feat: add sandbox configuration update API

- Add PATCH /configurations/sandbox endpoint for updating sandbox audit configurations
- Implement updateSandboxConfig method in ConfigurationController with admin access control.

Author: Kanishka

package-lock.json

@@ -73,7 +73,7 @@
     "@adobe/helix-universal-logger": "3.0.27",
     "@adobe/spacecat-shared-athena-client": "1.3.0",
     "@adobe/spacecat-shared-brand-client": "1.1.20",
-    "@adobe/spacecat-shared-data-access": "2.58.0",
+    "@adobe/spacecat-shared-data-access": "https://gitpkg.now.sh/adobe/spacecat-shared/packages/spacecat-shared-data-access?feature/site-sandbox-configuration",
     "@adobe/spacecat-shared-gpt-client": "1.5.21",
     "@adobe/spacecat-shared-http-utils": "1.16.0",
     "@adobe/spacecat-shared-ims-client": "1.8.8",

package.json

@@ -88,10 +88,49 @@ function ConfigurationController(ctx) {
     return ok(ConfigurationDto.toJSON(configuration));
   };
 
+  /**
+   * Updates sandbox configuration for audit types.
+   * @param {UniversalContext} context - Context of the request.
+   * @return {Promise<Response>} Update result response.
+   */
+  const updateSandboxConfig = async (context) => {
+    if (!accessControlUtil.hasAdminAccess()) {
+      return forbidden('Only admins can update sandbox configurations');
+    }
+
+    const { sandboxConfigs } = context.data || {};
+
+    if (!sandboxConfigs || typeof sandboxConfigs !== 'object') {
+      return badRequest('sandboxConfigs object is required');
+    }
+
+    try {
+      // Load global configuration
+      const config = await Configuration.findByType('global');
+      if (!config) {
+        return notFound('Global configuration not found');
+      }
+
+      // Update sandbox configurations
+      const updatedConfig = await config.updateSandboxAuditConfigs(sandboxConfigs);
+      // Save the updated configuration
+      await Configuration.save(updatedConfig);
+
+      return ok({
+        message: 'Sandbox configurations updated successfully',
+        updatedConfigs: sandboxConfigs,
+        totalUpdated: Object.keys(sandboxConfigs).length,
+      });
+    } catch (error) {
+      return badRequest(`Error updating sandbox configuration: ${error.message}`);
+    }
+  };
+
   return {
     getAll,
     getByVersion,
     getLatest,
+    updateSandboxConfig,
   };
 }
 

src/controllers/configuration.js

@@ -248,6 +248,9 @@ export default function getRouteHandlers(
 
     // Sandbox audit route
     'POST /sites/:siteId/sandbox/audit': sandboxAuditController.triggerAudit,
+
+    // Sandbox configuration route
+    'PATCH /configurations/sandbox': configurationController.updateSandboxConfig,
   };
 
   // Initialization of static and dynamic routes

src/routes/index.js

@@ -88,6 +88,7 @@ describe('Configurations Controller', () => {
     'getAll',
     'getLatest',
     'getByVersion',
+    'updateSandboxConfig',
   ];
 
   let mockDataAccess;
@@ -235,4 +236,140 @@ describe('Configurations Controller', () => {
     expect(result.status).to.equal(400);
     expect(error).to.have.property('message', 'Configuration version required to be an integer');
   });
+
+  describe('Sandbox Configuration Methods', () => {
+    let mockGlobalConfig;
+
+    beforeEach(() => {
+      mockGlobalConfig = {
+        updateSandboxAuditConfigs: sandbox.stub(),
+      };
+
+      mockDataAccess.Configuration.findByType = sandbox.stub().resolves(mockGlobalConfig);
+      mockDataAccess.Configuration.save = sandbox.stub().resolves();
+    });
+
+    describe('updateSandboxConfig', () => {
+      it('should update sandbox configurations successfully', async () => {
+        const requestContext = {
+          data: {
+            sandboxConfigs: {
+              cwv: { expire: '10' },
+              'meta-tags': { expire: '15' },
+            },
+          },
+        };
+
+        const updatedConfig = { ...mockGlobalConfig };
+        mockGlobalConfig.updateSandboxAuditConfigs.returns(updatedConfig);
+
+        const result = await configurationsController.updateSandboxConfig(requestContext);
+        const response = await result.json();
+
+        expect(result.status).to.equal(200);
+        expect(response).to.have.property('message', 'Sandbox configurations updated successfully');
+        expect(response).to.have.property('updatedConfigs');
+        expect(response.updatedConfigs).to.deep.equal({
+          cwv: { expire: '10' },
+          'meta-tags': { expire: '15' },
+        });
+        expect(response).to.have.property('totalUpdated', 2);
+        expect(mockGlobalConfig.updateSandboxAuditConfigs).to.have.been.calledWith({
+          cwv: { expire: '10' },
+          'meta-tags': { expire: '15' },
+        });
+        expect(mockDataAccess.Configuration.save).to.have.been.calledWith(updatedConfig);
+      });
+
+      it('should return bad request when sandboxConfigs is missing', async () => {
+        const requestContext = {
+          data: {},
+        };
+
+        const result = await configurationsController.updateSandboxConfig(requestContext);
+        const error = await result.json();
+
+        expect(result.status).to.equal(400);
+        expect(error.message).to.include('sandboxConfigs object is required');
+      });
+
+      it('should return bad request when context.data is undefined', async () => {
+        const requestContext = {};
+
+        const result = await configurationsController.updateSandboxConfig(requestContext);
+        const error = await result.json();
+
+        expect(result.status).to.equal(400);
+        expect(error.message).to.include('sandboxConfigs object is required');
+      });
+
+      it('should return bad request when sandboxConfigs is not an object', async () => {
+        const requestContext = {
+          data: {
+            sandboxConfigs: 'invalid',
+          },
+        };
+
+        const result = await configurationsController.updateSandboxConfig(requestContext);
+        const error = await result.json();
+
+        expect(result.status).to.equal(400);
+        expect(error.message).to.include('sandboxConfigs object is required');
+      });
+
+      it('should return forbidden for non-admin users', async () => {
+        context.attributes.authInfo.withProfile({ is_admin: false });
+
+        const requestContext = {
+          data: {
+            sandboxConfigs: {
+              cwv: { expire: '10' },
+            },
+          },
+        };
+
+        const result = await configurationsController.updateSandboxConfig(requestContext);
+        const error = await result.json();
+
+        expect(result.status).to.equal(403);
+        expect(error.message).to.include('Only admins can update sandbox configurations');
+      });
+
+      it('should return not found when global configuration does not exist', async () => {
+        mockDataAccess.Configuration.findByType.resolves(null);
+
+        const requestContext = {
+          data: {
+            sandboxConfigs: {
+              cwv: { expire: '10' },
+            },
+          },
+        };
+
+        const result = await configurationsController.updateSandboxConfig(requestContext);
+        const error = await result.json();
+
+        expect(result.status).to.equal(404);
+        expect(error.message).to.include('Global configuration not found');
+      });
+
+      it('should return bad request when updateSandboxAuditConfigs throws an error', async () => {
+        const requestContext = {
+          data: {
+            sandboxConfigs: {
+              cwv: { expire: '10' },
+            },
+          },
+        };
+
+        mockGlobalConfig.updateSandboxAuditConfigs.throws(new Error('Update failed'));
+
+        const result = await configurationsController.updateSandboxConfig(requestContext);
+        const error = await result.json();
+
+        expect(result.status).to.equal(400);
+        expect(error.message).to.include('Error updating sandbox configuration: Update failed');
+      });
+    });
+  });
 });

test/controllers/configurations.test.js

@@ -29,6 +29,7 @@ describe('getRouteHandlers', () => {
     getByVersion: sinon.stub(),
     getLatest: sinon.stub(),
     updateConfiguration: sinon.stub(),
+    updateSandboxConfig: sinon.stub(),
   };
 
   const mockHooksController = {
@@ -231,6 +232,7 @@ describe('getRouteHandlers', () => {
       'GET /configurations',
       'GET /configurations/latest',
       'PUT /configurations/latest',
+      'PATCH /configurations/sandbox',
       'PATCH /configurations/sites/audits',
       'GET /organizations',
       'POST /organizations',
@@ -256,6 +258,7 @@ describe('getRouteHandlers', () => {
     expect(staticRoutes['GET /configurations']).to.equal(mockConfigurationController.getAll);
     expect(staticRoutes['GET /configurations/latest']).to.equal(mockConfigurationController.getLatest);
     expect(staticRoutes['PUT /configurations/latest']).to.equal(mockConfigurationController.updateConfiguration);
+    expect(staticRoutes['PATCH /configurations/sandbox']).to.equal(mockConfigurationController.updateSandboxConfig);
     expect(staticRoutes['PATCH /configurations/sites/audits']).to.equal(mockSitesAuditsToggleController.execute);
     expect(staticRoutes['GET /organizations']).to.equal(mockOrganizationsController.getAll);
     expect(staticRoutes['POST /organizations']).to.equal(mockOrganizationsController.createOrganization);