feat: add sandbox configuration update API

- Add PATCH /configurations/sandbox endpoint for updating sandbox audit configurations
- Implement updateSandboxConfig method in ConfigurationController with admin access control

Author: Kanishka

package-lock.json

@@ -73,7 +73,7 @@
     "@adobe/helix-universal-logger": "3.0.27",
     "@adobe/spacecat-shared-athena-client": "1.3.0",
     "@adobe/spacecat-shared-brand-client": "1.1.20",
-    "@adobe/spacecat-shared-data-access": "2.58.0",
+    "@adobe/spacecat-shared-data-access": "https://gitpkg.now.sh/adobe/spacecat-shared/packages/spacecat-shared-data-access?feature/site-sandbox-configuration",
     "@adobe/spacecat-shared-gpt-client": "1.5.21",
     "@adobe/spacecat-shared-http-utils": "1.16.0",
     "@adobe/spacecat-shared-ims-client": "1.8.8",

package.json

@@ -88,10 +88,49 @@ function ConfigurationController(ctx) {
     return ok(ConfigurationDto.toJSON(configuration));
   };
 
+  /**
+   * Updates sandbox configuration for audit types.
+   * @param {UniversalContext} context - Context of the request.
+   * @return {Promise<Response>} Update result response.
+   */
+  const updateSandboxConfig = async (context) => {
+    if (!accessControlUtil.hasAdminAccess()) {
+      return forbidden('Only admins can update sandbox configurations');
+    }
+
+    const { sandboxConfigs } = context.data || {};
+
+    if (!sandboxConfigs || typeof sandboxConfigs !== 'object') {
+      return badRequest('sandboxConfigs object is required');
+    }
+
+    try {
+      // Load latest configuration
+      const config = await Configuration.findLatest();
+      if (!config) {
+        return notFound('Configuration not found');
+      }
+
+      // Update sandbox configurations
+      const updatedConfig = await config.updateSandboxAuditConfigs(sandboxConfigs);
+      // Save the updated configuration
+      await Configuration.save(updatedConfig);
+
+      return ok({
+        message: 'Sandbox configurations updated successfully',
+        updatedConfigs: sandboxConfigs,
+        totalUpdated: Object.keys(sandboxConfigs).length,
+      });
+    } catch (error) {
+      return badRequest(`Error updating sandbox configuration: ${error.message}`);
+    }
+  };
+
   return {
     getAll,
     getByVersion,
     getLatest,
+    updateSandboxConfig,
   };
 }
 

src/controllers/configuration.js

@@ -111,6 +111,7 @@ export default function getRouteHandlers(
     'GET /configurations/latest': configurationController.getLatest,
     'PUT /configurations/latest': configurationController.updateConfiguration,
     'GET /configurations/:version': configurationController.getByVersion,
+    'PATCH /configurations/sandbox': configurationController.updateSandboxConfig,
     'PATCH /configurations/sites/audits': sitesAuditsToggleController.execute,
     'POST /event/fulfillment': fulfillmentController.processFulfillmentEvents,
     'POST /event/fulfillment/:eventType': fulfillmentController.processFulfillmentEvents,

src/routes/index.js

@@ -88,6 +88,7 @@ describe('Configurations Controller', () => {
     'getAll',
     'getLatest',
     'getByVersion',
+    'updateSandboxConfig',
   ];
 
   let mockDataAccess;
@@ -235,4 +236,269 @@ describe('Configurations Controller', () => {
     expect(result.status).to.equal(400);
     expect(error).to.have.property('message', 'Configuration version required to be an integer');
   });
+
+  describe('Sandbox Configuration Methods', () => {
+    let mockCurrentConfig;
+    let mockNewConfig;
+
+    beforeEach(() => {
+      mockCurrentConfig = {
+        getJobs: sandbox.stub().returns([]),
+        getHandlers: sandbox.stub().returns({}),
+        getQueues: sandbox.stub().returns({}),
+        getSlackRoles: sandbox.stub().returns({}),
+      };
+
+      mockNewConfig = {
+        getVersion: sandbox.stub().returns('2'),
+        getJobs: sandbox.stub().returns([]),
+        getHandlers: sandbox.stub().returns({}),
+        getQueues: sandbox.stub().returns({}),
+        getSlackRoles: sandbox.stub().returns({}),
+      };
+
+      mockDataAccess.Configuration.findLatest = sandbox.stub().resolves(mockCurrentConfig);
+      mockDataAccess.Configuration.create = sandbox.stub().resolves(mockNewConfig);
+    });
+
+    describe('updateSandboxConfig', () => {
+      it('should update sandbox configurations successfully', async () => {
+        const requestContext = {
+          data: {
+            sandboxConfigs: {
+              cwv: { expire: '10' },
+              'meta-tags': { expire: '15' },
+            },
+          },
+        };
+
+        const result = await configurationsController.updateSandboxConfig(requestContext);
+        const response = await result.json();
+
+        expect(result.status).to.equal(200);
+        expect(response).to.have.property('message', 'Sandbox configurations updated successfully');
+        expect(response).to.have.property('updatedConfigs');
+        expect(response.updatedConfigs).to.deep.equal({
+          cwv: { expire: '10' },
+          'meta-tags': { expire: '15' },
+        });
+        expect(response).to.have.property('totalUpdated', 2);
+        expect(response).to.have.property('newVersion', '2');
+        expect(mockDataAccess.Configuration.create).to.have.been.calledWith({
+          jobs: [],
+          handlers: {
+            cwv: { sandbox: { expire: '10' } },
+            'meta-tags': { sandbox: { expire: '15' } },
+          },
+          queues: {},
+          slackRoles: {},
+        });
+      });
+
+      it('should return bad request when sandboxConfigs is missing', async () => {
+        const requestContext = {
+          data: {},
+        };
+
+        const result = await configurationsController.updateSandboxConfig(requestContext);
+        const error = await result.json();
+
+        expect(result.status).to.equal(400);
+        expect(error.message).to.include('sandboxConfigs object is required');
+      });
+
+      it('should return bad request when context.data is undefined', async () => {
+        const requestContext = {};
+
+        const result = await configurationsController.updateSandboxConfig(requestContext);
+        const error = await result.json();
+
+        expect(result.status).to.equal(400);
+        expect(error.message).to.include('sandboxConfigs object is required');
+      });
+
+      it('should return bad request when sandboxConfigs is not an object', async () => {
+        const requestContext = {
+          data: {
+            sandboxConfigs: 'invalid',
+          },
+        };
+
+        const result = await configurationsController.updateSandboxConfig(requestContext);
+        const error = await result.json();
+
+        expect(result.status).to.equal(400);
+        expect(error.message).to.include('sandboxConfigs object is required');
+      });
+
+      it('should return forbidden for non-admin users', async () => {
+        context.attributes.authInfo.withProfile({ is_admin: false });
+
+        const requestContext = {
+          data: {
+            sandboxConfigs: {
+              cwv: { expire: '10' },
+            },
+          },
+        };
+
+        const result = await configurationsController.updateSandboxConfig(requestContext);
+        const error = await result.json();
+
+        expect(result.status).to.equal(403);
+        expect(error.message).to.include('Only admins can update sandbox configurations');
+      });
+
+      it('should return not found when configuration does not exist', async () => {
+        mockDataAccess.Configuration.findLatest.resolves(null);
+
+        const requestContext = {
+          data: {
+            sandboxConfigs: {
+              cwv: { expire: '10' },
+            },
+          },
+        };
+
+        const result = await configurationsController.updateSandboxConfig(requestContext);
+        const error = await result.json();
+
+        expect(result.status).to.equal(404);
+        expect(error.message).to.include('Configuration not found');
+      });
+
+      it('should return bad request when Configuration.create throws an error', async () => {
+        const requestContext = {
+          data: {
+            sandboxConfigs: {
+              cwv: { expire: '10' },
+            },
+          },
+        };
+
+        mockDataAccess.Configuration.create.throws(new Error('Create failed'));
+
+        const result = await configurationsController.updateSandboxConfig(requestContext);
+        const error = await result.json();
+
+        expect(result.status).to.equal(400);
+        expect(error.message).to.include('Error updating sandbox configuration: Create failed');
+      });
+
+      it('should handle when getHandlers returns null', async () => {
+        const requestContext = {
+          data: {
+            sandboxConfigs: {
+              cwv: { expire: '10' },
+            },
+          },
+        };
+
+        // Mock getHandlers to return null to test the || {} fallback
+        mockCurrentConfig.getHandlers.returns(null);
+
+        const result = await configurationsController.updateSandboxConfig(requestContext);
+        const response = await result.json();
+
+        expect(result.status).to.equal(200);
+        expect(response).to.have.property('message', 'Sandbox configurations updated successfully');
+        expect(mockDataAccess.Configuration.create).to.have.been.calledWith({
+          jobs: [],
+          handlers: {
+            cwv: { sandbox: { expire: '10' } },
+          },
+          queues: {},
+          slackRoles: {},
+        });
+      });
+
+      it('should handle when audit type does not exist in handlers', async () => {
+        const requestContext = {
+          data: {
+            sandboxConfigs: {
+              newAuditType: { enabled: true },
+            },
+          },
+        };
+
+        // Mock getHandlers to return handlers without the new audit type
+        mockCurrentConfig.getHandlers.returns({
+          cwv: { sandbox: { expire: '5' } },
+        });
+
+        const result = await configurationsController.updateSandboxConfig(requestContext);
+        const response = await result.json();
+
+        expect(result.status).to.equal(200);
+        expect(response).to.have.property('message', 'Sandbox configurations updated successfully');
+        expect(mockDataAccess.Configuration.create).to.have.been.calledWith({
+          jobs: [],
+          handlers: {
+            cwv: { sandbox: { expire: '5' } },
+            newAuditType: { sandbox: { enabled: true } },
+          },
+          queues: {},
+          slackRoles: {},
+        });
+      });
+
+      it('should handle when audit type exists but has no sandbox property', async () => {
+        const requestContext = {
+          data: {
+            sandboxConfigs: {
+              lhs: { timeout: '30' },
+            },
+          },
+        };
+
+        // Mock getHandlers to return handlers with audit type but no sandbox property
+        mockCurrentConfig.getHandlers.returns({
+          cwv: { sandbox: { expire: '5' } },
+          lhs: { enabled: true }, // No sandbox property
+        });
+
+        const result = await configurationsController.updateSandboxConfig(requestContext);
+        const response = await result.json();
+
+        expect(result.status).to.equal(200);
+        expect(response).to.have.property('message', 'Sandbox configurations updated successfully');
+        expect(mockDataAccess.Configuration.create).to.have.been.calledWith({
+          jobs: [],
+          handlers: {
+            cwv: { sandbox: { expire: '5' } },
+            lhs: { enabled: true, sandbox: { timeout: '30' } },
+          },
+          queues: {},
+          slackRoles: {},
+        });
+      });
+
+      it('should handle when getHandlers returns undefined', async () => {
+        const requestContext = {
+          data: {
+            sandboxConfigs: {
+              cwv: { expire: '10' },
+            },
+          },
+        };
+
+        // Mock getHandlers to return undefined to test the || {} fallback
+        mockCurrentConfig.getHandlers.returns(undefined);
+
+        const result = await configurationsController.updateSandboxConfig(requestContext);
+        const response = await result.json();
+
+        expect(result.status).to.equal(200);
+        expect(response).to.have.property('message', 'Sandbox configurations updated successfully');
+        expect(mockDataAccess.Configuration.create).to.have.been.calledWith({
+          jobs: [],
+          handlers: {
+            cwv: { sandbox: { expire: '10' } },
+          },
+          queues: {},
+          slackRoles: {},
+        });
+      });
+    });
+  });
 });

test/controllers/configurations.test.js

@@ -29,6 +29,7 @@ describe('getRouteHandlers', () => {
     getByVersion: sinon.stub(),
     getLatest: sinon.stub(),
     updateConfiguration: sinon.stub(),
+    updateSandboxConfig: sinon.stub(),
   };
 
   const mockHooksController = {
@@ -231,6 +232,7 @@ describe('getRouteHandlers', () => {
       'GET /configurations',
       'GET /configurations/latest',
       'PUT /configurations/latest',
+      'PATCH /configurations/sandbox',
       'PATCH /configurations/sites/audits',
       'GET /organizations',
       'POST /organizations',
@@ -256,6 +258,7 @@ describe('getRouteHandlers', () => {
     expect(staticRoutes['GET /configurations']).to.equal(mockConfigurationController.getAll);
     expect(staticRoutes['GET /configurations/latest']).to.equal(mockConfigurationController.getLatest);
     expect(staticRoutes['PUT /configurations/latest']).to.equal(mockConfigurationController.updateConfiguration);
+    expect(staticRoutes['PATCH /configurations/sandbox']).to.equal(mockConfigurationController.updateSandboxConfig);
     expect(staticRoutes['PATCH /configurations/sites/audits']).to.equal(mockSitesAuditsToggleController.execute);
     expect(staticRoutes['GET /organizations']).to.equal(mockOrganizationsController.getAll);
     expect(staticRoutes['POST /organizations']).to.equal(mockOrganizationsController.createOrganization);