[TECH] Amélioration des performances du database builder

 #11495

Author: pix-service-auto-merge

api/db/database-builder/factory/build-authentication-method.js

@@ -4,9 +4,13 @@ import { NON_OIDC_IDENTITY_PROVIDERS } from '../../../src/identity-access-manage
 import * as OidcIdentityProviders from '../../../src/identity-access-management/domain/constants/oidc-identity-providers.js';
 import { AuthenticationMethod } from '../../../src/identity-access-management/domain/models/AuthenticationMethod.js';
 import { cryptoService } from '../../../src/shared/domain/services/crypto-service.js';
+import { DEFAULT_PASSWORD } from '../../constants.js';
 import { databaseBuffer } from '../database-buffer.js';
 import { buildUser } from './build-user.js';
 
+// eslint-disable-next-line no-sync
+const DEFAULT_HASHED_PASSWORD = cryptoService.hashPasswordSync(DEFAULT_PASSWORD);
+
 const buildAuthenticationMethod = {};
 
 buildAuthenticationMethod.withGarAsIdentityProvider = function ({
@@ -69,21 +73,19 @@ buildAuthenticationMethod.withPixAsIdentityProviderAndHashedPassword = function
 
 buildAuthenticationMethod.withPixAsIdentityProviderAndPassword = function ({
   id = databaseBuffer.getNextId(),
-  password = 'Password123',
+  password = DEFAULT_PASSWORD,
   shouldChangePassword = false,
   userId,
   createdAt = new Date('2020-01-01'),
   updatedAt = new Date('2020-01-02'),
 } = {}) {
-  // eslint-disable-next-line no-sync
-  const hashedPassword = cryptoService.hashPasswordSync(password);
   userId = isUndefined(userId) ? buildUser().id : userId;
 
   const values = {
     id,
     identityProvider: NON_OIDC_IDENTITY_PROVIDERS.PIX.code,
     authenticationComplement: new AuthenticationMethod.PixAuthenticationComplement({
-      password: hashedPassword,
+      password: getUserHashedPassword(password),
       shouldChangePassword,
     }),
     externalIdentifier: undefined,
@@ -190,4 +192,12 @@ buildAuthenticationMethod.withIdentityProvider = function ({
   });
 };
 
-export { buildAuthenticationMethod };
+function getUserHashedPassword(password) {
+  if (password === DEFAULT_PASSWORD) {
+    return DEFAULT_HASHED_PASSWORD;
+  }
+  // eslint-disable-next-line no-sync
+  return cryptoService.hashPasswordSync(password);
+}
+
+export { buildAuthenticationMethod, getUserHashedPassword };

api/db/database-builder/factory/build-client-application.js

@@ -1,23 +1,33 @@
 import { cryptoService } from '../../../src/shared/domain/services/crypto-service.js';
 import { databaseBuffer } from '../database-buffer.js';
 
+const DEFAULT_CLIENT_SECRET = 'super-secret';
+// eslint-disable-next-line no-sync
+const DEFAULT_CLIENT_SECRET_HASH = cryptoService.hashPasswordSync(DEFAULT_CLIENT_SECRET);
+
 export function buildClientApplication({
   id = databaseBuffer.getNextId(),
   name = 'clientApplication',
   clientId = 'client-id',
   clientSecret = 'super-secret',
   scopes = ['scope1', 'scope2'],
 } = {}) {
-  // eslint-disable-next-line no-sync
-  const hashedSecret = cryptoService.hashPasswordSync(clientSecret);
   return databaseBuffer.pushInsertable({
     tableName: 'client_applications',
     values: {
       id,
       name,
       clientId,
-      clientSecret: hashedSecret,
+      clientSecret: _getHashedSecret(clientSecret),
       scopes,
     },
   });
 }
+
+function _getHashedSecret(clientSecret) {
+  if (clientSecret === DEFAULT_CLIENT_SECRET) {
+    return DEFAULT_CLIENT_SECRET_HASH;
+  }
+  // eslint-disable-next-line no-sync
+  return cryptoService.hashPasswordSync(clientSecret);
+}

api/db/database-builder/factory/build-user.js

@@ -5,15 +5,15 @@ const { isUndefined, isNil } = lodash;
 import { PIX_ADMIN } from '../../../src/authorization/domain/constants.js';
 import { NON_OIDC_IDENTITY_PROVIDERS } from '../../../src/identity-access-management/domain/constants/identity-providers.js';
 import { AuthenticationMethod, Membership } from '../../../src/shared/domain/models/index.js';
-import { cryptoService } from '../../../src/shared/domain/services/crypto-service.js';
+import { DEFAULT_PASSWORD } from '../../constants.js';
 import { databaseBuffer } from '../database-buffer.js';
+import { getUserHashedPassword } from './build-authentication-method.js';
 import { buildCertificationCenter } from './build-certification-center.js';
 import { buildCertificationCenterMembership } from './build-certification-center-membership.js';
 import { buildMembership } from './build-membership.js';
 import { buildOrganization } from './build-organization.js';
 import { buildPixAdminRole } from './build-pix-admin-role.js';
 
-const DEFAULT_PASSWORD = 'pix123';
 const { ROLES } = PIX_ADMIN;
 
 /**
@@ -375,15 +375,12 @@ function _buildPixAuthenticationMethod({
   createdAt,
   updatedAt,
 } = {}) {
-  // eslint-disable-next-line no-sync
-  const hashedPassword = cryptoService.hashPasswordSync(rawPassword);
-
   const values = {
     id,
     userId,
     identityProvider: NON_OIDC_IDENTITY_PROVIDERS.PIX.code,
     authenticationComplement: new AuthenticationMethod.PixAuthenticationComplement({
-      password: hashedPassword,
+      password: getUserHashedPassword(rawPassword),
       shouldChangePassword,
     }),
     externalIdentifier: undefined,

api/db/seeds/data/common/common-builder.js

@@ -1,5 +1,5 @@
 import { PIX_ADMIN } from '../../../../src/authorization/domain/constants.js';
-import { DEFAULT_PASSWORD, PIX_PUBLIC_TARGET_PROFILE_ID, REAL_PIX_SUPER_ADMIN_ID } from './constants.js';
+import { PIX_PUBLIC_TARGET_PROFILE_ID, REAL_PIX_SUPER_ADMIN_ID } from './constants.js';
 import { acceptPixOrgaTermsOfService, createPixOrgaTermsOfService } from './tooling/legal-documents.js';
 import { createTargetProfile } from './tooling/target-profile-tooling.js';
 
@@ -27,7 +27,6 @@ function _createSuperAdmin(databaseBuilder) {
     firstName: 'Admin',
     lastName: 'Admin',
     email: 'superadmin@example.net',
-    rawPassword: DEFAULT_PASSWORD,
   });
   databaseBuilder.factory.buildPixAdminRole({ userId: REAL_PIX_SUPER_ADMIN_ID, role: ROLES.SUPER_ADMIN });
   acceptPixOrgaTermsOfService(databaseBuilder, REAL_PIX_SUPER_ADMIN_ID);
@@ -40,7 +39,6 @@ function _createMetierAdmin(databaseBuilder) {
     firstName: 'Admin',
     lastName: 'Metier',
     email: 'metieradmin@example.net',
-    rawPassword: DEFAULT_PASSWORD,
   });
   databaseBuilder.factory.buildPixAdminRole({ userId, role: ROLES.METIER });
   acceptPixOrgaTermsOfService(databaseBuilder, userId);
@@ -53,7 +51,6 @@ function _createSupportAdmin(databaseBuilder) {
     firstName: 'Admin',
     lastName: 'Support',
     email: 'supportadmin@example.net',
-    rawPassword: DEFAULT_PASSWORD,
   });
   databaseBuilder.factory.buildPixAdminRole({ userId, role: ROLES.SUPPORT });
   acceptPixOrgaTermsOfService(databaseBuilder, userId);
@@ -66,7 +63,6 @@ function _createCertifAdmin(databaseBuilder) {
     firstName: 'Admin',
     lastName: 'Certif',
     email: 'certifadmin@example.net',
-    rawPassword: DEFAULT_PASSWORD,
   });
   databaseBuilder.factory.buildPixAdminRole({ userId, role: ROLES.CERTIF });
   acceptPixOrgaTermsOfService(databaseBuilder, userId);

api/db/seeds/data/common/constants.js

@@ -1,6 +1,5 @@
 import { Tag } from '../../../../src/organizational-entities/domain/models/Tag.js';
 
-const DEFAULT_PASSWORD = 'pix123';
 const COMMON_OFFSET_ID = 1000;
 
 //USERS
@@ -86,7 +85,6 @@ export {
   AGRICULTURE_TAG,
   CFA_TAG,
   COLLEGE_TAG,
-  DEFAULT_PASSWORD,
   FEATURE_ATTESTATIONS_MANAGEMENT_ID,
   FEATURE_CAMPAIGN_EXTERNAL_ID,
   FEATURE_CAMPAIGN_WITHOUT_USER_PROFILE_ID,

api/db/seeds/data/common/organization-builder.js

@@ -1,6 +1,5 @@
 import {
   AGRICULTURE_TAG,
-  DEFAULT_PASSWORD,
   FEATURE_ATTESTATIONS_MANAGEMENT_ID,
   FEATURE_CAMPAIGN_WITHOUT_USER_PROFILE_ID,
   FEATURE_COMPUTE_ORGANIZATION_LEARNER_CERTIFICABILITY_ID,
@@ -132,8 +131,6 @@ function _createUserAdminForOrganizations(databaseBuilder) {
     email: 'admin-orga@example.net',
     cgu: true,
     lang: 'fr',
-    rawPassword: DEFAULT_PASSWORD,
-    shouldChangePassword: false,
   });
   acceptPixOrgaTermsOfService(databaseBuilder, USER_ID_ADMIN_ORGANIZATION);
 }
@@ -146,8 +143,6 @@ function _createUserMemberForOrganizations(databaseBuilder) {
     email: 'member-orga@example.net',
     cgu: true,
     lang: 'en',
-    rawPassword: DEFAULT_PASSWORD,
-    shouldChangePassword: false,
   });
   acceptPixOrgaTermsOfService(databaseBuilder, USER_ID_MEMBER_ORGANIZATION);
 }

api/db/seeds/data/team-1d/data-builder.js

@@ -33,8 +33,6 @@ async function _createSco1dUser(databaseBuilder) {
     mustValidateTermsOfService: false,
     pixCertifTermsOfServiceAccepted: true,
     hasSeenAssessmentInstructions: false,
-    rawPassword: 'pix123',
-    shouldChangePassword: false,
   });
   acceptPixOrgaTermsOfService(databaseBuilder, TEAM_1D_USER_ID);
   await databaseBuilder.commit();

api/db/seeds/data/team-acces/build-blocked-users.js

@@ -1,13 +1,11 @@
 import { config } from '../../../../src/shared/config.js';
-import { DEFAULT_PASSWORD } from '../../../constants.js';
 
 function _buildBlockedUser(databaseBuilder) {
   const blockedUser = databaseBuilder.factory.buildUser.withRawPassword({
     firstName: 'Goldi',
     lastName: 'Locks',
     email: 'blocked@example.net',
     username: 'goldi.locks',
-    rawPassword: DEFAULT_PASSWORD,
     cgu: false,
   });
 
@@ -24,7 +22,6 @@ function _buildAlmostBlockedUser(databaseBuilder) {
     lastName: 'Locks',
     email: 'almost-blocked@example.net',
     username: 'silveri.locks',
-    rawPassword: DEFAULT_PASSWORD,
     cgu: false,
   });
 
@@ -40,7 +37,6 @@ function _buildAlmostTemporarilyBlockedUser(databaseBuilder) {
     lastName: 'Bear',
     email: 'almost-temporarily-blocked@example.net',
     username: 'small.bear',
-    rawPassword: DEFAULT_PASSWORD,
     cgu: false,
   });
 

api/db/seeds/data/team-acces/build-certification-centers.js

@@ -1,4 +1,3 @@
-import { DEFAULT_PASSWORD } from '../../../constants.js';
 import { createCertificationCenter } from '../common/tooling/certification-center-tooling.js';
 
 const CERTIFICATION_CENTER_OFFSET_ID = 8000;
@@ -95,20 +94,12 @@ export async function buildCertificationCenters(databaseBuilder) {
   });
 }
 
-function _buildUsersWithDefaultPassword({
-  databaseBuilder,
-  firstName,
-  lastName,
-  email,
-  username,
-  rawPassword = DEFAULT_PASSWORD,
-}) {
+function _buildUsersWithDefaultPassword({ databaseBuilder, firstName, lastName, email, username }) {
   return databaseBuilder.factory.buildUser.withRawPassword({
     firstName,
     lastName,
     email,
     username,
-    rawPassword,
     cgu: true,
     lastPixCertifTermsOfServiceValidatedAt: new Date(),
     pixCertifTermsOfServiceAccepted: true,

api/db/seeds/data/team-acces/build-organization-users.js

@@ -1,4 +1,3 @@
-import { DEFAULT_PASSWORD } from '../../../constants.js';
 import { acceptPixOrgaTermsOfService } from '../common/tooling/legal-documents.js';
 
 export const PIX_ORGA_ALL_ORGA_ID = 10001;
@@ -31,13 +30,12 @@ export function buildOrganizationUsers(databaseBuilder) {
 }
 
 function _buildUser(databaseBuilder) {
-  return function ({ id, firstName, lastName, email, rawPassword = DEFAULT_PASSWORD, cguVersion }) {
+  return function ({ id, firstName, lastName, email, cguVersion }) {
     databaseBuilder.factory.buildUser.withRawPassword({
       id,
       firstName,
       lastName,
       email,
-      rawPassword,
       cgu: true,
     });
 

api/db/seeds/data/team-acces/build-pix-admin-roles.js

@@ -1,5 +1,4 @@
 import { PIX_ADMIN } from '../../../../src/authorization/domain/constants.js';
-import { DEFAULT_PASSWORD } from '../../../constants.js';
 
 const { ROLES } = PIX_ADMIN;
 
@@ -8,7 +7,6 @@ function _buildCertifRole(databaseBuilder) {
     firstName: 'Pix',
     lastName: 'Certif',
     email: 'pixcertif@example.net',
-    rawPassword: DEFAULT_PASSWORD,
     role: ROLES.CERTIF,
   });
 }
@@ -18,7 +16,6 @@ function _buildMetierRole(databaseBuilder) {
     firstName: 'Pix',
     lastName: 'Metier',
     email: 'pixmetier@example.net',
-    rawPassword: DEFAULT_PASSWORD,
     role: ROLES.METIER,
   });
 }
@@ -28,7 +25,6 @@ function _buildSupportRole(databaseBuilder) {
     firstName: 'Pix',
     lastName: 'Support',
     email: 'pixsupport@example.net',
-    rawPassword: DEFAULT_PASSWORD,
     role: ROLES.SUPPORT,
   });
 }

api/db/seeds/data/team-acces/build-reset-password-users.js

@@ -1,12 +1,9 @@
-import { DEFAULT_PASSWORD } from '../../../constants.js';
-
 function _buildUserWithShouldChangePassword(databaseBuilder) {
   databaseBuilder.factory.buildUser.withRawPassword({
     firstName: 'Kaa',
     lastName: 'Reboot',
     email: 'change-password@example.net',
     username: 'kaa.reboot',
-    rawPassword: DEFAULT_PASSWORD,
     shouldChangePassword: true,
     cgu: false,
   });

api/db/seeds/data/team-certification/data-builder.js

@@ -97,8 +97,6 @@ async function _createScoCertificationCenter({ databaseBuilder }) {
     mustValidateTermsOfService: false,
     pixCertifTermsOfServiceAccepted: false,
     hasSeenAssessmentInstructions: false,
-    rawPassword: 'pix123',
-    shouldChangePassword: false,
   });
 
   acceptPixOrgaTermsOfService(databaseBuilder, SCO_CERTIFICATION_MANAGING_STUDENTS_CERTIFICATION_CENTER_USER_ID);
@@ -140,8 +138,6 @@ async function _createV3PilotCertificationCenter({ databaseBuilder }) {
     mustValidateTermsOfService: false,
     pixCertifTermsOfServiceAccepted: false,
     hasSeenAssessmentInstructions: false,
-    rawPassword: 'pix123',
-    shouldChangePassword: false,
   });
 
   acceptPixOrgaTermsOfService(databaseBuilder, V3_CERTIFICATION_CENTER_USER_ID);
@@ -186,8 +182,6 @@ async function _createProCertificationCenter({ databaseBuilder }) {
     mustValidateTermsOfService: false,
     pixCertifTermsOfServiceAccepted: false,
     hasSeenAssessmentInstructions: false,
-    rawPassword: 'pix123',
-    shouldChangePassword: false,
   });
 
   acceptPixOrgaTermsOfService(databaseBuilder, PRO_ADMIN_CERTIFICATION_CENTER_USER_ID);
@@ -203,8 +197,6 @@ async function _createProCertificationCenter({ databaseBuilder }) {
     mustValidateTermsOfService: false,
     pixCertifTermsOfServiceAccepted: false,
     hasSeenAssessmentInstructions: false,
-    rawPassword: 'pix123',
-    shouldChangePassword: false,
   });
 
   acceptPixOrgaTermsOfService(databaseBuilder, PRO_MEMBER_CERTIFICATION_CENTER_USER_ID);
@@ -237,8 +229,6 @@ async function _createScoOrganization({ databaseBuilder }) {
     mustValidateTermsOfService: false,
     pixCertifTermsOfServiceAccepted: false,
     hasSeenAssessmentInstructions: false,
-    rawPassword: 'pix123',
-    shouldChangePassword: false,
   });
 
   acceptPixOrgaTermsOfService(databaseBuilder, SCO_CERTIFICATION_MANAGING_STUDENTS_ORGANIZATION_USER_ID);
@@ -270,8 +260,6 @@ async function _createProOrganization({ databaseBuilder }) {
     mustValidateTermsOfService: false,
     pixCertifTermsOfServiceAccepted: false,
     hasSeenAssessmentInstructions: false,
-    rawPassword: 'pix123',
-    shouldChangePassword: false,
   });
 
   acceptPixOrgaTermsOfService(databaseBuilder, PRO_ORGANIZATION_USER_ID);