actions]

Openshift URLs for the PR Deployment:

• App Route: https://biohubbc-app-1226-af2668-dev.apps.silver.devops.gov.bc.ca/
• Api Route: https://biohubbc-api-1226-af2668-dev.apps.silver.devops.gov.bc.ca/
• Pods: https://console.apps.silver.devops.gov.bc.ca/k8s/ns/af2668-dev/pods?name=1226

[codecov-commenter]

Codecov Report

Attention: Patch coverage is 70.37037% with 48 lines in your changes are missing coverage. Please review.

Project coverage is 55.12%. Comparing base (7e103a2) to head (1638f97).

Files	Patch %	Lines
api/src/repositories/observation-repository.ts	16.66%	9 Missing and 1 partial ⚠️
...eMethodId}/sample-period/{surveySamplePeriodId}.ts	0.00%	5 Missing ⚠️
api/src/services/observation-service.ts	0.00%	5 Missing ⚠️
...thod/{surveySampleMethodId}/sample-period/index.ts	0.00%	4 Missing ⚠️
api/src/repositories/attachment-repository.ts	0.00%	2 Missing and 2 partials ⚠️
api/src/services/sample-period-service.ts	72.72%	1 Missing and 2 partials ⚠️
...rojectId}/participants/{projectParticipationId}.ts	85.71%	0 Missing and 2 partials ⚠️
...veyId}/observations/{surveyObservationId}/index.ts	0.00%	2 Missing ⚠️
...e-site/{surveySampleSiteId}/sample-method/index.ts	81.81%	1 Missing and 1 partial ⚠️
api/src/repositories/sample-location-repository.ts	60.00%	1 Missing and 1 partial ⚠️
... and 7 more

Additional details and impacted files

@@           Coverage Diff           @@
##              dev    #1226   +/-   ##
=======================================
  Coverage   55.12%   55.12%           
=======================================
  Files         603      603           
  Lines       18272    18292   +20     
  Branches     2810     2817    +7     
=======================================
+ Hits        10072    10084   +12     
- Misses       7538     7541    +3     
- Partials      662      667    +5     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[github-actions]

Openshift URLs for the PR Deployment:

• App Route: https://biohubbc-app-1226-af2668-dev.apps.silver.devops.gov.bc.ca/
• Api Route: https://biohubbc-api-1226-af2668-dev.apps.silver.devops.gov.bc.ca/
• Pods: https://console.apps.silver.devops.gov.bc.ca/k8s/ns/af2668-dev/pods?name=1226

[NickPhura]

Just did a static read through since Jer was doing a thorough testing already.

Looks great, I like the extra cleanup around some of the function names and variables as well.

[jeznorth]

Tested locally. No issues

[sonarqubecloud]

Quality Gate failed

Failed conditions
C Reliability Rating on New Code (required ≥ A)

See analysis details on SonarCloud

Catch issues before they fail your Quality Gate with our IDE extension SonarLint

[NickPhura]

🔐