diff --git a/Jenkinsfile_CNP b/Jenkinsfile_CNP index db184f2836..7304c57245 100644 --- a/Jenkinsfile_CNP +++ b/Jenkinsfile_CNP @@ -111,6 +111,7 @@ env.BEFTA_RETRY_MAX_DELAY = "1000" env.BEFTA_RETRY_NON_RETRYABLE_HTTP_METHODS = "POST,PUT" // Prevent Docker hub rate limit errors by ensuring that testcontainers uses images from hmctspublic ACR env.TESTCONTAINERS_HUB_IMAGE_NAME_PREFIX = "hmctspublic.azurecr.io/imported/" +env.TOKEN_CLAIM_VALIDATION_ENABLED="true" withPipeline(type, product, component) { onMaster { diff --git a/Jenkinsfile_nightly b/Jenkinsfile_nightly index 3812977cde..714c52d4f6 100644 --- a/Jenkinsfile_nightly +++ b/Jenkinsfile_nightly @@ -102,6 +102,7 @@ env.BEFTA_RETRY_MAX_ATTEMPTS = "3" env.BEFTA_RETRY_STATUS_CODES = "500,502,503,504" env.BEFTA_RETRY_MAX_DELAY = "1000" env.BEFTA_RETRY_NON_RETRYABLE_HTTP_METHODS = "POST,PUT" +env.TOKEN_CLAIM_VALIDATION_ENABLED="true" withNightlyPipeline(type, product, component) { diff --git a/src/aat/resources/features/F-035 - Get Case V2 External/S-156_Case_Creation_Data.td.json b/src/aat/resources/features/F-035 - Get Case V2 External/S-156_Case_Creation_Data.td.json index bd47a32860..2a227bdb04 100644 --- a/src/aat/resources/features/F-035 - Get Case V2 External/S-156_Case_Creation_Data.td.json +++ b/src/aat/resources/features/F-035 - Get Case V2 External/S-156_Case_Creation_Data.td.json @@ -11,7 +11,10 @@ "request": { "pathVariables": { "ctid": "AAT_AUTH_8" - } + }, + "body": { + "event_token": "${[scenarioContext][parentContext][childContexts][S-156_Case_Creation_Data_Token_Creation][testData][actualResponse][body][token]}" + } }, "expectedResponse": { diff --git a/src/aat/resources/features/F-035 - Get Case V2 External/S-156_Case_Creation_Data_Token_Creation.td.json b/src/aat/resources/features/F-035 - Get Case V2 External/S-156_Case_Creation_Data_Token_Creation.td.json new file mode 100644 index 0000000000..0d74b3e00b --- /dev/null +++ b/src/aat/resources/features/F-035 - Get Case V2 External/S-156_Case_Creation_Data_Token_Creation.td.json @@ -0,0 +1,62 @@ +{ + "_guid_": "S-156_Case_Creation_Data_Token_Creation", + + "productName": "CCD Data Store", + "operationName": "Start event creation as Case worker", + + "method": "GET", + "uri": "/caseworkers/{uid}/jurisdictions/{jid}/case-types/{ctid}/event-triggers/{etid}/token", + + "specs": [ + "to create a token for case creation" + ], + + "users": { + "invokingUser": { + "_extends_": "PrivateCaseworker" + } + }, + + "request": { + "headers": { + "_extends_": "Common_Request_Headers" + }, + "pathVariables": { + "uid": "[[DEFAULT_AUTO_VALUE]]", + "jid": "AUTOTEST1", + "ctid": "AAT_AUTH_8", + "etid": "CREATE" + } + }, + + "expectedResponse": { + "_extends_": "Common_200_Response", + "headers": { + "Content-Encoding": "gzip", + "Content-Length": "[[ANY_INTEGER_NOT_NULLABLE]]" + }, + "body": { + "token": "[[ANY_STRING_NOT_NULLABLE]]", + "case_details": { + "id": null, + "jurisdiction": "[[ANYTHING_PRESENT]]", + "state": null, + "version": null, + "case_type_id": "[[ANYTHING_PRESENT]]", + "created_date": null, + "last_modified": null, + "last_state_modified_date": null, + "security_classification": null, + "case_data": {}, + "data_classification": {}, + "supplementary_data": null, + "after_submit_callback_response": null, + "callback_response_status_code": null, + "callback_response_status": null, + "delete_draft_response_status_code": null, + "delete_draft_response_status": null + }, + "event_id": "CREATE" + } + } +} diff --git a/src/aat/resources/features/F-042 - Get aboutToStart token V1 External/Case_Creation_Using_Caseworker1_Role.td.json b/src/aat/resources/features/F-042 - Get aboutToStart token V1 External/Case_Creation_Using_Caseworker1_Role.td.json index 371b62374c..ee2f1b5b1d 100644 --- a/src/aat/resources/features/F-042 - Get aboutToStart token V1 External/Case_Creation_Using_Caseworker1_Role.td.json +++ b/src/aat/resources/features/F-042 - Get aboutToStart token V1 External/Case_Creation_Using_Caseworker1_Role.td.json @@ -1,6 +1,6 @@ { "_guid_": "Case_Creation_Using_Caseworker1_Role", - "_extends_": "Case_Creation_Data_Base", + "_extends_": "F-042_Case_Creation_Data_Base", "users": { "invokingUser": { diff --git a/src/aat/resources/features/F-042 - Get aboutToStart token V1 External/F-042_Case_Creation_Data_Base.td.json b/src/aat/resources/features/F-042 - Get aboutToStart token V1 External/F-042_Case_Creation_Data_Base.td.json new file mode 100644 index 0000000000..178be371ea --- /dev/null +++ b/src/aat/resources/features/F-042 - Get aboutToStart token V1 External/F-042_Case_Creation_Data_Base.td.json @@ -0,0 +1,33 @@ +{ + "_guid_": "F-042_Case_Creation_Data_Base", + "_extends_": "Case_Creation_Base", + + "request": { + "body": { + "event_token": "${[scenarioContext][parentContext][childContexts][Case_Creation_Using_Caseworker1_Role_Token_Creation][testData][actualResponse][body][token]}" + } + }, + + "expectedResponse": { + "_extends_": "Common_201_Response", + "headers": { + "Content-Encoding": "gzip", + "vary": "accept-encoding", + "Content-Length": "[[ANYTHING_PRESENT]]" + }, + "body": { + "id": "[[ANYTHING_PRESENT]]", + "state": "TODO", + "version": 0, + "last_state_modified_date": "[[ANYTHING_PRESENT]]", + "created_date": "[[ANYTHING_PRESENT]]", + "last_modified": "[[ANYTHING_PRESENT]]", + "security_classification": "PUBLIC", + "after_submit_callback_response": null, + "callback_response_status_code": null, + "callback_response_status": null, + "delete_draft_response_status_code": null, + "delete_draft_response_status": null + } + } +} diff --git a/src/aat/resources/features/F-042 - Get aboutToStart token V1 External/_Case_Creation_Using_Caseworker1_Role_Token_Creation.td.json b/src/aat/resources/features/F-042 - Get aboutToStart token V1 External/_Case_Creation_Using_Caseworker1_Role_Token_Creation.td.json new file mode 100644 index 0000000000..3c11f9c233 --- /dev/null +++ b/src/aat/resources/features/F-042 - Get aboutToStart token V1 External/_Case_Creation_Using_Caseworker1_Role_Token_Creation.td.json @@ -0,0 +1,62 @@ +{ + "_guid_": "Case_Creation_Using_Caseworker1_Role_Token_Creation", + + "productName": "CCD Data Store", + "operationName": "Start event creation as Case worker", + + "method": "GET", + "uri": "/caseworkers/{uid}/jurisdictions/{jid}/case-types/{ctid}/event-triggers/{etid}/token", + + "specs": [ + "to create a token for case creation" + ], + + "users": { + "invokingUser": { + "_extends_": "BeftaCaseworker1" + } + }, + + "request": { + "headers": { + "_extends_": "Common_Request_Headers" + }, + "pathVariables": { + "uid": "[[DEFAULT_AUTO_VALUE]]", + "jid": "BEFTA_JURISDICTION_1", + "ctid": "BEFTA_CASETYPE_1_1", + "etid": "CREATE" + } + }, + + "expectedResponse": { + "_extends_": "Common_200_Response", + "headers": { + "Content-Encoding": "gzip", + "Content-Length": "[[ANY_INTEGER_NOT_NULLABLE]]" + }, + "body": { + "token": "[[ANY_STRING_NOT_NULLABLE]]", + "case_details": { + "id": null, + "jurisdiction": "[[ANYTHING_PRESENT]]", + "state": null, + "version": null, + "case_type_id": "[[ANYTHING_PRESENT]]", + "created_date": null, + "last_modified": null, + "last_state_modified_date": null, + "security_classification": null, + "case_data": {}, + "data_classification": {}, + "supplementary_data": null, + "after_submit_callback_response": null, + "callback_response_status_code": null, + "callback_response_status": null, + "delete_draft_response_status_code": null, + "delete_draft_response_status": null + }, + "event_id": "CREATE" + } + } +} diff --git a/src/aat/resources/features/F-044 - Submit Event V1 External/F-044.feature b/src/aat/resources/features/F-044 - Submit Event V1 External/F-044.feature index 37dd064816..30730e4d38 100644 --- a/src/aat/resources/features/F-044 - Submit Event V1 External/F-044.feature +++ b/src/aat/resources/features/F-044 - Submit Event V1 External/F-044.feature @@ -84,7 +84,10 @@ Scenario: must return 409 when case is altered out of the transaction And the response has all other details as expected. #------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- -@S-283 +# After the event token validation fix(ccd-5521), we get the same error in the token creation process since the token +# creation has to be with the same eventId; STOP_PROGRESS, which is not valid for the event process. That's why S-283 +# is not a valid scenario anymore +@S-283 @Ignore Scenario: must return 422 when event submission has failed Given a user with [an active profile in CCD], diff --git a/src/aat/resources/features/F-1016 - Submit Event to Update TTL/CreateCases/F-1016_GetEventTokenBase.td.json b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/CreateCases/F-1016_GetEventTokenBase.td.json index 601b75a69d..277dc2fbae 100644 --- a/src/aat/resources/features/F-1016 - Submit Event to Update TTL/CreateCases/F-1016_GetEventTokenBase.td.json +++ b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/CreateCases/F-1016_GetEventTokenBase.td.json @@ -26,7 +26,7 @@ "data_classification": "[[ANYTHING_PRESENT]]" }, - "event_id": "updateCaseSubmitTTL" + "event_id": "[[ANYTHING_PRESENT]]" } } } diff --git a/src/aat/resources/features/F-1016 - Submit Event to Update TTL/CreateCases/S-1016.21_GetUpdateSuspendedCaseTokenCitizen.td.json b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/CreateCases/S-1016.21_GetUpdateSuspendedCaseTokenCitizen.td.json new file mode 100644 index 0000000000..3d9b263087 --- /dev/null +++ b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/CreateCases/S-1016.21_GetUpdateSuspendedCaseTokenCitizen.td.json @@ -0,0 +1,23 @@ +{ + "_guid_": "S-1016.21_GetUpdateSuspendedCaseTokenCitizen", + "_extends_": "F-1016_GetEventTokenBase", + + "users": { + "invokingUser": { + "_extends_": "BeftaCitizen2" + } + }, + + "request": { + "pathVariables": { + "cid": "${[scenarioContext][parentContext][childContexts][F-1016_CreateSuspendedCasePreRequisiteCitizen][testData][actualResponse][body][id]}", + "etid": "updateCaseSubmitSuspendedTTL" + } + }, + + "expectedResponse": { + "body": { + "event_id": "updateCaseSubmitSuspendedTTL" + } + } +} diff --git a/src/aat/resources/features/F-1016 - Submit Event to Update TTL/CreateCases/S-1016.7_GetUpdateSuspendedCaseTokenCaseworker.td.json b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/CreateCases/S-1016.7_GetUpdateSuspendedCaseTokenCaseworker.td.json new file mode 100644 index 0000000000..4f4653697b --- /dev/null +++ b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/CreateCases/S-1016.7_GetUpdateSuspendedCaseTokenCaseworker.td.json @@ -0,0 +1,23 @@ +{ + "_guid_": "S-1016.7_GetUpdateSuspendedCaseTokenCaseworker", + "_extends_": "F-1016_GetEventTokenBase", + + "users": { + "invokingUser": { + "_extends_": "BeftaMasterCaseworker" + } + }, + + "request": { + "pathVariables": { + "cid": "${[scenarioContext][parentContext][childContexts][F-1016_CreateSuspendedCasePreRequisiteCaseworker][testData][actualResponse][body][id]}", + "etid": "updateCaseSubmitSuspendedTTL" + } + }, + + "expectedResponse": { + "body": { + "event_id": "updateCaseSubmitSuspendedTTL" + } + } +} diff --git a/src/aat/resources/features/F-1016 - Submit Event to Update TTL/S-1016.14.td.json b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/S-1016.14.td.json index 123fea9011..cca591b2f1 100644 --- a/src/aat/resources/features/F-1016 - Submit Event to Update TTL/S-1016.14.td.json +++ b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/S-1016.14.td.json @@ -5,7 +5,7 @@ "title": "TTL.Suspended changed to \"No\", SystemTTL and OverrideTTL greater than Guard value using v2 '/cases/{cid}/events'", "prerequisites" : [ { - "Token_Creation": "S-1016_GetUpdateSuspendedCaseTokenCaseworker" + "Token_Creation": "S-1016.7_GetUpdateSuspendedCaseTokenCaseworker" } ], diff --git a/src/aat/resources/features/F-1016 - Submit Event to Update TTL/S-1016.21.td.json b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/S-1016.21.td.json index 9d25a5144b..53537caa12 100644 --- a/src/aat/resources/features/F-1016 - Submit Event to Update TTL/S-1016.21.td.json +++ b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/S-1016.21.td.json @@ -5,7 +5,7 @@ "title": "TTL.Suspended changed to \"No\", SystemTTL and OverrideTTL greater than Guard value using '/citizens/{uid}/jurisdictions/{jid}/case-types/{ctid}/cases/{cid}/events'", "prerequisites" : [{ - "Token_Creation": "S-1016_GetUpdateSuspendedCaseTokenCitizen" + "Token_Creation": "S-1016.21_GetUpdateSuspendedCaseTokenCitizen" }], "specs": [ diff --git a/src/aat/resources/features/F-1016 - Submit Event to Update TTL/S-1016.7.td.json b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/S-1016.7.td.json index 0201f4527e..6872e1b206 100644 --- a/src/aat/resources/features/F-1016 - Submit Event to Update TTL/S-1016.7.td.json +++ b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/S-1016.7.td.json @@ -5,7 +5,7 @@ "title": "TTL.Suspended changed to \"No\", SystemTTL and OverrideTTL greater than Guard value using '/caseworkers/{uid}/jurisdictions/{jid}/case-types/{ctid}/cases/{cid}/events'", "prerequisites" : [ { - "Token_Creation": "S-1016_GetUpdateSuspendedCaseTokenCaseworker" + "Token_Creation": "S-1016.7_GetUpdateSuspendedCaseTokenCaseworker" } ], diff --git a/src/aat/resources/features/F-1016 - Submit Event to Update TTL/UpdateCase/F-1016_UpdateCase_TTLCaseType_updateCaseTTLIncHidden_PreRequisiteCitizen_TokenCreation.td.json b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/UpdateCase/F-1016_UpdateCase_TTLCaseType_updateCaseTTLIncHidden_PreRequisiteCitizen_TokenCreation.td.json index e123ffeac1..f9f249cabf 100644 --- a/src/aat/resources/features/F-1016 - Submit Event to Update TTL/UpdateCase/F-1016_UpdateCase_TTLCaseType_updateCaseTTLIncHidden_PreRequisiteCitizen_TokenCreation.td.json +++ b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/UpdateCase/F-1016_UpdateCase_TTLCaseType_updateCaseTTLIncHidden_PreRequisiteCitizen_TokenCreation.td.json @@ -11,7 +11,7 @@ "request": { "pathVariables": { "cid": "${[scenarioContext][siblingContexts][CreateCase_TTLCaseType_PreRequisiteCitizen][testData][actualResponse][body][id]}", - "etid": "updateCaseTTLInc" + "etid": "updateCaseTTLIncHidden" } }, diff --git a/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/CreateCases/Caseworker/S-1018.11-GetUpdateEventToken.td.json b/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/CreateCases/Caseworker/S-1018.11-GetUpdateEventToken.td.json new file mode 100644 index 0000000000..b96d3a8c5e --- /dev/null +++ b/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/CreateCases/Caseworker/S-1018.11-GetUpdateEventToken.td.json @@ -0,0 +1,30 @@ +{ + "title": "should create an event token for correct inputs", + "_guid_": "S-1018.11-GetUpdateEventToken", + "_extends_": "Token_Creation_Data_For_Master_Caseworker_Case_Creation", + + "users": { + "invokingUser": { + "_extends_": "BeftaMasterCaseworker" + } + }, + + "request": { + "pathVariables": { + "cid": "${[scenarioContext][siblingContexts][F-1018_CreateAnotherCasePreRequisiteCaseworkerBase][testData][actualResponse][body][id]}" + } + }, + + "expectedResponse": { + "_extends_": "Common_200_Response", + "headers": { + "Content-Encoding": "gzip", + "Content-Length": "[[ANYTHING_PRESENT]]" + }, + "body": { + "token": "[[ANYTHING_PRESENT]]", + "case_details": "[[ANYTHING_PRESENT]]", + "event_id": "updateCase" + } + } +} diff --git a/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/CreateCases/Citizen/S-1018.21-GetCitizenUpdateEventToken.td.json b/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/CreateCases/Citizen/S-1018.21-GetCitizenUpdateEventToken.td.json new file mode 100644 index 0000000000..a7ea5886b4 --- /dev/null +++ b/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/CreateCases/Citizen/S-1018.21-GetCitizenUpdateEventToken.td.json @@ -0,0 +1,11 @@ +{ + "title": "should create an event token for correct inputs", + "_guid_": "S-1018.21-GetCitizenUpdateEventToken", + "_extends_": "F-1018-GetCitizenUpdateEventTokenBase", + + "request": { + "pathVariables": { + "cid": "${[scenarioContext][siblingContexts][F-1018_CreateAnotherCasePreRequisiteCitizenBase][testData][actualResponse][body][id]}" + } + } +} diff --git a/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/F-1018.feature b/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/F-1018.feature index 9538b8fc54..3b5206f443 100644 --- a/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/F-1018.feature +++ b/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/F-1018.feature @@ -158,7 +158,7 @@ Feature: F-1018: Submit Event Creation Handle Case Links And a successful call [to create a case] as in [F-1018_CreateCasePreRequisiteCaseworkerBase] And another successful call [to create a case] as in [F-1018_CreateAnotherCasePreRequisiteCaseworkerBase] And another successful call [to create a case with a different case_type] as in [F-1018_CreateThirdCaseDifferentCaseTypePreRequisiteCaseworkerBase] - And a successful call [to get an event token for the case just created] as in [F-1018-GetUpdateEventToken] + And a successful call [to get an event token for the case just created] as in [S-1018.11-GetUpdateEventToken] When a request is prepared with appropriate values And the request [contains correctly configured CaseLink field as a collection] And the request [specifying the case to be updated, as created in F-1018_CreateLinkedCasePreRequisiteCaseworkerBase, does not contain a CaseLink field] @@ -314,7 +314,7 @@ Feature: F-1018: Submit Event Creation Handle Case Links Given a user with [an active profile in CCD] And a successful call [to create a case] as in [F-1018_CreateCasePreRequisiteCitizenBase] And another successful call [to create a case] as in [F-1018_CreateAnotherCasePreRequisiteCitizenBase] - And a successful call [to get an update event token for the case just created as a Citizen] as in [F-1018-GetCitizenUpdateEventToken] + And a successful call [to get an update event token for the case just created as a Citizen] as in [S-1018.21-GetCitizenUpdateEventToken] When a request is prepared with appropriate values And the request [contains correctly configured CaseLink field with Case Reference created in F-1018_CreateCasePreRequisiteCitizenBase] And the request [specifying the case to be updated, as created in F-1018_CreateAnotherCasePreRequisiteCaseworkerBase, does not contain a CaseLink field] diff --git a/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/S-1018.11.td.json b/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/S-1018.11.td.json index cc90737fbe..81edc0f8c7 100644 --- a/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/S-1018.11.td.json +++ b/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/S-1018.11.td.json @@ -37,7 +37,7 @@ "description": "" }, "security_classification": "PUBLIC", - "event_token" : "${[scenarioContext][childContexts][F-1018-GetUpdateEventToken][testData][actualResponse][body][token]}", + "event_token" : "${[scenarioContext][childContexts][S-1018.11-GetUpdateEventToken][testData][actualResponse][body][token]}", "ignore_warning": true } }, diff --git a/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/S-1018.21.td.json b/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/S-1018.21.td.json index 25e61228a4..7746ae1ae9 100644 --- a/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/S-1018.21.td.json +++ b/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/S-1018.21.td.json @@ -27,7 +27,7 @@ "description": "" }, "security_classification": "PUBLIC", - "event_token" : "${[scenarioContext][childContexts][F-1018-GetCitizenUpdateEventToken][testData][actualResponse][body][token]}", + "event_token" : "${[scenarioContext][childContexts][S-1018.21-GetCitizenUpdateEventToken][testData][actualResponse][body][token]}", "ignore_warning": true } }, diff --git a/src/aat/resources/features/F-1019 - Submit Case Creation Handle Case Links/F-1019.feature b/src/aat/resources/features/F-1019 - Submit Case Creation Handle Case Links/F-1019.feature index 6500c013f6..e55eb2fb7b 100644 --- a/src/aat/resources/features/F-1019 - Submit Case Creation Handle Case Links/F-1019.feature +++ b/src/aat/resources/features/F-1019 - Submit Case Creation Handle Case Links/F-1019.feature @@ -192,7 +192,7 @@ Feature: F-1019: Submit Case Creation Handle Case Links # Submit Event Creation: extra tests for Standard CaseLinks field and flag in CaseLinks table #======================================= - @S-1019.16 + @S-1019.16 Scenario: Standard CaseLinks field should generate caseLink records with StandardLink set to true when Submit Case Creation Event is invoked on v1_external#/case-details-endpoint/saveCaseDetailsForCaseWorkerUsingPOST Given a user with [an active profile in CCD] And a successful call [to create many cases to link to] as in [F-1019_CreateManyTestsCasesCaseworker] @@ -203,7 +203,7 @@ Feature: F-1019: Submit Case Creation Handle Case Links And the response has all other details as expected And a successful call [to verify that the Case Links have been created in the CASE_LINK table with correct values] as in [F-1019-VerifyMultipleCaseLinksUsingStandardLinkField] - @S-1019.17 + @S-1019.17 Scenario: Standard CaseLinks field should generate caseLink records with StandardLink set to true when Submit Case Creation Event is invoked on v1_external#/case-details-endpoint/saveCaseDetailsForCitizenUsingPOST Given a user with [an active profile in CCD] And a successful call [to create many cases to link to] as in [F-1019_CreateManyTestsCasesCaseworker] @@ -214,7 +214,7 @@ Feature: F-1019: Submit Case Creation Handle Case Links And the response has all other details as expected And a successful call [to verify that the Case Links have been created in the CASE_LINK table with correct values] as in [F-1019-VerifyMultipleCaseLinksUsingStandardLinkField] - @S-1019.18 + @S-1019.18 Scenario: Standard CaseLinks field should generate caseLink records with StandardLink set to true when Submit Case Creation Event is invoked on v2_external#/case-controller/createCaseUsingPOST Given a user with [an active profile in CCD] And a successful call [to create many cases to link to] as in [F-1019_CreateManyTestsCasesCaseworker] @@ -230,7 +230,7 @@ Feature: F-1019: Submit Case Creation Handle Case Links # Complex case links: extra tests for extracting CaseLinks from more complex fields #======================================= - @S-1019.19 + @S-1019.19 Scenario: Collection of complex fields with CaseLinks should generate caseLink records when Submit Case Creation Event is invoked on v1_external#/case-details-endpoint/saveCaseDetailsForCaseWorkerUsingPOST Given a user with [an active profile in CCD] And a successful call [to create a case] as in [F-1019_CreateCasePreRequisiteCaseworkerBase] @@ -244,7 +244,7 @@ Feature: F-1019: Submit Case Creation Handle Case Links And the response has all other details as expected And a successful call [to verify that the Case Links have been created in the CASE_LINK table with correct values] as in [F-1019-VerifyMultipleCaseLinks] - @S-1019.20 + @S-1019.20 Scenario: Collection of complex fields with CaseLinks should generate caseLink records when Submit Case Creation Event is invoked on v2_external#/case-controller/createCaseUsingPOST Given a user with [an active profile in CCD] And a successful call [to create a case] as in [F-1019_CreateCasePreRequisiteCaseworkerBase] @@ -258,7 +258,7 @@ Feature: F-1019: Submit Case Creation Handle Case Links And the response has all other details as expected And a successful call [to verify that the Case Links have been created in the CASE_LINK table with correct values] as in [F-1019-VerifyMultipleCaseLinks] - @S-1019.21 + @S-1019.21 Scenario: Nested complex fields with CaseLinks should generate caseLink records when Submit Case Creation Event is invoked on v1_external#/case-details-endpoint/saveCaseDetailsForCaseWorkerUsingPOST Given a user with [an active profile in CCD] And a successful call [to create a case] as in [F-1019_CreateCasePreRequisiteCaseworkerBase] @@ -272,7 +272,7 @@ Feature: F-1019: Submit Case Creation Handle Case Links And the response has all other details as expected And a successful call [to verify that the Case Links have been created in the CASE_LINK table with correct values] as in [F-1019-VerifyMultipleCaseLinks] - @S-1019.22 + @S-1019.22 Scenario: Nested complex fields with CaseLinks should generate caseLink records when Submit Case Creation Event is invoked on v2_external#/case-controller/createCaseUsingPOST Given a user with [an active profile in CCD] And a successful call [to create a case] as in [F-1019_CreateCasePreRequisiteCaseworkerBase] diff --git a/src/aat/resources/features/F-113 - CaseLinking/F-113_Case_Data_Create_Token_Creation.td.json b/src/aat/resources/features/F-113 - CaseLinking/F-113_Case_Data_Create_Token_Creation.td.json index b1c412c452..4e95076f5b 100644 --- a/src/aat/resources/features/F-113 - CaseLinking/F-113_Case_Data_Create_Token_Creation.td.json +++ b/src/aat/resources/features/F-113 - CaseLinking/F-113_Case_Data_Create_Token_Creation.td.json @@ -6,8 +6,7 @@ ], "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, "request": { diff --git a/src/aat/resources/features/F-113 - CaseLinking/F-113_Test_Data_Base.td.json b/src/aat/resources/features/F-113 - CaseLinking/F-113_Test_Data_Base.td.json index 1b3cbec2b0..6a005103f0 100644 --- a/src/aat/resources/features/F-113 - CaseLinking/F-113_Test_Data_Base.td.json +++ b/src/aat/resources/features/F-113 - CaseLinking/F-113_Test_Data_Base.td.json @@ -10,13 +10,11 @@ ], "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, "user": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" }, "request": { diff --git a/src/aat/resources/features/F-114 - Notice Of Change/F-114_Case_Data_Create_Token_Creation.td.json b/src/aat/resources/features/F-114 - Notice Of Change/F-114_Case_Data_Create_Token_Creation.td.json index d3a467084e..555511c5d0 100644 --- a/src/aat/resources/features/F-114 - Notice Of Change/F-114_Case_Data_Create_Token_Creation.td.json +++ b/src/aat/resources/features/F-114 - Notice Of Change/F-114_Case_Data_Create_Token_Creation.td.json @@ -6,8 +6,7 @@ ], "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, "request": { diff --git a/src/aat/resources/features/F-114 - Notice Of Change/F-114_Test_Data_Base.td.json b/src/aat/resources/features/F-114 - Notice Of Change/F-114_Test_Data_Base.td.json index ac3b8f738b..713672a62c 100644 --- a/src/aat/resources/features/F-114 - Notice Of Change/F-114_Test_Data_Base.td.json +++ b/src/aat/resources/features/F-114 - Notice Of Change/F-114_Test_Data_Base.td.json @@ -10,13 +10,11 @@ ], "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, "user": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" }, "request": { diff --git a/src/aat/resources/features/F-122 - Conditional Event Post States/F-122.feature b/src/aat/resources/features/F-122 - Conditional Event Post States/F-122.feature index 36e4d767ab..e37e9e84e2 100644 --- a/src/aat/resources/features/F-122 - Conditional Event Post States/F-122.feature +++ b/src/aat/resources/features/F-122 - Conditional Event Post States/F-122.feature @@ -88,7 +88,7 @@ Feature: F-122: Conditional Event Post States Given a user with [an active profile in CCD], And a successful call [to create a token for case creation] as in [S-122-GetToken_CaseCreate], And a successful call [to create a case] as in [FT_ConditionalPostState_Create_Case], - And a successful call [to get an event token for the case just created] as in [S-122-GetToken_UpdateCase], + And a successful call [to get an event token for the case just created] as in [S-122-GetToken_UpdateCase2], When a request is prepared with appropriate values, And the request [contains a case Id that has just been created], @@ -105,7 +105,7 @@ Feature: F-122: Conditional Event Post States Given a user with [an active profile in CCD], And a successful call [to create a token for case creation] as in [S-122-GetToken_CaseCreate], And a successful call [to create a case] as in [FT_ConditionalPostState_Create_Case], - And a successful call [to get an event token for the case just created] as in [S-122-GetToken_UpdateCase], + And a successful call [to get an event token for the case just created] as in [S-122-GetToken_UpdateCase2], When a request is prepared with appropriate values, And the request [contains a case Id that has just been created], @@ -122,7 +122,7 @@ Feature: F-122: Conditional Event Post States Given a user with [an active profile in CCD], And a successful call [to create a token for case creation] as in [S-122-GetToken_CaseCreate], And a successful call [to create a case] as in [FT_ConditionalPostState_Create_Case], - And a successful call [to get an event token for the case just created] as in [S-122-GetToken_UpdateCase], + And a successful call [to get an event token for the case just created] as in [S-122-GetToken_UpdateCase2], When a request is prepared with appropriate values, And the request [contains a case Id that has just been created], @@ -139,7 +139,7 @@ Feature: F-122: Conditional Event Post States Given a user with [an active profile in CCD], And a successful call [to create a token for case creation] as in [S-122-GetToken_CaseCreate], And a successful call [to create a case] as in [FT_ConditionalPostState_Create_Case], - And a successful call [to get an event token for the case just created] as in [S-122-GetToken_UpdateCase], + And a successful call [to get an event token for the case just created] as in [S-122-GetToken_UpdateCase2], When a request is prepared with appropriate values, And the request [contains a case Id that has just been created], diff --git a/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.5.td.json b/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.5.td.json index 42cf6ff464..b23216164c 100644 --- a/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.5.td.json +++ b/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.5.td.json @@ -1,6 +1,6 @@ { "_guid_": "S-122.5", - "_extends_": "F-122-UpdateEventBase", + "_extends_": "F-122-UpdateEvent2Base", "title": "Ordering should take precedence when both conditions resolve (End state: CaseUpdated2)", "productName": "CCD data store", diff --git a/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.6.td.json b/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.6.td.json index 9c1227a1c8..7bb66630b2 100644 --- a/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.6.td.json +++ b/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.6.td.json @@ -1,6 +1,6 @@ { "_guid_": "S-122.6", - "_extends_": "F-122-UpdateEventBase", + "_extends_": "F-122-UpdateEvent2Base", "title": "Sets the state defined with a matching post state condition using OR operator (End state: CaseAmended2)", "productName": "CCD data store", diff --git a/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.7.td.json b/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.7.td.json index 5a76edc0f8..7033f45cbb 100644 --- a/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.7.td.json +++ b/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.7.td.json @@ -1,6 +1,6 @@ { "_guid_": "S-122.7", - "_extends_": "F-122-UpdateEventBase", + "_extends_": "F-122-UpdateEvent2Base", "title": "*(FieldA) will keep the state as is (End state: CaseCreated)", "productName": "CCD data store", diff --git a/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.8.td.json b/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.8.td.json index da38faf0e7..58828335a9 100644 --- a/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.8.td.json +++ b/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.8.td.json @@ -1,6 +1,6 @@ { "_guid_": "S-122.8", - "_extends_": "F-122-UpdateEventBase", + "_extends_": "F-122-UpdateEvent2Base", "title": "Sets the state defined with a matching post state condition using != operator (End state: CaseRevoked2)", "productName": "CCD data store", diff --git a/src/aat/resources/features/F-122 - Conditional Event Post States/common/F-122-UpdateEvent2Base.td.json b/src/aat/resources/features/F-122 - Conditional Event Post States/common/F-122-UpdateEvent2Base.td.json new file mode 100644 index 0000000000..2b84c0c8e7 --- /dev/null +++ b/src/aat/resources/features/F-122 - Conditional Event Post States/common/F-122-UpdateEvent2Base.td.json @@ -0,0 +1,92 @@ +{ + "_guid_": "F-122-UpdateEvent2Base", + "title": "must submit the event creation successfully for TextField and EmailField inputs", + + "productName": "CCD data store", + "operationName": "submit updateCase event with TextField and EmailField values", + + "method": "POST", + "uri": "/caseworkers/{uid}/jurisdictions/{jid}/case-types/{ctid}/cases/{cid}/events", + + "specs": [ + "an active profile in CCD", + "contains a case Id that has just been created", + "contains Update token created as in S-122-GetToken_UpdateCase" + ], + + "user": { + "_extends_": "BeftaMasterCaseworker" + }, + + "request": { + "headers": { + "_extends_": "Common_Request_Headers" + }, + "pathVariables": { + "uid": "[[DEFAULT_AUTO_VALUE]]", + "jid": "BEFTA_MASTER", + "ctid": "FT_ConditionalPostState", + "cid": "${[scenarioContext][childContexts][FT_ConditionalPostState_Create_Case][testData][actualResponse][body][id]}" + }, + "body": { + "data": { + "_extends_": "FT_ConditionalPostState_Base_Case_Data", + "TextField": "updated testing 1234", + "EmailField": null + }, + "event": { + "id": "updateCase", + "summary": "", + "description": "" + }, + "security_classification": "PUBLIC", + "event_token": "${[scenarioContext][childContexts][S-122-GetToken_UpdateCase2][testData][actualResponse][body][token]}", + "ignore_warning": true + } + }, + + "expectedResponse": { + "responseCode": 201, + "responseMessage": "OK", + "headers": { + "_extends_": "Common_Response_Headers", + "Vary": "Accept-Encoding" + }, + "body": { + "id": "[[ANYTHING_PRESENT]]", + "jurisdiction": "BEFTA_MASTER", + "state": "CaseUpdated2", + "version": "[[ANYTHING_PRESENT]]", + "case_type_id": "FT_ConditionalPostState", + "created_date": "[[ANYTHING_PRESENT]]", + "last_modified": "[[ANYTHING_PRESENT]]", + "last_state_modified_date": "[[ANYTHING_PRESENT]]", + "security_classification": "PUBLIC", + "case_data": { + "AddressField": { + "AddressLine1": null, + "AddressLine2": null, + "AddressLine3": null, + "Country": null + }, + "MoneyField": null, + "MultiSelectField": [], + "EmailField": "matched@test.com", + "YesNoField": null, + "TextField": "updated2", + "PhoneField": null, + "MarritalStatus": null, + "DateField": null, + "TextAreaField": null, + "NumberField": null + }, + "data_classification": "[[ANYTHING_PRESENT]]", + "supplementary_data": null, + "after_submit_callback_response": null, + "callback_response_status_code": null, + "callback_response_status": null, + "delete_draft_response_status_code": null, + "delete_draft_response_status": null + } + } +} diff --git a/src/aat/resources/features/F-122 - Conditional Event Post States/common/S-122-GetToken_UpdateCase2.td.json b/src/aat/resources/features/F-122 - Conditional Event Post States/common/S-122-GetToken_UpdateCase2.td.json new file mode 100644 index 0000000000..a8f227a8cd --- /dev/null +++ b/src/aat/resources/features/F-122 - Conditional Event Post States/common/S-122-GetToken_UpdateCase2.td.json @@ -0,0 +1,47 @@ +{ + "_guid_": "S-122-GetToken_UpdateCase2", + "title": "should create an event token for correct inputs", + + "productName": "CCD Data Store", + "operationName": "Retrieve an update token", + + "method": "GET", + "uri": "/caseworkers/{uid}/jurisdictions/{jid}/case-types/{ctid}/cases/{cid}/event-triggers/{etid}/token", + + "specs": [ + "to get an event token for the case just created" + ], + + "users": { + "invokingUser": { + "_extends_": "BeftaMasterCaseworker" + } + }, + + "request": { + "headers": { + "_extends_": "Common_Request_Headers" + }, + "pathVariables": { + "jid": "BEFTA_MASTER", + "ctid": "FT_ConditionalPostState", + "uid": "[[DEFAULT_AUTO_VALUE]]", + "cid": "${[scenarioContext][parentContext][childContexts][FT_ConditionalPostState_Create_Case][testData][actualResponse][body][id]}", + "etid": "updateCase2" + } + }, + + "expectedResponse": { + "_extends_": "Common_200_Response", + "headers": { + "Content-Encoding": "gzip", + "Content-Type": "application/json", + "Content-Length": "[[ANYTHING_PRESENT]]" + }, + "body": { + "token": "[[ANYTHING_PRESENT]]", + "case_details": "[[ANYTHING_PRESENT]]", + "event_id": "updateCase2" + } + } +} diff --git a/src/aat/resources/features/F-127 - Even Enabling Condition/S-127.1.td.json b/src/aat/resources/features/F-127 - Even Enabling Condition/S-127.1.td.json index 1bd69991e9..8e6e337231 100644 --- a/src/aat/resources/features/F-127 - Even Enabling Condition/S-127.1.td.json +++ b/src/aat/resources/features/F-127 - Even Enabling Condition/S-127.1.td.json @@ -15,8 +15,7 @@ }, "user": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_BEFTA_MASTER_CASEWORKER_PWD]]" + "_extends_": "BeftaMasterCaseworker" }, "expectedResponse": { diff --git a/src/aat/resources/features/F-127 - Even Enabling Condition/S-127.2.td.json b/src/aat/resources/features/F-127 - Even Enabling Condition/S-127.2.td.json index 40a5bb8e81..80c2a5d5aa 100644 --- a/src/aat/resources/features/F-127 - Even Enabling Condition/S-127.2.td.json +++ b/src/aat/resources/features/F-127 - Even Enabling Condition/S-127.2.td.json @@ -15,8 +15,7 @@ }, "user": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_BEFTA_MASTER_CASEWORKER_PWD]]" + "_extends_": "BeftaMasterCaseworker" }, "expectedResponse": { diff --git a/src/aat/resources/features/F-127 - Even Enabling Condition/common/FT_Create_Case_EventEnablingCondition.td.json b/src/aat/resources/features/F-127 - Even Enabling Condition/common/FT_Create_Case_EventEnablingCondition.td.json index fd16fab19e..b2b374e640 100644 --- a/src/aat/resources/features/F-127 - Even Enabling Condition/common/FT_Create_Case_EventEnablingCondition.td.json +++ b/src/aat/resources/features/F-127 - Even Enabling Condition/common/FT_Create_Case_EventEnablingCondition.td.json @@ -12,8 +12,7 @@ ], "user": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_BEFTA_MASTER_CASEWORKER_PWD]]" + "_extends_": "BeftaMasterCaseworker" }, "request": { diff --git a/src/aat/resources/features/F-127 - Even Enabling Condition/common/FT_Create_Case_EventEnablingCondition_NotMatch.td.json b/src/aat/resources/features/F-127 - Even Enabling Condition/common/FT_Create_Case_EventEnablingCondition_NotMatch.td.json index 7d8ad0ee9e..84b942ca84 100644 --- a/src/aat/resources/features/F-127 - Even Enabling Condition/common/FT_Create_Case_EventEnablingCondition_NotMatch.td.json +++ b/src/aat/resources/features/F-127 - Even Enabling Condition/common/FT_Create_Case_EventEnablingCondition_NotMatch.td.json @@ -12,8 +12,7 @@ ], "user": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_BEFTA_MASTER_CASEWORKER_PWD]]" + "_extends_": "BeftaMasterCaseworker" }, "request": { diff --git a/src/aat/resources/features/F-127 - Even Enabling Condition/common/S-127-GetToken_CaseCreate.td.json b/src/aat/resources/features/F-127 - Even Enabling Condition/common/S-127-GetToken_CaseCreate.td.json index eab08be414..3acbbb0511 100644 --- a/src/aat/resources/features/F-127 - Even Enabling Condition/common/S-127-GetToken_CaseCreate.td.json +++ b/src/aat/resources/features/F-127 - Even Enabling Condition/common/S-127-GetToken_CaseCreate.td.json @@ -16,8 +16,7 @@ }, "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_BEFTA_MASTER_CASEWORKER_PWD]]" + "_extends_": "BeftaMasterCaseworker" } }, diff --git a/src/aat/resources/features/F-128 - Dynamic Lists/F-128_Test_Data_Base.td.json b/src/aat/resources/features/F-128 - Dynamic Lists/F-128_Test_Data_Base.td.json index a02d9d67b3..a438907ace 100644 --- a/src/aat/resources/features/F-128 - Dynamic Lists/F-128_Test_Data_Base.td.json +++ b/src/aat/resources/features/F-128 - Dynamic Lists/F-128_Test_Data_Base.td.json @@ -10,13 +10,11 @@ ], "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, "user": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" }, "request": { diff --git a/src/aat/resources/features/F-130 - AC CRUD external createCase/F-130.feature b/src/aat/resources/features/F-130 - AC CRUD external createCase/F-130.feature index 5d96c9e04b..91aa2d9066 100644 --- a/src/aat/resources/features/F-130 - AC CRUD external createCase/F-130.feature +++ b/src/aat/resources/features/F-130 - AC CRUD external createCase/F-130.feature @@ -49,7 +49,7 @@ Feature: F-130: Create Case External API CRUD Tests @S-130.7 Scenario: User submits case creation with no CaseType R Access does not return the case after successful case creation Given a user with [an active profile in CCD] - And a successful call [to create a token for case creation] as in [S-130.1_Get_Event_Trigger] + And a successful call [to create a token for case creation] as in [S-130.7_Get_Event_Trigger] When a request is prepared with appropriate values, And it is submitted to call the [external create case] operation of [CCD Data Store], Then a positive response is received diff --git a/src/aat/resources/features/F-130 - AC CRUD external createCase/F-130_Get_Event_Token_Base.td.json b/src/aat/resources/features/F-130 - AC CRUD external createCase/F-130_Get_Event_Token_Base.td.json index f85b7a0f1e..2c27b29a7e 100644 --- a/src/aat/resources/features/F-130 - AC CRUD external createCase/F-130_Get_Event_Token_Base.td.json +++ b/src/aat/resources/features/F-130 - AC CRUD external createCase/F-130_Get_Event_Token_Base.td.json @@ -5,7 +5,7 @@ "operationName": "Start event creation as Case worker", "method": "GET", - "uri": "/case-types/FT_CRUD/event-triggers/{etid}", + "uri": "/case-types/{cid}/event-triggers/{etid}", "specs": [ "to create a token for case creation" @@ -13,7 +13,7 @@ "users": { "invokingUser": { - "_extends_": "BeftaCaseworker1" + "_extends_": "BeftaMasterCaseworker" } }, @@ -23,6 +23,7 @@ "Experimental" : "true" }, "pathVariables": { + "cid": "FT_CRUD", "etid": "createCase" } }, @@ -45,7 +46,7 @@ "jurisdiction" : "BEFTA_MASTER", "state" : null, "version" : null, - "case_type_id" : "FT_CRUD", + "case_type_id" : "${[scenarioContext][testData][request][pathVariables][cid]}", "created_date" : null, "last_modified" : null, "last_state_modified_date" : null, diff --git a/src/aat/resources/features/F-130 - AC CRUD external createCase/F-130_Test_Data_Base.td.json b/src/aat/resources/features/F-130 - AC CRUD external createCase/F-130_Test_Data_Base.td.json index 750d95db52..638949c838 100644 --- a/src/aat/resources/features/F-130 - AC CRUD external createCase/F-130_Test_Data_Base.td.json +++ b/src/aat/resources/features/F-130 - AC CRUD external createCase/F-130_Test_Data_Base.td.json @@ -12,8 +12,7 @@ "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, diff --git a/src/aat/resources/features/F-130 - AC CRUD external createCase/S-130.7.td.json b/src/aat/resources/features/F-130 - AC CRUD external createCase/S-130.7.td.json index 3739f12e56..704901d32b 100644 --- a/src/aat/resources/features/F-130 - AC CRUD external createCase/S-130.7.td.json +++ b/src/aat/resources/features/F-130 - AC CRUD external createCase/S-130.7.td.json @@ -18,7 +18,7 @@ "event": { "id": "createCase" }, - "event_token": "${[scenarioContext][childContexts][S-130.1_Get_Event_Trigger][testData][actualResponse][body][token]}", + "event_token": "${[scenarioContext][childContexts][S-130.7_Get_Event_Trigger][testData][actualResponse][body][token]}", "event_data": { "TextField": "value1" } diff --git a/src/aat/resources/features/F-130 - AC CRUD external createCase/S-130.7_Get_Event_Trigger.td.json b/src/aat/resources/features/F-130 - AC CRUD external createCase/S-130.7_Get_Event_Trigger.td.json new file mode 100644 index 0000000000..fb0b75292e --- /dev/null +++ b/src/aat/resources/features/F-130 - AC CRUD external createCase/S-130.7_Get_Event_Trigger.td.json @@ -0,0 +1,10 @@ +{ + "_guid_" : "S-130.7_Get_Event_Trigger", + "_extends_" : "F-130_Get_Event_Token_Base", + + "request": { + "pathVariables": { + "cid": "FT_CRUD_2" + } + } +} diff --git a/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131.5_CreateCase.td.json b/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131.5_CreateCase.td.json index d8aad3309f..6791933705 100644 --- a/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131.5_CreateCase.td.json +++ b/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131.5_CreateCase.td.json @@ -10,8 +10,7 @@ "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, diff --git a/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131_CreateCase.td.json b/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131_CreateCase.td.json index 3baec1cce4..ff27e8601a 100644 --- a/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131_CreateCase.td.json +++ b/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131_CreateCase.td.json @@ -12,8 +12,7 @@ "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, diff --git a/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131_Test_Data_Base.td.json b/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131_Test_Data_Base.td.json index e2b9c90034..41d92dc89e 100644 --- a/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131_Test_Data_Base.td.json +++ b/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131_Test_Data_Base.td.json @@ -12,8 +12,7 @@ "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, diff --git a/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131_Token_Creation_Base.td.json b/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131_Token_Creation_Base.td.json index 8c2e7c1183..2440878972 100644 --- a/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131_Token_Creation_Base.td.json +++ b/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131_Token_Creation_Base.td.json @@ -15,8 +15,7 @@ "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, diff --git a/src/aat/resources/features/F-131 - AC CRUD external createEvent/S-131.5_CreateCase_Token_Creation.td.json b/src/aat/resources/features/F-131 - AC CRUD external createEvent/S-131.5_CreateCase_Token_Creation.td.json index 8098d04395..78da47934e 100644 --- a/src/aat/resources/features/F-131 - AC CRUD external createEvent/S-131.5_CreateCase_Token_Creation.td.json +++ b/src/aat/resources/features/F-131 - AC CRUD external createEvent/S-131.5_CreateCase_Token_Creation.td.json @@ -14,7 +14,7 @@ "users": { "invokingUser": { - "_extends_": "BeftaCaseworker1" + "_extends_": "BeftaMasterCaseworker" } }, diff --git a/src/aat/resources/features/F-132 - AC CRUD external getEvent/F-132.2.td.json b/src/aat/resources/features/F-132 - AC CRUD external getEvent/F-132.2.td.json index 836e68dfe4..6319fb9f28 100644 --- a/src/aat/resources/features/F-132 - AC CRUD external getEvent/F-132.2.td.json +++ b/src/aat/resources/features/F-132 - AC CRUD external getEvent/F-132.2.td.json @@ -14,8 +14,7 @@ "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, diff --git a/src/aat/resources/features/F-132 - AC CRUD external getEvent/F-132_Event_Creation_Base.td.json b/src/aat/resources/features/F-132 - AC CRUD external getEvent/F-132_Event_Creation_Base.td.json index 51b41c062a..b6076c74ce 100644 --- a/src/aat/resources/features/F-132 - AC CRUD external getEvent/F-132_Event_Creation_Base.td.json +++ b/src/aat/resources/features/F-132 - AC CRUD external getEvent/F-132_Event_Creation_Base.td.json @@ -13,8 +13,7 @@ "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, diff --git a/src/aat/resources/features/F-132 - AC CRUD external getEvent/F-132_Token_Creation_Base.td.json b/src/aat/resources/features/F-132 - AC CRUD external getEvent/F-132_Token_Creation_Base.td.json index 7b2f819238..7672367eca 100644 --- a/src/aat/resources/features/F-132 - AC CRUD external getEvent/F-132_Token_Creation_Base.td.json +++ b/src/aat/resources/features/F-132 - AC CRUD external getEvent/F-132_Token_Creation_Base.td.json @@ -15,8 +15,7 @@ "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, diff --git a/src/aat/resources/features/F-134 - AC CRUD internal jurisdictions/F-134_Test_Data_Base.td.json b/src/aat/resources/features/F-134 - AC CRUD internal jurisdictions/F-134_Test_Data_Base.td.json index 159530486f..9117e1b452 100644 --- a/src/aat/resources/features/F-134 - AC CRUD internal jurisdictions/F-134_Test_Data_Base.td.json +++ b/src/aat/resources/features/F-134 - AC CRUD internal jurisdictions/F-134_Test_Data_Base.td.json @@ -18,8 +18,7 @@ "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, diff --git a/src/aat/resources/features/F-138 - AC CRUD internal case-history/F-138_CreateCase_Token_Creation.td.json b/src/aat/resources/features/F-138 - AC CRUD internal case-history/F-138_CreateCase_Token_Creation.td.json index b271a798f2..b021a81bdc 100644 --- a/src/aat/resources/features/F-138 - AC CRUD internal case-history/F-138_CreateCase_Token_Creation.td.json +++ b/src/aat/resources/features/F-138 - AC CRUD internal case-history/F-138_CreateCase_Token_Creation.td.json @@ -13,7 +13,7 @@ "users": { "invokingUser": { - "_extends_": "BeftaCaseworker1" + "_extends_": "BeftaCaseworkerCaa" } }, diff --git a/src/aat/resources/features/F-138 - AC CRUD internal case-history/F-138_Test_Data_Base.td.json b/src/aat/resources/features/F-138 - AC CRUD internal case-history/F-138_Test_Data_Base.td.json index ccbf9cf5df..86b6836b04 100644 --- a/src/aat/resources/features/F-138 - AC CRUD internal case-history/F-138_Test_Data_Base.td.json +++ b/src/aat/resources/features/F-138 - AC CRUD internal case-history/F-138_Test_Data_Base.td.json @@ -11,8 +11,7 @@ "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, diff --git a/src/aat/resources/features/F-139 - AC CRUD internal case view/F-139_CreateCase_Token_Creation.td.json b/src/aat/resources/features/F-139 - AC CRUD internal case view/F-139_CreateCase_Token_Creation.td.json new file mode 100644 index 0000000000..32863ec3bd --- /dev/null +++ b/src/aat/resources/features/F-139 - AC CRUD internal case view/F-139_CreateCase_Token_Creation.td.json @@ -0,0 +1,65 @@ +{ + "_guid_": "F-139_CreateCase_Token_Creation", + + "productName": "CCD Data Store", + "operationName": "Start event creation as Case worker", + + "method": "GET", + "uri": "/case-types/FT_CRUD/event-triggers/{etid}", + + "specs": [ + "to create a token for case creation" + ], + + "users": { + "invokingUser": { + "_extends_": "BeftaMasterCaseworker" + } + }, + + "request": { + "headers":{ + "_extends_": "Common_Request_Headers", + "Experimental" : "true" + }, + "pathVariables": { + "etid": "createCase" + } + }, + + "expectedResponse": { + "_extends_": "Common_200_Response", + "headers" : { + "Content-Encoding" : "gzip", + "Content-Length": "[[ANYTHING_PRESENT]]" + }, + "body" : { + "token" : "[[ANYTHING_PRESENT]]", + "_links": { + "self": { + "href": "[[ANYTHING_PRESENT]]" + } + }, + "case_details" : { + "id" : null, + "jurisdiction" : "BEFTA_MASTER", + "state" : null, + "version" : null, + "case_type_id" : "FT_CRUD", + "created_date" : null, + "last_modified" : null, + "last_state_modified_date" : null, + "security_classification" : null, + "case_data" : { }, + "data_classification": {}, + "supplementary_data": null, + "after_submit_callback_response" : null, + "callback_response_status_code" : null, + "callback_response_status" : null, + "delete_draft_response_status_code" : null, + "delete_draft_response_status" : null + }, + "event_id" : "createCase" + } + } +} diff --git a/src/aat/resources/features/F-139 - AC CRUD internal case view/S-139.2_CreateCase.td.json b/src/aat/resources/features/F-139 - AC CRUD internal case view/S-139.2_CreateCase.td.json index 660d38b967..d80335f42b 100644 --- a/src/aat/resources/features/F-139 - AC CRUD internal case view/S-139.2_CreateCase.td.json +++ b/src/aat/resources/features/F-139 - AC CRUD internal case view/S-139.2_CreateCase.td.json @@ -1,10 +1,85 @@ { "_guid_": "S-139.2_CreateCase", - "_extends_": "F-131_CreateCase", + + "productName": "CCD Data Store", + "operationName": "external create case", + "method": "POST", + "uri": "/case-types/{ctid}/cases", + + "specs" : [ + "to create a full case" + ], + + "users": { + "invokingUser": { + "_extends_": "BeftaMasterCaseworker" + } + }, "request": { + "_extends_": "Common_Request", + "pathVariables": { + "ctid": "FT_CRUD" + }, + "headers": { + "experimental": true + }, "body": { - "event_token": "${[scenarioContext][parentContext][childContexts][S-139.2_CreateCase_Token_Creation][testData][actualResponse][body][token]}" + "data": { + "TextField": "value1", + "TextField2": "value2" + }, + "event": { + "id": "createCase", + "summary": "", + "description": "" + }, + "event_token": "${[scenarioContext][parentContext][childContexts][S-139.2_CreateCase_Token_Creation][testData][actualResponse][body][token]}", + "event_data": { + "TextField": "value1", + "TextField2": "value2" + }, + "ignore_warning": false + } + }, + + "expectedResponse": { + "_extends_": "Common_201_Response", + "headers": { + "Content-Length": "[[ANY_NULLABLE]]", + "Content-Encoding": "[[ANY_NULLABLE]]", + "Content-Type": "application/vnd.uk.gov.hmcts.ccd-data-store-api.create-case.v2+json;charset=UTF-8", + "Connection": "[[ANYTHING_PRESENT]]", + "Keep-Alive": "[[ANYTHING_PRESENT]]", + "Transfer-Encoding": "[[ANYTHING_PRESENT]]", + "Strict-Transport-Security": "[[ANY_NULLABLE]]" + }, + "body" : { + "_links": { + "self": { + "href": "[[ANYTHING_PRESENT]]" + } + }, + "id": "[[ANYTHING_PRESENT]]", + "jurisdiction": "BEFTA_MASTER", + "case_type": "FT_CRUD", + "created_on": "[[ANYTHING_PRESENT]]", + "last_modified_on": "[[ANYTHING_PRESENT]]", + "last_state_modified_on": "[[ANYTHING_PRESENT]]", + "state": "CaseCreated", + "security_classification": "PUBLIC", + "data": { + "TextField": "value1" + }, + "data_classification": { + "TextField": "PUBLIC" + }, + "after_submit_callback_response": null, + "callback_response_status_code": null, + "callback_response_status": null, + "delete_draft_response_status_code": null, + "delete_draft_response_status": null } } + } diff --git a/src/aat/resources/features/F-139 - AC CRUD internal case view/S-139.2_CreateCase_Token_Creation.td.json b/src/aat/resources/features/F-139 - AC CRUD internal case view/S-139.2_CreateCase_Token_Creation.td.json index e998535003..8ddf7d1eb2 100644 --- a/src/aat/resources/features/F-139 - AC CRUD internal case view/S-139.2_CreateCase_Token_Creation.td.json +++ b/src/aat/resources/features/F-139 - AC CRUD internal case view/S-139.2_CreateCase_Token_Creation.td.json @@ -1,4 +1,4 @@ { "_guid_": "S-139.2_CreateCase_Token_Creation", - "_extends_": "F-138_CreateCase_Token_Creation" + "_extends_": "F-139_CreateCase_Token_Creation" } diff --git a/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/F-140.feature b/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/F-140.feature index 9366196399..0db267b8af 100644 --- a/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/F-140.feature +++ b/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/F-140.feature @@ -118,7 +118,7 @@ Feature: F-140: CategoriesAndDocument endpoint @S-140.9 #AC9 Scenario: No Categories defined in Categories tab, no categories assigned to Document - Return the hierarchy with ALL documents in the "unCategorisedDocuments" element. - Given a case that has just been created as in [F-140_CreateCase_NoCategories], + Given a case that has just been created as in [S-140.9_CreateCase_NoCategories], And a user with [an active profile in CCD and has read access permissions for all the Document fields], And [a case definition with Document fields in CaseField tab and ComplexTab exist *without* the category Id for case type CT1] in the context, And [a case definition with Collection of Document fields in CaseField tab and ComplexTab exist with the category Id for case type CT1] in the context, diff --git a/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.2_CreateCase_Token_Creation.td.json b/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.2_CreateCase_Token_Creation.td.json index 2723e0ff87..891bc0b629 100644 --- a/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.2_CreateCase_Token_Creation.td.json +++ b/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.2_CreateCase_Token_Creation.td.json @@ -4,7 +4,7 @@ "users": { "invokingUser": { - "_extends_": "BeftaCaseworker2Solicitor2" + "_extends_": "BeftaCaseworkerCaa" } }, diff --git a/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.9.td.json b/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.9.td.json index cc3ade4bd3..b12c2f3a4b 100644 --- a/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.9.td.json +++ b/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.9.td.json @@ -21,7 +21,7 @@ "request": { "_extends_": "Common_Request", "pathVariables": { - "cid": "${[scenarioContext][childContexts][F-140_CreateCase_NoCategories][testData][actualResponse][body][id]}" + "cid": "${[scenarioContext][childContexts][S-140.9_CreateCase_NoCategories][testData][actualResponse][body][id]}" } }, diff --git a/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.9_CreateCase_NoCategories.td.json b/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.9_CreateCase_NoCategories.td.json new file mode 100644 index 0000000000..09203bf6e8 --- /dev/null +++ b/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.9_CreateCase_NoCategories.td.json @@ -0,0 +1,86 @@ +{ + "_guid_": "S-140.9_CreateCase_NoCategories", + "productName": "CCD Data Store", + "operationName": "external create case", + "method": "POST", + "uri": "/case-types/{ctid}/cases", + "specs": [ + "to create a full case" + ], + "prerequisites": [ + { + "Token_Creation": "S-140.9_CreateCase_Token_Creation" + } + ], + "users": { + "invokingUser": { + "_extends_": "BeftaCaseworker2Solicitor2" + } + }, + "request": { + "_extends_": "Common_Request", + "pathVariables": { + "ctid": "BEFTA_CASETYPE_2_1" + }, + "headers": { + "experimental": true + }, + "body": { + "data": { + "DocumentField1": { + "document_url": "${[scenarioContext][siblingContexts][F-140_Document_Upload][testData][actualResponse][body][documents][0][_links][self][href]}", + "document_binary_url": "${[scenarioContext][siblingContexts][F-140_Document_Upload][testData][actualResponse][body][documents][0][_links][binary][href]}", + "document_filename": "${[scenarioContext][siblingContexts][F-140_Document_Upload][testData][actualResponse][body][documents][0][originalDocumentName]}" + } + }, + "event": { + "id": "CREATE" + }, + "event_token": "${[scenarioContext][childContexts][Token_Creation][testData][actualResponse][body][token]}", + "ignore_warning": false + } + }, + "expectedResponse": { + "_extends_": "Common_201_Response", + "headers": { + "Content-Length": "[[ANY_NULLABLE]]", + "Content-Encoding": "[[ANY_NULLABLE]]", + "Content-Type": "application/vnd.uk.gov.hmcts.ccd-data-store-api.create-case.v2+json;charset=UTF-8", + "Connection": "[[ANYTHING_PRESENT]]", + "Keep-Alive": "[[ANYTHING_PRESENT]]", + "Transfer-Encoding": "[[ANYTHING_PRESENT]]", + "Strict-Transport-Security": "[[ANY_NULLABLE]]" + }, + "body": { + "_links": { + "self": { + "href": "[[ANYTHING_PRESENT]]" + } + }, + "id": "[[ANYTHING_PRESENT]]", + "jurisdiction": "BEFTA_JURISDICTION_2", + "case_type": "BEFTA_CASETYPE_2_1", + "created_on": "[[ANYTHING_PRESENT]]", + "last_modified_on": "[[ANYTHING_PRESENT]]", + "last_state_modified_on": "[[ANYTHING_PRESENT]]", + "state": "TODO", + "security_classification": "PUBLIC", + "data": { + "DocumentField1": { + "document_url": "${[scenarioContext][siblingContexts][F-140_Document_Upload][testData][actualResponse][body][documents][0][_links][self][href]}", + "document_binary_url": "${[scenarioContext][siblingContexts][F-140_Document_Upload][testData][actualResponse][body][documents][0][_links][binary][href]}", + "document_filename": "${[scenarioContext][siblingContexts][F-140_Document_Upload][testData][actualResponse][body][documents][0][originalDocumentName]}", + "upload_timestamp": "[[ANYTHING_PRESENT]]" + } + }, + "data_classification": { + "DocumentField1": "PUBLIC" + }, + "after_submit_callback_response": null, + "callback_response_status_code": null, + "callback_response_status": null, + "delete_draft_response_status_code": null, + "delete_draft_response_status": null + } + } +} diff --git a/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.9_CreateCase_Token_Creation.td.json b/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.9_CreateCase_Token_Creation.td.json new file mode 100644 index 0000000000..c9645a3159 --- /dev/null +++ b/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.9_CreateCase_Token_Creation.td.json @@ -0,0 +1,67 @@ +{ + "_guid_": "S-140.9_CreateCase_Token_Creation", + + "productName": "CCD Data Store", + "operationName": "Start event creation as Case worker", + + "method": "GET", + "uri": "/case-types/{ctid}/event-triggers/{etid}", + + "specs": [ + "to create a token for case creation", + "As a prerequisite" + ], + + "users": { + "invokingUser": { + "_extends_": "BeftaCaseworker2Solicitor2" + } + }, + + "request": { + "headers":{ + "_extends_": "Common_Request_Headers", + "Experimental" : "true" + }, + "pathVariables": { + "etid": "CREATE", + "ctid": "BEFTA_CASETYPE_2_1" + } + }, + + "expectedResponse": { + "_extends_": "Common_200_Response", + "headers" : { + "Content-Encoding" : "gzip", + "Content-Length": "[[ANYTHING_PRESENT]]" + }, + "body" : { + "token" : "[[ANYTHING_PRESENT]]", + "_links": { + "self": { + "href": "[[ANYTHING_PRESENT]]" + } + }, + "case_details" : { + "id" : null, + "jurisdiction" : "BEFTA_JURISDICTION_2", + "state" : null, + "version" : null, + "case_type_id" : "BEFTA_CASETYPE_2_1", + "created_date" : null, + "last_modified" : null, + "last_state_modified_date" : null, + "security_classification" : null, + "case_data" : { }, + "data_classification": {}, + "supplementary_data": null, + "after_submit_callback_response" : null, + "callback_response_status_code" : null, + "callback_response_status" : null, + "delete_draft_response_status_code" : null, + "delete_draft_response_status" : null + }, + "event_id" : "CREATE" + } + } +} diff --git a/src/aat/resources/features/F-141 - documentData endpoint/S-141.12_CreateCase.td.json b/src/aat/resources/features/F-141 - documentData endpoint/S-141.12_CreateCase.td.json index 6cc7b40e0f..2432bdb471 100644 --- a/src/aat/resources/features/F-141 - documentData endpoint/S-141.12_CreateCase.td.json +++ b/src/aat/resources/features/F-141 - documentData endpoint/S-141.12_CreateCase.td.json @@ -10,7 +10,7 @@ ], "prerequisites" : [ { - "Token_Creation": "F-141_CreateCase_Token_Creation" + "Token_Creation": "S-141.12_CreateCase_Token_Creation" } ], diff --git a/src/aat/resources/features/F-141 - documentData endpoint/S-141.12_CreateCase_Token_Creation.td.json b/src/aat/resources/features/F-141 - documentData endpoint/S-141.12_CreateCase_Token_Creation.td.json new file mode 100644 index 0000000000..d13cc2f876 --- /dev/null +++ b/src/aat/resources/features/F-141 - documentData endpoint/S-141.12_CreateCase_Token_Creation.td.json @@ -0,0 +1,67 @@ +{ + "_guid_": "S-141.12_CreateCase_Token_Creation", + + "productName": "CCD Data Store", + "operationName": "Start event creation as Case worker", + + "method": "GET", + "uri": "/case-types/{ctid}/event-triggers/{etid}", + + "specs": [ + "to create a token for case creation", + "As a prerequisite" + ], + + "users": { + "invokingUser": { + "_extends_": "BeftaMasterCaseworker" + } + }, + + "request": { + "headers":{ + "_extends_": "Common_Request_Headers", + "Experimental" : "true" + }, + "pathVariables": { + "etid": "CREATE", + "ctid": "FT_CaseFileView_2" + } + }, + + "expectedResponse": { + "_extends_": "Common_200_Response", + "headers" : { + "Content-Encoding" : "gzip", + "Content-Length": "[[ANYTHING_PRESENT]]" + }, + "body" : { + "token" : "[[ANYTHING_PRESENT]]", + "_links": { + "self": { + "href": "[[ANYTHING_PRESENT]]" + } + }, + "case_details" : { + "id" : null, + "jurisdiction" : "BEFTA_MASTER", + "state" : null, + "version" : null, + "case_type_id" : "FT_CaseFileView_2", + "created_date" : null, + "last_modified" : null, + "last_state_modified_date" : null, + "security_classification" : null, + "case_data" : { }, + "data_classification": {}, + "supplementary_data": null, + "after_submit_callback_response" : null, + "callback_response_status_code" : null, + "callback_response_status" : null, + "delete_draft_response_status_code" : null, + "delete_draft_response_status" : null + }, + "event_id" : "CREATE" + } + } +} diff --git a/src/aat/resources/features/F-141 - documentData endpoint/S-141.2_CreateCase_Token_Creation.td.json b/src/aat/resources/features/F-141 - documentData endpoint/S-141.2_CreateCase_Token_Creation.td.json index af9ccf48f5..061e000245 100644 --- a/src/aat/resources/features/F-141 - documentData endpoint/S-141.2_CreateCase_Token_Creation.td.json +++ b/src/aat/resources/features/F-141 - documentData endpoint/S-141.2_CreateCase_Token_Creation.td.json @@ -4,7 +4,7 @@ "users": { "invokingUser": { - "_extends_": "BeftaCaseworker2Solicitor2" + "_extends_": "BeftaCaseworkerCaa" } }, diff --git a/src/aat/resources/features/common/case/befta_new/Befta_Case_Creation_Base_Data.td.json b/src/aat/resources/features/common/case/befta_new/Befta_Case_Creation_Base_Data.td.json index afa5bf8c58..96e8493ae2 100644 --- a/src/aat/resources/features/common/case/befta_new/Befta_Case_Creation_Base_Data.td.json +++ b/src/aat/resources/features/common/case/befta_new/Befta_Case_Creation_Base_Data.td.json @@ -24,7 +24,7 @@ "summary": "", "description": "" }, - "event_token": "${[scenarioContext][parentContext][childContexts][Standard_Token_Creation_Data_For_Case_Creation][testData][actualResponse][body][token]}", + "event_token": "${[scenarioContext][parentContext][childContexts][Befta_Default_Full_Case_Creation_Data_Token_Creation][testData][actualResponse][body][token]}", "ignore_warning": false, "draft_id": null } diff --git a/src/aat/resources/features/common/case/befta_new/Befta_Default_Full_Case_Creation_Data_Token_Creation.td.json b/src/aat/resources/features/common/case/befta_new/Befta_Default_Full_Case_Creation_Data_Token_Creation.td.json new file mode 100644 index 0000000000..48a61dc65a --- /dev/null +++ b/src/aat/resources/features/common/case/befta_new/Befta_Default_Full_Case_Creation_Data_Token_Creation.td.json @@ -0,0 +1,62 @@ +{ + "_guid_": "Befta_Default_Full_Case_Creation_Data_Token_Creation", + + "productName": "CCD Data Store", + "operationName": "Start event creation as Case worker", + + "method": "GET", + "uri": "/caseworkers/{uid}/jurisdictions/{jid}/case-types/{ctid}/event-triggers/{etid}/token", + + "specs": [ + "to create a token for case creation" + ], + + "users": { + "invokingUser": { + "_extends_": "BeftaCaseworker1" + } + }, + + "request": { + "headers": { + "_extends_": "Common_Request_Headers" + }, + "pathVariables": { + "uid": "[[DEFAULT_AUTO_VALUE]]", + "jid": "BEFTA_JURISDICTION_1", + "ctid": "BEFTA_CASETYPE_1_1", + "etid": "CREATE" + } + }, + + "expectedResponse": { + "_extends_": "Common_200_Response", + "headers": { + "Content-Encoding": "gzip", + "Content-Length": "[[ANY_INTEGER_NOT_NULLABLE]]" + }, + "body": { + "token": "[[ANY_STRING_NOT_NULLABLE]]", + "case_details": { + "id": null, + "jurisdiction": "[[ANYTHING_PRESENT]]", + "state": null, + "version": null, + "case_type_id": "[[ANYTHING_PRESENT]]", + "created_date": null, + "last_modified": null, + "last_state_modified_date": null, + "security_classification": null, + "case_data": {}, + "data_classification": {}, + "supplementary_data": null, + "after_submit_callback_response": null, + "callback_response_status_code": null, + "callback_response_status": null, + "delete_draft_response_status_code": null, + "delete_draft_response_status": null + }, + "event_id": "CREATE" + } + } +} diff --git a/src/contractTest/resources/application.properties b/src/contractTest/resources/application.properties index 33aff8980d..f34ec41090 100644 --- a/src/contractTest/resources/application.properties +++ b/src/contractTest/resources/application.properties @@ -56,7 +56,7 @@ ccd.user-profile.host=${USER_PROFILE_HOST:http://localhost:4453} case_document_am.url=${CASE_DOCUMENT_AM_URL:http://localhost:4455} ccd.case-document-am-api.attachDocumentEnabled=${CASE_DOCUMENT_AM_API_ATTACH_DOCUMENT_ENABLED:true} -ccd.token.secret=${DATA_STORE_TOKEN_SECRET:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA} +ccd.token.secret=${DATA_STORE_TOKEN_SECRET:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA} #callback timeouts - comma separated integers in seconds ccd.callback.retries=1,5,10 diff --git a/src/main/java/uk/gov/hmcts/ccd/ApplicationParams.java b/src/main/java/uk/gov/hmcts/ccd/ApplicationParams.java index bc11977026..bcf297671f 100644 --- a/src/main/java/uk/gov/hmcts/ccd/ApplicationParams.java +++ b/src/main/java/uk/gov/hmcts/ccd/ApplicationParams.java @@ -253,6 +253,9 @@ public class ApplicationParams { @Value("${validation.dynamic-list.value-max-length}") private Integer validationDynamicListValueMaxLength; + @Value("${token.claim.validation.enabled}") + private boolean validateTokenClaims; + public static String encode(final String stringToEncode) { try { return URLEncoder.encode(stringToEncode, "UTF-8"); @@ -659,4 +662,8 @@ public List getUploadTimestampFeaturedCaseTypes() { public List getExcludeVerifyAccessCaseTypesForValidate() { return excludeVerifyAccessCaseTypesForValidate; } + + public boolean isValidateTokenClaims() { + return validateTokenClaims; + } } diff --git a/src/main/java/uk/gov/hmcts/ccd/CachingConfiguration.java b/src/main/java/uk/gov/hmcts/ccd/CachingConfiguration.java deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/AccessControlList.java b/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/AccessControlList.java index 68ed7c0112..f09b9636ff 100644 --- a/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/AccessControlList.java +++ b/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/AccessControlList.java @@ -4,60 +4,57 @@ import com.fasterxml.jackson.annotation.JsonGetter; import com.fasterxml.jackson.annotation.JsonIgnore; import com.fasterxml.jackson.annotation.JsonProperty; -import java.io.Serializable; - +import com.fasterxml.jackson.annotation.JsonCreator; +import lombok.Builder; -public class AccessControlList implements Serializable, Copyable { - - private String accessProfile; - private boolean create; - private boolean read; - private boolean update; - private boolean delete; +import java.io.Serializable; +import java.util.Objects; + +public class AccessControlList implements Serializable { + + private final String accessProfile; + private final boolean create; + private final boolean read; + private final boolean update; + private final boolean delete; + + @JsonCreator + @Builder + public AccessControlList( + @JsonProperty("accessProfile") @JsonAlias("role") String accessProfile, + @JsonProperty("create") boolean create, + @JsonProperty("read") boolean read, + @JsonProperty("update") boolean update, + @JsonProperty("delete") boolean delete + ) { + this.accessProfile = accessProfile; + this.create = create; + this.read = read; + this.update = update; + this.delete = delete; + } @JsonGetter("role") public String getAccessProfile() { return accessProfile; } - @JsonProperty("accessProfile") - @JsonAlias("role") - public void setAccessProfile(String accessProfile) { - this.accessProfile = accessProfile; - } - public boolean isCreate() { return create; } - public void setCreate(boolean create) { - this.create = create; - } - public boolean isRead() { return read; } - public void setRead(boolean read) { - this.read = read; - } - public boolean isUpdate() { return update; } - public void setUpdate(boolean update) { - this.update = update; - } - public boolean isDelete() { return delete; } - public void setDelete(boolean delete) { - this.delete = delete; - } - @Override public String toString() { return "ACL{" @@ -67,15 +64,36 @@ public String toString() { + '}'; } - @JsonIgnore @Override - public AccessControlList createCopy() { - AccessControlList copy = new AccessControlList(); - copy.setAccessProfile(this.accessProfile); - copy.setCreate(this.create); - copy.setRead(this.read); - copy.setUpdate(this.update); - copy.setDelete(this.delete); - return copy; + public boolean equals(Object o) { + if (this == o) { + return true; + } + + if (!(o instanceof AccessControlList that)) { + return false; + } + + return create == that.create + && read == that.read + && update == that.update + && delete == that.delete + && Objects.equals(accessProfile, that.accessProfile); + } + + @Override + public int hashCode() { + return Objects.hash(accessProfile, create, read, update, delete); + } + + @JsonIgnore + public AccessControlList duplicate() { + return AccessControlList.builder() + .accessProfile(this.accessProfile) + .create(this.create) + .read(this.read) + .update(this.update) + .delete(this.delete) + .build(); } } diff --git a/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/CaseEventDefinition.java b/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/CaseEventDefinition.java index 9780889178..4b344a9749 100644 --- a/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/CaseEventDefinition.java +++ b/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/CaseEventDefinition.java @@ -246,16 +246,16 @@ public CaseEventDefinition createCopy() { copy.setName(this.getName()); copy.setDescription(this.getDescription()); copy.setDisplayOrder(this.getDisplayOrder()); - copy.setCaseFields(createCopyList(this.getCaseFields())); + copy.setCaseFields(createDeepCopyList(this.getCaseFields())); copy.setPreStates(this.getPreStates() != null ? new ArrayList<>(this.getPreStates()) : null); - copy.setPostStates(createCopyList(this.getPostStates())); + copy.setPostStates(createDeepCopyList(this.getPostStates())); copy.setRetriesTimeoutAboutToStartEvent(this.getRetriesTimeoutAboutToStartEvent() != null ? new ArrayList<>(this.getRetriesTimeoutAboutToStartEvent()) : null); copy.setRetriesTimeoutURLAboutToSubmitEvent(this.getRetriesTimeoutURLAboutToSubmitEvent() != null ? new ArrayList<>(this.getRetriesTimeoutURLAboutToSubmitEvent()) : null); copy.setRetriesTimeoutURLSubmittedEvent(this.getRetriesTimeoutURLSubmittedEvent() != null ? new ArrayList<>(this.getRetriesTimeoutURLSubmittedEvent()) : null); - copy.setAccessControlLists(createACLCopyList(this.getAccessControlLists())); + copy.setAccessControlLists(createShallowCopyList(this.getAccessControlLists())); copy.setCallBackURLAboutToStartEvent(this.getCallBackURLAboutToStartEvent()); copy.setCallBackURLAboutToSubmitEvent(this.getCallBackURLAboutToSubmitEvent()); copy.setCallBackURLSubmittedEvent(this.getCallBackURLSubmittedEvent()); diff --git a/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/CaseEventFieldDefinition.java b/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/CaseEventFieldDefinition.java index 71fe9c62e0..51055bfdc7 100644 --- a/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/CaseEventFieldDefinition.java +++ b/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/CaseEventFieldDefinition.java @@ -198,7 +198,7 @@ public CaseEventFieldDefinition createCopy() { copy.setRetainHiddenValue(this.getRetainHiddenValue()); copy.setPublish(this.getPublish()); copy.setPublishAs(this.getPublishAs()); - copy.setCaseEventFieldComplexDefinitions(createCopyList(this.getCaseEventFieldComplexDefinitions())); + copy.setCaseEventFieldComplexDefinitions(createDeepCopyList(this.getCaseEventFieldComplexDefinitions())); copy.setDefaultValue(this.getDefaultValue()); copy.setNullifyByDefault(this.getNullifyByDefault()); diff --git a/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/CaseFieldDefinition.java b/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/CaseFieldDefinition.java index 3795667427..fbfb5f17a6 100644 --- a/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/CaseFieldDefinition.java +++ b/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/CaseFieldDefinition.java @@ -231,7 +231,7 @@ private static void propagateACLsToNestedFields(CommonField caseField, List { final List cloneACLs = - acls.stream().map(AccessControlList::createCopy).collect(toList()); + acls.stream().map(AccessControlList::duplicate).collect(toList()); nestedField.setAccessControlLists(cloneACLs); propagateACLsToNestedFields(nestedField, acls); }); @@ -407,8 +407,8 @@ public CaseFieldDefinition createCopy() { copy.setLiveUntil(this.getLiveUntil()); copy.setOrder(this.getOrder()); copy.setShowCondition(this.getShowCondition()); - copy.setAccessControlLists(createACLCopyList(this.getAccessControlLists())); - copy.setComplexACLs(deepCopyComplexACLs(this.getComplexACLs())); + copy.setAccessControlLists(createShallowCopyList(this.getAccessControlLists())); + copy.setComplexACLs(createShallowCopyList(this.getComplexACLs())); copy.setMetadata(this.isMetadata()); copy.setDisplayContext(this.getDisplayContext()); copy.setDisplayContextParameter(this.getDisplayContextParameter()); @@ -418,16 +418,4 @@ public CaseFieldDefinition createCopy() { return copy; } - - private List deepCopyComplexACLs(List complexACLs) { - if (complexACLs == null || complexACLs.isEmpty()) { - return complexACLs; - } - - List copiedACLs = new ArrayList<>(complexACLs.size()); - for (ComplexACL acl : complexACLs) { - copiedACLs.add(acl.deepCopy()); - } - return copiedACLs; - } } diff --git a/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/CaseStateDefinition.java b/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/CaseStateDefinition.java index 124bdf8761..4c5db16369 100644 --- a/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/CaseStateDefinition.java +++ b/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/CaseStateDefinition.java @@ -92,7 +92,7 @@ public CaseStateDefinition createCopy() { copy.setDescription(this.getDescription()); copy.setDisplayOrder(this.getDisplayOrder()); copy.setTitleDisplay(this.getTitleDisplay()); - copy.setAccessControlLists(createACLCopyList(this.getAccessControlLists())); + copy.setAccessControlLists(createShallowCopyList(this.getAccessControlLists())); return copy; } diff --git a/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/CaseTypeDefinition.java b/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/CaseTypeDefinition.java index f88547b2a8..8e08ab0465 100644 --- a/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/CaseTypeDefinition.java +++ b/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/CaseTypeDefinition.java @@ -292,21 +292,21 @@ public CaseTypeDefinition createCopy() { copy.setJurisdictionDefinition(this.getJurisdictionDefinition() != null ? this.getJurisdictionDefinition().createCopy() : null); copy.setSecurityClassification(this.getSecurityClassification()); - copy.setEvents(createCopyList(this.getEvents())); - copy.setStates(createCopyList(this.getStates())); - copy.setCaseFieldDefinitions(createCopyList(this.getCaseFieldDefinitions())); + copy.setEvents(createDeepCopyList(this.getEvents())); + copy.setStates(createDeepCopyList(this.getStates())); + copy.setCaseFieldDefinitions(createDeepCopyList(this.getCaseFieldDefinitions())); copy.setPrintableDocumentsUrl(this.getPrintableDocumentsUrl()); - copy.setAccessControlLists(createACLCopyList(this.getAccessControlLists())); + copy.setAccessControlLists(createShallowCopyList(this.getAccessControlLists())); copy.setCallbackGetCaseUrl(this.getCallbackGetCaseUrl()); copy.setRetriesGetCaseUrl(this.getRetriesGetCaseUrl() != null ? new ArrayList<>(this.getRetriesGetCaseUrl()) : null); - copy.setSearchAliasFields(createCopyList(this.getSearchAliasFields())); - copy.setSearchParties(createCopyList(this.getSearchParties())); - copy.setSearchCriterias(createCopyList(this.getSearchCriterias())); - copy.setCategories(createCopyList(this.getCategories())); - copy.setRoleToAccessProfiles(createCopyList(this.getRoleToAccessProfiles())); - copy.setAccessTypeRoleDefinitions(createCopyList(this.getAccessTypeRoleDefinitions())); - copy.setAccessTypeDefinitions(createCopyList(this.getAccessTypeDefinitions())); + copy.setSearchAliasFields(createDeepCopyList(this.getSearchAliasFields())); + copy.setSearchParties(createDeepCopyList(this.getSearchParties())); + copy.setSearchCriterias(createDeepCopyList(this.getSearchCriterias())); + copy.setCategories(createDeepCopyList(this.getCategories())); + copy.setRoleToAccessProfiles(createDeepCopyList(this.getRoleToAccessProfiles())); + copy.setAccessTypeRoleDefinitions(createDeepCopyList(this.getAccessTypeRoleDefinitions())); + copy.setAccessTypeDefinitions(createDeepCopyList(this.getAccessTypeDefinitions())); return copy; } diff --git a/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/ComplexACL.java b/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/ComplexACL.java index 60405019f0..f08c36cb5c 100644 --- a/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/ComplexACL.java +++ b/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/ComplexACL.java @@ -1,27 +1,51 @@ package uk.gov.hmcts.ccd.domain.model.definition; -import com.fasterxml.jackson.annotation.JsonIgnore; +import com.fasterxml.jackson.annotation.JsonAlias; +import com.fasterxml.jackson.annotation.JsonCreator; +import com.fasterxml.jackson.annotation.JsonProperty; -public class ComplexACL extends AccessControlList { - private String listElementCode; +import java.util.Objects; + +public final class ComplexACL extends AccessControlList { + private final String listElementCode; + + @JsonCreator + public ComplexACL( + @JsonProperty("accessProfile") @JsonAlias("role") String accessProfile, + @JsonProperty("create") boolean create, + @JsonProperty("read") boolean read, + @JsonProperty("update") boolean update, + @JsonProperty("delete") boolean delete, + @JsonProperty("listElementCode") String listElementCode + ) { + super(accessProfile, create, read, update, delete); + this.listElementCode = listElementCode; + } public String getListElementCode() { return listElementCode; } - public void setListElementCode(String listElementCode) { - this.listElementCode = listElementCode; + @Override + public String toString() { + return super.toString() + ", listElementCode='" + listElementCode + "'"; + } + + @Override + public boolean equals(Object o) { + if (!super.equals(o)) { + return false; + } + + if (!(o instanceof ComplexACL that)) { + return false; + } + + return Objects.equals(listElementCode, that.listElementCode); } - @JsonIgnore - public ComplexACL deepCopy() { - ComplexACL copy = new ComplexACL(); - copy.setListElementCode(this.getListElementCode()); - copy.setAccessProfile(this.getAccessProfile()); - copy.setCreate(this.isCreate()); - copy.setRead(this.isRead()); - copy.setUpdate(this.isUpdate()); - copy.setDelete(this.isDelete()); - return copy; + @Override + public int hashCode() { + return Objects.hash(super.hashCode(), listElementCode); } } diff --git a/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/Copyable.java b/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/Copyable.java index 9521559b7e..261e992160 100644 --- a/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/Copyable.java +++ b/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/Copyable.java @@ -7,7 +7,7 @@ public interface Copyable { T createCopy(); - default > List createCopyList(List originalList) { + default > List createDeepCopyList(List originalList) { if (originalList == null) { return null; } @@ -19,20 +19,10 @@ default > List createCopyList(List originalList) { return copyList; } - default List createACLCopyList(List accessControlLists) { - if (accessControlLists == null || accessControlLists.isEmpty()) { - return accessControlLists; - } - - List copiedACLs = new ArrayList<>(accessControlLists.size()); - for (AccessControlList accessControlList : accessControlLists) { - if (accessControlList instanceof ComplexACL) { - copiedACLs.add(((ComplexACL) accessControlList).deepCopy()); - } else { - copiedACLs.add(accessControlList.createCopy()); - } + default List createShallowCopyList(List originalList) { + if (originalList == null) { + return null; } - - return copiedACLs; + return new ArrayList<>(originalList); } } diff --git a/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/FieldTypeDefinition.java b/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/FieldTypeDefinition.java index 371e1c1fab..4aec05b06e 100644 --- a/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/FieldTypeDefinition.java +++ b/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/FieldTypeDefinition.java @@ -191,8 +191,8 @@ public FieldTypeDefinition createCopy() { copy.setMin(this.min); copy.setMax(this.max); copy.setRegularExpression(this.regularExpression); - copy.setFixedListItemDefinitions(createCopyList(this.fixedListItemDefinitions)); - copy.setComplexFields(createCopyList(this.complexFields)); + copy.setFixedListItemDefinitions(createDeepCopyList(this.fixedListItemDefinitions)); + copy.setComplexFields(createDeepCopyList(this.complexFields)); copy.setCollectionFieldTypeDefinition(this.collectionFieldTypeDefinition != null ? this.collectionFieldTypeDefinition.createCopy() : null); return copy; diff --git a/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/JurisdictionDefinition.java b/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/JurisdictionDefinition.java index 0f3bb2fda6..53119559f1 100644 --- a/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/JurisdictionDefinition.java +++ b/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/JurisdictionDefinition.java @@ -99,7 +99,7 @@ public JurisdictionDefinition createCopy() { copy.setLiveFrom(this.liveFrom != null ? new Date(this.liveFrom.getTime()) : null); copy.setLiveUntil(this.liveUntil != null ? new Date(this.liveUntil.getTime()) : null); copy.setCaseTypeDefinitions(this.caseTypeDefinitions != null - ? createCopyList(this.caseTypeDefinitions) : null); + ? createDeepCopyList(this.caseTypeDefinitions) : null); return copy; } diff --git a/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/WizardPage.java b/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/WizardPage.java index c855f79f37..1f4c1ee999 100644 --- a/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/WizardPage.java +++ b/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/WizardPage.java @@ -118,7 +118,7 @@ public WizardPage createCopy() { clonedPage.setCallBackURLMidEvent(this.callBackURLMidEvent); clonedPage.setRetriesTimeoutMidEvent(this.retriesTimeoutMidEvent != null ? new ArrayList<>(this.retriesTimeoutMidEvent) : null); - clonedPage.setWizardPageFields(createCopyList(this.wizardPageFields)); + clonedPage.setWizardPageFields(createDeepCopyList(this.wizardPageFields)); return clonedPage; } diff --git a/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/WizardPageField.java b/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/WizardPageField.java index 2b36c0b288..64895f83e5 100644 --- a/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/WizardPageField.java +++ b/src/main/java/uk/gov/hmcts/ccd/domain/model/definition/WizardPageField.java @@ -64,7 +64,7 @@ public WizardPageField createCopy() { clonedField.setCaseFieldId(this.caseFieldId); clonedField.setOrder(this.order); clonedField.setPageColumnNumber(this.pageColumnNumber); - clonedField.setComplexFieldOverrides(createCopyList(this.complexFieldOverrides)); + clonedField.setComplexFieldOverrides(createDeepCopyList(this.complexFieldOverrides)); return clonedField; } diff --git a/src/main/java/uk/gov/hmcts/ccd/domain/service/callbacks/EventTokenService.java b/src/main/java/uk/gov/hmcts/ccd/domain/service/callbacks/EventTokenService.java index f371587db8..8aa392225b 100644 --- a/src/main/java/uk/gov/hmcts/ccd/domain/service/callbacks/EventTokenService.java +++ b/src/main/java/uk/gov/hmcts/ccd/domain/service/callbacks/EventTokenService.java @@ -1,5 +1,6 @@ package uk.gov.hmcts.ccd.domain.service.callbacks; +import io.jsonwebtoken.JwtException; import uk.gov.hmcts.ccd.ApplicationParams; import uk.gov.hmcts.ccd.domain.model.callbacks.EventTokenProperties; import uk.gov.hmcts.ccd.domain.model.definition.CaseDetails; @@ -9,21 +10,18 @@ import uk.gov.hmcts.ccd.domain.service.common.CaseService; import uk.gov.hmcts.ccd.endpoint.exceptions.BadRequestException; import uk.gov.hmcts.ccd.endpoint.exceptions.EventTokenException; -import uk.gov.hmcts.ccd.endpoint.exceptions.ResourceNotFoundException; import uk.gov.hmcts.ccd.infrastructure.RandomKeyGenerator; import java.util.Date; +import java.util.Optional; import javax.crypto.SecretKey; import com.google.common.collect.Maps; import io.jsonwebtoken.Claims; -import io.jsonwebtoken.ExpiredJwtException; import io.jsonwebtoken.Jwts; -import io.jsonwebtoken.SignatureAlgorithm; -import io.jsonwebtoken.SignatureException; -import io.jsonwebtoken.impl.TextCodec; import io.jsonwebtoken.security.Keys; +import io.jsonwebtoken.io.Decoders; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; @@ -37,15 +35,19 @@ public class EventTokenService { } private final RandomKeyGenerator randomKeyGenerator; - private final String tokenSecret; + private final SecretKey secretKey; private final CaseService caseService; + private final boolean isValidateTokenClaims; + @Autowired public EventTokenService(final RandomKeyGenerator randomKeyGenerator, final ApplicationParams applicationParams, final CaseService caseService) { this.randomKeyGenerator = randomKeyGenerator; - this.tokenSecret = applicationParams.getTokenSecret(); + byte[] keyBytes = Decoders.BASE64.decode(applicationParams.getTokenSecret()); + this.secretKey = Keys.hmacShaKeyFor(keyBytes); + this.isValidateTokenClaims = applicationParams.isValidateTokenClaims(); this.caseService = caseService; } @@ -63,10 +65,10 @@ public String generateToken(final String uid, final JurisdictionDefinition jurisdictionDefinition, final CaseTypeDefinition caseTypeDefinition) { return Jwts.builder() - .setId(randomKeyGenerator.generate()) - .setSubject(uid) - .setIssuedAt(new Date()) - .signWith(SignatureAlgorithm.HS256, TextCodec.BASE64.encode(tokenSecret)) + .id(randomKeyGenerator.generate()) + .subject(uid) + .issuedAt(new Date()) + .signWith(secretKey) .claim(EventTokenProperties.CASE_ID, caseDetails.getId()) .claim(EventTokenProperties.EVENT_ID, event.getId()) .claim(EventTokenProperties.CASE_TYPE_ID, caseTypeDefinition.getId()) @@ -80,9 +82,8 @@ public String generateToken(final String uid, public EventTokenProperties parseToken(final String token) { try { - SecretKey key = Keys.hmacShaKeyFor(tokenSecret.getBytes()); final Claims claims = Jwts.parser() - .verifyWith(key) + .verifyWith(secretKey) .build() .parseSignedClaims(token) .getPayload(); @@ -98,8 +99,8 @@ public EventTokenProperties parseToken(final String token) { toString(claims.get(EventTokenProperties.ENTITY_VERSION)), toString(claims.get(EventTokenProperties.CASE_REVISION))); - } catch (ExpiredJwtException | SignatureException e) { - throw new EventTokenException(e.getMessage()); + } catch (JwtException e) { + throw new EventTokenException("Token is not valid: " + e.getMessage()); } } @@ -131,29 +132,37 @@ public void validateToken(final String token, throw new BadRequestException("Missing start trigger token"); } - try { - final EventTokenProperties eventTokenProperties = parseToken(token); - - if (!(eventTokenProperties.getEventId() == null - || eventTokenProperties.getEventId().equalsIgnoreCase(event.getId()) - && eventTokenProperties.getCaseId() == null - || eventTokenProperties.getCaseId().equalsIgnoreCase(caseDetails.getId().toString()) - && eventTokenProperties.getJurisdictionId() == null - || eventTokenProperties.getJurisdictionId().equalsIgnoreCase(jurisdictionDefinition.getId()) - && eventTokenProperties.getCaseTypeId() == null - || eventTokenProperties.getCaseTypeId().equalsIgnoreCase(caseTypeDefinition.getId()) - && eventTokenProperties.getUid() == null - || eventTokenProperties.getUid().equalsIgnoreCase(uid))) { - throw new ResourceNotFoundException("Cannot find matching start trigger"); - } - - if (eventTokenProperties.getEntityVersion() != null) { - caseDetails.setVersion(Integer.parseInt(eventTokenProperties.getEntityVersion())); - } - applyRevision(eventTokenProperties.getCaseRevision(), caseDetails, revisionRequired); - } catch (EventTokenException e) { - throw new SecurityException("Token is not valid"); + final EventTokenProperties eventTokenProperties = parseToken(token); + + if (isValidateTokenClaims && !isTokenPropertiesMatching(eventTokenProperties, uid, caseDetails, event, + jurisdictionDefinition, + caseTypeDefinition)) { + throw new EventTokenException("Token properties do not match the expected values"); + } + + if (eventTokenProperties.getEntityVersion() != null) { + caseDetails.setVersion(Integer.parseInt(eventTokenProperties.getEntityVersion())); } + applyRevision(eventTokenProperties.getCaseRevision(), caseDetails, revisionRequired); + } + + private boolean isTokenPropertiesMatching(EventTokenProperties eventTokenProperties, + String uid, + CaseDetails caseDetails, + CaseEventDefinition event, + JurisdictionDefinition jurisdictionDefinition, + CaseTypeDefinition caseTypeDefinition) { + return isMatching(eventTokenProperties.getEventId(), event.getId()) + && isMatching(eventTokenProperties.getCaseId(), caseDetails.getId()) + && isMatching(eventTokenProperties.getJurisdictionId(), jurisdictionDefinition.getId()) + && isMatching(eventTokenProperties.getCaseTypeId(), caseTypeDefinition.getId()) + && isMatching(eventTokenProperties.getUid(), uid); + } + + private boolean isMatching(String tokenValue, String actualValue) { + return Optional.ofNullable(tokenValue) + .map(value -> value.equalsIgnoreCase(actualValue)) + .orElse(true); } /** diff --git a/src/main/java/uk/gov/hmcts/ccd/domain/service/casedataaccesscontrol/DefaultCaseDataAccessControl.java b/src/main/java/uk/gov/hmcts/ccd/domain/service/casedataaccesscontrol/DefaultCaseDataAccessControl.java index 7a873cc635..a2518c610a 100644 --- a/src/main/java/uk/gov/hmcts/ccd/domain/service/casedataaccesscontrol/DefaultCaseDataAccessControl.java +++ b/src/main/java/uk/gov/hmcts/ccd/domain/service/casedataaccesscontrol/DefaultCaseDataAccessControl.java @@ -486,8 +486,8 @@ private List generatePostFilteringAccessGrants(CaseDetails caseDetail } private AccessControlList getCreateAccessControlList() { - var accessControlList = new AccessControlList(); - accessControlList.setCreate(true); - return accessControlList; + return AccessControlList.builder() + .create(true) + .build(); } } diff --git a/src/main/java/uk/gov/hmcts/ccd/domain/service/common/AttributeBasedAccessControlService.java b/src/main/java/uk/gov/hmcts/ccd/domain/service/common/AttributeBasedAccessControlService.java index 5e94c2b377..5137e7c4a8 100644 --- a/src/main/java/uk/gov/hmcts/ccd/domain/service/common/AttributeBasedAccessControlService.java +++ b/src/main/java/uk/gov/hmcts/ccd/domain/service/common/AttributeBasedAccessControlService.java @@ -46,17 +46,10 @@ private List updateAccessControlCRUD(AccessProfile accessProf List accessControlLists) { return accessControlLists .stream() - .filter(acls -> accessProfile.getAccessProfile().equals(acls.getAccessProfile())) - .map(acls -> { - AccessControlList accessControl = acls; - if (accessProfile.getReadOnly()) { - accessControl = acls.createCopy(); - accessControl.setCreate(false); - accessControl.setDelete(false); - accessControl.setUpdate(false); - accessControl.setRead(true); - } - return accessControl; - }).collect(Collectors.toList()); + .filter(acl -> accessProfile.getAccessProfile().equals(acl.getAccessProfile())) + .map(acl -> accessProfile.getReadOnly() + ? new AccessControlList(acl.getAccessProfile(), false, true, false, false) + : acl) + .collect(Collectors.toList()); } } diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 594640355c..f1b26b6446 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -71,7 +71,7 @@ case_document_am.url=${CASE_DOCUMENT_AM_URL:http://localhost:4455} ccd.case-document-am-api.attachDocumentEnabled=${CASE_DOCUMENT_AM_API_ATTACH_DOCUMENT_ENABLED:true} document.sanitiser.case-document-am-api.enabled=${DOCUMENT_SANITISER_CASE_DOC_AM_API_ENABLED:false} -ccd.token.secret=${DATA_STORE_TOKEN_SECRET:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA} +ccd.token.secret=${DATA_STORE_TOKEN_SECRET:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA} #callback timeouts - comma separated integers in seconds ccd.callback.retries=1,5,10 @@ -314,3 +314,5 @@ case.data.exclude.verifyaccess.casetype.validate=${CASE_DATA_EXCLUDE_VERIFYACCES validation.dynamic-list.code-max-length=${VALIDATION_DYNAMIC_LIST_CODE_MAX_LENGTH:150} validation.dynamic-list.value-max-length=${VALIDATION_DYNAMIC_LIST_VALUE_MAX_LENGTH:500} + +token.claim.validation.enabled=${TOKEN_CLAIM_VALIDATION_ENABLED:false} diff --git a/src/test/java/uk/gov/hmcts/ccd/domain/model/aggregated/CaseViewFieldBuilderTest.java b/src/test/java/uk/gov/hmcts/ccd/domain/model/aggregated/CaseViewFieldBuilderTest.java index 2bc709378b..aa7b3d0b4f 100644 --- a/src/test/java/uk/gov/hmcts/ccd/domain/model/aggregated/CaseViewFieldBuilderTest.java +++ b/src/test/java/uk/gov/hmcts/ccd/domain/model/aggregated/CaseViewFieldBuilderTest.java @@ -35,7 +35,6 @@ import static uk.gov.hmcts.ccd.domain.model.aggregated.CaseViewField.READONLY; import static uk.gov.hmcts.ccd.domain.model.definition.FieldTypeDefinition.COLLECTION; import static uk.gov.hmcts.ccd.domain.model.definition.FieldTypeDefinition.COMPLEX; -import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.AccessControlListBuilder.anAcl; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.CaseFieldBuilder.newCaseField; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.FieldTypeBuilder.aFieldType; @@ -48,12 +47,27 @@ public class CaseViewFieldBuilderTest { private static final String FIRST_NAME = "Patrick"; private static final String LAST_NAME = "Smith"; private static final JsonNodeFactory JSON_NODE_FACTORY = new JsonNodeFactory(false); - private static final AccessControlList acl1 = anAcl().withRole("role1").withCreate(true).withRead(true) - .withUpdate(true).withDelete(false).build(); - private static final AccessControlList acl2 = anAcl().withRole("role2").withCreate(true).withRead(true) - .withUpdate(false).withDelete(true).build(); - private static final AccessControlList acl3 = anAcl().withRole("role3").withCreate(false).withRead(false) - .withUpdate(true).withDelete(false).build(); + private static final AccessControlList acl1 = AccessControlList.builder() + .accessProfile("role1") + .create(true) + .read(true) + .update(true) + .delete(false) + .build(); + private static final AccessControlList acl2 = AccessControlList.builder() + .accessProfile("role2") + .create(true) + .read(true) + .update(false) + .delete(true) + .build(); + private static final AccessControlList acl3 = AccessControlList.builder() + .accessProfile("role3") + .create(false) + .read(false) + .update(true) + .delete(false) + .build(); private static final FieldTypeDefinition TEXT_FIELD_TYPE_DEFINITION = aFieldType().withId("Text").withType("Text") .build(); private static final CaseFieldDefinition CASE_FIELD = newCaseField() @@ -340,12 +354,27 @@ class CaseViewFieldACLTest { private final FieldTypeDefinition familyFieldTypeDefinition = aFieldType().withId(FAMILY).withType(COMPLEX).withComplexField(familyNames).withComplexField(members) .withComplexField(address).build(); - private final AccessControlList acl1 = anAcl().withRole("role1").withCreate(true).withRead(true) - .withUpdate(true).withDelete(false).build(); - private final AccessControlList acl2 = anAcl().withRole("role2").withCreate(true).withRead(true) - .withUpdate(false).withDelete(true).build(); - private final AccessControlList acl3 = anAcl().withRole("role3").withCreate(false).withRead(false) - .withUpdate(true).withDelete(false).build(); + private final AccessControlList acl1 = AccessControlList.builder() + .accessProfile("role1") + .create(true) + .read(true) + .update(true) + .delete(false) + .build(); + private final AccessControlList acl2 = AccessControlList.builder() + .accessProfile("role2") + .create(true) + .read(true) + .update(false) + .delete(true) + .build(); + private final AccessControlList acl3 = AccessControlList.builder() + .accessProfile("role3") + .create(false) + .read(false) + .update(true) + .delete(false) + .build(); private final CaseFieldDefinition family = newCaseField() .withId(FAMILY) .withFieldType(familyFieldTypeDefinition) diff --git a/src/test/java/uk/gov/hmcts/ccd/domain/model/definition/AccessControlListTest.java b/src/test/java/uk/gov/hmcts/ccd/domain/model/definition/AccessControlListTest.java index fdadcdd139..3d1f37c7b4 100644 --- a/src/test/java/uk/gov/hmcts/ccd/domain/model/definition/AccessControlListTest.java +++ b/src/test/java/uk/gov/hmcts/ccd/domain/model/definition/AccessControlListTest.java @@ -11,13 +11,10 @@ class AccessControlListTest { @Test void shouldValidateAccessControlListParsing() throws JsonProcessingException { - AccessControlList accessControlList = new AccessControlList(); - - accessControlList.setUpdate(false); - accessControlList.setRead(false); - accessControlList.setDelete(false); - accessControlList.setCreate(true); - accessControlList.setAccessProfile("test"); + AccessControlList accessControlList = AccessControlList.builder() + .accessProfile("test") + .create(true) + .build(); ObjectMapper objectMapper = new ObjectMapper(); String value = objectMapper.writeValueAsString(accessControlList); @@ -27,13 +24,14 @@ void shouldValidateAccessControlListParsing() throws JsonProcessingException { @Test void shouldValidateAccessControlListSerializationWithRole() throws JsonProcessingException { - String accessControlJson = "{\n" - + "\t\"role\": \"caseworker-probate-public\",\n" - + "\t\"create\": true,\n" - + "\t\"read\": true,\n" - + "\t\"update\": true,\n" - + "\t\"delete\": false\n" - + "}"; + String accessControlJson = """ + { + "role": "caseworker-probate-public", + "create": true, + "read": true, + "update": true, + "delete": false + }"""; ObjectMapper objectMapper = new ObjectMapper(); AccessControlList value = objectMapper.readValue(accessControlJson, AccessControlList.class); @@ -42,13 +40,14 @@ void shouldValidateAccessControlListSerializationWithRole() throws JsonProcessin @Test void shouldValidateAccessControlListSerializationWithAccessProfile() throws JsonProcessingException { - String accessControlJson = "{\n" - + "\t\"accessProfile\": \"caseworker-probate-public\",\n" - + "\t\"create\": true,\n" - + "\t\"read\": true,\n" - + "\t\"update\": true,\n" - + "\t\"delete\": false\n" - + "}"; + String accessControlJson = """ + { + "accessProfile": "caseworker-probate-public", + "create": true, + "read": true, + "update": true, + "delete": false + }"""; ObjectMapper objectMapper = new ObjectMapper(); AccessControlList value = objectMapper.readValue(accessControlJson, AccessControlList.class); @@ -57,15 +56,12 @@ void shouldValidateAccessControlListSerializationWithAccessProfile() throws Json @Test void shouldCreateDuplicate() { - AccessControlList accessControlList = new AccessControlList(); - - accessControlList.setUpdate(false); - accessControlList.setRead(false); - accessControlList.setDelete(false); - accessControlList.setCreate(true); - accessControlList.setAccessProfile("test"); + AccessControlList accessControlList = AccessControlList.builder() + .accessProfile("test") + .create(true) + .build(); - AccessControlList duplicate = accessControlList.createCopy(); + AccessControlList duplicate = accessControlList.duplicate(); assertNotNull(duplicate); assertEquals(duplicate.getAccessProfile(), accessControlList.getAccessProfile()); @@ -73,27 +69,24 @@ void shouldCreateDuplicate() { @Test void shouldValidateToString() { - AccessControlList accessControlList = new AccessControlList(); + AccessControlList accessControlList = AccessControlList.builder() + .accessProfile("test") + .create(true) + .build(); - accessControlList.setUpdate(false); - accessControlList.setRead(false); - accessControlList.setDelete(false); - accessControlList.setCreate(true); - accessControlList.setAccessProfile("test"); - - assertNotNull("ACL{accessProfile='test', crud=C}", accessControlList.toString()); + assertEquals("ACL{accessProfile='test', crud=C}", accessControlList.toString()); } @Test void shouldValidateToStringWithCRUD() { - AccessControlList accessControlList = new AccessControlList(); - - accessControlList.setUpdate(true); - accessControlList.setRead(true); - accessControlList.setDelete(true); - accessControlList.setCreate(true); - accessControlList.setAccessProfile("test"); + AccessControlList accessControlList = AccessControlList.builder() + .accessProfile("test") + .create(true) + .read(true) + .update(true) + .delete(true) + .build(); assertEquals("ACL{accessProfile='test', crud=CRUD}", accessControlList.toString()); } diff --git a/src/test/java/uk/gov/hmcts/ccd/domain/model/definition/CaseFieldDefinitionTest.java b/src/test/java/uk/gov/hmcts/ccd/domain/model/definition/CaseFieldDefinitionTest.java index 38cab76a30..41e86c06c0 100644 --- a/src/test/java/uk/gov/hmcts/ccd/domain/model/definition/CaseFieldDefinitionTest.java +++ b/src/test/java/uk/gov/hmcts/ccd/domain/model/definition/CaseFieldDefinitionTest.java @@ -22,7 +22,6 @@ import static org.junit.jupiter.api.Assertions.assertThrows; import static uk.gov.hmcts.ccd.domain.model.definition.FieldTypeDefinition.COLLECTION; import static uk.gov.hmcts.ccd.domain.model.definition.FieldTypeDefinition.COMPLEX; -import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.AccessControlListBuilder.anAcl; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.CaseFieldBuilder.newCaseField; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.ComplexACLBuilder.aComplexACL; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.FieldTypeBuilder.aFieldType; @@ -181,27 +180,42 @@ public class CaseFieldDefinitionTest { private final FieldTypeDefinition familyFieldTypeDefinition = aFieldType().withId(FAMILY).withType(COMPLEX).withComplexField(familyInfo).withComplexField(members).build(); - private final AccessControlList acl1 = - anAcl().withRole(ROLE1).withCreate(true).withRead(true).withUpdate(true).withDelete(false).build(); - private final AccessControlList acl2 = - anAcl().withRole(ROLE2).withCreate(true).withRead(true).withUpdate(false).withDelete(true).build(); - private final AccessControlList acl3 = - anAcl().withRole(ROLE3).withCreate(false).withRead(false).withUpdate(true).withDelete(false).build(); - private final ComplexACL complexACL1 - = aComplexACL().withListElementCode(MEMBERS).withRole(ROLE1).withCreate(false).withRead(true).withUpdate(true) - .withDelete(false).build(); - private final ComplexACL complexACL2 - = aComplexACL().withListElementCode(MEMBERS + "." + PERSON).withRole(ROLE1).withCreate(false).withRead(true) - .withUpdate(false).withDelete(false).build(); - private final ComplexACL complexACL3 - = aComplexACL().withListElementCode(MEMBERS + "." + PERSON + "." + NAME).withRole(ROLE1).withCreate(false) - .withRead(true).withUpdate(false).withDelete(false).build(); - private final ComplexACL complexACL4 - = aComplexACL().withListElementCode(FAMILY_INFO).withRole(ROLE1).withCreate(true).withRead(true) - .withUpdate(true).withDelete(false).build(); - private final ComplexACL complexACL5 - = aComplexACL().withListElementCode(FAMILY_INFO + "." + FAMILY_ADDRESS).withRole(ROLE1).withCreate(true) - .withRead(true).withUpdate(false).withDelete(false).build(); + private AccessControlList acl1 = AccessControlList.builder() + .accessProfile(ROLE1) + .create(true) + .read(true) + .update(true) + .delete(false) + .build(); + private AccessControlList acl2 = AccessControlList.builder() + .accessProfile(ROLE2) + .create(true) + .read(true) + .update(false) + .delete(true) + .build(); + private AccessControlList acl3 = AccessControlList.builder() + .accessProfile(ROLE3) + .create(false) + .read(false) + .update(true) + .delete(false) + .build(); + private ComplexACL complexACL1 + = aComplexACL().listElementCode(MEMBERS).accessProfile(ROLE1).create(false).read(true).update(true) + .delete(false).build(); + private ComplexACL complexACL2 + = aComplexACL().listElementCode(MEMBERS + "." + PERSON).accessProfile(ROLE1).create(false).read(true) + .update(false).delete(false).build(); + private ComplexACL complexACL3 + = aComplexACL().listElementCode(MEMBERS + "." + PERSON + "." + NAME).accessProfile(ROLE1).create(false) + .read(true).update(false).delete(false).build(); + private ComplexACL complexACL4 + = aComplexACL().listElementCode(FAMILY_INFO).accessProfile(ROLE1).create(true).read(true) + .update(true).delete(false).build(); + private ComplexACL complexACL5 + = aComplexACL().listElementCode(FAMILY_INFO + "." + FAMILY_ADDRESS).accessProfile(ROLE1).create(true) + .read(true).update(false).delete(false).build(); private CaseFieldDefinition family; @BeforeEach diff --git a/src/test/java/uk/gov/hmcts/ccd/domain/service/aggregated/AuthorisedGetCaseHistoryViewOperationTest.java b/src/test/java/uk/gov/hmcts/ccd/domain/service/aggregated/AuthorisedGetCaseHistoryViewOperationTest.java index ea0fe85f80..0e17c60196 100644 --- a/src/test/java/uk/gov/hmcts/ccd/domain/service/aggregated/AuthorisedGetCaseHistoryViewOperationTest.java +++ b/src/test/java/uk/gov/hmcts/ccd/domain/service/aggregated/AuthorisedGetCaseHistoryViewOperationTest.java @@ -164,12 +164,13 @@ private static Set createAccessProfiles(Set userRoles) { private static List createAccessControlList(Set userRoles) { return userRoles.stream() - .map(userRole -> { - AccessControlList controlList = new AccessControlList(); - controlList.setAccessProfile(userRole); - controlList.setRead(true); - return controlList; - }) + .map(userRole -> AccessControlList.builder() + .accessProfile(userRole) + .create(false) + .read(true) + .update(false) + .delete(false) + .build()) .toList(); } diff --git a/src/test/java/uk/gov/hmcts/ccd/domain/service/aggregated/AuthorisedGetCaseTypeDefinitionOperationTest.java b/src/test/java/uk/gov/hmcts/ccd/domain/service/aggregated/AuthorisedGetCaseTypeDefinitionOperationTest.java index 5e0803fc79..ad6fc479bb 100644 --- a/src/test/java/uk/gov/hmcts/ccd/domain/service/aggregated/AuthorisedGetCaseTypeDefinitionOperationTest.java +++ b/src/test/java/uk/gov/hmcts/ccd/domain/service/aggregated/AuthorisedGetCaseTypeDefinitionOperationTest.java @@ -10,6 +10,7 @@ import org.mockito.Mock; import org.mockito.MockitoAnnotations; import uk.gov.hmcts.ccd.domain.model.casedataaccesscontrol.AccessProfile; +import uk.gov.hmcts.ccd.domain.model.definition.AccessControlList; import uk.gov.hmcts.ccd.domain.model.definition.CaseEventDefinition; import uk.gov.hmcts.ccd.domain.model.definition.CaseFieldDefinition; import uk.gov.hmcts.ccd.domain.model.definition.CaseStateDefinition; @@ -33,7 +34,6 @@ import static uk.gov.hmcts.ccd.domain.service.common.AccessControlService.CAN_CREATE; import static uk.gov.hmcts.ccd.domain.service.common.AccessControlService.CAN_READ; import static uk.gov.hmcts.ccd.domain.service.common.AccessControlService.CAN_UPDATE; -import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.AccessControlListBuilder.anAcl; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.CaseEventBuilder.newCaseEvent; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.CaseFieldBuilder.newCaseField; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.CaseStateBuilder.newState; @@ -79,90 +79,132 @@ class AuthorisedGetCaseTypeDefinitionOperationTest { private static final CaseStateDefinition CASE_STATE_3_1 = newState().withId(STATE_ID_3_1).build(); private static final CaseStateDefinition CASE_STATE_3_2 = newState().withId(STATE_ID_3_2).build(); private static final CaseEventDefinition CASE_EVENT_1_1 = newCaseEvent().withId(EVENT_ID_1_1) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .read(true) + .update(false) + .delete(false) .build()) .build(); private static final CaseEventDefinition CASE_EVENT_1_3 = newCaseEvent().withId(EVENT_ID_1_3) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) + .read(true) + .update(true) + .delete(false) .build()) .build(); + private static final CaseEventDefinition CASE_EVENT_2_3 = newCaseEvent().withId(EVENT_ID_2_3) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .read(true) + .update(false) + .delete(false) .build()) .build(); + private static final CaseEventDefinition CASE_EVENT_3_1 = newCaseEvent().withId(EVENT_ID_3_1) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .read(true) + .update(false) + .delete(false) .build()) .build(); + private static final CaseEventDefinition CASE_EVENT_3_2 = newCaseEvent().withId(EVENT_ID_3_2) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) + .read(true) + .update(true) + .delete(false) .build()) .build(); + private static final CaseEventDefinition CASE_EVENT_3_3 = newCaseEvent().withId(EVENT_ID_3_3) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .read(true) + .update(false) + .delete(false) .build()) .build(); private static final CaseFieldDefinition CASE_FIELD_1_1 = newCaseField().withId(CASE_FIELD_ID_1_1) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) + .read(false) + .update(false) + .delete(false) .build()) .build(); + private static final CaseFieldDefinition CASE_FIELD_1_2 = newCaseField().withId(CASE_FIELD_ID_1_2) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) + .read(true) + .update(false) + .delete(false) .build()) .build(); + private static final CaseFieldDefinition CASE_FIELD_1_3 = newCaseField().withId(CASE_FIELD_ID_1_3) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) + .read(false) + .update(false) + .delete(false) .build()) .build(); + private static final CaseFieldDefinition CASE_FIELD_2_3 = newCaseField().withId(CASE_FIELD_ID_2_3) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .read(true) + .update(false) + .delete(false) .build()) .build(); + private static final CaseFieldDefinition CASE_FIELD_3_1 = newCaseField().withId(CASE_FIELD_ID_3_1) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) + .read(true) + .update(true) + .delete(false) .build()) .build(); + private static final CaseFieldDefinition CASE_FIELD_3_2 = newCaseField().withId(CASE_FIELD_ID_3_2) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .read(false) + .update(true) + .delete(false) .build()) .build(); + private static final CaseFieldDefinition CASE_FIELD_3_3 = newCaseField().withId(CASE_FIELD_ID_3_3) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) + .read(true) + .update(false) + .delete(false) .build()) .build(); @@ -189,17 +231,17 @@ void setUp() { testCaseTypeDefinition1 = newCaseType() .withId(CASE_TYPE_ID) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .withState(CASE_STATE_1_1) .withState(CASE_STATE_1_2) .withEvent(CASE_EVENT_1_1) .withEvent(newCaseEvent() .withId(EVENT_ID_1_2) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build()) .withEvent(CASE_EVENT_1_3) @@ -210,35 +252,35 @@ void setUp() { testCaseTypeDefinition2 = newCaseType() .withId(CASE_TYPE_ID) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .withState(CASE_STATE_2_1) .withState(CASE_STATE_2_2) .withEvent(newCaseEvent() .withId(EVENT_ID_2_1) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .build()) .withEvent(newCaseEvent().withId(EVENT_ID_2_2) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .build()) .withEvent(CASE_EVENT_2_3) .withField(newCaseField().withId(CASE_FIELD_ID_2_1) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .build()) .withField(newCaseField().withId(CASE_FIELD_ID_2_2) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build()) .withField(CASE_FIELD_2_3) @@ -246,11 +288,11 @@ void setUp() { testCaseTypeDefinition3 = newCaseType() .withId(CASE_TYPE_ID) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withRead(true) - .withUpdate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .read(true) + .update(true) .build()) .withState(CASE_STATE_3_1) .withState(CASE_STATE_3_2) diff --git a/src/test/java/uk/gov/hmcts/ccd/domain/service/aggregated/AuthorisedGetCaseTypeDefinitionsOperationTest.java b/src/test/java/uk/gov/hmcts/ccd/domain/service/aggregated/AuthorisedGetCaseTypeDefinitionsOperationTest.java index c92ccfcb53..f99e260be0 100644 --- a/src/test/java/uk/gov/hmcts/ccd/domain/service/aggregated/AuthorisedGetCaseTypeDefinitionsOperationTest.java +++ b/src/test/java/uk/gov/hmcts/ccd/domain/service/aggregated/AuthorisedGetCaseTypeDefinitionsOperationTest.java @@ -11,6 +11,7 @@ import org.mockito.Mock; import org.mockito.MockitoAnnotations; import uk.gov.hmcts.ccd.domain.model.casedataaccesscontrol.AccessProfile; +import uk.gov.hmcts.ccd.domain.model.definition.AccessControlList; import uk.gov.hmcts.ccd.domain.model.definition.CaseEventDefinition; import uk.gov.hmcts.ccd.domain.model.definition.CaseFieldDefinition; import uk.gov.hmcts.ccd.domain.model.definition.CaseStateDefinition; @@ -34,7 +35,6 @@ import static uk.gov.hmcts.ccd.domain.service.common.AccessControlService.CAN_CREATE; import static uk.gov.hmcts.ccd.domain.service.common.AccessControlService.CAN_READ; import static uk.gov.hmcts.ccd.domain.service.common.AccessControlService.CAN_UPDATE; -import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.AccessControlListBuilder.anAcl; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.CaseEventBuilder.newCaseEvent; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.CaseFieldBuilder.newCaseField; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.CaseStateBuilder.newState; @@ -83,97 +83,97 @@ class AuthorisedGetCaseTypeDefinitionsOperationTest { private static final CaseStateDefinition CASE_STATE_3_1 = newState().withId(STATE_ID_3_1).build(); private static final CaseStateDefinition CASE_STATE_3_2 = newState().withId(STATE_ID_3_2).build(); private static final CaseEventDefinition CASE_EVENT_1_1 = newCaseEvent().withId(EVENT_ID_1_1) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withRead(true) - .build()) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .read(true) + .build()) .build(); private static final CaseEventDefinition CASE_EVENT_1_2 = newCaseEvent().withId(EVENT_ID_1_2) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) - .withRead(true) - .build()) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) + .read(true) + .build()) .build(); private static final CaseEventDefinition CASE_EVENT_1_3 = newCaseEvent().withId(EVENT_ID_1_3) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) - .withRead(true) - .build()) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) + .read(true) + .build()) .build(); private static final CaseEventDefinition CASE_EVENT_2_3 = newCaseEvent().withId(EVENT_ID_2_3) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withRead(true) - .build()) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .read(true) + .build()) .build(); private static final CaseEventDefinition CASE_EVENT_3_1 = newCaseEvent().withId(EVENT_ID_3_1) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withRead(true) - .build()) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .read(true) + .build()) .build(); private static final CaseEventDefinition CASE_EVENT_3_2 = newCaseEvent().withId(EVENT_ID_3_2) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) - .withRead(true) - .build()) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) + .read(true) + .build()) .build(); private static final CaseEventDefinition CASE_EVENT_3_3 = newCaseEvent().withId(EVENT_ID_3_3) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withRead(true) - .build()) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .read(true) + .build()) .build(); private static final CaseFieldDefinition CASE_FIELD_1_1 = newCaseField().withId(CASE_FIELD_ID_1_1) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .build()) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .build()) .build(); private static final CaseFieldDefinition CASE_FIELD_1_2 = newCaseField().withId(CASE_FIELD_ID_1_2) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) - .build()) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) + .build()) .build(); private static final CaseFieldDefinition CASE_FIELD_1_3 = newCaseField().withId(CASE_FIELD_ID_1_3) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .build()) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .build()) .build(); private static final CaseFieldDefinition CASE_FIELD_2_3 = newCaseField().withId(CASE_FIELD_ID_2_3) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withRead(true) - .build()) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .read(true) + .build()) .build(); private static final CaseFieldDefinition CASE_FIELD_3_1 = newCaseField().withId(CASE_FIELD_ID_3_1) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) - .withRead(true) - .build()) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) + .read(true) + .build()) .build(); private static final CaseFieldDefinition CASE_FIELD_3_2 = newCaseField().withId(CASE_FIELD_ID_3_2) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) - .withCreate(true) - .build()) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) + .create(true) + .build()) .build(); private static final CaseFieldDefinition CASE_FIELD_3_3 = newCaseField().withId(CASE_FIELD_ID_3_3) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) - .build()) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) + .build()) .build(); @@ -197,19 +197,19 @@ void setUp() { MockitoAnnotations.openMocks(this); testCaseType1 = newCaseType() - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) - .build()) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) + .build()) .withState(CASE_STATE_1_1) .withState(CASE_STATE_1_2) .withEvent(CASE_EVENT_1_1) .withEvent(newCaseEvent() - .withId(EVENT_ID_1_2) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .build()) - .build()) + .withId(EVENT_ID_1_2) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .build()) + .build()) .withEvent(CASE_EVENT_1_3) .withField(CASE_FIELD_1_1) .withField(CASE_FIELD_1_2) @@ -218,48 +218,48 @@ void setUp() { .build(); testCaseType2 = newCaseType() - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .build()) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .build()) .withState(CASE_STATE_2_1) .withState(CASE_STATE_2_2) .withEvent(newCaseEvent() - .withId(EVENT_ID_2_1) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) - .build()) - .build()) + .withId(EVENT_ID_2_1) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) + .build()) + .build()) .withEvent(newCaseEvent().withId(EVENT_ID_2_2) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) - .build()) - .build()) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) + .build()) + .build()) .withEvent(CASE_EVENT_2_3) .withField(newCaseField().withId(CASE_FIELD_ID_2_1) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) - .build()) - .build()) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) + .build()) + .build()) .withField(newCaseField().withId(CASE_FIELD_ID_2_2) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .build()) - .build()) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .build()) + .build()) .withField(CASE_FIELD_2_3) .withId(CASE_TYPE_ID) .build(); testCaseType3 = newCaseType() - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withRead(true) - .withUpdate(true) - .build()) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .read(true) + .update(true) + .build()) .withState(CASE_STATE_3_1) .withState(CASE_STATE_3_2) .withEvent(CASE_EVENT_3_1) diff --git a/src/test/java/uk/gov/hmcts/ccd/domain/service/aggregated/AuthorisedGetCaseViewOperationTest.java b/src/test/java/uk/gov/hmcts/ccd/domain/service/aggregated/AuthorisedGetCaseViewOperationTest.java index dcedbe120c..f2c48f4adc 100644 --- a/src/test/java/uk/gov/hmcts/ccd/domain/service/aggregated/AuthorisedGetCaseViewOperationTest.java +++ b/src/test/java/uk/gov/hmcts/ccd/domain/service/aggregated/AuthorisedGetCaseViewOperationTest.java @@ -58,7 +58,6 @@ import static org.mockito.Mockito.when; import static uk.gov.hmcts.ccd.domain.service.common.AccessControlService.CAN_READ; import static uk.gov.hmcts.ccd.domain.service.common.AccessControlService.CAN_UPDATE; -import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.AccessControlListBuilder.anAcl; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.CaseDetailsBuilder.newCaseDetails; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.CaseEventBuilder.newCaseEvent; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.CaseTypeBuilder.newCaseType; @@ -97,10 +96,10 @@ class AuthorisedGetCaseViewOperationTest { .withJurisdictionId(JURISDICTION_ID) .withName(JURISDICTION_ID) .build(); - private static final AccessControlList acl1 = anAcl().withRole("caseworker-sscs") - .withCreate(true).withRead(true).withUpdate(true).withDelete(true).build(); - private static final AccessControlList acl2 = anAcl().withRole("caseworker-sscs-clerk") - .withCreate(false).withRead(true).withUpdate(false).withDelete(false).build(); + private static final AccessControlList acl1 = AccessControlList.builder().accessProfile("caseworker-sscs") + .create(true).read(true).update(true).delete(true).build(); + private static final AccessControlList acl2 = AccessControlList.builder().accessProfile("caseworker-sscs-clerk") + .create(false).read(true).update(false).delete(false).build(); private static final CaseTypeDefinition TEST_CASE_TYPE = newCaseType() .withId(CASE_TYPE_ID) .withJurisdiction(jurisdiction) diff --git a/src/test/java/uk/gov/hmcts/ccd/domain/service/aggregated/CaseSearchResultViewGeneratorTest.java b/src/test/java/uk/gov/hmcts/ccd/domain/service/aggregated/CaseSearchResultViewGeneratorTest.java index 0b8f4db29c..d34a700028 100644 --- a/src/test/java/uk/gov/hmcts/ccd/domain/service/aggregated/CaseSearchResultViewGeneratorTest.java +++ b/src/test/java/uk/gov/hmcts/ccd/domain/service/aggregated/CaseSearchResultViewGeneratorTest.java @@ -25,6 +25,7 @@ import uk.gov.hmcts.ccd.domain.model.casedataaccesscontrol.AccessProfile; import uk.gov.hmcts.ccd.domain.model.casedataaccesscontrol.CaseAccessMetadata; import uk.gov.hmcts.ccd.domain.model.casedataaccesscontrol.enums.GrantType; +import uk.gov.hmcts.ccd.domain.model.definition.AccessControlList; import uk.gov.hmcts.ccd.domain.model.definition.CaseDetails; import uk.gov.hmcts.ccd.domain.model.definition.CaseFieldDefinition; import uk.gov.hmcts.ccd.domain.model.definition.CaseTypeDefinition; @@ -67,7 +68,6 @@ import static uk.gov.hmcts.ccd.domain.service.aggregated.SearchResultUtil.SearchResultBuilder.searchResult; import static uk.gov.hmcts.ccd.domain.service.aggregated.SearchResultUtil.buildData; import static uk.gov.hmcts.ccd.domain.service.aggregated.SearchResultUtil.buildSearchResultField; -import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.AccessControlListBuilder.anAcl; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.CaseFieldBuilder.newCaseField; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.CaseTypeBuilder.newCaseType; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.ComplexACLBuilder.aComplexACL; @@ -196,44 +196,44 @@ void setUp() throws IOException { .withFieldType(textFieldType()) .withCaseTypeId(CASE_TYPE_ID_1) .withSC(SECURITY_CLASSIFICATION.name()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build(); final CaseFieldDefinition motherName = newCaseField().withId(MOTHER_NAME) .withFieldType(textFieldType()) .withCaseTypeId(CASE_TYPE_ID_1) .withSC(SECURITY_CLASSIFICATION.name()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build(); final CaseFieldDefinition addressLine1 = newCaseField().withId(ADDRESS_LINE_1) .withFieldType(textFieldType()) .withCaseTypeId(CASE_TYPE_ID_1) .withSC(SECURITY_CLASSIFICATION.name()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build(); final CaseFieldDefinition postCode = newCaseField().withId(POSTCODE) .withFieldType(textFieldType()) .withCaseTypeId(CASE_TYPE_ID_1) .withSC(SECURITY_CLASSIFICATION.name()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build(); final FieldTypeDefinition addressFieldTypeDefinition = aFieldType().withId(FAMILY_ADDRESS).withType(COMPLEX) .withComplexField(addressLine1).withComplexField(postCode).build(); final CaseFieldDefinition familyAddress = newCaseField().withId(FAMILY_ADDRESS).withFieldType(addressFieldTypeDefinition) .withCaseTypeId(CASE_TYPE_ID_1) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) - .build()).build(); + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) + .build()).build(); final FieldTypeDefinition familyDetailsFieldTypeDefinition = aFieldType().withId(FAMILY).withType(COMPLEX) @@ -249,36 +249,36 @@ void setUp() throws IOException { .withJurisdiction(jurisdiction) .withField(newCaseField().withId(CASE_FIELD_1).withFieldType(textFieldType()) .withCaseTypeId(CASE_TYPE_ID_1) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .withField(newCaseField().withId(CASE_FIELD_2).withFieldType(textFieldType()) .withCaseTypeId(CASE_TYPE_ID_1) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .withField(newCaseField().withId(CASE_FIELD_3).withFieldType(textFieldType()) .withCaseTypeId(CASE_TYPE_ID_1) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .withField(newCaseField().withId(FAMILY_DETAILS).withFieldType(familyDetailsFieldTypeDefinition) .withCaseTypeId(CASE_TYPE_ID_1) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()) .withComplexACL(aComplexACL() - .withListElementCode("Line1") - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) - .withUpdate(false) + .listElementCode("Line1") + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) + .update(false) .build()) .build()) .withSecurityClassification(SecurityClassification.PUBLIC) @@ -289,16 +289,16 @@ void setUp() throws IOException { .withJurisdiction(jurisdiction) .withField(newCaseField().withId(CASE_FIELD_4).withFieldType(textFieldType()) .withCaseTypeId(CASE_TYPE_ID_2) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .withField(newCaseField().withId(CASE_FIELD_5).withFieldType(textFieldType()) .withCaseTypeId(CASE_TYPE_ID_2) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .build(); @@ -443,30 +443,30 @@ void shouldBuildHeaderFieldsForPermittedRoles() { .withJurisdiction(jurisdiction) .withField(newCaseField().withId(CASE_FIELD_1) .withCaseTypeId(CASE_TYPE_ID_1) - .withFieldType(textFieldType()).withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withFieldType(textFieldType()).withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .withField(newCaseField().withId(CASE_FIELD_2) .withCaseTypeId(CASE_TYPE_ID_1) - .withFieldType(textFieldType()).withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withFieldType(textFieldType()).withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .withField(newCaseField().withId(CASE_FIELD_4) .withCaseTypeId(CASE_TYPE_ID_1) - .withFieldType(textFieldType()).withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withFieldType(textFieldType()).withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .withField(newCaseField().withId(CASE_FIELD_5) .withCaseTypeId(CASE_TYPE_ID_1) - .withFieldType(textFieldType()).withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withFieldType(textFieldType()).withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .build(); @@ -540,31 +540,31 @@ void shouldBuildHeaderFieldsWithNoDuplicateColumnsForMultiplePermittedRoles() { .withJurisdiction(jurisdiction) .withField(newCaseField().withId(CASE_FIELD_1).withFieldType(textFieldType()) .withCaseTypeId(CASE_TYPE_ID_1) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .withField(newCaseField().withId(CASE_FIELD_2) .withCaseTypeId(CASE_TYPE_ID_1) - .withFieldType(textFieldType()).withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) - .build()).build()) + .withFieldType(textFieldType()).withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) + .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .withField(newCaseField().withId(CASE_FIELD_4) .withCaseTypeId(CASE_TYPE_ID_1) - .withFieldType(textFieldType()).withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) - .build()).build()) + .withFieldType(textFieldType()).withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) + .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .withField(newCaseField().withId(CASE_FIELD_5) .withCaseTypeId(CASE_TYPE_ID_1) - .withFieldType(textFieldType()).withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) - .build()).build()) + .withFieldType(textFieldType()).withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) + .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .build(); when(caseTypeService.getCaseType(eq(CASE_TYPE_ID_1))).thenReturn(caseTypeDefinition); @@ -723,9 +723,10 @@ void shouldNotNotReturnHeaderFieldsWhenNoNestedElementFoundForPath() { .build(); CaseTypeDefinition caseTypeWithoutCaseFieldDefinition = newCaseType().withCaseTypeId(CASE_TYPE_ID_1) .withJurisdiction(jurisdiction) - .withField(newCaseField().withId(CASE_FIELD_1).withFieldType(textFieldType()).withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withField(newCaseField().withId(CASE_FIELD_1).withFieldType(textFieldType()) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC).build(); when(searchResultDefinitionService.getSearchResultDefinition(any(), any(), any())).thenReturn(searchResult); diff --git a/src/test/java/uk/gov/hmcts/ccd/domain/service/aggregated/CaseSearchesViewAccessControlTest.java b/src/test/java/uk/gov/hmcts/ccd/domain/service/aggregated/CaseSearchesViewAccessControlTest.java index 8a666b7398..f1a4fe3571 100644 --- a/src/test/java/uk/gov/hmcts/ccd/domain/service/aggregated/CaseSearchesViewAccessControlTest.java +++ b/src/test/java/uk/gov/hmcts/ccd/domain/service/aggregated/CaseSearchesViewAccessControlTest.java @@ -18,6 +18,7 @@ import uk.gov.hmcts.ccd.data.casedetails.SecurityClassification; import uk.gov.hmcts.ccd.data.user.UserRepository; import uk.gov.hmcts.ccd.domain.model.casedataaccesscontrol.AccessProfile; +import uk.gov.hmcts.ccd.domain.model.definition.AccessControlList; import uk.gov.hmcts.ccd.domain.model.definition.CaseFieldDefinition; import uk.gov.hmcts.ccd.domain.model.definition.CaseTypeDefinition; import uk.gov.hmcts.ccd.domain.model.definition.FieldTypeDefinition; @@ -40,7 +41,6 @@ import static uk.gov.hmcts.ccd.domain.service.aggregated.SearchResultUtil.SearchResultBuilder.searchResult; import static uk.gov.hmcts.ccd.domain.service.aggregated.SearchResultUtil.buildData; import static uk.gov.hmcts.ccd.domain.service.aggregated.SearchResultUtil.buildSearchResultField; -import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.AccessControlListBuilder.anAcl; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.CaseFieldBuilder.newCaseField; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.CaseTypeBuilder.newCaseType; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.FieldTypeBuilder.aFieldType; @@ -128,25 +128,24 @@ void setUp() throws IOException { .withCaseTypeId(CASE_TYPE_ID_1) .withJurisdiction(jurisdiction) .withField(newCaseField().withId(CASE_FIELD_1).withFieldType(textFieldType()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .withField(newCaseField().withId(CASE_FIELD_2).withFieldType(textFieldType()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .withField(newCaseField().withId(CASE_FIELD_3).withFieldType(textFieldType()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .build(); - when(caseTypeService.getCaseType(eq(CASE_TYPE_ID_1))).thenReturn(caseTypeDefinition1); SearchResultDefinition caseType1SearchResult = searchResult() @@ -171,23 +170,23 @@ void shouldReturnTrueForFilterResultsBySearchResultsDefinition() { .withJurisdiction(jurisdiction) .withField(newCaseField().withId(CASE_FIELD_1).withFieldType(textFieldType()) .withCaseTypeId(CASE_TYPE_ID_1) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .withField(newCaseField().withId(CASE_FIELD_2).withFieldType(textFieldType()) .withCaseTypeId(CASE_TYPE_ID_1) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .withField(newCaseField().withId(CASE_FIELD_3).withFieldType(textFieldType()) .withCaseTypeId(CASE_TYPE_ID_1) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .build(); @@ -205,21 +204,21 @@ void shouldReturnTrueForFilterResultsBySearchResultsDefinitionWhenUseCaseIsNull( .withCaseTypeId(CASE_TYPE_ID_1) .withJurisdiction(jurisdiction) .withField(newCaseField().withId(CASE_FIELD_1).withFieldType(textFieldType()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .withField(newCaseField().withId(CASE_FIELD_2).withFieldType(textFieldType()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .withField(newCaseField().withId(CASE_FIELD_3).withFieldType(textFieldType()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .build(); @@ -237,21 +236,21 @@ void shouldReturnFalseForFilterResultsBySearchResultsDefinition() { .withCaseTypeId(CASE_TYPE_ID_1) .withJurisdiction(jurisdiction) .withField(newCaseField().withId(CASE_FIELD_1).withFieldType(textFieldType()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .withField(newCaseField().withId(CASE_FIELD_2).withFieldType(textFieldType()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .withField(newCaseField().withId(CASE_FIELD_3).withFieldType(textFieldType()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .build(); @@ -270,9 +269,9 @@ void shouldReturnTrueForFilterFieldByAuthorisationAccessOnField() { .withFieldType(textFieldType()) .withCaseTypeId(CASE_TYPE_ID_1) .withSC(SECURITY_CLASSIFICATION.name()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build(); mockAccessProfiles(); @@ -284,9 +283,9 @@ void shouldReturnFalseForFilterFieldByAuthorisationAccessOnField() { final CaseFieldDefinition postCode = newCaseField().withId(POSTCODE) .withFieldType(textFieldType()) .withSC(SECURITY_CLASSIFICATION.name()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build(); mockAccessProfiles(ROLE_IN_USER_ROLE_2); diff --git a/src/test/java/uk/gov/hmcts/ccd/domain/service/callbacks/EventTokenServiceTest.java b/src/test/java/uk/gov/hmcts/ccd/domain/service/callbacks/EventTokenServiceTest.java new file mode 100644 index 0000000000..29b959cdb3 --- /dev/null +++ b/src/test/java/uk/gov/hmcts/ccd/domain/service/callbacks/EventTokenServiceTest.java @@ -0,0 +1,450 @@ +package uk.gov.hmcts.ccd.domain.service.callbacks; + +import org.junit.jupiter.api.AfterEach; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; + +import static org.junit.Assert.assertThrows; +import static org.mockito.Mockito.doReturn; +import static org.mockito.Mockito.never; +import static org.mockito.Mockito.spy; +import static org.mockito.Mockito.times; +import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.when; + +import org.mockito.Mock; +import org.mockito.MockitoAnnotations; +import uk.gov.hmcts.ccd.ApplicationParams; +import uk.gov.hmcts.ccd.domain.model.callbacks.EventTokenProperties; +import uk.gov.hmcts.ccd.domain.model.definition.CaseDetails; +import uk.gov.hmcts.ccd.domain.model.definition.CaseEventDefinition; +import uk.gov.hmcts.ccd.domain.model.definition.CaseTypeDefinition; +import uk.gov.hmcts.ccd.domain.model.definition.JurisdictionDefinition; +import uk.gov.hmcts.ccd.domain.service.common.CaseService; +import uk.gov.hmcts.ccd.endpoint.exceptions.BadRequestException; +import uk.gov.hmcts.ccd.endpoint.exceptions.EventTokenException; +import uk.gov.hmcts.ccd.infrastructure.RandomKeyGenerator; + +class EventTokenServiceTest { + + public static final String TEST_TOKEN_SECRET = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"; + private EventTokenService eventTokenService; + + @Mock + private ApplicationParams applicationParams; + + @Mock + private CaseDetails caseDetails; + + @Mock + private CaseEventDefinition event; + + @Mock + private JurisdictionDefinition jurisdictionDefinition; + + @Mock + private CaseTypeDefinition caseTypeDefinition; + + @Mock + private RandomKeyGenerator randomKeyGenerator; + + @Mock + private CaseService caseService; + + private String token; + private String uid; + private EventTokenProperties eventTokenProperties; + + + private AutoCloseable openMocks; + + @BeforeEach + public void setUp() { + openMocks = MockitoAnnotations.openMocks(this); + + when(applicationParams.getTokenSecret()) + .thenReturn(TEST_TOKEN_SECRET); + when(applicationParams.isValidateTokenClaims()).thenReturn(true); + + // Now construct the service with mocked dependencies + eventTokenService = new EventTokenService(randomKeyGenerator, applicationParams, caseService); + + token = "token"; + uid = "userId"; + + eventTokenProperties = new EventTokenProperties( + uid, + "caseId", + "jurisdictionId", + "eventId", + "caseTypeId", + "version", + "caseState", + "1", + "1" + ); + } + + @Test + public void testValidateToken_NullToken() { + assertThrows(BadRequestException.class, () -> eventTokenService.validateToken(null,uid, caseDetails, + event, jurisdictionDefinition, caseTypeDefinition)); + } + + @Test + public void testValidateToken_EmptyToken() { + assertThrows(BadRequestException.class, () -> eventTokenService.validateToken("", uid, caseDetails, + event, jurisdictionDefinition, caseTypeDefinition)); + } + + @Test + public void testValidateToken_ValidTokenAllConditionsMet() { + EventTokenService spyEventTokenService = spy(eventTokenService); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + doReturn(eventTokenProperties).when(spyEventTokenService).parseToken(token); + + spyEventTokenService.validateToken(token, uid, caseDetails, event, jurisdictionDefinition, caseTypeDefinition); + + verify(caseDetails).setVersion(Integer.parseInt(eventTokenProperties.getEntityVersion())); + } + + @Test + public void testValidateToken_ValidTokenAllConditionsMetWithNullValues() { + EventTokenService spyEventTokenService = spy(eventTokenService); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + EventTokenProperties propertiesWithNull = new EventTokenProperties( + null, + null, + null, + null, + null, + "version", + "caseState", + "1", + "1" + ); + + doReturn(propertiesWithNull).when(spyEventTokenService).parseToken(token); + + spyEventTokenService.validateToken(token, uid, caseDetails, event, jurisdictionDefinition, caseTypeDefinition); + + verify(caseDetails).setVersion(Integer.parseInt(eventTokenProperties.getEntityVersion())); + } + + @Test + public void testValidateToken_ValidTokenConditionMetWithNullEventId() { + EventTokenService spyEventTokenService = spy(eventTokenService); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + EventTokenProperties eventTokenProperties = new EventTokenProperties( + uid, + "caseId", + "jurisdictionId", + null, + "caseTypeId", + "version", + "caseState", + "1", + "1" + ); + + doReturn(eventTokenProperties).when(spyEventTokenService).parseToken(token); + + spyEventTokenService.validateToken(token, uid, caseDetails, event, jurisdictionDefinition, caseTypeDefinition); + + verify(caseDetails).setVersion(Integer.parseInt(eventTokenProperties.getEntityVersion())); + } + + @Test + public void testValidateToken_ValidTokenConditionMetWithNullCaseId() { + EventTokenService spyEventTokenService = spy(eventTokenService); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + EventTokenProperties eventTokenProperties = new EventTokenProperties( + uid, + null, + "jurisdictionId", + "eventId", + "caseTypeId", + "version", + "caseState", + "1", + "1" + ); + + doReturn(eventTokenProperties).when(spyEventTokenService).parseToken(token); + + spyEventTokenService.validateToken(token, uid, caseDetails, event, jurisdictionDefinition, caseTypeDefinition); + + verify(caseDetails).setVersion(Integer.parseInt(eventTokenProperties.getEntityVersion())); + } + + @Test + public void testValidateToken_ValidTokenConditionMetWithNullJurisdictionId() { + EventTokenService spyEventTokenService = spy(eventTokenService); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + EventTokenProperties eventTokenProperties = new EventTokenProperties( + uid, + "caseId", + null, + "eventId", + "caseTypeId", + "version", + "caseState", + "1", + "1" + ); + + doReturn(eventTokenProperties).when(spyEventTokenService).parseToken(token); + + spyEventTokenService.validateToken(token, uid, caseDetails, event, jurisdictionDefinition, caseTypeDefinition); + + verify(caseDetails).setVersion(Integer.parseInt(eventTokenProperties.getEntityVersion())); + } + + @Test + public void testValidateToken_ValidTokenConditionMetWithNullCaseTypeId() { + EventTokenService spyEventTokenService = spy(eventTokenService); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + EventTokenProperties eventTokenProperties = new EventTokenProperties( + uid, + "caseId", + "jurisdictionId", + "eventId", + null, + "version", + "caseState", + "1", + "1" + ); + + doReturn(eventTokenProperties).when(spyEventTokenService).parseToken(token); + + spyEventTokenService.validateToken(token, uid, caseDetails, event, jurisdictionDefinition, caseTypeDefinition); + + verify(caseDetails).setVersion(Integer.parseInt(eventTokenProperties.getEntityVersion())); + } + + @Test + public void testValidateToken_ValidTokenConditionMetWithNullUid() { + EventTokenService spyEventTokenService = spy(eventTokenService); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + EventTokenProperties eventTokenProperties = new EventTokenProperties( + null, + "caseId", + "jurisdictionId", + "eventId", + "caseTypeId", + "version", + "caseState", + "1", + "1" + ); + + doReturn(eventTokenProperties).when(spyEventTokenService).parseToken(token); + + spyEventTokenService.validateToken(token, uid, caseDetails, event, jurisdictionDefinition, caseTypeDefinition); + + verify(caseDetails).setVersion(Integer.parseInt(eventTokenProperties.getEntityVersion())); + } + + @Test + public void testValidateToken_InvalidTokenConditionsEventIdNotMet() { + when(applicationParams.isValidateTokenClaims()).thenReturn(true); + EventTokenService spyEventTokenService = spy(new EventTokenService(null, + applicationParams, null)); + + when(event.getId()).thenReturn("differentEventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + doReturn(eventTokenProperties).when(spyEventTokenService).parseToken(token); + + assertThrows(EventTokenException.class, () -> spyEventTokenService.validateToken(token, uid, + caseDetails, event, jurisdictionDefinition, caseTypeDefinition)); + } + + @Test + public void testValidateToken_InvalidTokenConditionsCaseIdNotMet() { + when(applicationParams.isValidateTokenClaims()).thenReturn(true); + EventTokenService spyEventTokenService = spy(new EventTokenService(null, + applicationParams, null)); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("differentCaseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + doReturn(eventTokenProperties).when(spyEventTokenService).parseToken(token); + + assertThrows(EventTokenException.class, () -> spyEventTokenService.validateToken(token, uid, + caseDetails, event, jurisdictionDefinition, caseTypeDefinition)); + } + + @Test + public void testValidateToken_InvalidTokenConditionsJurisdictionIdNotMet() { + when(applicationParams.isValidateTokenClaims()).thenReturn(true); + EventTokenService spyEventTokenService = spy(new EventTokenService(null, + applicationParams, null)); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("differentJurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + doReturn(eventTokenProperties).when(spyEventTokenService).parseToken(token); + + assertThrows(EventTokenException.class, () -> spyEventTokenService.validateToken(token, uid, + caseDetails, event, jurisdictionDefinition, caseTypeDefinition)); + } + + @Test + public void testValidateToken_InvalidTokenConditionsCaseTypeIdNotMet() { + when(applicationParams.isValidateTokenClaims()).thenReturn(true); + EventTokenService spyEventTokenService = spy(new EventTokenService(null, + applicationParams, null)); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("differentCaseTypeId"); + + doReturn(eventTokenProperties).when(spyEventTokenService).parseToken(token); + + assertThrows(EventTokenException.class, () -> spyEventTokenService.validateToken(token, uid, + caseDetails, event, jurisdictionDefinition, caseTypeDefinition)); + } + + @Test + public void testValidateToken_InvalidTokenConditionsUidNotMet() { + EventTokenService spyEventTokenService = spy(eventTokenService); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + doReturn(eventTokenProperties).when(spyEventTokenService).parseToken(token); + + uid = "differentUid"; + assertThrows(EventTokenException.class, () -> spyEventTokenService.validateToken(token, uid, + caseDetails, event, jurisdictionDefinition, caseTypeDefinition)); + } + + @Test + public void testValidateToken_DoNothingWhenValidateClaimIsFalseForInvalidTokenConditionsUidNotMet() { + when(applicationParams.isValidateTokenClaims()).thenReturn(false); + + EventTokenService spyEventTokenService = spy(new EventTokenService(null, + applicationParams, null)); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + doReturn(eventTokenProperties).when(spyEventTokenService).parseToken(token); + + uid = "differentUid"; + + spyEventTokenService.validateToken(token, uid, caseDetails, event, jurisdictionDefinition, caseTypeDefinition); + + verify(spyEventTokenService, times(1)).parseToken(token); + verify(caseDetails, times(1)).setVersion(1); + } + + @Test + public void testValidateToken_NonNullEntityVersion() { + EventTokenService spyEventTokenService = spy(eventTokenService); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + EventTokenProperties propertiesWithVersion = new EventTokenProperties( + uid, + "caseId", + "jurisdictionId", + "eventId", + "caseTypeId", + "version", + "caseState", + "2", + "1" + ); + + doReturn(propertiesWithVersion).when(spyEventTokenService).parseToken(token); + + spyEventTokenService.validateToken(token, uid, caseDetails, event, jurisdictionDefinition, caseTypeDefinition); + + verify(caseDetails).setVersion(2); + } + + @Test + public void testValidateToken_NullEntityVersion() { + EventTokenService spyEventTokenService = spy(eventTokenService); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + EventTokenProperties propertiesWithVersion = new EventTokenProperties( + uid, + "caseId", + "jurisdictionId", + "eventId", + "caseTypeId", + "version", + "caseState", + null, + "1" + ); + + doReturn(propertiesWithVersion).when(spyEventTokenService).parseToken(token); + + spyEventTokenService.validateToken(token, uid, caseDetails, event, jurisdictionDefinition, caseTypeDefinition); + + verify(caseDetails, never()).setVersion(null); + } + + @AfterEach + public void tearDown() throws Exception { + openMocks.close(); + } +} diff --git a/src/test/java/uk/gov/hmcts/ccd/domain/service/casedataaccesscontrol/DefaultCaseDataAccessControlTest.java b/src/test/java/uk/gov/hmcts/ccd/domain/service/casedataaccesscontrol/DefaultCaseDataAccessControlTest.java index 8f7b6831e8..4737e767aa 100644 --- a/src/test/java/uk/gov/hmcts/ccd/domain/service/casedataaccesscontrol/DefaultCaseDataAccessControlTest.java +++ b/src/test/java/uk/gov/hmcts/ccd/domain/service/casedataaccesscontrol/DefaultCaseDataAccessControlTest.java @@ -85,7 +85,6 @@ import static org.mockito.Mockito.verifyNoInteractions; import static org.mockito.Mockito.when; import static uk.gov.hmcts.ccd.data.caseaccess.GlobalCaseRole.CREATOR; -import static uk.gov.hmcts.ccd.domain.model.casedataaccesscontrol.RoleAssignment.builder; import static uk.gov.hmcts.ccd.domain.model.casedataaccesscontrol.enums.GrantType.BASIC; import static uk.gov.hmcts.ccd.domain.model.casedataaccesscontrol.enums.GrantType.CHALLENGED; import static uk.gov.hmcts.ccd.domain.model.casedataaccesscontrol.enums.GrantType.SPECIFIC; @@ -920,9 +919,9 @@ void shouldNotGrantAccessToAccessLevelAllCreator() { } private List createAccessControlList() { - AccessControlList accessControlList = new AccessControlList(); - accessControlList.setAccessProfile(ROLE_NAME_1); - + AccessControlList accessControlList = AccessControlList.builder() + .accessProfile(ROLE_NAME_1) + .build(); return Lists.newArrayList(accessControlList); } @@ -938,7 +937,7 @@ private List createFilteringResults(Map roleName private RoleAssignment createRoleAssignmentAndRoleMatchingResult(String roleName, String grantType) { - return builder() + return RoleAssignment.builder() .roleName(roleName) .actorId(ACTOR_ID_1) .grantType(grantType) diff --git a/src/test/java/uk/gov/hmcts/ccd/domain/service/casedataaccesscontrol/PseudoRoleToAccessProfileGeneratorTest.java b/src/test/java/uk/gov/hmcts/ccd/domain/service/casedataaccesscontrol/PseudoRoleToAccessProfileGeneratorTest.java index 6e2ac26192..001f210874 100644 --- a/src/test/java/uk/gov/hmcts/ccd/domain/service/casedataaccesscontrol/PseudoRoleToAccessProfileGeneratorTest.java +++ b/src/test/java/uk/gov/hmcts/ccd/domain/service/casedataaccesscontrol/PseudoRoleToAccessProfileGeneratorTest.java @@ -144,10 +144,10 @@ private CaseFieldDefinition createCaseField(List acls, List caseEventDefinitions = Arrays.asList(event1, event2, event3); @@ -110,21 +110,21 @@ void doNotFilterCaseViewTriggersWhenACLsMatch() { void filterCaseViewTriggersWhenCreateACLIsMissing() { final CaseEventDefinition event1 = newCaseEvent() .withId(EVENT_ID_1) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) + .create(true) .build()).build(); final CaseEventDefinition event2 = newCaseEvent() .withId(EVENT_ID_2) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES_2) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES_2) + .create(true) .build()).build(); final CaseEventDefinition event3 = newCaseEvent() .withId(EVENT_ID_3) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()).build(); final List caseEventDefinitions = Arrays.asList(event1, event2, event3); @@ -147,16 +147,16 @@ void filterCaseFieldsUserHasAccess() { final CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId("Name") - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) .build()) .build()) .withField(newCaseField() .withId("Surname") - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_2) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_2) + .create(true) .build()) .build()) .build(); @@ -198,16 +198,16 @@ void filterCaseFieldsUserHasNoAccess() { final CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId("Name") - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) + .create(true) .build()) .build()) .withField(newCaseField() .withId("Surname") - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES_2) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES_2) + .create(true) .build()) .build()) .build(); @@ -247,9 +247,9 @@ void filterCaseFieldsWithNoDefinition() { final CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId("Surname") - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_2) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_2) + .create(true) .build()) .build()) .build(); @@ -298,9 +298,9 @@ void filterComplexCaseFieldChildrenByCreateAccess() { .withId("Text") .withType("Text") .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) .build()) .build()) .withField(newCaseField() @@ -309,37 +309,37 @@ void filterComplexCaseFieldChildrenByCreateAccess() { .withId("Text") .withType("Text") .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_2) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_2) + .create(true) .build()) .build()) .withField(newCaseField() .withId("BornAddress") .withFieldType(getAddressFieldType()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .withComplexACL(aComplexACL() - .withListElementCode("Name") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) + .listElementCode("Name") + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) .build()) .withComplexACL(aComplexACL() - .withListElementCode("Address") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("Address") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .withComplexACL(aComplexACL() - .withListElementCode("Address.Line1") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("Address.Line1") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .withComplexACL(aComplexACL() - .withListElementCode("Address.PostCode") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("Address.PostCode") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .build()) .build(); @@ -406,45 +406,45 @@ void filterComplexCaseFieldChildrenByCreateAccess() { @DisplayName("Should filter child fields of a collection caseField if UPDATE ACL is missing for child fields") void filterCollectionCaseFieldChildrenByUpdateAccess() { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build())); people.setComplexACLs(asList( aComplexACL() - .withListElementCode("LastName") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("LastName") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("BirthInfo") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("BirthInfo") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Notes") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Notes") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Addresses") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses.Address") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line1") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses.Address.Line1") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line2") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses.Address.Line2") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build() )); @@ -456,9 +456,9 @@ void filterCollectionCaseFieldChildrenByUpdateAccess() { .withId("Text") .withType("Text") .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(false) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(false) .build()) .build()) .withField(newCaseField() @@ -467,9 +467,9 @@ void filterCollectionCaseFieldChildrenByUpdateAccess() { .withId("Text") .withType("Text") .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_2) - .withUpdate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_2) + .update(true) .build()) .build()) .build(); @@ -582,45 +582,45 @@ void filterCollectionCaseFieldChildrenByUpdateAccess() { + " - alternate") void filterCollectionCaseFieldChildrenByUpdateAccessAlternate() { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build())); people.setComplexACLs(asList( aComplexACL() - .withListElementCode("LastName") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("LastName") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("BirthInfo") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("BirthInfo") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Notes") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Notes") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Addresses") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(false) + .listElementCode("Addresses.Address") + .accessProfile(ROLE_IN_USER_ROLES) + .update(false) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line1") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(false) + .listElementCode("Addresses.Address.Line1") + .accessProfile(ROLE_IN_USER_ROLES) + .update(false) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line2") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(false) + .listElementCode("Addresses.Address.Line2") + .accessProfile(ROLE_IN_USER_ROLES) + .update(false) .build() )); @@ -632,9 +632,9 @@ void filterCollectionCaseFieldChildrenByUpdateAccessAlternate() { .withId("Text") .withType("Text") .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(false) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(false) .build()) .build()) .withField(newCaseField() @@ -643,9 +643,9 @@ void filterCollectionCaseFieldChildrenByUpdateAccessAlternate() { .withId("Text") .withType("Text") .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_2) - .withUpdate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_2) + .update(true) .build()) .build()) .build(); @@ -707,95 +707,95 @@ void filterCollectionCaseFieldChildrenByUpdateAccessAlternate() { @DisplayName("Should filter child fields of a collection caseField if CREATE ACL is missing for child fields") void filterCollectionCaseFieldChildrenByCreateAccess() { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build())); people.setComplexACLs(asList( aComplexACL() - .withListElementCode("LastName") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("LastName") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("BirthInfo") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("BirthInfo") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("BirthInfo.BornCity") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("BirthInfo.BornCity") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("BirthInfo.BornCountry") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) + .listElementCode("BirthInfo.BornCountry") + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) .build(), aComplexACL() - .withListElementCode("BirthInfo.BornAddress") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("BirthInfo.BornAddress") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("BirthInfo.BornAddress.Name") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) + .listElementCode("BirthInfo.BornAddress.Name") + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) .build(), aComplexACL() - .withListElementCode("BirthInfo.BornAddress.Address") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("BirthInfo.BornAddress.Address") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("BirthInfo.BornAddress.Address.Line1") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("BirthInfo.BornAddress.Address.Line1") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("BirthInfo.BornAddress.Address.Country") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("BirthInfo.BornAddress.Address.Country") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("Notes") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("Notes") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("Notes.Txt") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) + .listElementCode("Notes.Txt") + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) .build(), aComplexACL() - .withListElementCode("Notes.Tags") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("Notes.Tags") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("Notes.Tags.Tag") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("Notes.Tags.Tag") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("Addresses") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("Addresses") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("Addresses.Address") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line1") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("Addresses.Address.Line1") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line2") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("Addresses.Address.Line2") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build() )); @@ -807,9 +807,9 @@ void filterCollectionCaseFieldChildrenByCreateAccess() { .withId("Text") .withType("Text") .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) .build()) .build()) .withField(newCaseField() @@ -818,9 +818,9 @@ void filterCollectionCaseFieldChildrenByCreateAccess() { .withId("Text") .withType("Text") .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_2) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_2) + .create(true) .build()) .build()) .build(); @@ -1085,95 +1085,95 @@ void filterCollectionCaseFieldChildrenByCreateAccess() { @DisplayName("Should filter all when filtered for UPDATE but ACLs are for CREATE") void filterAllByUpdateAccessWhenAllAccessIsOnCreate() { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build())); people.setComplexACLs(asList( aComplexACL() - .withListElementCode("LastName") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("LastName") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("BirthInfo") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("BirthInfo") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("BirthInfo.BornCity") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("BirthInfo.BornCity") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("BirthInfo.BornCountry") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) + .listElementCode("BirthInfo.BornCountry") + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) .build(), aComplexACL() - .withListElementCode("BirthInfo.BornAddress") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("BirthInfo.BornAddress") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("BirthInfo.BornAddress.Name") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) + .listElementCode("BirthInfo.BornAddress.Name") + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) .build(), aComplexACL() - .withListElementCode("BirthInfo.BornAddress.Address") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("BirthInfo.BornAddress.Address") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("BirthInfo.BornAddress.Address.Line1") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("BirthInfo.BornAddress.Address.Line1") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("BirthInfo.BornAddress.Address.Country") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("BirthInfo.BornAddress.Address.Country") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("Notes") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("Notes") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("Notes.Txt") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) + .listElementCode("Notes.Txt") + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) .build(), aComplexACL() - .withListElementCode("Notes.Tags") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("Notes.Tags") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("Notes.Tags.Tag") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("Notes.Tags.Tag") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("Addresses") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("Addresses") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("Addresses.Address") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line1") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("Addresses.Address.Line1") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line2") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("Addresses.Address.Line2") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build() )); @@ -1185,9 +1185,9 @@ void filterAllByUpdateAccessWhenAllAccessIsOnCreate() { .withId("Text") .withType("Text") .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) .build()) .build()) .withField(newCaseField() @@ -1196,9 +1196,9 @@ void filterAllByUpdateAccessWhenAllAccessIsOnCreate() { .withId("Text") .withType("Text") .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_2) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_2) + .create(true) .build()) .build()) .build(); @@ -1254,9 +1254,9 @@ void leaveComplexCaseFieldWithPredefinedChildrenByUpdateAccess() { .withId("Text") .withType("Text") .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) .build()) .build()) .withField(newCaseField() @@ -1265,9 +1265,9 @@ void leaveComplexCaseFieldWithPredefinedChildrenByUpdateAccess() { .withId("Text") .withType("Text") .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_2) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_2) + .create(true) .build()) .build()) .withField(newCaseField() @@ -1276,9 +1276,9 @@ void leaveComplexCaseFieldWithPredefinedChildrenByUpdateAccess() { .withId(PREDEFINED_COMPLEX_ADDRESS_UK) .withType("Complex") .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_2) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_2) + .create(true) .build()) .build()) .build(); @@ -1336,9 +1336,9 @@ void filterComplexCaseFieldChildrenByUpdateAccessWhenAllAccessIsOnCreate() { .withId("Text") .withType("Text") .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) .build()) .build()) .withField(newCaseField() @@ -1347,9 +1347,9 @@ void filterComplexCaseFieldChildrenByUpdateAccessWhenAllAccessIsOnCreate() { .withId("Text") .withType("Text") .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_2) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_2) + .create(true) .build()) .build()) .withField(newCaseField() @@ -1358,9 +1358,9 @@ void filterComplexCaseFieldChildrenByUpdateAccessWhenAllAccessIsOnCreate() { .withId(PREDEFINED_COMPLEX_ADDRESS_UK) .withType("Complex") .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_2) - .withCreate(false) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_2) + .create(false) .build()) .build()) .build(); @@ -1425,21 +1425,21 @@ void updateCollectionDisplayContextParameterWhenFieldHasCreateDeleteRoles() { .withId("G339483948") .withType(COLLECTION) .build()) - .withACL(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withDelete(true) - .withUpdate(false) + .withACL(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .delete(true) + .update(false) .build()) .build(); caseViewField1.getFieldTypeDefinition().setCollectionFieldTypeDefinition(getPersonFieldType()); caseViewField1.getFieldTypeDefinition().getChildren().stream() .filter(e -> e.getId().equals("Addresses")).findFirst() - .get().setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withDelete(true) - .withUpdate(false) + .get().setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .delete(true) + .update(false) .build())); CaseUpdateViewEvent caseEventTrigger = newCaseUpdateViewEvent() @@ -1489,11 +1489,11 @@ void updateCollectionDisplayContextParameterWhenFieldHasUpdateRole() { .withId("G339483948") .withType(COLLECTION) .build()) - .withACL(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) - .withDelete(false) - .withUpdate(true) + .withACL(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) + .delete(false) + .update(true) .build()) .build(); caseViewField1.getFieldTypeDefinition().setCollectionFieldTypeDefinition(getPersonFieldType()); @@ -1530,11 +1530,11 @@ void updateCollectionDisplayContextParameterWhenFieldHasNoCreateDeleteUpdateRole .withId("G339483948") .withType(COLLECTION) .build()) - .withACL(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) - .withDelete(false) - .withUpdate(false) + .withACL(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) + .delete(false) + .update(false) .build()) .build(); caseViewField1.getFieldTypeDefinition().setCollectionFieldTypeDefinition(getPersonFieldType()); @@ -1576,9 +1576,9 @@ void doNotFilterCaseFieldsIfUserHasAccess() { .withId("Text") .withType("Text") .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .build(); final CaseFieldDefinition caseField2 = newCaseField() @@ -1587,9 +1587,9 @@ void doNotFilterCaseFieldsIfUserHasAccess() { .withId("Text") .withType("Text") .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .build(); final CaseFieldDefinition caseField3 = newCaseField() @@ -1598,9 +1598,9 @@ void doNotFilterCaseFieldsIfUserHasAccess() { .withId("Text") .withType("Text") .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .build(); List caseFieldDefinitions = Arrays.asList(caseField1, caseField2, caseField3); @@ -1624,9 +1624,9 @@ void filterCaseFieldsByUserAccess() { .withId("Text") .withType("Text") .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .build(); final CaseFieldDefinition caseField2 = newCaseField() @@ -1635,9 +1635,9 @@ void filterCaseFieldsByUserAccess() { .withId("Text") .withType("Text") .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .build(); final CaseFieldDefinition caseField3 = newCaseField() @@ -1646,9 +1646,9 @@ void filterCaseFieldsByUserAccess() { .withId("Text") .withType("Text") .build()) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) + .read(true) .build()) .build(); List caseFieldDefinitions = Arrays.asList(caseField1, caseField2, caseField3); @@ -1671,40 +1671,40 @@ class FilterCaseFieldsByAccessCompoundFieldTests { @DisplayName("Should filter sub fields of caseFields based on Complex ACLs on READ") void filterCaseFieldsUserHasReadAccess() { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build())); people.setComplexACLs(asList( aComplexACL() - .withListElementCode("FirstName") - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode("FirstName") + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build(), aComplexACL() - .withListElementCode("LastName") - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode("LastName") + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build(), aComplexACL() - .withListElementCode("Addresses") - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode("Addresses") + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address") - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode("Addresses.Address") + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line1") - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode("Addresses.Address.Line1") + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line2") - .withRole(ROLE_IN_USER_ROLES) - .withRead(false) + .listElementCode("Addresses.Address.Line2") + .accessProfile(ROLE_IN_USER_ROLES) + .read(false) .build() )); people.propagateACLsToNestedFields(); @@ -1734,40 +1734,40 @@ void filterCaseFieldsUserHasReadAccess() { @DisplayName("Should filter sub fields of caseFields based on Complex ACLs on UPDATE") void filterCaseFieldsUserHasUpdateAccess() { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build())); people.setComplexACLs(asList( aComplexACL() - .withListElementCode("FirstName") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("FirstName") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("LastName") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("LastName") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Addresses") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses.Address") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line1") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses.Address.Line1") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line2") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(false) + .listElementCode("Addresses.Address.Line2") + .accessProfile(ROLE_IN_USER_ROLES) + .update(false) .build() )); people.propagateACLsToNestedFields(); diff --git a/src/test/java/uk/gov/hmcts/ccd/domain/service/common/AccessControlServiceTest.java b/src/test/java/uk/gov/hmcts/ccd/domain/service/common/AccessControlServiceTest.java index 91822656f1..9965db5fd1 100644 --- a/src/test/java/uk/gov/hmcts/ccd/domain/service/common/AccessControlServiceTest.java +++ b/src/test/java/uk/gov/hmcts/ccd/domain/service/common/AccessControlServiceTest.java @@ -72,7 +72,6 @@ import static uk.gov.hmcts.ccd.domain.service.common.AccessControlService.CAN_UPDATE; import static uk.gov.hmcts.ccd.domain.service.common.AccessControlService.NO_ROLE_FOUND; import static uk.gov.hmcts.ccd.domain.service.common.AccessControlService.extractAccessProfileNames; -import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.AccessControlListBuilder.anAcl; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.AuditEventBuilder.anAuditEvent; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.CaseEventBuilder.newCaseEvent; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.CaseFieldBuilder.newCaseField; @@ -274,11 +273,13 @@ void shouldNotGrantAccessToStateForUserWithMissingRole() { CaseTypeDefinition caseType = newCaseType() .withState(newState() .withId(STATE_ID1) - .withAcl(anAcl().withRole(ROLE_NOT_IN_USER_ROLES).withCreate(true).withRead(true).build()) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES).create(true).read(true).build()) .build()) .withState(newState() .withId(STATE_ID2) - .withAcl(anAcl().withRole(ROLE_NOT_IN_USER_ROLES).withCreate(true).withRead(true).build()) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES).create(true).read(true).build()) .build()) .build(); @@ -310,11 +311,11 @@ void shouldNotGrantAccessToStateIfRelevantAclNotGrantingAccess() { CaseTypeDefinition caseType = newCaseType() .withState(newState() .withId(STATE_ID1) - .withAcl(anAcl().withRole(ROLE_IN_USER_ROLES).build()) + .withAcl(AccessControlList.builder().accessProfile(ROLE_IN_USER_ROLES).build()) .build()) .withState(newState() .withId(STATE_ID2) - .withAcl(anAcl().withRole(ROLE_IN_USER_ROLES_2).build()) + .withAcl(AccessControlList.builder().accessProfile(ROLE_IN_USER_ROLES_2).build()) .build()) .build(); @@ -334,11 +335,11 @@ void shouldGrantAccessToStateWithAclMatching() { CaseTypeDefinition caseType = newCaseType() .withState(newState() .withId(STATE_ID1) - .withAcl(anAcl().withRole(ROLE_IN_USER_ROLES).withCreate(true).build()) + .withAcl(AccessControlList.builder().accessProfile(ROLE_IN_USER_ROLES).create(true).build()) .build()) .withState(newState() .withId(STATE_ID2) - .withAcl(anAcl().withRole(ROLE_IN_USER_ROLES_2).withCreate(true).build()) + .withAcl(AccessControlList.builder().accessProfile(ROLE_IN_USER_ROLES_2).create(true).build()) .build()) .build(); @@ -366,15 +367,15 @@ void shouldNotGrantAccessToStateIfStateIsNotPresentInDefinition() { void shouldFilterStatesAccordingToACLs() { CaseStateDefinition caseState1 = newState() .withId(STATE_ID1) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .build(); CaseStateDefinition caseState2 = newState() .withId(STATE_ID2) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build(); CaseTypeDefinition caseTypeDefinition = newCaseType() @@ -396,20 +397,20 @@ void shouldFilterStatesAccordingToACLs() { void shouldFilterOutStatesWhenNoMatchingACLSs() { CaseStateDefinition caseState1 = newState() .withId(STATE_ID1) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build(); CaseStateDefinition caseState2 = newState() .withId(STATE_ID2) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build(); CaseStateDefinition caseState3 = newState() .withId("Some State") - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build(); CaseTypeDefinition caseTypeDefinition = newCaseType() @@ -461,10 +462,10 @@ void shouldNotGrantAccessToFieldsForUserWithMissingRole() throws IOException { CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) - .withCreate(true) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) + .create(true) + .read(true) .build()) .build()) .build(); @@ -501,21 +502,21 @@ void shouldNotGrantAccessToFieldsIfRelevantAclNotGrantingAccess() throws IOExcep CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_2) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_2) .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .build()) .withField(newCaseField() .withId("Addresses2") - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_2) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_2) .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_2) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_2) .build()) .build()) .build(); @@ -540,11 +541,11 @@ void shouldNotGrantAccessToNullValue() throws IOException { CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_3) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_3) .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build()) .build(); @@ -568,22 +569,22 @@ void shouldGrantAccessToFieldsWithAclMatching() throws IOException { CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_3) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_3) .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .build()) .withField(newCaseField() .withId("Addresses2") - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_3) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_3) .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .build()) .build(); @@ -664,9 +665,9 @@ void shouldGrantAccessToTextValueType() throws IOException { CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .build()) .build(); @@ -690,8 +691,8 @@ void shouldNotGrantAccessToEmptyTextType() throws IOException { CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build()) .build(); @@ -720,9 +721,9 @@ void shouldGrantAccessToCollectionType() throws IOException { CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .build()) .build(); @@ -768,8 +769,8 @@ void shouldNotGrantCreateAccessToCollectionTypeIfEmpty() throws IOException { CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build()) .build(); @@ -798,9 +799,9 @@ void shouldGrantAccessToComplexType() throws IOException { CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .build()) .build(); @@ -827,8 +828,8 @@ void shouldNotGrantAccessToComplexTypeIfEmpty() throws IOException { CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build()) .build(); @@ -887,11 +888,11 @@ void shouldNotGrantAccessToFieldsIfFieldIsMissingRelevantAclForUpdate() throws I .withField(newCaseField() .withId(ADDRESSES) .withFieldType(aFieldType().withType(TEXT).build()) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) - .withCreate(true) - .withRead(true) - .withUpdate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) + .create(true) + .read(true) + .update(true) .build()) .build()) .build(); @@ -907,11 +908,11 @@ void shouldNotGrantAccessToFieldsIfFieldIsMissingRelevantAclForCreate() throws I CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) - .withCreate(true) - .withRead(true) - .withUpdate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) + .create(true) + .read(true) + .update(true) .build()) .build()) .build(); @@ -928,10 +929,10 @@ void shouldNotGrantAccessToFieldIfRelevantAclNotGrantingAccessForUpdate() throws .withField(newCaseField() .withId(ADDRESSES) .withFieldType(aFieldType().withType(TEXT).build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .read(true) .build()) .build()) .build(); @@ -947,10 +948,10 @@ void shouldNotGrantAccessToFieldIfRelevantAclNotGrantingAccessForCreate() throws CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) - .withUpdate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) + .update(true) .build()) .build()) .build(); @@ -967,8 +968,8 @@ void shouldNotGrantAccessToFieldWithNullValueForUpdate() throws IOException { .withField(newCaseField() .withId(ADDRESSES) .withFieldType(aFieldType().withType(TEXT).build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build()) .build(); @@ -984,8 +985,8 @@ void shouldNotGrantAccessToFieldWithNullValueForCreate() throws IOException { CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build()) .build(); @@ -1001,11 +1002,11 @@ void shouldNotGrantAccessToFieldWithAclAccessGrantedAndFieldNameNotMatchingForUp CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withUpdate(true) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .update(true) + .read(true) .build()) .build()) .build(); @@ -1029,12 +1030,12 @@ void shouldNotGrantAccessToFieldWithAclAccessNotGrantedForCollectionOfDocuments( .build()) .build()) .withOrder(1) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) - .withUpdate(false) - .withDelete(false) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) + .update(false) + .delete(false) + .read(true) .build()) .build()) .build(); @@ -1095,11 +1096,11 @@ void shouldNotGrantAccessToFieldWithAclAccessGrantedAndFieldNameNotMatchingForCr CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withUpdate(true) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .update(true) + .read(true) .build()) .build()) .build(); @@ -1116,9 +1117,9 @@ void shouldGrantAccessToFieldWithAclMatchingForUpdate() throws IOException { .withField(newCaseField() .withId(ADDRESSES) .withFieldType(aFieldType().withType(TEXT).build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build()) .build()) .build(); @@ -1134,9 +1135,9 @@ void shouldGrantAccessToFieldWithAclMatchingForCreate() throws IOException { CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .build()) .build(); @@ -1152,8 +1153,8 @@ void shouldNotNeedToGrantAccessToFieldIfNoChangeInValue() throws IOException { CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build()) .build(); @@ -1170,32 +1171,32 @@ void shouldGrantAccessToFieldsIfAllFieldsHaveAccessGranted() throws IOException .withField(newCaseField() .withId(ADDRESSES) .withFieldType(aFieldType().withType(TEXT).build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .build()) .withField(newCaseField() .withId("FirstName") .withFieldType(aFieldType().withType(TEXT).build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build()) .build()) .withField(newCaseField() .withId("LastName") .withFieldType(aFieldType().withType(TEXT).build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build()) .withField(newCaseField() .withId("Mobile") .withFieldType(aFieldType().withType(TEXT).build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build()) .build()) .build(); @@ -1216,31 +1217,31 @@ void shouldNotGrantAccessToFieldsIfOneFieldDoesNotHaveAccessGranted() throws IOE .withField(newCaseField() .withId(ADDRESSES) .withFieldType(aFieldType().withType(TEXT).build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .build()) .withField(newCaseField() .withId("FirstName") .withFieldType(aFieldType().withType(TEXT).build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build()) .withField(newCaseField() .withId("LastName") .withFieldType(aFieldType().withType(TEXT).build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build()) .withField(newCaseField() .withId("Mobile") .withFieldType(aFieldType().withType(TEXT).build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .build()) .build(); @@ -1262,23 +1263,23 @@ void shouldNotGrantAccessToFieldsIfOneFieldDoesNotHaveAcls() throws IOException .withField(newCaseField() .withId(ADDRESSES) .withFieldType(aFieldType().withType(TEXT).build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .build()) .withField(newCaseField() .withId("FirstName") .withFieldType(aFieldType().withType(TEXT).build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build()) .withField(newCaseField() .withId("LastName") .withFieldType(aFieldType().withType(TEXT).build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build()) .build(); @@ -1321,9 +1322,8 @@ void shouldNotGrantAccessToEventForUserWithMissingRole() { final CaseTypeDefinition caseType = new CaseTypeDefinition(); CaseEventDefinition eventDefinition = new CaseEventDefinition(); eventDefinition.setId(EVENT_ID); - AccessControlList accessControlList = new AccessControlList(); - accessControlList.setAccessProfile(ROLE_NOT_IN_USER_ROLES); - accessControlList.setCreate(true); + AccessControlList accessControlList = + new AccessControlList(ROLE_NOT_IN_USER_ROLES, true, false, false,false); List accessControlLists = newArrayList(accessControlList); eventDefinition.setAccessControlLists(accessControlLists); caseType.setEvents(singletonList(eventDefinition)); @@ -1355,8 +1355,8 @@ void shouldNotGrantAccessToEventIfRelevantAclNotGrantingAccess() { final CaseTypeDefinition caseType = newCaseType() .withEvent(newCaseEvent() .withId(EVENT_ID) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build()) .build(); @@ -1376,8 +1376,8 @@ void shouldNotGrantAccessToNullValue() { final CaseTypeDefinition caseType = newCaseType() .withEvent(newCaseEvent() .withId(EVENT_ID) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build()) .build(); @@ -1397,9 +1397,9 @@ void shouldNotGrantAccessWithEventNameNotMatching() { final CaseTypeDefinition caseType = newCaseType() .withEvent(newCaseEvent() .withId(EVENT_ID) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .build()) .build(); @@ -1432,13 +1432,13 @@ void shouldGrantAccessToEventWithAclMatching() { final CaseTypeDefinition caseType = newCaseType() .withEvent(newCaseEvent() .withId(EVENT_ID) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) + .create(true) .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .build()) .build(); @@ -1476,9 +1476,9 @@ void shouldNotGrantAccessToCaseForUserWithMissingRole() { final CaseTypeDefinition caseType = newCaseType() .withEvent(newCaseEvent() .withId(EVENT_ID) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) + .create(true) .build()) .build()) .build(); @@ -1496,8 +1496,8 @@ void shouldNotGrantAccessToCaseForUserWithMissingRole() { void shouldNotGrantAccessToCaseIfRelevantAclNotGrantingAccess() { final CaseTypeDefinition caseType = newCaseType() .withEvent(newCaseEvent() - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build()) .build(); @@ -1538,12 +1538,12 @@ void shouldNotGrantAccessToCaseIfCaseTypeIsNull() { @DisplayName("Should grant access to case with acl matching") void shouldGrantAccessToCaseWithAclMatching() { final CaseTypeDefinition caseType = newCaseType() - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_3) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_3) .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .build(); @@ -1589,9 +1589,9 @@ void shouldNotReturnFieldForUserWithMissingRole() throws IOException { CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) + .read(true) .build()) .build()) .build(); @@ -1616,8 +1616,8 @@ void shouldNotGrantAccessToFieldsIfRelevantAclNotGrantingAccess() throws IOExcep CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build()) .build(); @@ -1642,11 +1642,11 @@ void shouldNotReturnDataWithAclFalseAndNullValue() throws IOException { CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_3) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_3) .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build()) .build(); @@ -1671,12 +1671,12 @@ void shouldNotReturnDataWithAclTrueAndFieldNameNotMatching() throws IOException CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_3) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_3) .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .build()) .build(); @@ -1701,12 +1701,12 @@ void shouldReturnDataWithAclTrueAndNullValue() throws IOException { CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_3) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_3) .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .build()) .build(); @@ -1731,12 +1731,12 @@ void shouldReturnDataWithAclTrueAndEmptyValue() throws IOException { CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_3) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_3) .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .build()) .build(); @@ -1761,12 +1761,12 @@ void shouldGrantAccessToFieldsWithAclMatching() throws IOException { CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_3) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_3) .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .build()) .build(); @@ -1796,8 +1796,8 @@ void shouldNotGrantAccessToEmptyTextType() throws IOException { CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build()) .build(); @@ -1822,16 +1822,16 @@ void shouldReturnDataWithNullAndEmptyValuesOnRootLevel() throws IOException { CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .build()) .withField(newCaseField() .withId("Addresses2") - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .build()) .build(); @@ -1867,9 +1867,9 @@ void shouldGrantAccessToCollectionType() throws IOException { CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .build()) .build(); @@ -1915,30 +1915,30 @@ void shouldGrantAccessToCollectionType() throws IOException { @DisplayName("Should return data if field and children have ACLs") void shouldGrantAccessToCollectionTypeChildren() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(singletonList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + people.setAccessControlLists(singletonList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build())); people.setComplexACLs(asList( aComplexACL() - .withListElementCode("FirstName") - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode("FirstName") + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build(), aComplexACL() - .withListElementCode("LastName") - .withRole(ROLE_IN_USER_ROLES) - .withRead(false) + .listElementCode("LastName") + .accessProfile(ROLE_IN_USER_ROLES) + .read(false) .build(), aComplexACL() - .withListElementCode(ADDRESSES) - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode(ADDRESSES) + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build(), aComplexACL() - .withListElementCode("Notes") - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode("Notes") + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build() )); @@ -1974,65 +1974,65 @@ void shouldGrantAccessToCollectionTypeChildren() throws IOException { @DisplayName("Should filter data when child doesnot have ACLs") void shouldfilterDataWhenChildDoesnotHaveACL() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(singletonList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + people.setAccessControlLists(singletonList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build())); people.setComplexACLs(asList( aComplexACL() - .withListElementCode("FirstName") - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode("FirstName") + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build(), aComplexACL() - .withListElementCode("LastName") - .withRole(ROLE_IN_USER_ROLES) - .withRead(false) + .listElementCode("LastName") + .accessProfile(ROLE_IN_USER_ROLES) + .read(false) .build(), aComplexACL() - .withListElementCode("BirthInfo") - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode("BirthInfo") + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build(), aComplexACL() - .withListElementCode("BirthInfo.BornCity") - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode("BirthInfo.BornCity") + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build(), aComplexACL() - .withListElementCode("BirthInfo.BornAddress") - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode("BirthInfo.BornAddress") + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build(), aComplexACL() - .withListElementCode("BirthInfo.BornAddress.Address") - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode("BirthInfo.BornAddress.Address") + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build(), aComplexACL() - .withListElementCode(ADDRESSES) - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode(ADDRESSES) + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build(), aComplexACL() - .withListElementCode("Addresses.Name") - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode("Addresses.Name") + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address") - .withRole(ROLE_IN_USER_ROLES) - .withRead(false) + .listElementCode("Addresses.Address") + .accessProfile(ROLE_IN_USER_ROLES) + .read(false) .build(), aComplexACL() - .withListElementCode("Notes") - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode("Notes") + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build(), aComplexACL() - .withListElementCode("Notes.Txt") - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode("Notes.Txt") + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build() )); @@ -2081,65 +2081,65 @@ void shouldFilterDataForMissingNodeAndReturnRemainingData() throws IOException { logger.addAppender(listAppender); final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(singletonList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + people.setAccessControlLists(singletonList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build())); people.setComplexACLs(asList( aComplexACL() - .withListElementCode("FirstName") - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode("FirstName") + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build(), aComplexACL() - .withListElementCode("LastName") - .withRole(ROLE_IN_USER_ROLES) - .withRead(false) + .listElementCode("LastName") + .accessProfile(ROLE_IN_USER_ROLES) + .read(false) .build(), aComplexACL() - .withListElementCode("BirthInfo") - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode("BirthInfo") + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build(), aComplexACL() - .withListElementCode("BirthInfo.BornCity") - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode("BirthInfo.BornCity") + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build(), aComplexACL() - .withListElementCode("BirthInfo.BornAddress") - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode("BirthInfo.BornAddress") + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build(), aComplexACL() - .withListElementCode("BirthInfo.BornAddress.Address") - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode("BirthInfo.BornAddress.Address") + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build(), aComplexACL() - .withListElementCode(ADDRESSES) - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode(ADDRESSES) + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build(), aComplexACL() - .withListElementCode("Addresses.Name") - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode("Addresses.Name") + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address") - .withRole(ROLE_IN_USER_ROLES) - .withRead(false) + .listElementCode("Addresses.Address") + .accessProfile(ROLE_IN_USER_ROLES) + .read(false) .build(), aComplexACL() - .withListElementCode("Notes") - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode("Notes") + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build(), aComplexACL() - .withListElementCode("Notes.Txt") - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .listElementCode("Notes.Txt") + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build() )); @@ -2162,8 +2162,8 @@ void shouldFilterDataForMissingNodeAndReturnRemainingData() throws IOException { () -> assertThat(jsonNode.get("People").get(1).get(VALUE).get("FirstName").textValue(), is("Andrew"))); List logsList = listAppender.list; - assertEquals("Can not find field with caseFieldId=BirthInfo, " - + "accessControlList=[ACL{accessProfile='caseworker-probate-loa1', crud=R}]", + assertEquals("Can not find field with caseFieldId=BirthInfo, accessControlList=[" + + "ACL{accessProfile='caseworker-probate-loa1', crud=R}, listElementCode='BirthInfo']", logsList.get(0).getFormattedMessage()); logger.detachAndStopAllAppenders(); @@ -2175,23 +2175,23 @@ void shouldReturnDataWithNullAndEmptyValuesOnRootLevel() throws IOException { CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .build()) .withField(newCaseField() .withId("Addresses2") - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .build()) .withField(newCaseField() .withId("Addresses3") - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .build()) .build(); @@ -2261,8 +2261,8 @@ void shouldNotGrantAccessToCollectionTypeIfEmpty() throws IOException { CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build()) .build(); @@ -2292,9 +2292,9 @@ void shouldGrantAccessToComplexType() throws IOException { CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .build()) .build(); @@ -2322,16 +2322,16 @@ void shouldReturnDataWithNullAndEmptyValuesOnRootLevel() throws IOException { CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .build()) .withField(newCaseField() .withId("Addresses2") - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .build()) .build(); @@ -2363,8 +2363,8 @@ void shouldNotGrantAccessToComplexTypeIfEmpty() throws IOException { CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build()) .build(); @@ -2448,9 +2448,9 @@ void shouldNotReturnEventForUserWithMissingRole() { final CaseTypeDefinition caseType = newCaseType() .withEvent(newCaseEvent() .withId(EVENT_ID) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) + .read(true) .build()) .build()) .build(); @@ -2470,8 +2470,8 @@ void shouldNotReturnEventIfRelevantAclNotGrantingAccess() { final CaseTypeDefinition caseType = newCaseType() .withEvent(newCaseEvent() .withId(EVENT_ID) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build()) .build(); @@ -2491,9 +2491,9 @@ void shouldNotReturnEventIfRelevantAclGrantingAccessAndEventNameNotMatching() { final CaseTypeDefinition caseType = newCaseType() .withEvent(newCaseEvent() .withId(EVENT_ID) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .build()) .build(); @@ -2513,9 +2513,9 @@ void shouldReturnEventWithAclMatching() { final CaseTypeDefinition caseType = newCaseType() .withEvent(newCaseEvent() .withId(EVENT_ID) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .build()) .build(); @@ -2536,17 +2536,17 @@ void shouldReturnEventWithAclMatchingFromGroup() { final CaseTypeDefinition caseType = newCaseType() .withEvent(newCaseEvent() .withId(EVENT_ID) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) + .read(true) .build()) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES_2) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES_2) + .read(true) .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .build()) .build(); @@ -2565,32 +2565,32 @@ void shouldReturnEventWithAclMatchingFromGroup() { void shouldReturnEventsWithAclsMatching() { final CaseTypeDefinition caseType = newCaseType() .withEvent(newCaseEvent().withId(EVENT_ID_WITH_ACCESS) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) .build()) .build()) .withEvent(newCaseEvent() .withId(EVENT_ID_WITHOUT_ACCESS) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_3) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_3) .build()) .build()) .withEvent(newCaseEvent() .withId(EVENT_ID_WITHOUT_ACCESS_2) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) + .read(true) .build()) .build()) .withEvent(newCaseEvent() .withId(EVENT_ID_WITH_ACCESS_2) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_2) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_2) + .read(true) .build()) .build()) .build(); @@ -2819,11 +2819,11 @@ void shouldSetReadonlyFlagIfRelevantAclMissingButHasReadAccessWithMultipartyFix( .withField(newCaseField() .withFieldType(aFieldType().withType(TEXT).build()) .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withUpdate(false) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .update(false) + .read(true) .build()) .build()) .build(); @@ -3089,24 +3089,24 @@ void shouldRemoveComplexParentWithChildrenIfRelevantAclMissingWithMultipartyFix( .build()) .build()) .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withUpdate(false) - .withRead(false) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .update(false) + .read(false) .build()) .withComplexACL( aComplexACL() - .withListElementCode(LINE1) - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) - .withUpdate(false) + .listElementCode(LINE1) + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) + .update(false) .build()) .withComplexACL( aComplexACL() - .withListElementCode(LINE2) - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode(LINE2) + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .build()) .build(); @@ -3157,24 +3157,24 @@ void shouldRemoveMultipleComplexParentWithChildrenIfRelevantAclMissingWithMultip .build()) .build()) .withId("ResidenceAddress") - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withUpdate(false) - .withRead(false) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .update(false) + .read(false) .build()) .withComplexACL( aComplexACL() - .withListElementCode(LINE1) - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) - .withUpdate(false) + .listElementCode(LINE1) + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) + .update(false) .build()) .withComplexACL( aComplexACL() - .withListElementCode(LINE2) - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode(LINE2) + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .build()) .withField(newCaseField() @@ -3200,24 +3200,24 @@ void shouldRemoveMultipleComplexParentWithChildrenIfRelevantAclMissingWithMultip .build()) .build()) .withId("OfficeAddress") - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withUpdate(false) - .withRead(false) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .update(false) + .read(false) .build()) .withComplexACL( aComplexACL() - .withListElementCode(LINE1) - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) - .withUpdate(false) + .listElementCode(LINE1) + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) + .update(false) .build()) .withComplexACL( aComplexACL() - .withListElementCode(LINE2) - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode(LINE2) + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .build()) .build(); @@ -3317,23 +3317,23 @@ void shouldNotSetReadonlyFlagForComplexChildrenIfRelevantAclIsThere() { .build()) .build()) .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withUpdate(true) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .update(true) + .read(true) .build()) .withComplexACL( aComplexACL() - .withListElementCode(LINE1) - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode(LINE1) + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build()) .withComplexACL( aComplexACL() - .withListElementCode(LINE2) - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode(LINE2) + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build()) .build()) .build(); @@ -3387,23 +3387,23 @@ void shouldSetReadonlyFlagForComplexChildrenIfRelevantAclIsMissing() { .build()) .build()) .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withUpdate(true) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .update(true) + .read(true) .build()) .withComplexACL( aComplexACL() - .withListElementCode(LINE1) - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode(LINE1) + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build()) .withComplexACL( aComplexACL() - .withListElementCode(LINE2) - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(false) + .listElementCode(LINE2) + .accessProfile(ROLE_IN_USER_ROLES) + .update(false) .build()) .build()) .build(); @@ -3514,27 +3514,27 @@ void shouldSetReadonlyFlagForCollectionChildrenIfRelevantAclMissing() { .build()) .build()) .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build()) .withComplexACL( aComplexACL() - .withListElementCode(ADDRESSES) - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode(ADDRESSES) + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build()) .withComplexACL( aComplexACL() - .withListElementCode("Addresses.Line1") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(false) + .listElementCode("Addresses.Line1") + .accessProfile(ROLE_IN_USER_ROLES) + .update(false) .build()) .withComplexACL( aComplexACL() - .withListElementCode("Addresses.Line2") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(false) + .listElementCode("Addresses.Line2") + .accessProfile(ROLE_IN_USER_ROLES) + .update(false) .build()) .build()) .build(); @@ -3594,27 +3594,27 @@ void shouldSetReadonlyFlagForCollectionChildrenIfRelevantAclMissingWithMultiPart .build()) .build()) .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(false) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(false) .build()) .withComplexACL( aComplexACL() - .withListElementCode(ADDRESSES) - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(false) + .listElementCode(ADDRESSES) + .accessProfile(ROLE_IN_USER_ROLES) + .update(false) .build()) .withComplexACL( aComplexACL() - .withListElementCode("Addresses.Line1") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(false) + .listElementCode("Addresses.Line1") + .accessProfile(ROLE_IN_USER_ROLES) + .update(false) .build()) .withComplexACL( aComplexACL() - .withListElementCode("Addresses.Line2") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(false) + .listElementCode("Addresses.Line2") + .accessProfile(ROLE_IN_USER_ROLES) + .update(false) .build()) .build()) .build(); @@ -3666,27 +3666,27 @@ void shouldNotSetReadonlyFlagForCollectionChildrenIfRelevantAclIsThere() { .build()) .build()) .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build()) .withComplexACL( aComplexACL() - .withListElementCode(ADDRESSES) - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode(ADDRESSES) + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build()) .withComplexACL( aComplexACL() - .withListElementCode("Addresses.Line1") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses.Line1") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build()) .withComplexACL( aComplexACL() - .withListElementCode("Addresses.Line2") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses.Line2") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build()) .build()) .build(); @@ -3728,8 +3728,8 @@ void shouldSetReadonlyFlagIfRelevantAclNotGrantingAccess() { .withField(newCaseField() .withFieldType(aFieldType().withType(TEXT).build()) .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build()) .build(); @@ -3757,8 +3757,8 @@ void shouldSetReadonlyFlagIfRelevantAclNotGrantingAccessWithMultiPartyFix() { .withField(newCaseField() .withFieldType(aFieldType().withType(TEXT).build()) .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) .build()) .build()) .build(); @@ -3784,9 +3784,9 @@ void shouldSetReadonlyFlagIfRelevantAclGrantingAccessAndEventNameNotMatching() { final CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build()) .build()) .build(); @@ -3818,9 +3818,9 @@ void shouldSetReadonlyFlagIfRelevantAclGrantingAccessAndEventNameNotMatchingWith final CaseTypeDefinition caseType = newCaseType() .withField(newCaseField() .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build()) .build()) .build(); @@ -3852,9 +3852,9 @@ void shouldNotSetReadonlyFlagIfAclMatching() { .withField(newCaseField() .withFieldType(aFieldType().withType(TEXT).build()) .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build()) .build()) .build(); @@ -3880,17 +3880,17 @@ void shouldNotSetReadonlyFlagIfAclMatchingInAclsGroup() { .withField(newCaseField() .withFieldType(aFieldType().withType(TEXT).build()) .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) - .withUpdate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) + .update(true) .build()) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES_2) - .withUpdate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES_2) + .update(true) .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build()) .build()) .build(); @@ -3917,34 +3917,34 @@ void shouldNotSetReadonlyFlagsIfAclsMatchingInCaseViewFieldsGroup() { .withField(newCaseField() .withFieldType(aFieldType().withType(TEXT).build()) .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build()) .build()) .withField(newCaseField() .withFieldType(aFieldType().withType(TEXT).build()) .withId("AddressesNoAccess") - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_3) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_3) .build()) .build()) .withField(newCaseField() .withFieldType(aFieldType().withType(TEXT).build()) .withId("AddressesNoAccess2") - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) .build()) .build()) .withField(newCaseField() .withFieldType(aFieldType().withType(TEXT).build()) .withId("Addresses2") - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_2) - .withUpdate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_2) + .update(true) .build()) .build()) .build(); @@ -4000,11 +4000,11 @@ private CaseTypeDefinition defaultCaseTypeDefinition() { .withField(newCaseField() .withFieldType(aFieldType().withType(TEXT).build()) .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) - .withCreate(true) - .withUpdate(true) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) + .create(true) + .update(true) + .read(true) .build()) .build()) .build(); @@ -4031,11 +4031,11 @@ void shouldNotReturnCaseEventDefinitionForUserWithMissingRole() { final CaseTypeDefinition caseType = newCaseType() .withEvent(newCaseEvent() .withId(EVENT_ID) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) - .withCreate(true) - .withRead(true) - .withUpdate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) + .create(true) + .read(true) + .update(true) .build()) .build()) .build(); @@ -4052,11 +4052,11 @@ void shouldNotReturnCaseEventDefinitionIfRelevantAclNotGrantingAccess() { final CaseTypeDefinition caseType = newCaseType() .withEvent(newCaseEvent() .withId(EVENT_ID) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) - .withRead(true) - .withUpdate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) + .read(true) + .update(true) .build()) .build()) .build(); @@ -4073,9 +4073,9 @@ void shouldReturnCaseEventDefinitionWithAclMatching() { final CaseTypeDefinition caseType = newCaseType() .withEvent(newCaseEvent() .withId(EVENT_ID) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .build()) .build(); @@ -4096,17 +4096,17 @@ void shouldReturnCaseEventDefinitionWithAclMatchingFromGroup() { final CaseTypeDefinition caseType = newCaseType() .withEvent(newCaseEvent() .withId(EVENT_ID) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) + .create(true) .build()) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES_2) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES_2) + .create(true) .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .build()) .build(); @@ -4126,31 +4126,31 @@ void shouldReturnCaseEventDefinitionWithAclsMatching() { final CaseTypeDefinition caseType = newCaseType() .withEvent(newCaseEvent() .withId(EVENT_ID_WITH_ACCESS) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) .build()) .build()) .withEvent(newCaseEvent().withId(EVENT_ID_WITHOUT_ACCESS) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_3) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_3) .build()) .build()) .withEvent(newCaseEvent() .withId(EVENT_ID_WITHOUT_ACCESS_2) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) + .create(true) .build()) .build()) .withEvent(newCaseEvent() .withId(EVENT_ID_WITH_ACCESS_2) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_2) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_2) + .create(true) .build()) .build()) .build(); @@ -4176,11 +4176,11 @@ void shouldNotReturnCaseEventDefinitionForUserWithMissingRole() { final CaseTypeDefinition caseType = newCaseType() .withEvent(newCaseEvent() .withId(EVENT_ID) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) - .withCreate(true) - .withRead(true) - .withUpdate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) + .create(true) + .read(true) + .update(true) .build()) .build()) .build(); @@ -4197,11 +4197,11 @@ void shouldNotReturnCaseEventDefinitionIfRelevantAclNotGrantingAccess() { final CaseTypeDefinition caseType = newCaseType() .withEvent(newCaseEvent() .withId(EVENT_ID) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) - .withRead(true) - .withUpdate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) + .read(true) + .update(true) .build()) .build()) .build(); @@ -4218,9 +4218,9 @@ void shouldReturnCaseEventDefinitionWithAclMatching() { final CaseTypeDefinition caseType = newCaseType() .withEvent(newCaseEvent() .withId(EVENT_ID) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .build()) .build(); @@ -4241,17 +4241,17 @@ void shouldReturnCaseEventDefinitionWithAclMatchingFromGroup() { final CaseTypeDefinition caseType = newCaseType() .withEvent(newCaseEvent() .withId(EVENT_ID) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) + .create(true) .build()) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES_2) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES_2) + .create(true) .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .build()) .build(); @@ -4271,31 +4271,31 @@ void shouldReturnCaseEventDefinitionWithAclsMatching() { final CaseTypeDefinition caseType = newCaseType() .withEvent(newCaseEvent() .withId(EVENT_ID_WITH_ACCESS) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) .build()) .build()) .withEvent(newCaseEvent().withId(EVENT_ID_WITHOUT_ACCESS) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_3) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_3) .build()) .build()) .withEvent(newCaseEvent() .withId(EVENT_ID_WITHOUT_ACCESS_2) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) + .create(true) .build()) .build()) .withEvent(newCaseEvent() .withId(EVENT_ID_WITH_ACCESS_2) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES_2) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES_2) + .create(true) .build()) .build()) .build(); @@ -4379,9 +4379,9 @@ void setUp() throws IOException { addressField = newCaseField() .withId(ADDRESSES) .withFieldType(aFieldType().withType(COLLECTION).build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build()) .build(); addressField.getFieldTypeDefinition().setCollectionFieldTypeDefinition(getSimpleAddressFieldType()); @@ -4476,7 +4476,7 @@ void shouldGrantCreateAccessToCollectionTypeWOutId() throws IOException { @DisplayName("Should not allow creation of new items on collection") void shouldNotGrantCreateAccessToCollectionType() throws IOException { addressField.setAccessControlLists( - singletonList(anAcl().withRole(ROLE_IN_USER_ROLES).withCreate(false).build())); + singletonList(AccessControlList.builder().accessProfile(ROLE_IN_USER_ROLES).create(false).build())); caseType.getCaseFieldDefinitions().forEach(CaseFieldDefinition::propagateACLsToNestedFields); assertThat( @@ -4493,7 +4493,7 @@ void shouldNotGrantCreateAccessToCollectionType() throws IOException { @DisplayName("Should allow update of items on collection") void shouldGrantUpdateAccessToCollectionType() throws IOException { addressField.setAccessControlLists( - singletonList(anAcl().withRole(ROLE_IN_USER_ROLES).withUpdate(true).build())); + singletonList(AccessControlList.builder().accessProfile(ROLE_IN_USER_ROLES).update(true).build())); caseType.getCaseFieldDefinitions().forEach(CaseFieldDefinition::propagateACLsToNestedFields); assertThat( @@ -4509,8 +4509,8 @@ void shouldGrantUpdateAccessToCollectionType() throws IOException { @DisplayName("Should allow update of items on collection along with creation") void shouldGrantUpdateAndCreateAccessToCollectionType() throws IOException { addressField.setAccessControlLists( - singletonList(anAcl().withRole(ROLE_IN_USER_ROLES).withCreate(true) - .withUpdate(true).build())); + singletonList(AccessControlList.builder().accessProfile(ROLE_IN_USER_ROLES).create(true) + .update(true).build())); caseType.getCaseFieldDefinitions().forEach(CaseFieldDefinition::propagateACLsToNestedFields); assertThat( @@ -4527,7 +4527,7 @@ void shouldGrantUpdateAndCreateAccessToCollectionType() throws IOException { @DisplayName("Should not allow update of items on collection") void shouldNotGrantUpdateAccessToCollectionType() throws IOException { addressField.setAccessControlLists( - singletonList(anAcl().withRole(ROLE_IN_USER_ROLES).withUpdate(false).build())); + singletonList(AccessControlList.builder().accessProfile(ROLE_IN_USER_ROLES).update(false).build())); caseType.getCaseFieldDefinitions().forEach(CaseFieldDefinition::propagateACLsToNestedFields); assertThat( @@ -4543,7 +4543,7 @@ void shouldNotGrantUpdateAccessToCollectionType() throws IOException { @DisplayName("Should allow deletion of items on collection") void shouldGrantDeleteAccessToCollectionType() throws IOException { addressField.setAccessControlLists( - singletonList(anAcl().withRole(ROLE_IN_USER_ROLES).withDelete(true).build())); + singletonList(AccessControlList.builder().accessProfile(ROLE_IN_USER_ROLES).delete(true).build())); caseType.getCaseFieldDefinitions().forEach(CaseFieldDefinition::propagateACLsToNestedFields); assertThat( @@ -4559,8 +4559,8 @@ void shouldGrantDeleteAccessToCollectionType() throws IOException { @DisplayName("Should allow deletion of items on collection along with creation") void shouldGrantDeleteAndCreateAccessToCollectionType() throws IOException { addressField.setAccessControlLists( - singletonList(anAcl().withRole(ROLE_IN_USER_ROLES).withCreate(true) - .withDelete(true).build())); + singletonList(AccessControlList.builder().accessProfile(ROLE_IN_USER_ROLES).create(true) + .delete(true).build())); caseType.getCaseFieldDefinitions().forEach(CaseFieldDefinition::propagateACLsToNestedFields); assertThat( @@ -4576,7 +4576,7 @@ void shouldGrantDeleteAndCreateAccessToCollectionType() throws IOException { @DisplayName("Should not allow deletion of items on collection") void shouldNotGrantDeleteAccessToCollectionType() throws IOException { addressField.setAccessControlLists( - singletonList(anAcl().withRole(ROLE_IN_USER_ROLES).withDelete(false).build())); + singletonList(AccessControlList.builder().accessProfile(ROLE_IN_USER_ROLES).delete(false).build())); caseType.getCaseFieldDefinitions().forEach(CaseFieldDefinition::propagateACLsToNestedFields); assertThat( @@ -4593,8 +4593,8 @@ void shouldNotGrantDeleteAccessToCollectionType() throws IOException { @DisplayName("Should allow creation, updating and deletion of items on collection") void shouldGrantUpdateDeleteAndCreateAccessToCollectionType() throws IOException { addressField.setAccessControlLists( - singletonList(anAcl().withRole(ROLE_IN_USER_ROLES).withCreate(true) - .withUpdate(true).withDelete(true).build())); + singletonList(AccessControlList.builder().accessProfile(ROLE_IN_USER_ROLES).create(true) + .update(true).delete(true).build())); caseType.getCaseFieldDefinitions().forEach(CaseFieldDefinition::propagateACLsToNestedFields); assertThat( @@ -4621,9 +4621,9 @@ void shouldGrantAccessWhenRoleHasReadPermissionForField() { .withFieldType(aFieldType() .withType(TEXT) .build()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .read(true) .build()) .build(); @@ -4647,9 +4647,9 @@ void shouldNotGrantAccessToCaseViewForUserWithMissingRole() { .withFieldType(aFieldType() .withType(TEXT) .build()) - .withAcl(anAcl() - .withRole(ROLE_NOT_IN_USER_ROLES) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_NOT_IN_USER_ROLES) + .read(true) .build()) .build(); @@ -4947,26 +4947,26 @@ private CaseTypeDefinition createCaseTypeWithTwoSubFields(String type) { .build()) .build()) .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withUpdate(false) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .update(false) + .read(true) .build()) .withComplexACL( aComplexACL() - .withListElementCode(LINE1) - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) - .withUpdate(false) - .withRead(true) + .listElementCode(LINE1) + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) + .update(false) + .read(true) .build()) .withComplexACL( aComplexACL() - .withListElementCode(LINE2) - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withRead(true) + .listElementCode(LINE2) + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .read(true) .build()) .build()) .build(); @@ -5009,27 +5009,27 @@ private CaseTypeDefinition createCaseTypeWithThreeSubFields(String type) { .build()) .build()) .withId(ADDRESSES) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withUpdate(true) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .update(true) + .read(true) .build()) .withComplexACL( aComplexACL() - .withListElementCode(LINE1) - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withUpdate(true) - .withRead(true) + .listElementCode(LINE1) + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .update(true) + .read(true) .build()) .withComplexACL( aComplexACL() - .withListElementCode(LINE2) - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withUpdate(false) - .withRead(false) + .listElementCode(LINE2) + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .update(false) + .read(false) .build()) .build()) .build(); diff --git a/src/test/java/uk/gov/hmcts/ccd/domain/service/common/AttributeBasedAccessControlServiceTest.java b/src/test/java/uk/gov/hmcts/ccd/domain/service/common/AttributeBasedAccessControlServiceTest.java index 60820f7e3b..d1e58a737b 100644 --- a/src/test/java/uk/gov/hmcts/ccd/domain/service/common/AttributeBasedAccessControlServiceTest.java +++ b/src/test/java/uk/gov/hmcts/ccd/domain/service/common/AttributeBasedAccessControlServiceTest.java @@ -137,29 +137,25 @@ private Set createAccessProfiles(boolean readOnly, String... acce private List createAccessControlList(String... accessProfiles) { return Arrays.stream(accessProfiles) - .map(accessProfile -> { - AccessControlList accessControlList = new AccessControlList(); - accessControlList.setAccessProfile(accessProfile); - accessControlList.setCreate(true); - accessControlList.setDelete(true); - accessControlList.setRead(true); - accessControlList.setUpdate(true); - return accessControlList; - }) + .map(accessProfile -> AccessControlList.builder() + .accessProfile(accessProfile) + .create(true) + .read(true) + .update(true) + .delete(true) + .build()) .collect(Collectors.toList()); } private List createAccessControlListWithReadFalse(String... accessProfiles) { return Arrays.stream(accessProfiles) - .map(accessProfile -> { - AccessControlList accessControlList = new AccessControlList(); - accessControlList.setAccessProfile(accessProfile); - accessControlList.setCreate(true); - accessControlList.setDelete(true); - accessControlList.setRead(false); - accessControlList.setUpdate(true); - return accessControlList; - }) + .map(accessProfile -> AccessControlList.builder() + .accessProfile(accessProfile) + .create(true) + .delete(true) + .read(false) + .update(true) + .build()) .collect(Collectors.toList()); } } diff --git a/src/test/java/uk/gov/hmcts/ccd/domain/service/common/CompoundAccessControlServiceTest.java b/src/test/java/uk/gov/hmcts/ccd/domain/service/common/CompoundAccessControlServiceTest.java index 155a7126fb..9149a1f649 100644 --- a/src/test/java/uk/gov/hmcts/ccd/domain/service/common/CompoundAccessControlServiceTest.java +++ b/src/test/java/uk/gov/hmcts/ccd/domain/service/common/CompoundAccessControlServiceTest.java @@ -7,6 +7,7 @@ import org.junit.jupiter.api.Nested; import org.junit.jupiter.api.Test; import uk.gov.hmcts.ccd.config.JacksonUtils; +import uk.gov.hmcts.ccd.domain.model.definition.AccessControlList; import uk.gov.hmcts.ccd.domain.model.definition.CaseFieldDefinition; import uk.gov.hmcts.ccd.domain.model.definition.CaseTypeDefinition; @@ -32,7 +33,6 @@ import static uk.gov.hmcts.ccd.domain.service.common.AccessControlServiceTest.p2Start; import static uk.gov.hmcts.ccd.domain.service.common.AccessControlServiceTest.person1; import static uk.gov.hmcts.ccd.domain.service.common.AccessControlServiceTest.person2; -import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.AccessControlListBuilder.anAcl; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.CaseFieldBuilder.newCaseField; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.CaseTypeBuilder.newCaseType; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.ComplexACLBuilder.aComplexACL; @@ -308,20 +308,20 @@ class CompoundFieldCreateTests { @DisplayName("Should grant access if parent and children have ACLs") void shouldGrantAccessIfParentAndChildrenHaveAccess() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build())); people.setComplexACLs(asList( aComplexACL() - .withListElementCode("Addresses") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("Addresses") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("Notes") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("Notes") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -341,9 +341,9 @@ void shouldGrantAccessIfParentAndChildrenHaveAccess() throws IOException { @DisplayName("Should grant access if parent and children have ACLs - inherited from parent") void shouldGrantAccessIfParentHasAccess() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -361,9 +361,9 @@ void shouldGrantAccessIfParentHasAccess() throws IOException { @DisplayName("Should be OK with empty fields") void shouldBeOKWithEmptyFields() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -381,20 +381,20 @@ void shouldBeOKWithEmptyFields() throws IOException { @DisplayName("Should grant access if parent and required children have ACLs") void shouldGrantAccessIfParentAndRequiredChildrenHaveAccess() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build())); people.setComplexACLs(asList( aComplexACL() - .withListElementCode("Addresses") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("Addresses") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build(), aComplexACL() - .withListElementCode("Notes") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) + .listElementCode("Notes") + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -412,14 +412,14 @@ void shouldGrantAccessIfParentAndRequiredChildrenHaveAccess() throws IOException @DisplayName("Should grant access to add new child if child has the required ACLs - existing data") void shouldGrantAccessToNewChildIfChildrenHasAccess() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build())); people.setComplexACLs(asList(aComplexACL() - .withListElementCode("Addresses") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("Addresses") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -442,14 +442,14 @@ void shouldGrantAccessToNewChildIfChildrenHasAccess() throws IOException { @DisplayName("Should grant access to add new child if child has the required ACLs - fine grain ACL") void shouldGrantAccessToNewChildIfChildrenHasAccessFineGrained() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build())); people.setComplexACLs(asList(aComplexACL() - .withListElementCode("Notes.Tags") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("Notes.Tags") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -473,14 +473,14 @@ void shouldGrantAccessToNewChildIfChildrenHasAccessFineGrained() throws IOExcept @DisplayName("Should deny access to add new child if child has the required ACLs - fine grain ACL") void shouldDenyAccessToNewChildIfChildrenHasAccessFineGrained() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build())); people.setComplexACLs(asList(aComplexACL() - .withListElementCode("Notes.Tags") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) + .listElementCode("Notes.Tags") + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -504,14 +504,14 @@ void shouldDenyAccessToNewChildIfChildrenHasAccessFineGrained() throws IOExcepti @DisplayName("Should deny access to add new child if child lacks the required ACLs - existing data") void shouldDenyAccessToNewChildIfChildrenHasAccess() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build())); people.setComplexACLs(asList(aComplexACL() - .withListElementCode("Addresses") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) + .listElementCode("Addresses") + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -534,20 +534,20 @@ void shouldDenyAccessToNewChildIfChildrenHasAccess() throws IOException { @DisplayName("Should deny access if a child does not have ACLs") void shouldDenyAccessIfParentAndChildrenHaveAccess() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build())); people.setComplexACLs(asList( aComplexACL() - .withListElementCode("Addresses") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) + .listElementCode("Addresses") + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) .build(), aComplexACL() - .withListElementCode("Notes") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + .listElementCode("Notes") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -571,9 +571,9 @@ class CompoundFieldUpdateTests { @DisplayName("Should grant access when nothing changes even when U doesn't exist") void shouldGrantAccessWhenNoUpdates() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(false) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(false) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -590,9 +590,9 @@ void shouldGrantAccessWhenNoUpdates() throws IOException { @DisplayName("Should grant access when child field updated and U exists- name change") void shouldGrantAccessWhenChildFieldUpdatedAndACLExists() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -611,9 +611,9 @@ void shouldGrantAccessWhenChildFieldUpdatedAndACLExists() throws IOException { @DisplayName("Should deny access for child field updates when no U - name change") void shouldDenyAccessWhenChildFieldUpdatedAndNoACL() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(false) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(false) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -632,10 +632,10 @@ void shouldDenyAccessWhenChildFieldUpdatedAndNoACL() throws IOException { @DisplayName("Should grant access when child field updated and U exists - address.line1 change") void shouldGrantAccessWhenChildFieldUpdatedAndACLInheritedFromParent() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withUpdate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .update(true) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -657,10 +657,10 @@ void shouldGrantAccessWhenChildFieldUpdatedAndACLInheritedFromParent() throws IO @DisplayName("Should grant access when a child is updated and U exist - multiple address.line1 change") void shouldGrantAccessWhenAChildFieldUpdatedAndACLExist() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withUpdate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .update(true) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -685,15 +685,15 @@ void shouldGrantAccessWhenAChildFieldUpdatedAndACLExist() throws IOException { @DisplayName("Should deny access when a child is updated and U doesn't exist - multiple address.line1 change") void shouldDenyAccessWhenChildUpdatedAndNoACL() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withUpdate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .update(true) .build())); people.setComplexACLs(asList(aComplexACL() - .withListElementCode("Addresses") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(false) + .listElementCode("Addresses") + .accessProfile(ROLE_IN_USER_ROLES) + .update(false) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -719,17 +719,17 @@ void shouldDenyAccessWhenChildUpdatedAndNoACL() throws IOException { + "added") void shouldGrantAccessWhenChildNotUpdatedAndOnlyNewChildAdded() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withUpdate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .update(true) .build())); people.setComplexACLs(asList( aComplexACL() - .withListElementCode("Addresses") - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withUpdate(false) + .listElementCode("Addresses") + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .update(false) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -750,26 +750,26 @@ void shouldGrantAccessWhenChildNotUpdatedAndOnlyNewChildAdded() throws IOExcepti @DisplayName("Should grant access when a child is updated and U exist - fine grained ACL") void shouldGrantAccessWhenChildUpdatedAndFineGrainedACLExists() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withUpdate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .update(true) .build())); people.setComplexACLs(asList( aComplexACL() - .withListElementCode("Addresses") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line1") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses.Address.Line1") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line2") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses.Address.Line2") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build() )); @@ -797,26 +797,26 @@ void shouldGrantAccessWhenChildUpdatedAndFineGrainedACLExists() throws IOExcepti + "fine grained ACL") void shouldGrantAccessWhenChildUpdatedFromNullAndFineGrainedACLExists() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withUpdate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .update(true) .build())); people.setComplexACLs(asList( aComplexACL() - .withListElementCode("Addresses") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line1") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses.Address.Line1") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line2") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses.Address.Line2") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build() )); @@ -843,36 +843,36 @@ void shouldGrantAccessWhenChildUpdatedFromNullAndFineGrainedACLExists() throws I + "fine grained ACL") void shouldGrantAccessWhenChildUpdatedFromNullNodeAndFineGrainedACLExists() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withUpdate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .update(true) .build())); people.setComplexACLs(asList( aComplexACL() - .withListElementCode("Addresses") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line1") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses.Address.Line1") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line2") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses.Address.Line2") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address.PostCode") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses.Address.PostCode") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Country") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses.Address.Country") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build() )); @@ -899,26 +899,26 @@ void shouldGrantAccessWhenChildUpdatedFromNullNodeAndFineGrainedACLExists() thro + "fine grained ACL") void shouldGrantAccessWhenChildUpdatedToNullAndFineGrainedACLExists() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withUpdate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .update(true) .build())); people.setComplexACLs(asList( aComplexACL() - .withListElementCode("Addresses") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line1") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses.Address.Line1") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line2") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses.Address.Line2") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build() )); @@ -945,26 +945,26 @@ void shouldGrantAccessWhenChildUpdatedToNullAndFineGrainedACLExists() throws IOE + "value - fine grained ACL") void shouldDenyAccessWhenChildUpdatedFromNullAndFineGrainedACLDoesNotExist() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withUpdate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .update(true) .build())); people.setComplexACLs(asList( aComplexACL() - .withListElementCode("Addresses") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line1") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(false) + .listElementCode("Addresses.Address.Line1") + .accessProfile(ROLE_IN_USER_ROLES) + .update(false) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line2") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses.Address.Line2") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build() )); @@ -992,26 +992,26 @@ void shouldDenyAccessWhenChildUpdatedFromNullAndFineGrainedACLDoesNotExist() thr + "value - fine grained ACL") void shouldDenyAccessWhenChildUpdatedToNullAndFineGrainedACLDoesNotExist() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withUpdate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .update(true) .build())); people.setComplexACLs(asList( aComplexACL() - .withListElementCode("Addresses") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line1") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(false) + .listElementCode("Addresses.Address.Line1") + .accessProfile(ROLE_IN_USER_ROLES) + .update(false) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line2") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses.Address.Line2") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build() )); @@ -1038,26 +1038,26 @@ void shouldDenyAccessWhenChildUpdatedToNullAndFineGrainedACLDoesNotExist() throw + "READONLY case") void shouldGrantAccessWhenChildIsNotUpdatedAndNullValueSent() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withUpdate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .update(true) .build())); people.setComplexACLs(asList( aComplexACL() - .withListElementCode("Addresses") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line1") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(false) + .listElementCode("Addresses.Address.Line1") + .accessProfile(ROLE_IN_USER_ROLES) + .update(false) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line2") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(false) + .listElementCode("Addresses.Address.Line2") + .accessProfile(ROLE_IN_USER_ROLES) + .update(false) .build() )); @@ -1080,26 +1080,26 @@ void shouldGrantAccessWhenChildIsNotUpdatedAndNullValueSent() throws IOException + "line1/2 changes") void shouldDenyAccessWhenChildUpdatedAndNoFineGrainedACLExists() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) - .withUpdate(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) + .update(true) .build())); people.setComplexACLs(asList( aComplexACL() - .withListElementCode("Addresses") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line1") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + .listElementCode("Addresses.Address.Line1") + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build(), aComplexACL() - .withListElementCode("Addresses.Address.Line2") - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(false) + .listElementCode("Addresses.Address.Line2") + .accessProfile(ROLE_IN_USER_ROLES) + .update(false) .build() )); @@ -1135,12 +1135,12 @@ void shouldNotGrantAccessToFieldWithAclAccessNotGrantedForCollectionOfDocuments( .build()) .build()) .withOrder(1) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) - .withUpdate(false) - .withDelete(false) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) + .update(false) + .delete(false) + .read(true) .build()) .build()) .build(); @@ -1206,9 +1206,9 @@ class CompoundFieldDeleteTests { @DisplayName("Should grant access when a root node is deleted and D exists") void shouldGrantAccessWhenRootDeletedAndACLExist() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withDelete(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .delete(true) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -1225,9 +1225,9 @@ void shouldGrantAccessWhenRootDeletedAndACLExist() throws IOException { @DisplayName("Should deny access when a root node is deleted and No D") void shouldDenyAccessWhenRootDeletedAndNoACL() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withDelete(false) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .delete(false) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -1244,9 +1244,9 @@ void shouldDenyAccessWhenRootDeletedAndNoACL() throws IOException { @DisplayName("Should grant access when a child node is deleted and D exists") void shouldGrantAccessWhenChildDeletedAndACLExist() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withDelete(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .delete(true) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -1267,9 +1267,9 @@ void shouldGrantAccessWhenChildDeletedAndACLExist() throws IOException { @DisplayName("Should deny access when a child node is deleted and No D") void shouldDenyAccessWhenChildDeletedAndNoACLExist() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withDelete(false) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .delete(false) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -1290,15 +1290,15 @@ void shouldDenyAccessWhenChildDeletedAndNoACLExist() throws IOException { @DisplayName("Should deny access when a child node is deleted and No D - fine grained ACL") void shouldDenyAccessWhenChildDeletedAndNoACLExistForChildField() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withDelete(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .delete(true) .build())); people.setComplexACLs(asList( aComplexACL() - .withListElementCode("Addresses") - .withRole(ROLE_IN_USER_ROLES) - .withDelete(false) + .listElementCode("Addresses") + .accessProfile(ROLE_IN_USER_ROLES) + .delete(false) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -1319,14 +1319,14 @@ void shouldDenyAccessWhenChildDeletedAndNoACLExistForChildField() throws IOExcep @DisplayName("Should grant access to add new child if child has the required ACLs - whole node deleted") void shouldGrantAccessToNewChildIfChildrenHasAccessFineGrained() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withDelete(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .delete(true) .build())); people.setComplexACLs(asList(aComplexACL() - .withListElementCode("Notes.Tags") - .withRole(ROLE_IN_USER_ROLES) - .withDelete(true) + .listElementCode("Notes.Tags") + .accessProfile(ROLE_IN_USER_ROLES) + .delete(true) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -1350,14 +1350,14 @@ void shouldGrantAccessToNewChildIfChildrenHasAccessFineGrained() throws IOExcept @DisplayName("Should deny access to add new child if child has the required ACLs - whole node deleted") void shouldDenyAccessToNewChildIfChildrenHasAccessFineGrained() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withDelete(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .delete(true) .build())); people.setComplexACLs(asList(aComplexACL() - .withListElementCode("Notes.Tags") - .withRole(ROLE_IN_USER_ROLES) - .withDelete(false) + .listElementCode("Notes.Tags") + .accessProfile(ROLE_IN_USER_ROLES) + .delete(false) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -1387,9 +1387,9 @@ class CompoundFieldComplexUnderCollectionFieldTests { + " node deleted") void shouldGrantAccessWhenNestedComplexChildDeletedAndDeleteACLExists() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withDelete(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .delete(true) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -1411,15 +1411,15 @@ void shouldGrantAccessWhenNestedComplexChildDeletedAndDeleteACLExists() throws I + "grained ACLs - whole node deleted") void shouldGrantAccessWhenNestedComplexChildDeletedAndFineGrainedDeleteACLExists() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withDelete(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .delete(true) .build())); people.setComplexACLs(asList( aComplexACL() - .withListElementCode("BirthInfo") - .withRole(ROLE_IN_USER_ROLES) - .withDelete(true) + .listElementCode("BirthInfo") + .accessProfile(ROLE_IN_USER_ROLES) + .delete(true) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -1440,9 +1440,9 @@ void shouldGrantAccessWhenNestedComplexChildDeletedAndFineGrainedDeleteACLExists @DisplayName("Should be OK with empty nested complex child in new data") void shouldBeOKWithEmptyNestedComplexFieldInNewData() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withDelete(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .delete(true) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -1463,9 +1463,9 @@ void shouldBeOKWithEmptyNestedComplexFieldInNewData() throws IOException { @DisplayName("Should be OK with empty nested complex child in existing data") void shouldBeOKWithEmptyNestedComplexFieldInExistingData() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withDelete(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .delete(true) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -1486,9 +1486,9 @@ void shouldBeOKWithEmptyNestedComplexFieldInExistingData() throws IOException { @DisplayName("Should be OK with null nested complex child in new data") void shouldBeOKWithNullNestedComplexFieldInNewData() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withDelete(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .delete(true) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -1509,9 +1509,9 @@ void shouldBeOKWithNullNestedComplexFieldInNewData() throws IOException { @DisplayName("Should be OK with null nested complex child in existing data") void shouldBeOKWithNullNestedComplexFieldInExistingData() throws IOException { final CaseFieldDefinition people = getPeopleCollectionFieldDefinition(); - people.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withDelete(true) + people.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .delete(true) .build())); final CaseTypeDefinition caseTypeDefinition = newCaseType().withField(people).build(); @@ -1685,9 +1685,9 @@ void setup() { @Test @DisplayName("Should grant access to add completely new child if child has the required ACLs") void shouldGrantAccessToNewChildIfChildrenHasAccess() throws IOException { - note.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + note.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build())); caseTypeDefinition.getCaseFieldDefinitions().stream().forEach(caseField -> @@ -1705,9 +1705,9 @@ void shouldGrantAccessToNewChildIfChildrenHasAccess() throws IOException { @Test @DisplayName("Should grant access to add multiple completely new children if child has the required ACLs") void shouldGrantAccessToMultipleNewChildIfChildrenHasAccess() throws IOException { - note.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + note.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build())); caseTypeDefinition.getCaseFieldDefinitions().stream().forEach(caseField -> @@ -1725,9 +1725,9 @@ void shouldGrantAccessToMultipleNewChildIfChildrenHasAccess() throws IOException @Test @DisplayName("Should grant access to add new child to existing ones if child has the required ACLs") void shouldGrantAccessToAddingNewChildIfChildrenHasAccess() throws IOException { - note.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(true) + note.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(true) .build())); caseTypeDefinition.getCaseFieldDefinitions().stream().forEach(caseField -> @@ -1747,9 +1747,9 @@ void shouldGrantAccessToAddingNewChildIfChildrenHasAccess() throws IOException { @Test @DisplayName("Should deny access to add new child if child has the no ACLs") void shouldDenyAccessToNewChildIfChildrenHasAccess() throws IOException { - note.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) + note.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) .build())); caseTypeDefinition.getCaseFieldDefinitions().stream().forEach(caseField -> @@ -1768,9 +1768,9 @@ void shouldDenyAccessToNewChildIfChildrenHasAccess() throws IOException { @Test @DisplayName("Should deny access to add new child to existing ones if child has the required ACLs") void shouldDenyAccessToAddingNewChildIfChildrenHasAccess() throws IOException { - note.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withCreate(false) + note.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .create(false) .build())); caseTypeDefinition.getCaseFieldDefinitions().stream().forEach(caseField -> @@ -1790,9 +1790,9 @@ void shouldDenyAccessToAddingNewChildIfChildrenHasAccess() throws IOException { @Test @DisplayName("Should grant access to update child if child has the required ACLs") void shouldGrantAccessToUpdateChildIfChildrenHasAccess() throws IOException { - note.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(true) + note.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(true) .build())); caseTypeDefinition.getCaseFieldDefinitions().stream().forEach(caseField -> @@ -1812,9 +1812,9 @@ void shouldGrantAccessToUpdateChildIfChildrenHasAccess() throws IOException { @Test @DisplayName("Should deny access to update child if child has no ACLs") void shouldDenyAccessToUpdateChildIfChildrenHasNoAccess() throws IOException { - note.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withUpdate(false) + note.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .update(false) .build())); caseTypeDefinition.getCaseFieldDefinitions().stream().forEach(caseField -> @@ -1834,9 +1834,9 @@ void shouldDenyAccessToUpdateChildIfChildrenHasNoAccess() throws IOException { @Test @DisplayName("Should grant access to delete a child if child has the required ACLs") void shouldGrantAccessToDeleteChildIfChildrenHasAccess() throws IOException { - note.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withDelete(true) + note.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .delete(true) .build())); caseTypeDefinition.getCaseFieldDefinitions().stream().forEach(caseField -> @@ -1856,9 +1856,9 @@ void shouldGrantAccessToDeleteChildIfChildrenHasAccess() throws IOException { @Test @DisplayName("Should deny access to delete child if child has no ACLs") void shouldDenyAccessToDeleteChildIfChildrenHasNoAccess() throws IOException { - note.setAccessControlLists(asList(anAcl() - .withRole(ROLE_IN_USER_ROLES) - .withDelete(false) + note.setAccessControlLists(asList(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLES) + .delete(false) .build())); caseTypeDefinition.getCaseFieldDefinitions().stream().forEach(caseField -> diff --git a/src/test/java/uk/gov/hmcts/ccd/domain/service/common/ConditionalFieldRestorerTest.java b/src/test/java/uk/gov/hmcts/ccd/domain/service/common/ConditionalFieldRestorerTest.java index 52d600e489..6291160a79 100644 --- a/src/test/java/uk/gov/hmcts/ccd/domain/service/common/ConditionalFieldRestorerTest.java +++ b/src/test/java/uk/gov/hmcts/ccd/domain/service/common/ConditionalFieldRestorerTest.java @@ -34,7 +34,6 @@ import static uk.gov.hmcts.ccd.domain.model.definition.FieldTypeDefinition.DOCUMENT; import static uk.gov.hmcts.ccd.domain.service.common.AccessControlServiceTest.ACCESS_PROFILES; import static uk.gov.hmcts.ccd.domain.service.common.AccessControlServiceTest.getTagFieldDefinition; -import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.AccessControlListBuilder.anAcl; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.CaseFieldBuilder.newCaseField; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.CaseTypeBuilder.newCaseType; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.FieldTypeBuilder.aFieldType; @@ -168,10 +167,11 @@ private CaseFieldDefinition noteWithoutCreateAndReadPermission() { } private CaseFieldDefinition noteWithCreatePermissionWithoutReadPermission() { - AccessControlList deletePermission = new AccessControlList(); - deletePermission.setAccessProfile("caseworker-probate-loa1"); - deletePermission.setCreate(true); - deletePermission.setRead(false); + AccessControlList deletePermission = AccessControlList.builder() + .accessProfile("caseworker-probate-loa1") + .create(true) + .read(false) + .build(); CaseFieldDefinition note = newCaseField() .withId("Note") @@ -206,10 +206,11 @@ private CaseFieldDefinition tagWithoutCreateAndReadPermission() { } private CaseFieldDefinition tagsWithCreatePermissionWithoutReadPermission() { - AccessControlList controlList = new AccessControlList(); - controlList.setAccessProfile("caseworker-probate-loa1"); - controlList.setCreate(true); - controlList.setRead(false); + AccessControlList controlList = AccessControlList.builder() + .accessProfile("caseworker-probate-loa1") + .create(true) + .read(false) + .build(); CaseFieldDefinition tags = getTagFieldDefinition(); tags.setAccessControlLists(List.of(controlList)); @@ -367,10 +368,11 @@ private CaseFieldDefinition noteWithNestedFieldsWithoutCreateAndReadPermission() } private CaseFieldDefinition noteWithNestedFieldsWithCreateAndWithoutReadPermission() { - AccessControlList controlList = new AccessControlList(); - controlList.setAccessProfile("caseworker-probate-loa1"); - controlList.setCreate(true); - controlList.setRead(false); + AccessControlList controlList = AccessControlList.builder() + .accessProfile("caseworker-probate-loa1") + .create(true) + .read(false) + .build(); CaseFieldDefinition note = noteWithNestedFieldsWithoutCreateAndReadPermission(); note.setAccessControlLists(List.of(controlList)); @@ -461,10 +463,11 @@ private CaseFieldDefinition caseCategoryFieldWithoutCreateAndReadPermission() { } private CaseFieldDefinition caseCategoryFieldWithCreateWithoutReadPermission() { - AccessControlList accessControlList = new AccessControlList(); - accessControlList.setAccessProfile("caseworker-probate-loa1"); - accessControlList.setCreate(true); - accessControlList.setRead(false); + AccessControlList accessControlList = AccessControlList.builder() + .accessProfile("caseworker-probate-loa1") + .create(true) + .read(false) + .build(); CaseFieldDefinition caseCategory = caseCategoryFieldWithoutCreateAndReadPermission(); caseCategory.setAccessControlLists(List.of(accessControlList)); @@ -538,10 +541,11 @@ private CaseFieldDefinition generatedCaseDocumentsFieldWithoutCreateAndReadPermi } private CaseFieldDefinition generatedCaseDocumentsFieldWithCreateWithoutReadPermission() { - AccessControlList accessControlList = new AccessControlList(); - accessControlList.setAccessProfile("caseworker-probate-loa1"); - accessControlList.setCreate(true); - accessControlList.setRead(false); + AccessControlList accessControlList = AccessControlList.builder() + .accessProfile("caseworker-probate-loa1") + .create(true) + .read(false) + .build(); CaseFieldDefinition document = generatedCaseDocumentsFieldWithoutCreateAndReadPermission(); document.setAccessControlLists(List.of(accessControlList)); @@ -2470,12 +2474,12 @@ void shouldAddMissingDocumentNodeToDocumentCollectionWithCreateWithoutRead() { .build()) .build()) .withOrder(1) - .withAcl(anAcl() - .withRole("caseworker-probate-loa1") - .withCreate(true) - .withUpdate(false) - .withDelete(false) - .withRead(false) + .withAcl(AccessControlList.builder() + .accessProfile("caseworker-probate-loa1") + .create(true) + .read(false) + .update(false) + .delete(false) .build()) .build(); Map newData = getJsonMapNode(""" @@ -2579,12 +2583,12 @@ void shouldDoNothingWhenMissingDocumentSubFieldWithoutCreateWithoutRead() { .build()) .build()) .withOrder(1) - .withAcl(anAcl() - .withRole("caseworker-probate-loa1") - .withCreate(false) - .withUpdate(false) - .withDelete(false) - .withRead(false) + .withAcl(AccessControlList.builder() + .accessProfile("caseworker-probate-loa1") + .create(false) + .read(false) + .update(false) + .delete(false) .build()) .build(); Map newData = getJsonMapNode(""" @@ -3958,10 +3962,11 @@ private CaseTypeDefinition caseDefinitionWithNestedList() { } private CaseTypeDefinition caseTypeDefinitionWithNestedListWithCreatePermissionWithoutReadPermission() { - AccessControlList controlList = new AccessControlList(); - controlList.setAccessProfile("caseworker-probate-loa1"); - controlList.setCreate(true); - controlList.setRead(false); + AccessControlList controlList = AccessControlList.builder() + .accessProfile("caseworker-probate-loa1") + .create(true) + .read(false) + .build(); CaseTypeDefinition caseTypeDefinition = caseDefinitionWithNestedList(); caseTypeDefinition.getCaseFieldDefinitions().getFirst().setAccessControlLists(List.of(controlList)); diff --git a/src/test/java/uk/gov/hmcts/ccd/domain/service/common/TestBuildersUtil.java b/src/test/java/uk/gov/hmcts/ccd/domain/service/common/TestBuildersUtil.java index 668027ce70..e2998f5529 100644 --- a/src/test/java/uk/gov/hmcts/ccd/domain/service/common/TestBuildersUtil.java +++ b/src/test/java/uk/gov/hmcts/ccd/domain/service/common/TestBuildersUtil.java @@ -704,90 +704,53 @@ public CaseStateDefinition build() { } } - public static class AccessControlListBuilder { - private final AccessControlList accessControlList; - - private AccessControlListBuilder() { - this.accessControlList = new AccessControlList(); - } - - public static AccessControlListBuilder anAcl() { - return new AccessControlListBuilder(); - } - - public AccessControlListBuilder withRole(String role) { - this.accessControlList.setAccessProfile(role); - return this; - } - - public AccessControlListBuilder withCreate(boolean create) { - this.accessControlList.setCreate(create); - return this; - } - - public AccessControlListBuilder withDelete(boolean delete) { - this.accessControlList.setDelete(delete); - return this; - } - - public AccessControlListBuilder withUpdate(boolean update) { - this.accessControlList.setUpdate(update); - return this; - } - - public AccessControlListBuilder withRead(boolean read) { - this.accessControlList.setRead(read); - return this; - } - - public AccessControlList build() { - return accessControlList; - } - } - public static class ComplexACLBuilder { - private final ComplexACL complexACL; + private String listElementCode; + private String role; + private boolean create; + private boolean delete; + private boolean update; + private boolean read; private ComplexACLBuilder() { - this.complexACL = new ComplexACL(); } public static ComplexACLBuilder aComplexACL() { return new ComplexACLBuilder(); } - public ComplexACLBuilder withListElementCode(String code) { - this.complexACL.setListElementCode(code); + public ComplexACLBuilder listElementCode(String code) { + this.listElementCode = code; return this; } - public ComplexACLBuilder withRole(String role) { - this.complexACL.setAccessProfile(role); + public ComplexACLBuilder accessProfile(String role) { + this.role = role; return this; } - public ComplexACLBuilder withCreate(boolean create) { - this.complexACL.setCreate(create); + public ComplexACLBuilder create(boolean create) { + this.create = create; return this; } - public ComplexACLBuilder withDelete(boolean delete) { - this.complexACL.setDelete(delete); + public ComplexACLBuilder delete(boolean delete) { + this.delete = delete; return this; } - public ComplexACLBuilder withUpdate(boolean update) { - this.complexACL.setUpdate(update); + public ComplexACLBuilder update(boolean update) { + this.update = update; return this; } - public ComplexACLBuilder withRead(boolean read) { - this.complexACL.setRead(read); + public ComplexACLBuilder read(boolean read) { + this.read = read; return this; } public ComplexACL build() { - return complexACL; + return new ComplexACL(role, create, read, update, delete, listElementCode); } } diff --git a/src/test/java/uk/gov/hmcts/ccd/domain/service/globalsearch/GlobalSearchParserTest.java b/src/test/java/uk/gov/hmcts/ccd/domain/service/globalsearch/GlobalSearchParserTest.java index dd2db21419..d8baa618d6 100644 --- a/src/test/java/uk/gov/hmcts/ccd/domain/service/globalsearch/GlobalSearchParserTest.java +++ b/src/test/java/uk/gov/hmcts/ccd/domain/service/globalsearch/GlobalSearchParserTest.java @@ -11,6 +11,7 @@ import uk.gov.hmcts.ccd.config.JacksonUtils; import uk.gov.hmcts.ccd.data.casedetails.SecurityClassification; import uk.gov.hmcts.ccd.domain.model.casedataaccesscontrol.AccessProfile; +import uk.gov.hmcts.ccd.domain.model.definition.AccessControlList; import uk.gov.hmcts.ccd.domain.model.definition.CaseDetails; import uk.gov.hmcts.ccd.domain.model.definition.CaseFieldDefinition; import uk.gov.hmcts.ccd.domain.model.definition.CaseTypeDefinition; @@ -35,7 +36,6 @@ import static org.mockito.Mockito.when; import static uk.gov.hmcts.ccd.domain.model.definition.FieldTypeDefinition.COMPLEX; import static uk.gov.hmcts.ccd.domain.model.definition.FieldTypeDefinition.TEXT; -import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.AccessControlListBuilder.anAcl; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.CaseDetailsBuilder.newCaseDetails; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.CaseFieldBuilder.newCaseField; import static uk.gov.hmcts.ccd.domain.service.common.TestBuildersUtil.CaseTypeBuilder.newCaseType; @@ -90,9 +90,9 @@ void setUp() { caseTypeDefinition1 = newCaseType() .withCaseTypeId(CASE_TYPE_ID_1) .withJurisdiction(jurisdiction) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()) .withField(newCaseField().withId("caseManagementLocation") .withSC(SecurityClassification.PUBLIC.name()) @@ -108,15 +108,15 @@ void setUp() { .build()) .withSecurityClassification(SecurityClassification.PUBLIC) .withField(newCaseField().withId(CASE_FIELD_2).withFieldType(textFieldType()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .withField(newCaseField().withId(CASE_FIELD_3).withFieldType(textFieldType()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .build(); @@ -124,9 +124,9 @@ void setUp() { caseTypeDefinition2 = newCaseType() .withCaseTypeId(CASE_TYPE_ID_2) .withJurisdiction(jurisdiction) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(false) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(false) .build()) .withField(newCaseField().withId("caseManagementLocation") .withSC(SecurityClassification.PUBLIC.name()) @@ -142,15 +142,15 @@ void setUp() { .build()) .withSecurityClassification(SecurityClassification.PUBLIC) .withField(newCaseField().withId(CASE_FIELD_2).withFieldType(textFieldType()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .withField(newCaseField().withId(CASE_FIELD_3).withFieldType(textFieldType()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .build(); @@ -158,9 +158,9 @@ void setUp() { caseTypeDefinition3 = newCaseType() .withCaseTypeId(CASE_TYPE_ID_3) .withJurisdiction(jurisdiction) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(false) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(false) .build()) .withField(newCaseField().withId("caseManagementLocation") .withSC(SecurityClassification.PUBLIC.name()) @@ -189,9 +189,9 @@ void setUp() { .build()) .withSecurityClassification(SecurityClassification.PUBLIC) .withField(newCaseField().withId(CASE_FIELD_3).withFieldType(textFieldType()) - .withAcl(anAcl() - .withRole(ROLE_IN_USER_ROLE_1) - .withRead(true) + .withAcl(AccessControlList.builder() + .accessProfile(ROLE_IN_USER_ROLE_1) + .read(true) .build()).build()) .withSecurityClassification(SecurityClassification.PUBLIC) .build(); @@ -365,9 +365,9 @@ private CaseFieldDefinition complexField(String id, .withId(id) .withFieldType(fieldType(type)) .withSC(securityClassification.name()) - .withAcl(anAcl() - .withRole(user) - .withRead(readAccess) + .withAcl(AccessControlList.builder() + .accessProfile(user) + .read(readAccess) .build()) .build(); } diff --git a/src/test/java/uk/gov/hmcts/ccd/endpoint/std/CallbackTest.java b/src/test/java/uk/gov/hmcts/ccd/endpoint/std/CallbackTest.java index 6d19ad1090..d94f3f397e 100644 --- a/src/test/java/uk/gov/hmcts/ccd/endpoint/std/CallbackTest.java +++ b/src/test/java/uk/gov/hmcts/ccd/endpoint/std/CallbackTest.java @@ -1378,7 +1378,7 @@ public void shouldReturn404WhenPostCreateEventWithInvalidEventTokenForCaseworker .content(mapper.writeValueAsBytes(caseDetailsToSave)) ).andReturn(); - assertEquals("Did not catch invalid token", 404, mvcResult.getResponse().getStatus()); + assertEquals("Did not catch invalid token", 403, mvcResult.getResponse().getStatus()); } @Test @@ -1404,7 +1404,7 @@ public void shouldReturn404WhenPostCreateEventWithInvalidEventTokenForCitizen() .content(mapper.writeValueAsBytes(caseDetailsToSave)) ).andReturn(); - assertEquals("Did not catch invalid token", 404, mvcResult.getResponse().getStatus()); + assertEquals("Did not catch invalid token", 403, mvcResult.getResponse().getStatus()); } @Test diff --git a/src/test/java/uk/gov/hmcts/ccd/endpoint/std/CaseDetailsEndpointIT.java b/src/test/java/uk/gov/hmcts/ccd/endpoint/std/CaseDetailsEndpointIT.java index 0a7f32c561..d57a9e1505 100644 --- a/src/test/java/uk/gov/hmcts/ccd/endpoint/std/CaseDetailsEndpointIT.java +++ b/src/test/java/uk/gov/hmcts/ccd/endpoint/std/CaseDetailsEndpointIT.java @@ -240,7 +240,7 @@ private void shouldReturn201WithTTLWhenPostCreateCaseEventWithValidData(String u + urlPortionForCaseType + "/cases/" + caseReference + "/events"; final CaseDataContent caseDetailsToSave = newCaseDataContent().build(); caseDetailsToSave.setEvent(createEvent(TEST_EVENT_ID, SUMMARY, DESCRIPTION)); - final String token = generateEventToken(template, UID, JURISDICTION, urlPortionForCaseType, caseReference, + final String token = generateEventToken(template, UID, JURISDICTION, "TestAddressBookCaseTTL", caseReference, TEST_EVENT_ID); caseDetailsToSave.setToken(token); final JsonNode DATA = mapper.readTree("{" @@ -447,7 +447,7 @@ public void shouldReturn201WhenPostCreateCaseWithEmptyDataClassificationForCasew Map actualData = mapper.readValue(mapper.readTree(mvcResult.getResponse().getContentAsString()) .get("case_data").toString(), Map.class); - assertTrue("Incorrect Response Content", expectedSanitizedData.entrySet().containsAll(actualData.entrySet())); + assertTrue("Incorrect Response Content", expectedSanitizedData.entrySet().containsAll(actualData.entrySet())); final List caseDetailsList = template.query("SELECT * FROM case_data", this::mapCaseData); assertEquals("Incorrect number of cases", 1, caseDetailsList.size()); @@ -582,200 +582,201 @@ public void shouldGenerateCaseEventMessagingDefinition() throws Exception { assertEquals("Incorrect number of rows in messageQueue", 1, messageQueueList.size()); assertEquals(messageQueueList.get(0).getMessageInformation().get("AdditionalData").get("Definition"), - mapper.readTree("{\n" - + " \"OtherAlias\": {\n" - + " \"type\": \"SimpleNumber\",\n" - + " \"subtype\": \"Number\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"ComplexNestedField.NestedNumberField\"\n" - + " },\n" - + " \"NumberField\": {\n" - + " \"type\": \"SimpleNumber\",\n" - + " \"subtype\": \"Number\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"NumberField\"\n" - + " },\n" - + " \"ComplexField\": {\n" - + " \"type\": \"Complex\",\n" - + " \"subtype\": \"ComplexType\",\n" - + " \"typeDef\": {\n" - + " \"ComplexTextField\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"ComplexTextField\"\n" - + " },\n" - + " \"ComplexNestedField\": {\n" - + " \"type\": \"Complex\",\n" - + " \"subtype\": \"NestedComplexType\",\n" - + " \"typeDef\": {\n" - + " \"NestedNumberField\": {\n" - + " \"type\": \"SimpleNumber\",\n" - + " \"subtype\": \"Number\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"NestedNumberField\"\n" - + " }\n" - + " },\n" - + " \"originalId\": \"ComplexNestedField\"\n" - + " }\n" - + " },\n" - + " \"originalId\": \"ComplexField\"\n" - + " },\n" - + " \"YesOrNoField\": {\n" - + " \"type\": \"SimpleBoolean\",\n" - + " \"subtype\": \"YesOrNo\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"YesOrNoField\"\n" - + " },\n" - + " \"DateTimeField\": {\n" - + " \"type\": \"SimpleDateTime\",\n" - + " \"subtype\": \"DateTime\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"DateTimeField\"\n" - + " },\n" - + " \"DocumentField\": {\n" - + " \"type\": \"Complex\",\n" - + " \"subtype\": \"Document\",\n" - + " \"typeDef\": {\n" - + " \"document_url\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"document_url\"\n" - + " },\n" - + " \"document_filename\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"document_filename\"\n" - + " },\n" - + " \"document_binary_url\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"document_binary_url\"\n" - + " },\n" - + " \"category_id\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"category_id\"\n" - + " },\n" - + " \"upload_timestamp\": {\n" - + " \"type\": \"SimpleDateTime\",\n" - + " \"subtype\": \"DateTime\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"upload_timestamp\"\n" - + " }\n" - + " },\n" - + " \"originalId\": \"DocumentField\"\n" - + " },\n" - + " \"AddressUKField\": {\n" - + " \"type\": \"Complex\",\n" - + " \"subtype\": \"AddressUK\",\n" - + " \"typeDef\": {\n" - + " \"County\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"County\"\n" - + " },\n" - + " \"Country\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"Country\"\n" - + " },\n" - + " \"PostCode\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"PostCode\"\n" - + " },\n" - + " \"PostTown\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"PostTown\"\n" - + " },\n" - + " \"AddressLine1\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"AddressLine1\"\n" - + " },\n" - + " \"AddressLine2\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"AddressLine2\"\n" - + " },\n" - + " \"AddressLine3\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"AddressLine3\"\n" - + " }\n" - + " },\n" - + " \"originalId\": \"AddressUKField\"\n" - + " },\n" - + " \"CollectionField\": {\n" - + " \"type\": \"Collection\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"CollectionField\"\n" - + " },\n" - + " \"TopLevelPublish\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"ComplexTextField\"\n" - + " },\n" - + " \"AliasForTextField\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"TextField\"\n" - + " },\n" - + " \"ComplexCollectionField\": {\n" - + " \"type\": \"Collection\",\n" - + " \"subtype\": \"ComplexType\",\n" - + " \"typeDef\": {\n" - + " \"ComplexTextField\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"ComplexTextField\"\n" - + " },\n" - + " \"ComplexNestedField\": {\n" - + " \"type\": \"Complex\",\n" - + " \"subtype\": \"NestedComplexType\",\n" - + " \"typeDef\": {\n" - + " \"NestedNumberField\": {\n" - + " \"type\": \"SimpleNumber\",\n" - + " \"subtype\": \"Number\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"NestedNumberField\"\n" - + " },\n" - + " \"NestedCollectionTextField\": {\n" - + " \"type\": \"Collection\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"NestedCollectionTextField\"\n" - + " }\n" - + " },\n" - + " \"originalId\": \"ComplexNestedField\"\n" - + " },\n" - + " \"ComplexFixedListField\": {\n" - + " \"type\": \"FixedList\",\n" - + " \"subtype\": \"FixedList\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"ComplexFixedListField\"\n" - + " }\n" - + " },\n" - + " \"originalId\": \"ComplexCollectionField\"\n" - + " }\n" - + "}")); + mapper.readTree(""" + { + "OtherAlias": { + "type": "SimpleNumber", + "subtype": "Number", + "typeDef": null, + "originalId": "ComplexNestedField.NestedNumberField" + }, + "NumberField": { + "type": "SimpleNumber", + "subtype": "Number", + "typeDef": null, + "originalId": "NumberField" + }, + "ComplexField": { + "type": "Complex", + "subtype": "ComplexType", + "typeDef": { + "ComplexTextField": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "ComplexTextField" + }, + "ComplexNestedField": { + "type": "Complex", + "subtype": "NestedComplexType", + "typeDef": { + "NestedNumberField": { + "type": "SimpleNumber", + "subtype": "Number", + "typeDef": null, + "originalId": "NestedNumberField" + } + }, + "originalId": "ComplexNestedField" + } + }, + "originalId": "ComplexField" + }, + "YesOrNoField": { + "type": "SimpleBoolean", + "subtype": "YesOrNo", + "typeDef": null, + "originalId": "YesOrNoField" + }, + "DateTimeField": { + "type": "SimpleDateTime", + "subtype": "DateTime", + "typeDef": null, + "originalId": "DateTimeField" + }, + "DocumentField": { + "type": "Complex", + "subtype": "Document", + "typeDef": { + "document_url": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "document_url" + }, + "document_filename": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "document_filename" + }, + "document_binary_url": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "document_binary_url" + }, + "category_id": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "category_id" + }, + "upload_timestamp": { + "type": "SimpleDateTime", + "subtype": "DateTime", + "typeDef": null, + "originalId": "upload_timestamp" + } + }, + "originalId": "DocumentField" + }, + "AddressUKField": { + "type": "Complex", + "subtype": "AddressUK", + "typeDef": { + "County": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "County" + }, + "Country": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "Country" + }, + "PostCode": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "PostCode" + }, + "PostTown": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "PostTown" + }, + "AddressLine1": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "AddressLine1" + }, + "AddressLine2": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "AddressLine2" + }, + "AddressLine3": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "AddressLine3" + } + }, + "originalId": "AddressUKField" + }, + "CollectionField": { + "type": "Collection", + "subtype": "Text", + "typeDef": null, + "originalId": "CollectionField" + }, + "TopLevelPublish": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "ComplexTextField" + }, + "AliasForTextField": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "TextField" + }, + "ComplexCollectionField": { + "type": "Collection", + "subtype": "ComplexType", + "typeDef": { + "ComplexTextField": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "ComplexTextField" + }, + "ComplexNestedField": { + "type": "Complex", + "subtype": "NestedComplexType", + "typeDef": { + "NestedNumberField": { + "type": "SimpleNumber", + "subtype": "Number", + "typeDef": null, + "originalId": "NestedNumberField" + }, + "NestedCollectionTextField": { + "type": "Collection", + "subtype": "Text", + "typeDef": null, + "originalId": "NestedCollectionTextField" + } + }, + "originalId": "ComplexNestedField" + }, + "ComplexFixedListField": { + "type": "FixedList", + "subtype": "FixedList", + "typeDef": null, + "originalId": "ComplexFixedListField" + } + }, + "originalId": "ComplexCollectionField" + } + }""")); } @Test @@ -784,58 +785,59 @@ public void shouldGenerateCaseEventDataMessagingDefinition() throws Exception { String eventId = "CREATE"; String url = "/caseworkers/0/jurisdictions/" + JURISDICTION + "/case-types/" + caseType + "/cases"; - final JsonNode DATA = mapper.readTree("{\n" - + " \"MoneyGBPField\": \"1000\",\n" - + " \"FixedListField\": \"VALUE3\",\n" - + " \"AddressUKField\": {\n" - + " \"AddressLine1\": \"123 street name\",\n" - + " \"AddressLine2\": \"\",\n" - + " \"AddressLine3\": \"\",\n" - + " \"PostTown\": \"town\",\n" - + " \"County\": \"county\",\n" - + " \"PostCode\": \"postcode\",\n" - + " \"Country\": \"\"\n" - + " },\n" - + " \"ComplexField\": {\n" - + " \"ComplexTextField\": \"text in complex\",\n" - + " \"ComplexFixedListField\": \"VALUE3\",\n" - + " \"ComplexNestedField\": {\n" - + " \"NestedNumberField\": \"1\",\n" - + " \"NestedCollectionTextField\": [\n" - + " {\n" - + " \"value\": \"collection of text in nested complex 1\",\n" - + " \"id\": \"62c18dd8-d6d2-4378-b940-8614ee1ab25a\"\n" - + " },\n" - + " {\n" - + " \"value\": \"collection of text in nested complex 2\",\n" - + " \"id\": \"4acd46b4-f292-4e5d-a436-16dcca6b2cfe\"\n" - + " }\n" - + " ]\n" - + " }\n" - + " },\n" - + " \"DateTimeField\": \"2000-12-12T11:11:11.000\",\n" - + " \"PhoneUKField\": \"07986542987\",\n" - + " \"NumberField\": \"2\",\n" - + " \"MultiSelectListField\": [\n" - + " \"OPTION4\",\n" - + " \"OPTION3\"\n" - + " ],\n" - + " \"YesOrNoField\": \"Yes\",\n" - + " \"EmailField\": \"test@test.com\",\n" - + " \"TextField\": \"text field\",\n" - + " \"DateField\": \"2000-12-12\",\n" - + " \"TextAreaField\": \"text area\",\n" - + " \"CollectionField\": [\n" - + " {\n" - + " \"value\": \"collection field\",\n" - + " \"id\": \"9af355b6-19ef-4a19-b5db-ad873772b478\"\n" - + " },\n" - + " {\n" - + " \"value\": \"collection field 2\",\n" - + " \"id\": \"7bce938e-7400-424f-86c9-c896ecbabc1f\"\n" - + " }\n" - + " ]\n" - + "}"); + final JsonNode DATA = mapper.readTree(""" + { + "MoneyGBPField": "1000", + "FixedListField": "VALUE3", + "AddressUKField": { + "AddressLine1": "123 street name", + "AddressLine2": "", + "AddressLine3": "", + "PostTown": "town", + "County": "county", + "PostCode": "postcode", + "Country": "" + }, + "ComplexField": { + "ComplexTextField": "text in complex", + "ComplexFixedListField": "VALUE3", + "ComplexNestedField": { + "NestedNumberField": "1", + "NestedCollectionTextField": [ + { + "value": "collection of text in nested complex 1", + "id": "62c18dd8-d6d2-4378-b940-8614ee1ab25a" + }, + { + "value": "collection of text in nested complex 2", + "id": "4acd46b4-f292-4e5d-a436-16dcca6b2cfe" + } + ] + } + }, + "DateTimeField": "2000-12-12T11:11:11.000", + "PhoneUKField": "07986542987", + "NumberField": "2", + "MultiSelectListField": [ + "OPTION4", + "OPTION3" + ], + "YesOrNoField": "Yes", + "EmailField": "test@test.com", + "TextField": "text field", + "DateField": "2000-12-12", + "TextAreaField": "text area", + "CollectionField": [ + { + "value": "collection field", + "id": "9af355b6-19ef-4a19-b5db-ad873772b478" + }, + { + "value": "collection field 2", + "id": "7bce938e-7400-424f-86c9-c896ecbabc1f" + } + ] + }"""); Map data = JacksonUtils.convertValue(DATA); @@ -949,7 +951,7 @@ public void shouldReturn201WhenPostCreateCaseWithEmptyDataClassificationForCitiz Map expectedSanitizedData = mapper.readValue(sanitizedData.toString(), Map.class); Map actualData = mapper.readValue(mapper.readTree(mvcResult.getResponse().getContentAsString()) .get("case_data").toString(), Map.class); - assertTrue("Incorrect Response Content", expectedSanitizedData.entrySet().containsAll(actualData.entrySet())); + assertTrue("Incorrect Response Content", expectedSanitizedData.entrySet().containsAll(actualData.entrySet())); final List caseDetailsList = template.query("SELECT * FROM case_data", this::mapCaseData); assertEquals("Incorrect number of cases", 1, caseDetailsList.size()); @@ -1013,7 +1015,8 @@ public void shouldReturn201WithSearchCriteriaWhenPostCreateCaseForCitizen() thro triggeringEvent.setSummary(SHORT_COMMENT); caseDetailsToSave.setEvent(triggeringEvent); - caseDetailsToSave.setToken(generateEventTokenNewCase(UID, JURISDICTION, CASE_TYPE, TEST_EVENT_ID)); + caseDetailsToSave.setToken(generateEventTokenNewCase(UID, JURISDICTION, + "MultipleSearchCriteriaAndSearchParties", TEST_EVENT_ID)); final MvcResult mvcResult = mockMvc.perform(post(URL) .contentType(JSON_CONTENT_TYPE) @@ -1231,7 +1234,8 @@ public void shouldReturn201WithSearchCriteriaWhenPostCreateCaseForCaseworker() t final CaseDataContent caseDetailsToSave = newCaseDataContent().build(); caseDetailsToSave.setEvent(createEvent(TEST_EVENT_ID, SUMMARY, DESCRIPTION)); - caseDetailsToSave.setToken(generateEventTokenNewCase(UID, JURISDICTION, CASE_TYPE, TEST_EVENT_ID)); + caseDetailsToSave.setToken(generateEventTokenNewCase(UID, JURISDICTION, + "MultipleSearchCriteriaAndSearchParties", TEST_EVENT_ID)); caseDetailsToSave.setData(GlobalSearchTestFixture.createCaseData()); final MvcResult mvcResult = mockMvc.perform(post(URL) @@ -1245,6 +1249,63 @@ public void shouldReturn201WithSearchCriteriaWhenPostCreateCaseForCaseworker() t GlobalSearchTestFixture.assertGlobalSearchData(actualData.getData()); } + @Test + public void shouldReturnBadRequestWhenTokenIsNull() throws Exception { + final String URL = "/citizens/0/jurisdictions/" + JURISDICTION + "/case-types/" + CASE_TYPE + "/cases"; + + final CaseDataContent caseDetailsToSave = newCaseDataContent().build(); + caseDetailsToSave.setEvent(createEvent(TEST_EVENT_ID, SUMMARY, DESCRIPTION)); + caseDetailsToSave.setToken(null); + + final MvcResult mvcResult = mockMvc.perform(post(URL) + .contentType(JSON_CONTENT_TYPE) + .content(mapper.writeValueAsBytes(caseDetailsToSave)) + ).andExpect(status().isBadRequest()) + .andReturn(); + + String content = mvcResult.getResponse().getContentAsString(); + assertTrue("The response should contain 'Missing start trigger token'", + content.contains("Missing start trigger token")); + } + + @Test + public void shouldReturnBadRequestWhenTokenIsEmpty() throws Exception { + final String URL = "/citizens/0/jurisdictions/" + JURISDICTION + "/case-types/" + CASE_TYPE + "/cases"; + + final CaseDataContent caseDetailsToSave = newCaseDataContent().build(); + caseDetailsToSave.setEvent(createEvent(TEST_EVENT_ID, SUMMARY, DESCRIPTION)); + caseDetailsToSave.setToken(""); + + final MvcResult mvcResult = mockMvc.perform(post(URL) + .contentType(JSON_CONTENT_TYPE) + .content(mapper.writeValueAsBytes(caseDetailsToSave)) + ).andExpect(status().isBadRequest()) + .andReturn(); + + String content = mvcResult.getResponse().getContentAsString(); + assertTrue("The response should contain 'Missing start trigger token'", + content.contains("Missing start trigger token")); + } + + @Test + public void shouldReturnForbiddenWhenTokenIsInvalid() throws Exception { + final String invalidToken = "eyJhbGciOiJIUzI1NiJ9.e0.KUFDva2DpGi-zmDrHrcMOPMC1DlaKodGHKHIsib3gTA"; + final String URL = "/citizens/0/jurisdictions/" + JURISDICTION + "/case-types/" + CASE_TYPE + "/cases"; + + final CaseDataContent caseDetailsToSave = newCaseDataContent().build(); + caseDetailsToSave.setEvent(createEvent(TEST_EVENT_ID, SUMMARY, DESCRIPTION)); + caseDetailsToSave.setToken(invalidToken); + + final MvcResult mvcResult = mockMvc.perform(post(URL) + .contentType(JSON_CONTENT_TYPE) + .content(mapper.writeValueAsBytes(caseDetailsToSave)) + ).andExpect(status().isForbidden()) + .andReturn(); + + String content = mvcResult.getResponse().getContentAsString(); + assertTrue("The response should contain 'Token is not valid'", content.contains("Token is not valid")); + } + @Test public void shouldReturn201WhenPostCreateCaseWithNoDataForCitizen() throws Exception { final String URL = "/citizens/0/jurisdictions/" + JURISDICTION + "/case-types/" + CASE_TYPE + "/cases"; @@ -2082,7 +2143,7 @@ public void shouldReturn201WithSearchCriteriaWhenPostCreateCaseEventCaseworker() caseDetailsToSave.setEvent(createEvent(PRE_STATES_EVENT_ID, SUMMARY, DESCRIPTION)); final String token = generateEventToken(template, - UID, JURISDICTION, CASE_TYPE, caseReference, PRE_STATES_EVENT_ID); + UID, JURISDICTION, "MultipleSearchCriteriaAndSearchParties", caseReference, PRE_STATES_EVENT_ID); caseDetailsToSave.setToken(token); final MvcResult mvcResult = mockMvc.perform(post(URL) .contentType(JSON_CONTENT_TYPE) @@ -2194,7 +2255,7 @@ public void shouldReturn201WithSearchCriteriaWhenPostCreateCaseEventForCitizen() caseDetailsToSave.setEvent(createEvent(PRE_STATES_EVENT_ID, SUMMARY, DESCRIPTION)); final String token = generateEventToken(template, - UID, JURISDICTION, CASE_TYPE, caseReference, PRE_STATES_EVENT_ID); + UID, JURISDICTION, "MultipleSearchCriteriaAndSearchParties", caseReference, PRE_STATES_EVENT_ID); caseDetailsToSave.setToken(token); final MvcResult mvcResult = mockMvc.perform(post(URL) @@ -3622,10 +3683,10 @@ private void shouldReturn201WithFieldRemovedWhenPostCreateCaseWithNoFieldReadAcc JsonNode dataClassification = mapper.readTree(mvcResult.getResponse().getContentAsString()) .get("data_classification"); Map actualData = mapper.readValue(caseData.toString(), Map.class); - assertAll(() -> + assertAll(() -> assertTrue("Incorrect Response Content", expectedSanitizedData.entrySet() .containsAll(actualData.entrySet())), - () -> assertThat("Response contains filtered out data", + () -> assertThat("Response contains filtered out data", caseData.has("PersonFirstName"), is(false)), () -> assertThat(dataClassification.has("PersonFirstName"), CoreMatchers.is(false)), () -> assertThat(dataClassification.has("PersonLastName"), CoreMatchers.is(true)), @@ -3657,18 +3718,21 @@ private void shouldReturn201WithEmptyBodyWhenPostCreateCaseWithNoReadAccessOnCas caseDetailsToSave.setEvent(createEvent(CREATE_EVENT_ID, SUMMARY, DESCRIPTION)); final JsonNode DATA = mapper.readTree( - "{\n" + - " \"PersonFirstName\": \"First Name\",\n" + - " \"PersonLastName\": \"Last Name\",\n" + - " \"PersonAddress\": {\n" + - " \"AddressLine1\": \"Address Line 1\",\n" + - " \"AddressLine2\": \"Address Line 2\"\n" + - " }\n" + - "}\n" + """ + { + "PersonFirstName": "First Name", + "PersonLastName": "Last Name", + "PersonAddress": { + "AddressLine1": "Address Line 1", + "AddressLine2": "Address Line 2" + } + } + """ ); - Map data = JacksonUtils.convertValue(DATA); + Map data = JacksonUtils.convertValue(DATA); caseDetailsToSave.setData(data); - final String token = generateEventTokenNewCase(UID, JURISDICTION, CASE_TYPE, CREATE_EVENT_ID); + final String token = generateEventTokenNewCase(UID, JURISDICTION, + "TestAddressBookCaseNoReadCaseTypeAccess", CREATE_EVENT_ID); caseDetailsToSave.setToken(token); @@ -3689,7 +3753,8 @@ private void shouldReturn201WithEmptyBodyWhenPostCreateCaseEventWithNoCaseTypeRe + "/cases/" + caseReference + "/events"; final CaseDataContent caseDetailsToSave = newCaseDataContent().build(); - final String token = generateEventToken(template, UID, JURISDICTION, CASE_TYPE, caseReference, TEST_EVENT_ID); + final String token = generateEventToken(template, UID, JURISDICTION, + "TestAddressBookCaseNoReadCaseTypeAccess", caseReference, TEST_EVENT_ID); caseDetailsToSave.setToken(token); caseDetailsToSave.setEvent(createEvent(TEST_EVENT_ID, SUMMARY, DESCRIPTION)); final JsonNode data = mapper.readTree("{" + @@ -3722,7 +3787,8 @@ private void shouldReturn201WithFieldRemovedWhenPostCreateCaseEventWithNoFieldRe + "/cases/" + caseReference + "/events"; final CaseDataContent caseDetailsToSave = newCaseDataContent().build(); - final String token = generateEventToken(template, UID, JURISDICTION, CASE_TYPE, caseReference, TEST_EVENT_ID); + final String token = generateEventToken(template, UID, JURISDICTION, + "TestAddressBookCaseNoReadFieldAccess", caseReference, TEST_EVENT_ID); caseDetailsToSave.setToken(token); caseDetailsToSave.setEvent(createEvent(TEST_EVENT_ID, SUMMARY, DESCRIPTION)); final JsonNode data = mapper.readTree("{" + @@ -3844,26 +3910,27 @@ private void shouldReturn200WithNoCaseDataWhenGetTokenForStartEventWithNoCaseTyp .andExpect(status().is(200)) .andReturn(); - String expected = "{ \n" + - " \"case_details\":{ \n" + - " \"id\":1504259907353610,\n" + - " \"jurisdiction\":\"PROBATE\",\n" + - " \"state\":\"CaseCreated\",\n" + - " \"case_type_id\":\"TestAddressBookCaseNoReadCaseTypeAccess\",\n" + - " \"last_modified\":null,\n" + - " \"security_classification\":\"PUBLIC\",\n" + - " \"case_data\":{ \n" + - "\n" + - " },\n" + - " \"data_classification\":{ \n" + - "\n" + - " },\n" + - " \"after_submit_callback_response\":null,\n" + - " \"callback_response_status_code\":null,\n" + - " \"callback_response_status\":null\n" + - " },\n" + - " \"event_id\":\"TEST_EVENT\"\n" + - "}"; + String expected = """ + { \s + "case_details":{ \s + "id":1504259907353610, + "jurisdiction":"PROBATE", + "state":"CaseCreated", + "case_type_id":"TestAddressBookCaseNoReadCaseTypeAccess", + "last_modified":null, + "security_classification":"PUBLIC", + "case_data":{ \s + + }, + "data_classification":{ \s + + }, + "after_submit_callback_response":null, + "callback_response_status_code":null, + "callback_response_status":null + }, + "event_id":"TEST_EVENT" + }"""; String actual = mvcResult.getResponse().getContentAsString(); assertAll( () -> JSONAssert.assertEquals(expected, actual, JSONCompareMode.LENIENT), @@ -3915,7 +3982,7 @@ public void shouldReturn201AndInsertCaseLinksWhenCreateCaseEvent() caseDetailsToSave.setEvent(createEvent(PRE_STATES_EVENT_ID, SUMMARY, DESCRIPTION)); final String token = generateEventToken(template, - UID, JURISDICTION, CASE_TYPE, reference, PRE_STATES_EVENT_ID); + UID, JURISDICTION, "TestAddressBookCaseCaseLinks", reference, PRE_STATES_EVENT_ID); caseDetailsToSave.setToken(token); final JsonNode data = mapper.readTree( @@ -3986,7 +4053,7 @@ public void shouldReturn201AndDeleteCaseLinksWhenCreateCaseEvent() caseDetailsToSave.setEvent(createEvent(PRE_STATES_EVENT_ID, SUMMARY, DESCRIPTION)); final String token = generateEventToken(template, - UID, JURISDICTION, CASE_TYPE, reference, PRE_STATES_EVENT_ID); + UID, JURISDICTION, "TestAddressBookCaseCaseLinks", reference, PRE_STATES_EVENT_ID); caseDetailsToSave.setToken(token); mockMvc.perform(post(URL).contentType(JSON_CONTENT_TYPE) @@ -5597,7 +5664,8 @@ private void shouldReturn201WithCaseLinksInsertedInDbWhenPostCreateCaseEventWith + CASE_TYPE_CASELINK + "/cases"; final CaseDataContent caseDetailsToSave = newCaseDataContent().build(); caseDetailsToSave.setEvent(createEvent("TEST_EVENT_NO_PRE_STATE", SUMMARY, DESCRIPTION)); - final String token = generateEventTokenNewCase(UID, JURISDICTION, CASE_TYPE, "TEST_EVENT_NO_PRE_STATE"); + final String token = generateEventTokenNewCase(UID, JURISDICTION, + "TestAddressBookCaseCaseLinks", "TEST_EVENT_NO_PRE_STATE"); caseDetailsToSave.setToken(token); @@ -5654,7 +5722,8 @@ public void shouldReturn422BadRequestWhenCaseLinksSpecifiedDoesNotExist() + CASE_TYPE_CASELINK + "/cases"; final CaseDataContent caseDetailsToSave = newCaseDataContent().build(); caseDetailsToSave.setEvent(createEvent("TEST_EVENT_NO_PRE_STATE", SUMMARY, DESCRIPTION)); - final String token = generateEventTokenNewCase(UID, JURISDICTION, CASE_TYPE, "TEST_EVENT_NO_PRE_STATE"); + final String token = generateEventTokenNewCase(UID, JURISDICTION, + "TestAddressBookCaseCaseLinks", "TEST_EVENT_NO_PRE_STATE"); caseDetailsToSave.setToken(token); final JsonNode data = mapper.readTree( @@ -5701,7 +5770,8 @@ public void shouldReturn201CaseCreatedButNotInsertCaseLinkInDBWhenCaseLinkIsBLan + CASE_TYPE_CASELINK + "/cases"; final CaseDataContent caseDetailsToSave = newCaseDataContent().build(); caseDetailsToSave.setEvent(createEvent("TEST_EVENT_NO_PRE_STATE", SUMMARY, DESCRIPTION)); - final String token = generateEventTokenNewCase(UID, JURISDICTION, CASE_TYPE, "TEST_EVENT_NO_PRE_STATE"); + final String token = generateEventTokenNewCase(UID, JURISDICTION, + "TestAddressBookCaseCaseLinks", "TEST_EVENT_NO_PRE_STATE"); caseDetailsToSave.setToken(token); final JsonNode data = mapper.readTree( diff --git a/src/test/java/uk/gov/hmcts/ccd/v2/external/controller/CaseControllerTestIT.java b/src/test/java/uk/gov/hmcts/ccd/v2/external/controller/CaseControllerTestIT.java index 80c01c3203..180624db1a 100644 --- a/src/test/java/uk/gov/hmcts/ccd/v2/external/controller/CaseControllerTestIT.java +++ b/src/test/java/uk/gov/hmcts/ccd/v2/external/controller/CaseControllerTestIT.java @@ -490,7 +490,8 @@ void shouldPopulateMultipleSearchCriteriaAndSearchPartiesPostCreateEvent() throw .withEventId("HAS_PRE_STATES_EVENT") .withSummary("Short comment") .build()) - .withToken(generateEventTokenNewCase(UID, JURISDICTION, CASE_TYPE, "HAS_PRE_STATES_EVENT")) + .withToken(generateEventTokenNewCase(UID, JURISDICTION, + "MultipleSearchCriteriaAndSearchParties", "HAS_PRE_STATES_EVENT")) .withData(GlobalSearchTestFixture.createCaseData()) .build(); diff --git a/src/test/resources/test.properties b/src/test/resources/test.properties index 9e0d588bc6..4755abfa4a 100644 --- a/src/test/resources/test.properties +++ b/src/test/resources/test.properties @@ -57,3 +57,5 @@ ccd.multiparty.case-types=${CCD_MULTIPARTY_CASE_TYPES:CIVIL} ccd.multiparty.events=${CCD_MULTIPARTY_EVENTS:DEFENDANT_RESPONSE,ACKNOWLEDGE_CLAIM} document.sanitiser.case-document-am-api.enabled=true + +token.claim.validation.enabled=true