Remove the left over code from old admin UI pages

[naftis]

Description

In 1.5 we deprecated some of the admin UI items (https://github.com/opencrvs/opencrvs-core/issues/6975), but as there were references to the admin UI code in for example advanced search, we did not refactor and clean up the stale code.

Dev tasks

PR 1

• [x] From https://github.com/opencrvs/opencrvs-core/blob/e1d2c63028a556faddebf385c6d52b0f61339a2b/packages/client/src/views/SysAdmin/Config remove Application, Certificates and UserRoles
• [x] From https://github.com/opencrvs/opencrvs-core/blob/cd535fcd69399303717161bdb01b705e92219994/packages/client/src/views/SysAdmin/Communications remove InformantSMSNotifications

PR 2

• [x] Verify core now fetches anything country config related directly from country config
• [x] Check if there are any more writes to application-config database. If not, remove it and everything related
• [x] Rename application-config-default.ts to be something more fitting

[Nil20]

PR: https://github.com/opencrvs/opencrvs-core/pull/7352

[Zangetsu101]

@naftis Should we fetch everything directly from countryconfig or perhaps have the endpoints in gateway?

[naftis]

@Zangetsu101 Passing them through gateway seems aligned to how we aim to do things

[euanmillar]

We need to decide what to do with notifications and certificate refresh that makes sense for existing projects. @rikukissa we realised that the only way to update a certificate, or SMS notification settings on a deployed, production server is with a Postman request. We need to technically have an easier way to do this. Otherwise we should re-introduce this UI in 1.6.0: https://github.com/opencrvs/opencrvs-core/pull/7380

[Zangetsu101]

explore if it would be possible to leverage the signed urls (similar to minio) to serve the certificates from countryconfig

[rikukissa]

@Zangetsu101 @Nil20

Here's an example how we could implement our own signing mechanism

packages/documents/src/features/presign/index.test.ts

import * as jwt from 'jsonwebtoken'

const COUNTRY_CONFIG_URL = 'http://localhost:3040' /* From constants file */
const PERSISTENT_SECRET_KEY = 'HELLO_WORLD'

function getPresignedUrl(signature: string) {
  const decoded = jwt.verify(signature, PERSISTENT_SECRET_KEY) as {
    targetUrl: string
  }
  return decoded.targetUrl.replace(
    /{{\s*COUNTRY_CONFIG_URL\s*}}/g,
    COUNTRY_CONFIG_URL
  )
}

function signFileUrl(targetUrl: string) {
  return jwt.sign({ targetUrl }, PERSISTENT_SECRET_KEY, { expiresIn: '1h' })
}

function createPreSignedUrl(targetUrl: string) {
  return '/documents/' + signFileUrl(targetUrl)
}

describe("Document service's own presign / validate mechanism. This is used, for example, to secure certificates and other assets served by the country config", () => {
  it('creates presigned urls that point to the document service itself', async () => {
    const url = '{{COUNTRY_CONFIG_URL}}/certificates/birth.svg'
    const signedUrl = createPreSignedUrl(url)
    expect(signedUrl).toContain(
      '/documents/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9'
    )
  })

  it('can verify those signed URLS are correct', async () => {
    const signedUrl = createPreSignedUrl(
      '{{COUNTRY_CONFIG_URL}}/certificates/birth.svg'
    )
    const signature = signedUrl.replace('/documents/', '')

    expect(getPresignedUrl(signature)).toBe(
      'http://localhost:3040/certificates/birth.svg'
    )
  })

  it('fails for incorrect urls', async () => {
    const invalidSignature =
      'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0YXJnZXRVcmwiOiJ7e0NPVU5UUllfQ09ORklHX1VSTH19L2NlcnRpZmljYXRlcy9iaXJ0aC5zdmciLCJpYXQiOjE3MjI0MTM3MjMsImV4cCI6MTcyMjQxNzMyM30.9ocZviMAvtStkcNH7iik1uAdRQJQd7Rf3sFURH8wd4E'
    expect(() => getPresignedUrl(invalidSignature)).toThrow()
  })
})

[SyedaAfrida]

@Zangetsu101 Please mention what needs to be tested for this ticket

[Zangetsu101]

@SyedaAfrida

1. Certificates
2. Informant notifications
3. Admin UI ( Does the left navigation contain all the items that it's supposed to)

[SyedaAfrida]

This ticket is fixed