Merge branch 'master' into ip/1465-update-handling-metadata

.github/workflows/require_be_approval.yml

@@ -10,13 +10,24 @@ jobs:
     permissions: write-all
     runs-on: ubuntu-latest
     steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+
       - name: Draft Pull Request Check
         if: github.event.pull_request.draft == true
         run: exit 1
 
-      - name: Check for Ready for Review label
-        if: "!contains(github.event.pull_request.labels.*.name, 'require-backend-approval')"
-        run: exit 0
+      - name: Check for 'require-backend-approval' label
+        run: |
+          LABELS=$(gh pr view ${{ github.event.pull_request.number }} --json labels --jq '.labels[].name')
+          echo "Labels on PR: $LABELS"
+
+          if ! echo "$LABELS" | grep -q "require-backend-approval"; then
+            echo "Label 'require-backend-approval' not found. Exiting successfully."
+            exit 0
+          fi
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Configure AWS Credentials
         uses: aws-actions/[email protected]

Dangerfile

@@ -186,8 +186,10 @@ module VSPDanger
     def run
       required_group = '@department-of-veterans-affairs/backend-review-group'
       exception_groups = %w[@department-of-veterans-affairs/octo-identity
-                            @department-of-veterans-affairs/lighthouse-dash @department-of-veterans-affairs/lighthouse-pivot
-                            @department-of-veterans-affairs/lighthouse-banana-peels]
+                            @department-of-veterans-affairs/lighthouse-dash
+                            @department-of-veterans-affairs/lighthouse-pivot
+                            @department-of-veterans-affairs/lighthouse-banana-peels
+                            @department-of-veterans-affairs/accredited-representatives-admin]
 
       diff = fetch_git_diff
 

Gemfile.lock

@@ -589,8 +589,8 @@ GEM
     i18n (1.14.7)
       concurrent-ruby (~> 1.0)
     ice_nine (0.11.2)
-    image_processing (1.13.0)
-      mini_magick (>= 4.9.5, < 5)
+    image_processing (1.14.0)
+      mini_magick (>= 4.9.5, < 6)
       ruby-vips (>= 2.0.17, < 3)
     io-console (0.8.0)
     io-console (0.8.0-java)
@@ -668,7 +668,9 @@ GEM
     mimemagic (0.4.3)
       nokogiri (~> 1)
       rake
-    mini_magick (4.13.2)
+    mini_magick (5.1.2)
+      benchmark
+      logger
     mini_mime (1.1.5)
     mini_portile2 (2.8.8)
     minitest (5.25.4)
@@ -700,14 +702,14 @@ GEM
     nio4r (2.7.4-java)
     nkf (0.2.0)
     nkf (0.2.0-java)
-    nokogiri (1.18.2)
+    nokogiri (1.18.3)
       mini_portile2 (~> 2.8.2)
       racc (~> 1.4)
-    nokogiri (1.18.2-aarch64-linux-gnu)
+    nokogiri (1.18.3-aarch64-linux-gnu)
       racc (~> 1.4)
-    nokogiri (1.18.2-java)
+    nokogiri (1.18.3-java)
       racc (~> 1.4)
-    nokogiri (1.18.2-x86_64-linux-gnu)
+    nokogiri (1.18.3-x86_64-linux-gnu)
       racc (~> 1.4)
     nori (2.7.1)
       bigdecimal
@@ -729,7 +731,7 @@ GEM
     oj (3.16.9)
       bigdecimal (>= 3.0)
       ostruct (>= 0.2)
-    okcomputer (1.18.6)
+    okcomputer (1.19.0)
     olive_branch (4.0.1)
       multi_json
       rails (>= 4.0)

app/controllers/application_controller.rb

@@ -10,14 +10,15 @@ class ApplicationController < ActionController::API
   include Headers
   include Instrumentation
   include Pundit::Authorization
+  include ControllerLoggingContext
   include SentryLogging
   include SentryControllerLogging
   include Traceable
 
   protect_from_forgery with: :exception, if: -> { ActionController::Base.allow_forgery_protection }
   after_action :set_csrf_header, if: -> { ActionController::Base.allow_forgery_protection }
 
-  # also see AuthenticationAndSSOConcerns, Headers, and SentryControllerLogging
+  # also see AuthenticationAndSSOConcerns, Headers, ControllerLoggingContext, and SentryControllerLogging
   # for more before filters
   skip_before_action :authenticate, only: %i[cors_preflight routing_error]
   skip_before_action :verify_authenticity_token, only: :routing_error

app/controllers/concerns/controller_logging_context.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+module ControllerLoggingContext
+  extend ActiveSupport::Concern
+  included { before_action :set_context }
+
+  private
+
+  def set_context
+    RequestStore.store['request_id'] = request.uuid
+    RequestStore.store['additional_request_attributes'] = {
+      'remote_ip' => request.remote_ip,
+      'user_agent' => request.user_agent,
+      'user_uuid' => current_user&.uuid,
+      'source' => request.headers['Source-App-Name']
+    }
+  end
+end

app/controllers/concerns/sentry_controller_logging.rb

@@ -3,18 +3,11 @@
 module SentryControllerLogging
   extend ActiveSupport::Concern
 
-  included { before_action :set_tags_and_extra_context }
+  included { before_action :set_sentry_tags_and_extra_context }
 
   private
 
-  def set_tags_and_extra_context
-    RequestStore.store['request_id'] = request.uuid
-    RequestStore.store['additional_request_attributes'] = {
-      'remote_ip' => request.remote_ip,
-      'user_agent' => request.user_agent,
-      'user_uuid' => current_user&.uuid,
-      'source' => request.headers['Source-App-Name']
-    }
+  def set_sentry_tags_and_extra_context
     Sentry.set_extras(request_uuid: request.uuid)
     Sentry.set_user(user_context) if current_user
     Sentry.set_tags(tags_context)

app/controllers/sign_in/application_controller.rb

@@ -8,6 +8,7 @@ class ApplicationController < ActionController::API
     include ActionController::Cookies
     include ExceptionHandling
     include Headers
+    include ControllerLoggingContext
     include SentryLogging
     include SentryControllerLogging
     include Traceable

app/controllers/sign_in/service_account_application_controller.rb

@@ -7,6 +7,7 @@ class ServiceAccountApplicationController < ActionController::API
     include Pundit::Authorization
     include ExceptionHandling
     include Headers
+    include ControllerLoggingContext
     include SentryLogging
     include SentryControllerLogging
     include Traceable

app/controllers/v0/education_benefits_claims_controller.rb

@@ -28,6 +28,26 @@ def stem_claim_status
       render json: EducationStemClaimStatusSerializer.new(current_applications)
     end
 
+    def download_pdf
+      saved_claim = SavedClaim::EducationBenefits.find(params[:id].to_i)
+
+      source_file_path = PdfFill::Filler.fill_form(
+        saved_claim,
+        SecureRandom.uuid,
+        sign: false
+      )
+
+      client_file_name = "education_benefits_claim_#{saved_claim.id}.pdf"
+      file_contents = File.read(source_file_path)
+
+      send_data file_contents,
+                filename: client_file_name,
+                type: 'application/pdf',
+                disposition: 'attachment'
+    ensure
+      File.delete(source_file_path) if source_file_path && File.exist?(source_file_path)
+    end
+
     private
 
     def form_type