Fix #392 Safeguard measure: Create data agreement record for same ind…

…ividual and data agreement should not be allowed if exists

src/v2/dataagreement_record/db.go

@@ -90,6 +90,18 @@ func (darRepo *DataAgreementRecordRepository) DeleteAllRecordsForIndividual(indi
 	return err
 }
 
+// CountDataAgreementRecords counts the data agreement record containing data agreement id and individual id
+func (darRepo *DataAgreementRecordRepository) CountDataAgreementRecords(dataAgreementId string, individualId string) (int64, error) {
+	filter := common.CombineFilters(darRepo.DefaultFilter, bson.M{"individualid": individualId, "dataagreementid": dataAgreementId})
+
+	count, err := Collection().CountDocuments(context.Background(), filter)
+	if err != nil {
+		return count, nil
+	}
+
+	return count, nil
+}
+
 // PipelineForList creates pipeline for list data agreement records
 func PipelineForList(organisationId string, id string, lawfulBasis string, isId bool, isLawfulBasis bool) ([]primitive.M, error) {
 	var pipeline []primitive.M

src/v2/handler/service/service_create_dataagreement_record.go

@@ -70,6 +70,23 @@ func ServiceCreateDataAgreementRecord(w http.ResponseWriter, r *http.Request) {
 
 	dataAgreementId := common.Sanitize(mux.Vars(r)[config.DataAgreementId])
 
+	// Repository
+	darRepo := daRecord.DataAgreementRecordRepository{}
+	darRepo.Init(organisationId)
+
+	// Check for existing data agreement record with same data agreement id and individual id
+	count, err := darRepo.CountDataAgreementRecords(dataAgreementId, individualId)
+	if err != nil {
+		m := fmt.Sprintf("Failed to fetch data agreement record for data agreement: %v", dataAgreementId)
+		common.HandleErrorV2(w, http.StatusInternalServerError, m, err)
+		return
+	}
+	if count > 0 {
+		m := fmt.Sprintf("Data agreement record for data agreement: %v and individual id : %s exists", dataAgreementId, individualId)
+		common.HandleErrorV2(w, http.StatusInternalServerError, m, err)
+		return
+	}
+
 	revisionId, err := daRecord.ParseQueryParams(r, config.RevisionId, daRecord.RevisionIdIsMissingError)
 	revisionId = common.Sanitize(revisionId)
 	var rev revision.Revision
@@ -123,9 +140,6 @@ func ServiceCreateDataAgreementRecord(w http.ResponseWriter, r *http.Request) {
 		common.HandleErrorV2(w, http.StatusInternalServerError, m, err)
 		return
 	}
-	// Repository
-	darRepo := daRecord.DataAgreementRecordRepository{}
-	darRepo.Init(organisationId)
 
 	savedDaRecord, err := darRepo.Add(newDaRecord)
 	if err != nil {

src/v2/handler/service/service_create_paired_dataagreement_record.go.go

@@ -40,6 +40,23 @@ func ServiceCreatePairedDataAgreementRecord(w http.ResponseWriter, r *http.Reque
 	defer r.Body.Close()
 	json.Unmarshal(b, &dataAgreementRecordReq)
 
+	// Repository
+	darRepo := daRecord.DataAgreementRecordRepository{}
+	darRepo.Init(organisationId)
+
+	// Check for existing data agreement record with same data agreement id and individual id
+	count, err := darRepo.CountDataAgreementRecords(dataAgreementRecordReq.DataAgreementRecord.DataAgreementId, individualId)
+	if err != nil {
+		m := fmt.Sprintf("Failed to fetch data agreement record for data agreement: %v", dataAgreementRecordReq.DataAgreementRecord.DataAgreementId)
+		common.HandleErrorV2(w, http.StatusInternalServerError, m, err)
+		return
+	}
+	if count > 0 {
+		m := fmt.Sprintf("Data agreement record for data agreement: %v and individual id : %s exists", dataAgreementRecordReq.DataAgreementRecord.DataAgreementId, individualId)
+		common.HandleErrorV2(w, http.StatusInternalServerError, m, err)
+		return
+	}
+
 	dataAgreementRecord := dataAgreementRecordReq.DataAgreementRecord
 	currentSignature := dataAgreementRecordReq.Signature
 
@@ -60,10 +77,6 @@ func ServiceCreatePairedDataAgreementRecord(w http.ResponseWriter, r *http.Reque
 	}
 	toBeCreatedSignature.Id = primitive.NewObjectID()
 
-	// Repository
-	darRepo := daRecord.DataAgreementRecordRepository{}
-	darRepo.Init(organisationId)
-
 	dataAgreementRecord.SignatureId = toBeCreatedSignature.Id.Hex()
 
 	savedDataAgreementRecord, err := darRepo.Add(dataAgreementRecord)