diff --git a/Jenkinsfile_CNP b/Jenkinsfile_CNP index 5f40cb36ee..a6518815f8 100644 --- a/Jenkinsfile_CNP +++ b/Jenkinsfile_CNP @@ -112,6 +112,7 @@ env.BEFTA_RETRY_MAX_ATTEMPTS = "3" env.BEFTA_RETRY_STATUS_CODES = "500,502,503,504" env.BEFTA_RETRY_MAX_DELAY = "1000" env.BEFTA_RETRY_NON_RETRYABLE_HTTP_METHODS = "POST,PUT" +env.TOKEN_CLAIM_VALIDATION_ENABLED="true" withPipeline(type, product, component) { onMaster { diff --git a/Jenkinsfile_nightly b/Jenkinsfile_nightly index 66ff57ce0b..fd50cb2327 100644 --- a/Jenkinsfile_nightly +++ b/Jenkinsfile_nightly @@ -100,6 +100,7 @@ env.BEFTA_RETRY_MAX_ATTEMPTS = "3" env.BEFTA_RETRY_STATUS_CODES = "500,502,503,504" env.BEFTA_RETRY_MAX_DELAY = "1000" env.BEFTA_RETRY_NON_RETRYABLE_HTTP_METHODS = "POST,PUT" +env.TOKEN_CLAIM_VALIDATION_ENABLED="true" withNightlyPipeline(type, product, component) { overrideVaultEnvironments(vaultOverrides) diff --git a/src/aat/resources/features/F-035 - Get Case V2 External/S-156_Case_Creation_Data.td.json b/src/aat/resources/features/F-035 - Get Case V2 External/S-156_Case_Creation_Data.td.json index bd47a32860..2a227bdb04 100644 --- a/src/aat/resources/features/F-035 - Get Case V2 External/S-156_Case_Creation_Data.td.json +++ b/src/aat/resources/features/F-035 - Get Case V2 External/S-156_Case_Creation_Data.td.json @@ -11,7 +11,10 @@ "request": { "pathVariables": { "ctid": "AAT_AUTH_8" - } + }, + "body": { + "event_token": "${[scenarioContext][parentContext][childContexts][S-156_Case_Creation_Data_Token_Creation][testData][actualResponse][body][token]}" + } }, "expectedResponse": { diff --git a/src/aat/resources/features/F-035 - Get Case V2 External/S-156_Case_Creation_Data_Token_Creation.td.json b/src/aat/resources/features/F-035 - Get Case V2 External/S-156_Case_Creation_Data_Token_Creation.td.json new file mode 100644 index 0000000000..0d74b3e00b --- /dev/null +++ b/src/aat/resources/features/F-035 - Get Case V2 External/S-156_Case_Creation_Data_Token_Creation.td.json @@ -0,0 +1,62 @@ +{ + "_guid_": "S-156_Case_Creation_Data_Token_Creation", + + "productName": "CCD Data Store", + "operationName": "Start event creation as Case worker", + + "method": "GET", + "uri": "/caseworkers/{uid}/jurisdictions/{jid}/case-types/{ctid}/event-triggers/{etid}/token", + + "specs": [ + "to create a token for case creation" + ], + + "users": { + "invokingUser": { + "_extends_": "PrivateCaseworker" + } + }, + + "request": { + "headers": { + "_extends_": "Common_Request_Headers" + }, + "pathVariables": { + "uid": "[[DEFAULT_AUTO_VALUE]]", + "jid": "AUTOTEST1", + "ctid": "AAT_AUTH_8", + "etid": "CREATE" + } + }, + + "expectedResponse": { + "_extends_": "Common_200_Response", + "headers": { + "Content-Encoding": "gzip", + "Content-Length": "[[ANY_INTEGER_NOT_NULLABLE]]" + }, + "body": { + "token": "[[ANY_STRING_NOT_NULLABLE]]", + "case_details": { + "id": null, + "jurisdiction": "[[ANYTHING_PRESENT]]", + "state": null, + "version": null, + "case_type_id": "[[ANYTHING_PRESENT]]", + "created_date": null, + "last_modified": null, + "last_state_modified_date": null, + "security_classification": null, + "case_data": {}, + "data_classification": {}, + "supplementary_data": null, + "after_submit_callback_response": null, + "callback_response_status_code": null, + "callback_response_status": null, + "delete_draft_response_status_code": null, + "delete_draft_response_status": null + }, + "event_id": "CREATE" + } + } +} diff --git a/src/aat/resources/features/F-042 - Get aboutToStart token V1 External/Case_Creation_Using_Caseworker1_Role.td.json b/src/aat/resources/features/F-042 - Get aboutToStart token V1 External/Case_Creation_Using_Caseworker1_Role.td.json index 371b62374c..ee2f1b5b1d 100644 --- a/src/aat/resources/features/F-042 - Get aboutToStart token V1 External/Case_Creation_Using_Caseworker1_Role.td.json +++ b/src/aat/resources/features/F-042 - Get aboutToStart token V1 External/Case_Creation_Using_Caseworker1_Role.td.json @@ -1,6 +1,6 @@ { "_guid_": "Case_Creation_Using_Caseworker1_Role", - "_extends_": "Case_Creation_Data_Base", + "_extends_": "F-042_Case_Creation_Data_Base", "users": { "invokingUser": { diff --git a/src/aat/resources/features/F-042 - Get aboutToStart token V1 External/F-042_Case_Creation_Data_Base.td.json b/src/aat/resources/features/F-042 - Get aboutToStart token V1 External/F-042_Case_Creation_Data_Base.td.json new file mode 100644 index 0000000000..178be371ea --- /dev/null +++ b/src/aat/resources/features/F-042 - Get aboutToStart token V1 External/F-042_Case_Creation_Data_Base.td.json @@ -0,0 +1,33 @@ +{ + "_guid_": "F-042_Case_Creation_Data_Base", + "_extends_": "Case_Creation_Base", + + "request": { + "body": { + "event_token": "${[scenarioContext][parentContext][childContexts][Case_Creation_Using_Caseworker1_Role_Token_Creation][testData][actualResponse][body][token]}" + } + }, + + "expectedResponse": { + "_extends_": "Common_201_Response", + "headers": { + "Content-Encoding": "gzip", + "vary": "accept-encoding", + "Content-Length": "[[ANYTHING_PRESENT]]" + }, + "body": { + "id": "[[ANYTHING_PRESENT]]", + "state": "TODO", + "version": 0, + "last_state_modified_date": "[[ANYTHING_PRESENT]]", + "created_date": "[[ANYTHING_PRESENT]]", + "last_modified": "[[ANYTHING_PRESENT]]", + "security_classification": "PUBLIC", + "after_submit_callback_response": null, + "callback_response_status_code": null, + "callback_response_status": null, + "delete_draft_response_status_code": null, + "delete_draft_response_status": null + } + } +} diff --git a/src/aat/resources/features/F-042 - Get aboutToStart token V1 External/_Case_Creation_Using_Caseworker1_Role_Token_Creation.td.json b/src/aat/resources/features/F-042 - Get aboutToStart token V1 External/_Case_Creation_Using_Caseworker1_Role_Token_Creation.td.json new file mode 100644 index 0000000000..3c11f9c233 --- /dev/null +++ b/src/aat/resources/features/F-042 - Get aboutToStart token V1 External/_Case_Creation_Using_Caseworker1_Role_Token_Creation.td.json @@ -0,0 +1,62 @@ +{ + "_guid_": "Case_Creation_Using_Caseworker1_Role_Token_Creation", + + "productName": "CCD Data Store", + "operationName": "Start event creation as Case worker", + + "method": "GET", + "uri": "/caseworkers/{uid}/jurisdictions/{jid}/case-types/{ctid}/event-triggers/{etid}/token", + + "specs": [ + "to create a token for case creation" + ], + + "users": { + "invokingUser": { + "_extends_": "BeftaCaseworker1" + } + }, + + "request": { + "headers": { + "_extends_": "Common_Request_Headers" + }, + "pathVariables": { + "uid": "[[DEFAULT_AUTO_VALUE]]", + "jid": "BEFTA_JURISDICTION_1", + "ctid": "BEFTA_CASETYPE_1_1", + "etid": "CREATE" + } + }, + + "expectedResponse": { + "_extends_": "Common_200_Response", + "headers": { + "Content-Encoding": "gzip", + "Content-Length": "[[ANY_INTEGER_NOT_NULLABLE]]" + }, + "body": { + "token": "[[ANY_STRING_NOT_NULLABLE]]", + "case_details": { + "id": null, + "jurisdiction": "[[ANYTHING_PRESENT]]", + "state": null, + "version": null, + "case_type_id": "[[ANYTHING_PRESENT]]", + "created_date": null, + "last_modified": null, + "last_state_modified_date": null, + "security_classification": null, + "case_data": {}, + "data_classification": {}, + "supplementary_data": null, + "after_submit_callback_response": null, + "callback_response_status_code": null, + "callback_response_status": null, + "delete_draft_response_status_code": null, + "delete_draft_response_status": null + }, + "event_id": "CREATE" + } + } +} diff --git a/src/aat/resources/features/F-044 - Submit Event V1 External/F-044.feature b/src/aat/resources/features/F-044 - Submit Event V1 External/F-044.feature index 37dd064816..30730e4d38 100644 --- a/src/aat/resources/features/F-044 - Submit Event V1 External/F-044.feature +++ b/src/aat/resources/features/F-044 - Submit Event V1 External/F-044.feature @@ -84,7 +84,10 @@ Scenario: must return 409 when case is altered out of the transaction And the response has all other details as expected. #------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- -@S-283 +# After the event token validation fix(ccd-5521), we get the same error in the token creation process since the token +# creation has to be with the same eventId; STOP_PROGRESS, which is not valid for the event process. That's why S-283 +# is not a valid scenario anymore +@S-283 @Ignore Scenario: must return 422 when event submission has failed Given a user with [an active profile in CCD], diff --git a/src/aat/resources/features/F-1016 - Submit Event to Update TTL/CreateCases/F-1016_GetEventTokenBase.td.json b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/CreateCases/F-1016_GetEventTokenBase.td.json index 601b75a69d..277dc2fbae 100644 --- a/src/aat/resources/features/F-1016 - Submit Event to Update TTL/CreateCases/F-1016_GetEventTokenBase.td.json +++ b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/CreateCases/F-1016_GetEventTokenBase.td.json @@ -26,7 +26,7 @@ "data_classification": "[[ANYTHING_PRESENT]]" }, - "event_id": "updateCaseSubmitTTL" + "event_id": "[[ANYTHING_PRESENT]]" } } } diff --git a/src/aat/resources/features/F-1016 - Submit Event to Update TTL/CreateCases/S-1016.21_GetUpdateSuspendedCaseTokenCitizen.td.json b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/CreateCases/S-1016.21_GetUpdateSuspendedCaseTokenCitizen.td.json new file mode 100644 index 0000000000..3d9b263087 --- /dev/null +++ b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/CreateCases/S-1016.21_GetUpdateSuspendedCaseTokenCitizen.td.json @@ -0,0 +1,23 @@ +{ + "_guid_": "S-1016.21_GetUpdateSuspendedCaseTokenCitizen", + "_extends_": "F-1016_GetEventTokenBase", + + "users": { + "invokingUser": { + "_extends_": "BeftaCitizen2" + } + }, + + "request": { + "pathVariables": { + "cid": "${[scenarioContext][parentContext][childContexts][F-1016_CreateSuspendedCasePreRequisiteCitizen][testData][actualResponse][body][id]}", + "etid": "updateCaseSubmitSuspendedTTL" + } + }, + + "expectedResponse": { + "body": { + "event_id": "updateCaseSubmitSuspendedTTL" + } + } +} diff --git a/src/aat/resources/features/F-1016 - Submit Event to Update TTL/CreateCases/S-1016.7_GetUpdateSuspendedCaseTokenCaseworker.td.json b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/CreateCases/S-1016.7_GetUpdateSuspendedCaseTokenCaseworker.td.json new file mode 100644 index 0000000000..4f4653697b --- /dev/null +++ b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/CreateCases/S-1016.7_GetUpdateSuspendedCaseTokenCaseworker.td.json @@ -0,0 +1,23 @@ +{ + "_guid_": "S-1016.7_GetUpdateSuspendedCaseTokenCaseworker", + "_extends_": "F-1016_GetEventTokenBase", + + "users": { + "invokingUser": { + "_extends_": "BeftaMasterCaseworker" + } + }, + + "request": { + "pathVariables": { + "cid": "${[scenarioContext][parentContext][childContexts][F-1016_CreateSuspendedCasePreRequisiteCaseworker][testData][actualResponse][body][id]}", + "etid": "updateCaseSubmitSuspendedTTL" + } + }, + + "expectedResponse": { + "body": { + "event_id": "updateCaseSubmitSuspendedTTL" + } + } +} diff --git a/src/aat/resources/features/F-1016 - Submit Event to Update TTL/S-1016.14.td.json b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/S-1016.14.td.json index 123fea9011..cca591b2f1 100644 --- a/src/aat/resources/features/F-1016 - Submit Event to Update TTL/S-1016.14.td.json +++ b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/S-1016.14.td.json @@ -5,7 +5,7 @@ "title": "TTL.Suspended changed to \"No\", SystemTTL and OverrideTTL greater than Guard value using v2 '/cases/{cid}/events'", "prerequisites" : [ { - "Token_Creation": "S-1016_GetUpdateSuspendedCaseTokenCaseworker" + "Token_Creation": "S-1016.7_GetUpdateSuspendedCaseTokenCaseworker" } ], diff --git a/src/aat/resources/features/F-1016 - Submit Event to Update TTL/S-1016.21.td.json b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/S-1016.21.td.json index 9d25a5144b..53537caa12 100644 --- a/src/aat/resources/features/F-1016 - Submit Event to Update TTL/S-1016.21.td.json +++ b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/S-1016.21.td.json @@ -5,7 +5,7 @@ "title": "TTL.Suspended changed to \"No\", SystemTTL and OverrideTTL greater than Guard value using '/citizens/{uid}/jurisdictions/{jid}/case-types/{ctid}/cases/{cid}/events'", "prerequisites" : [{ - "Token_Creation": "S-1016_GetUpdateSuspendedCaseTokenCitizen" + "Token_Creation": "S-1016.21_GetUpdateSuspendedCaseTokenCitizen" }], "specs": [ diff --git a/src/aat/resources/features/F-1016 - Submit Event to Update TTL/S-1016.7.td.json b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/S-1016.7.td.json index 0201f4527e..6872e1b206 100644 --- a/src/aat/resources/features/F-1016 - Submit Event to Update TTL/S-1016.7.td.json +++ b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/S-1016.7.td.json @@ -5,7 +5,7 @@ "title": "TTL.Suspended changed to \"No\", SystemTTL and OverrideTTL greater than Guard value using '/caseworkers/{uid}/jurisdictions/{jid}/case-types/{ctid}/cases/{cid}/events'", "prerequisites" : [ { - "Token_Creation": "S-1016_GetUpdateSuspendedCaseTokenCaseworker" + "Token_Creation": "S-1016.7_GetUpdateSuspendedCaseTokenCaseworker" } ], diff --git a/src/aat/resources/features/F-1016 - Submit Event to Update TTL/UpdateCase/F-1016_UpdateCase_TTLCaseType_updateCaseTTLIncHidden_PreRequisiteCitizen_TokenCreation.td.json b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/UpdateCase/F-1016_UpdateCase_TTLCaseType_updateCaseTTLIncHidden_PreRequisiteCitizen_TokenCreation.td.json index e123ffeac1..f9f249cabf 100644 --- a/src/aat/resources/features/F-1016 - Submit Event to Update TTL/UpdateCase/F-1016_UpdateCase_TTLCaseType_updateCaseTTLIncHidden_PreRequisiteCitizen_TokenCreation.td.json +++ b/src/aat/resources/features/F-1016 - Submit Event to Update TTL/UpdateCase/F-1016_UpdateCase_TTLCaseType_updateCaseTTLIncHidden_PreRequisiteCitizen_TokenCreation.td.json @@ -11,7 +11,7 @@ "request": { "pathVariables": { "cid": "${[scenarioContext][siblingContexts][CreateCase_TTLCaseType_PreRequisiteCitizen][testData][actualResponse][body][id]}", - "etid": "updateCaseTTLInc" + "etid": "updateCaseTTLIncHidden" } }, diff --git a/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/CreateCases/Caseworker/S-1018.11-GetUpdateEventToken.td.json b/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/CreateCases/Caseworker/S-1018.11-GetUpdateEventToken.td.json new file mode 100644 index 0000000000..b96d3a8c5e --- /dev/null +++ b/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/CreateCases/Caseworker/S-1018.11-GetUpdateEventToken.td.json @@ -0,0 +1,30 @@ +{ + "title": "should create an event token for correct inputs", + "_guid_": "S-1018.11-GetUpdateEventToken", + "_extends_": "Token_Creation_Data_For_Master_Caseworker_Case_Creation", + + "users": { + "invokingUser": { + "_extends_": "BeftaMasterCaseworker" + } + }, + + "request": { + "pathVariables": { + "cid": "${[scenarioContext][siblingContexts][F-1018_CreateAnotherCasePreRequisiteCaseworkerBase][testData][actualResponse][body][id]}" + } + }, + + "expectedResponse": { + "_extends_": "Common_200_Response", + "headers": { + "Content-Encoding": "gzip", + "Content-Length": "[[ANYTHING_PRESENT]]" + }, + "body": { + "token": "[[ANYTHING_PRESENT]]", + "case_details": "[[ANYTHING_PRESENT]]", + "event_id": "updateCase" + } + } +} diff --git a/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/CreateCases/Citizen/S-1018.21-GetCitizenUpdateEventToken.td.json b/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/CreateCases/Citizen/S-1018.21-GetCitizenUpdateEventToken.td.json new file mode 100644 index 0000000000..a7ea5886b4 --- /dev/null +++ b/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/CreateCases/Citizen/S-1018.21-GetCitizenUpdateEventToken.td.json @@ -0,0 +1,11 @@ +{ + "title": "should create an event token for correct inputs", + "_guid_": "S-1018.21-GetCitizenUpdateEventToken", + "_extends_": "F-1018-GetCitizenUpdateEventTokenBase", + + "request": { + "pathVariables": { + "cid": "${[scenarioContext][siblingContexts][F-1018_CreateAnotherCasePreRequisiteCitizenBase][testData][actualResponse][body][id]}" + } + } +} diff --git a/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/F-1018.feature b/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/F-1018.feature index 9538b8fc54..3b5206f443 100644 --- a/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/F-1018.feature +++ b/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/F-1018.feature @@ -158,7 +158,7 @@ Feature: F-1018: Submit Event Creation Handle Case Links And a successful call [to create a case] as in [F-1018_CreateCasePreRequisiteCaseworkerBase] And another successful call [to create a case] as in [F-1018_CreateAnotherCasePreRequisiteCaseworkerBase] And another successful call [to create a case with a different case_type] as in [F-1018_CreateThirdCaseDifferentCaseTypePreRequisiteCaseworkerBase] - And a successful call [to get an event token for the case just created] as in [F-1018-GetUpdateEventToken] + And a successful call [to get an event token for the case just created] as in [S-1018.11-GetUpdateEventToken] When a request is prepared with appropriate values And the request [contains correctly configured CaseLink field as a collection] And the request [specifying the case to be updated, as created in F-1018_CreateLinkedCasePreRequisiteCaseworkerBase, does not contain a CaseLink field] @@ -314,7 +314,7 @@ Feature: F-1018: Submit Event Creation Handle Case Links Given a user with [an active profile in CCD] And a successful call [to create a case] as in [F-1018_CreateCasePreRequisiteCitizenBase] And another successful call [to create a case] as in [F-1018_CreateAnotherCasePreRequisiteCitizenBase] - And a successful call [to get an update event token for the case just created as a Citizen] as in [F-1018-GetCitizenUpdateEventToken] + And a successful call [to get an update event token for the case just created as a Citizen] as in [S-1018.21-GetCitizenUpdateEventToken] When a request is prepared with appropriate values And the request [contains correctly configured CaseLink field with Case Reference created in F-1018_CreateCasePreRequisiteCitizenBase] And the request [specifying the case to be updated, as created in F-1018_CreateAnotherCasePreRequisiteCaseworkerBase, does not contain a CaseLink field] diff --git a/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/S-1018.11.td.json b/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/S-1018.11.td.json index cc90737fbe..81edc0f8c7 100644 --- a/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/S-1018.11.td.json +++ b/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/S-1018.11.td.json @@ -37,7 +37,7 @@ "description": "" }, "security_classification": "PUBLIC", - "event_token" : "${[scenarioContext][childContexts][F-1018-GetUpdateEventToken][testData][actualResponse][body][token]}", + "event_token" : "${[scenarioContext][childContexts][S-1018.11-GetUpdateEventToken][testData][actualResponse][body][token]}", "ignore_warning": true } }, diff --git a/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/S-1018.21.td.json b/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/S-1018.21.td.json index 25e61228a4..7746ae1ae9 100644 --- a/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/S-1018.21.td.json +++ b/src/aat/resources/features/F-1018 - Submit Event Creation Handle Case Links/S-1018.21.td.json @@ -27,7 +27,7 @@ "description": "" }, "security_classification": "PUBLIC", - "event_token" : "${[scenarioContext][childContexts][F-1018-GetCitizenUpdateEventToken][testData][actualResponse][body][token]}", + "event_token" : "${[scenarioContext][childContexts][S-1018.21-GetCitizenUpdateEventToken][testData][actualResponse][body][token]}", "ignore_warning": true } }, diff --git a/src/aat/resources/features/F-1019 - Submit Case Creation Handle Case Links/F-1019.feature b/src/aat/resources/features/F-1019 - Submit Case Creation Handle Case Links/F-1019.feature index 6500c013f6..e55eb2fb7b 100644 --- a/src/aat/resources/features/F-1019 - Submit Case Creation Handle Case Links/F-1019.feature +++ b/src/aat/resources/features/F-1019 - Submit Case Creation Handle Case Links/F-1019.feature @@ -192,7 +192,7 @@ Feature: F-1019: Submit Case Creation Handle Case Links # Submit Event Creation: extra tests for Standard CaseLinks field and flag in CaseLinks table #======================================= - @S-1019.16 + @S-1019.16 Scenario: Standard CaseLinks field should generate caseLink records with StandardLink set to true when Submit Case Creation Event is invoked on v1_external#/case-details-endpoint/saveCaseDetailsForCaseWorkerUsingPOST Given a user with [an active profile in CCD] And a successful call [to create many cases to link to] as in [F-1019_CreateManyTestsCasesCaseworker] @@ -203,7 +203,7 @@ Feature: F-1019: Submit Case Creation Handle Case Links And the response has all other details as expected And a successful call [to verify that the Case Links have been created in the CASE_LINK table with correct values] as in [F-1019-VerifyMultipleCaseLinksUsingStandardLinkField] - @S-1019.17 + @S-1019.17 Scenario: Standard CaseLinks field should generate caseLink records with StandardLink set to true when Submit Case Creation Event is invoked on v1_external#/case-details-endpoint/saveCaseDetailsForCitizenUsingPOST Given a user with [an active profile in CCD] And a successful call [to create many cases to link to] as in [F-1019_CreateManyTestsCasesCaseworker] @@ -214,7 +214,7 @@ Feature: F-1019: Submit Case Creation Handle Case Links And the response has all other details as expected And a successful call [to verify that the Case Links have been created in the CASE_LINK table with correct values] as in [F-1019-VerifyMultipleCaseLinksUsingStandardLinkField] - @S-1019.18 + @S-1019.18 Scenario: Standard CaseLinks field should generate caseLink records with StandardLink set to true when Submit Case Creation Event is invoked on v2_external#/case-controller/createCaseUsingPOST Given a user with [an active profile in CCD] And a successful call [to create many cases to link to] as in [F-1019_CreateManyTestsCasesCaseworker] @@ -230,7 +230,7 @@ Feature: F-1019: Submit Case Creation Handle Case Links # Complex case links: extra tests for extracting CaseLinks from more complex fields #======================================= - @S-1019.19 + @S-1019.19 Scenario: Collection of complex fields with CaseLinks should generate caseLink records when Submit Case Creation Event is invoked on v1_external#/case-details-endpoint/saveCaseDetailsForCaseWorkerUsingPOST Given a user with [an active profile in CCD] And a successful call [to create a case] as in [F-1019_CreateCasePreRequisiteCaseworkerBase] @@ -244,7 +244,7 @@ Feature: F-1019: Submit Case Creation Handle Case Links And the response has all other details as expected And a successful call [to verify that the Case Links have been created in the CASE_LINK table with correct values] as in [F-1019-VerifyMultipleCaseLinks] - @S-1019.20 + @S-1019.20 Scenario: Collection of complex fields with CaseLinks should generate caseLink records when Submit Case Creation Event is invoked on v2_external#/case-controller/createCaseUsingPOST Given a user with [an active profile in CCD] And a successful call [to create a case] as in [F-1019_CreateCasePreRequisiteCaseworkerBase] @@ -258,7 +258,7 @@ Feature: F-1019: Submit Case Creation Handle Case Links And the response has all other details as expected And a successful call [to verify that the Case Links have been created in the CASE_LINK table with correct values] as in [F-1019-VerifyMultipleCaseLinks] - @S-1019.21 + @S-1019.21 Scenario: Nested complex fields with CaseLinks should generate caseLink records when Submit Case Creation Event is invoked on v1_external#/case-details-endpoint/saveCaseDetailsForCaseWorkerUsingPOST Given a user with [an active profile in CCD] And a successful call [to create a case] as in [F-1019_CreateCasePreRequisiteCaseworkerBase] @@ -272,7 +272,7 @@ Feature: F-1019: Submit Case Creation Handle Case Links And the response has all other details as expected And a successful call [to verify that the Case Links have been created in the CASE_LINK table with correct values] as in [F-1019-VerifyMultipleCaseLinks] - @S-1019.22 + @S-1019.22 Scenario: Nested complex fields with CaseLinks should generate caseLink records when Submit Case Creation Event is invoked on v2_external#/case-controller/createCaseUsingPOST Given a user with [an active profile in CCD] And a successful call [to create a case] as in [F-1019_CreateCasePreRequisiteCaseworkerBase] diff --git a/src/aat/resources/features/F-113 - CaseLinking/F-113_Case_Data_Create_Token_Creation.td.json b/src/aat/resources/features/F-113 - CaseLinking/F-113_Case_Data_Create_Token_Creation.td.json index b1c412c452..4e95076f5b 100644 --- a/src/aat/resources/features/F-113 - CaseLinking/F-113_Case_Data_Create_Token_Creation.td.json +++ b/src/aat/resources/features/F-113 - CaseLinking/F-113_Case_Data_Create_Token_Creation.td.json @@ -6,8 +6,7 @@ ], "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, "request": { diff --git a/src/aat/resources/features/F-113 - CaseLinking/F-113_Test_Data_Base.td.json b/src/aat/resources/features/F-113 - CaseLinking/F-113_Test_Data_Base.td.json index 1b3cbec2b0..6a005103f0 100644 --- a/src/aat/resources/features/F-113 - CaseLinking/F-113_Test_Data_Base.td.json +++ b/src/aat/resources/features/F-113 - CaseLinking/F-113_Test_Data_Base.td.json @@ -10,13 +10,11 @@ ], "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, "user": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" }, "request": { diff --git a/src/aat/resources/features/F-114 - Notice Of Change/F-114_Case_Data_Create_Token_Creation.td.json b/src/aat/resources/features/F-114 - Notice Of Change/F-114_Case_Data_Create_Token_Creation.td.json index d3a467084e..555511c5d0 100644 --- a/src/aat/resources/features/F-114 - Notice Of Change/F-114_Case_Data_Create_Token_Creation.td.json +++ b/src/aat/resources/features/F-114 - Notice Of Change/F-114_Case_Data_Create_Token_Creation.td.json @@ -6,8 +6,7 @@ ], "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, "request": { diff --git a/src/aat/resources/features/F-114 - Notice Of Change/F-114_Test_Data_Base.td.json b/src/aat/resources/features/F-114 - Notice Of Change/F-114_Test_Data_Base.td.json index ac3b8f738b..713672a62c 100644 --- a/src/aat/resources/features/F-114 - Notice Of Change/F-114_Test_Data_Base.td.json +++ b/src/aat/resources/features/F-114 - Notice Of Change/F-114_Test_Data_Base.td.json @@ -10,13 +10,11 @@ ], "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, "user": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" }, "request": { diff --git a/src/aat/resources/features/F-122 - Conditional Event Post States/F-122.feature b/src/aat/resources/features/F-122 - Conditional Event Post States/F-122.feature index 36e4d767ab..e37e9e84e2 100644 --- a/src/aat/resources/features/F-122 - Conditional Event Post States/F-122.feature +++ b/src/aat/resources/features/F-122 - Conditional Event Post States/F-122.feature @@ -88,7 +88,7 @@ Feature: F-122: Conditional Event Post States Given a user with [an active profile in CCD], And a successful call [to create a token for case creation] as in [S-122-GetToken_CaseCreate], And a successful call [to create a case] as in [FT_ConditionalPostState_Create_Case], - And a successful call [to get an event token for the case just created] as in [S-122-GetToken_UpdateCase], + And a successful call [to get an event token for the case just created] as in [S-122-GetToken_UpdateCase2], When a request is prepared with appropriate values, And the request [contains a case Id that has just been created], @@ -105,7 +105,7 @@ Feature: F-122: Conditional Event Post States Given a user with [an active profile in CCD], And a successful call [to create a token for case creation] as in [S-122-GetToken_CaseCreate], And a successful call [to create a case] as in [FT_ConditionalPostState_Create_Case], - And a successful call [to get an event token for the case just created] as in [S-122-GetToken_UpdateCase], + And a successful call [to get an event token for the case just created] as in [S-122-GetToken_UpdateCase2], When a request is prepared with appropriate values, And the request [contains a case Id that has just been created], @@ -122,7 +122,7 @@ Feature: F-122: Conditional Event Post States Given a user with [an active profile in CCD], And a successful call [to create a token for case creation] as in [S-122-GetToken_CaseCreate], And a successful call [to create a case] as in [FT_ConditionalPostState_Create_Case], - And a successful call [to get an event token for the case just created] as in [S-122-GetToken_UpdateCase], + And a successful call [to get an event token for the case just created] as in [S-122-GetToken_UpdateCase2], When a request is prepared with appropriate values, And the request [contains a case Id that has just been created], @@ -139,7 +139,7 @@ Feature: F-122: Conditional Event Post States Given a user with [an active profile in CCD], And a successful call [to create a token for case creation] as in [S-122-GetToken_CaseCreate], And a successful call [to create a case] as in [FT_ConditionalPostState_Create_Case], - And a successful call [to get an event token for the case just created] as in [S-122-GetToken_UpdateCase], + And a successful call [to get an event token for the case just created] as in [S-122-GetToken_UpdateCase2], When a request is prepared with appropriate values, And the request [contains a case Id that has just been created], diff --git a/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.5.td.json b/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.5.td.json index 42cf6ff464..b23216164c 100644 --- a/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.5.td.json +++ b/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.5.td.json @@ -1,6 +1,6 @@ { "_guid_": "S-122.5", - "_extends_": "F-122-UpdateEventBase", + "_extends_": "F-122-UpdateEvent2Base", "title": "Ordering should take precedence when both conditions resolve (End state: CaseUpdated2)", "productName": "CCD data store", diff --git a/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.6.td.json b/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.6.td.json index 9c1227a1c8..7bb66630b2 100644 --- a/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.6.td.json +++ b/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.6.td.json @@ -1,6 +1,6 @@ { "_guid_": "S-122.6", - "_extends_": "F-122-UpdateEventBase", + "_extends_": "F-122-UpdateEvent2Base", "title": "Sets the state defined with a matching post state condition using OR operator (End state: CaseAmended2)", "productName": "CCD data store", diff --git a/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.7.td.json b/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.7.td.json index 5a76edc0f8..7033f45cbb 100644 --- a/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.7.td.json +++ b/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.7.td.json @@ -1,6 +1,6 @@ { "_guid_": "S-122.7", - "_extends_": "F-122-UpdateEventBase", + "_extends_": "F-122-UpdateEvent2Base", "title": "*(FieldA) will keep the state as is (End state: CaseCreated)", "productName": "CCD data store", diff --git a/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.8.td.json b/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.8.td.json index da38faf0e7..58828335a9 100644 --- a/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.8.td.json +++ b/src/aat/resources/features/F-122 - Conditional Event Post States/S-122.8.td.json @@ -1,6 +1,6 @@ { "_guid_": "S-122.8", - "_extends_": "F-122-UpdateEventBase", + "_extends_": "F-122-UpdateEvent2Base", "title": "Sets the state defined with a matching post state condition using != operator (End state: CaseRevoked2)", "productName": "CCD data store", diff --git a/src/aat/resources/features/F-122 - Conditional Event Post States/common/F-122-UpdateEvent2Base.td.json b/src/aat/resources/features/F-122 - Conditional Event Post States/common/F-122-UpdateEvent2Base.td.json new file mode 100644 index 0000000000..2b84c0c8e7 --- /dev/null +++ b/src/aat/resources/features/F-122 - Conditional Event Post States/common/F-122-UpdateEvent2Base.td.json @@ -0,0 +1,92 @@ +{ + "_guid_": "F-122-UpdateEvent2Base", + "title": "must submit the event creation successfully for TextField and EmailField inputs", + + "productName": "CCD data store", + "operationName": "submit updateCase event with TextField and EmailField values", + + "method": "POST", + "uri": "/caseworkers/{uid}/jurisdictions/{jid}/case-types/{ctid}/cases/{cid}/events", + + "specs": [ + "an active profile in CCD", + "contains a case Id that has just been created", + "contains Update token created as in S-122-GetToken_UpdateCase" + ], + + "user": { + "_extends_": "BeftaMasterCaseworker" + }, + + "request": { + "headers": { + "_extends_": "Common_Request_Headers" + }, + "pathVariables": { + "uid": "[[DEFAULT_AUTO_VALUE]]", + "jid": "BEFTA_MASTER", + "ctid": "FT_ConditionalPostState", + "cid": "${[scenarioContext][childContexts][FT_ConditionalPostState_Create_Case][testData][actualResponse][body][id]}" + }, + "body": { + "data": { + "_extends_": "FT_ConditionalPostState_Base_Case_Data", + "TextField": "updated testing 1234", + "EmailField": null + }, + "event": { + "id": "updateCase", + "summary": "", + "description": "" + }, + "security_classification": "PUBLIC", + "event_token": "${[scenarioContext][childContexts][S-122-GetToken_UpdateCase2][testData][actualResponse][body][token]}", + "ignore_warning": true + } + }, + + "expectedResponse": { + "responseCode": 201, + "responseMessage": "OK", + "headers": { + "_extends_": "Common_Response_Headers", + "Vary": "Accept-Encoding" + }, + "body": { + "id": "[[ANYTHING_PRESENT]]", + "jurisdiction": "BEFTA_MASTER", + "state": "CaseUpdated2", + "version": "[[ANYTHING_PRESENT]]", + "case_type_id": "FT_ConditionalPostState", + "created_date": "[[ANYTHING_PRESENT]]", + "last_modified": "[[ANYTHING_PRESENT]]", + "last_state_modified_date": "[[ANYTHING_PRESENT]]", + "security_classification": "PUBLIC", + "case_data": { + "AddressField": { + "AddressLine1": null, + "AddressLine2": null, + "AddressLine3": null, + "Country": null + }, + "MoneyField": null, + "MultiSelectField": [], + "EmailField": "matched@test.com", + "YesNoField": null, + "TextField": "updated2", + "PhoneField": null, + "MarritalStatus": null, + "DateField": null, + "TextAreaField": null, + "NumberField": null + }, + "data_classification": "[[ANYTHING_PRESENT]]", + "supplementary_data": null, + "after_submit_callback_response": null, + "callback_response_status_code": null, + "callback_response_status": null, + "delete_draft_response_status_code": null, + "delete_draft_response_status": null + } + } +} diff --git a/src/aat/resources/features/F-122 - Conditional Event Post States/common/S-122-GetToken_UpdateCase2.td.json b/src/aat/resources/features/F-122 - Conditional Event Post States/common/S-122-GetToken_UpdateCase2.td.json new file mode 100644 index 0000000000..a8f227a8cd --- /dev/null +++ b/src/aat/resources/features/F-122 - Conditional Event Post States/common/S-122-GetToken_UpdateCase2.td.json @@ -0,0 +1,47 @@ +{ + "_guid_": "S-122-GetToken_UpdateCase2", + "title": "should create an event token for correct inputs", + + "productName": "CCD Data Store", + "operationName": "Retrieve an update token", + + "method": "GET", + "uri": "/caseworkers/{uid}/jurisdictions/{jid}/case-types/{ctid}/cases/{cid}/event-triggers/{etid}/token", + + "specs": [ + "to get an event token for the case just created" + ], + + "users": { + "invokingUser": { + "_extends_": "BeftaMasterCaseworker" + } + }, + + "request": { + "headers": { + "_extends_": "Common_Request_Headers" + }, + "pathVariables": { + "jid": "BEFTA_MASTER", + "ctid": "FT_ConditionalPostState", + "uid": "[[DEFAULT_AUTO_VALUE]]", + "cid": "${[scenarioContext][parentContext][childContexts][FT_ConditionalPostState_Create_Case][testData][actualResponse][body][id]}", + "etid": "updateCase2" + } + }, + + "expectedResponse": { + "_extends_": "Common_200_Response", + "headers": { + "Content-Encoding": "gzip", + "Content-Type": "application/json", + "Content-Length": "[[ANYTHING_PRESENT]]" + }, + "body": { + "token": "[[ANYTHING_PRESENT]]", + "case_details": "[[ANYTHING_PRESENT]]", + "event_id": "updateCase2" + } + } +} diff --git a/src/aat/resources/features/F-127 - Even Enabling Condition/S-127.1.td.json b/src/aat/resources/features/F-127 - Even Enabling Condition/S-127.1.td.json index 1bd69991e9..8e6e337231 100644 --- a/src/aat/resources/features/F-127 - Even Enabling Condition/S-127.1.td.json +++ b/src/aat/resources/features/F-127 - Even Enabling Condition/S-127.1.td.json @@ -15,8 +15,7 @@ }, "user": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_BEFTA_MASTER_CASEWORKER_PWD]]" + "_extends_": "BeftaMasterCaseworker" }, "expectedResponse": { diff --git a/src/aat/resources/features/F-127 - Even Enabling Condition/S-127.2.td.json b/src/aat/resources/features/F-127 - Even Enabling Condition/S-127.2.td.json index 40a5bb8e81..80c2a5d5aa 100644 --- a/src/aat/resources/features/F-127 - Even Enabling Condition/S-127.2.td.json +++ b/src/aat/resources/features/F-127 - Even Enabling Condition/S-127.2.td.json @@ -15,8 +15,7 @@ }, "user": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_BEFTA_MASTER_CASEWORKER_PWD]]" + "_extends_": "BeftaMasterCaseworker" }, "expectedResponse": { diff --git a/src/aat/resources/features/F-127 - Even Enabling Condition/common/FT_Create_Case_EventEnablingCondition.td.json b/src/aat/resources/features/F-127 - Even Enabling Condition/common/FT_Create_Case_EventEnablingCondition.td.json index fd16fab19e..b2b374e640 100644 --- a/src/aat/resources/features/F-127 - Even Enabling Condition/common/FT_Create_Case_EventEnablingCondition.td.json +++ b/src/aat/resources/features/F-127 - Even Enabling Condition/common/FT_Create_Case_EventEnablingCondition.td.json @@ -12,8 +12,7 @@ ], "user": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_BEFTA_MASTER_CASEWORKER_PWD]]" + "_extends_": "BeftaMasterCaseworker" }, "request": { diff --git a/src/aat/resources/features/F-127 - Even Enabling Condition/common/FT_Create_Case_EventEnablingCondition_NotMatch.td.json b/src/aat/resources/features/F-127 - Even Enabling Condition/common/FT_Create_Case_EventEnablingCondition_NotMatch.td.json index 7d8ad0ee9e..84b942ca84 100644 --- a/src/aat/resources/features/F-127 - Even Enabling Condition/common/FT_Create_Case_EventEnablingCondition_NotMatch.td.json +++ b/src/aat/resources/features/F-127 - Even Enabling Condition/common/FT_Create_Case_EventEnablingCondition_NotMatch.td.json @@ -12,8 +12,7 @@ ], "user": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_BEFTA_MASTER_CASEWORKER_PWD]]" + "_extends_": "BeftaMasterCaseworker" }, "request": { diff --git a/src/aat/resources/features/F-127 - Even Enabling Condition/common/S-127-GetToken_CaseCreate.td.json b/src/aat/resources/features/F-127 - Even Enabling Condition/common/S-127-GetToken_CaseCreate.td.json index eab08be414..3acbbb0511 100644 --- a/src/aat/resources/features/F-127 - Even Enabling Condition/common/S-127-GetToken_CaseCreate.td.json +++ b/src/aat/resources/features/F-127 - Even Enabling Condition/common/S-127-GetToken_CaseCreate.td.json @@ -16,8 +16,7 @@ }, "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_BEFTA_MASTER_CASEWORKER_PWD]]" + "_extends_": "BeftaMasterCaseworker" } }, diff --git a/src/aat/resources/features/F-128 - Dynamic Lists/F-128_Test_Data_Base.td.json b/src/aat/resources/features/F-128 - Dynamic Lists/F-128_Test_Data_Base.td.json index a02d9d67b3..a438907ace 100644 --- a/src/aat/resources/features/F-128 - Dynamic Lists/F-128_Test_Data_Base.td.json +++ b/src/aat/resources/features/F-128 - Dynamic Lists/F-128_Test_Data_Base.td.json @@ -10,13 +10,11 @@ ], "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, "user": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" }, "request": { diff --git a/src/aat/resources/features/F-130 - AC CRUD external createCase/F-130.feature b/src/aat/resources/features/F-130 - AC CRUD external createCase/F-130.feature index 5d96c9e04b..91aa2d9066 100644 --- a/src/aat/resources/features/F-130 - AC CRUD external createCase/F-130.feature +++ b/src/aat/resources/features/F-130 - AC CRUD external createCase/F-130.feature @@ -49,7 +49,7 @@ Feature: F-130: Create Case External API CRUD Tests @S-130.7 Scenario: User submits case creation with no CaseType R Access does not return the case after successful case creation Given a user with [an active profile in CCD] - And a successful call [to create a token for case creation] as in [S-130.1_Get_Event_Trigger] + And a successful call [to create a token for case creation] as in [S-130.7_Get_Event_Trigger] When a request is prepared with appropriate values, And it is submitted to call the [external create case] operation of [CCD Data Store], Then a positive response is received diff --git a/src/aat/resources/features/F-130 - AC CRUD external createCase/F-130_Get_Event_Token_Base.td.json b/src/aat/resources/features/F-130 - AC CRUD external createCase/F-130_Get_Event_Token_Base.td.json index f85b7a0f1e..2c27b29a7e 100644 --- a/src/aat/resources/features/F-130 - AC CRUD external createCase/F-130_Get_Event_Token_Base.td.json +++ b/src/aat/resources/features/F-130 - AC CRUD external createCase/F-130_Get_Event_Token_Base.td.json @@ -5,7 +5,7 @@ "operationName": "Start event creation as Case worker", "method": "GET", - "uri": "/case-types/FT_CRUD/event-triggers/{etid}", + "uri": "/case-types/{cid}/event-triggers/{etid}", "specs": [ "to create a token for case creation" @@ -13,7 +13,7 @@ "users": { "invokingUser": { - "_extends_": "BeftaCaseworker1" + "_extends_": "BeftaMasterCaseworker" } }, @@ -23,6 +23,7 @@ "Experimental" : "true" }, "pathVariables": { + "cid": "FT_CRUD", "etid": "createCase" } }, @@ -45,7 +46,7 @@ "jurisdiction" : "BEFTA_MASTER", "state" : null, "version" : null, - "case_type_id" : "FT_CRUD", + "case_type_id" : "${[scenarioContext][testData][request][pathVariables][cid]}", "created_date" : null, "last_modified" : null, "last_state_modified_date" : null, diff --git a/src/aat/resources/features/F-130 - AC CRUD external createCase/F-130_Test_Data_Base.td.json b/src/aat/resources/features/F-130 - AC CRUD external createCase/F-130_Test_Data_Base.td.json index 750d95db52..638949c838 100644 --- a/src/aat/resources/features/F-130 - AC CRUD external createCase/F-130_Test_Data_Base.td.json +++ b/src/aat/resources/features/F-130 - AC CRUD external createCase/F-130_Test_Data_Base.td.json @@ -12,8 +12,7 @@ "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, diff --git a/src/aat/resources/features/F-130 - AC CRUD external createCase/S-130.7.td.json b/src/aat/resources/features/F-130 - AC CRUD external createCase/S-130.7.td.json index 3739f12e56..704901d32b 100644 --- a/src/aat/resources/features/F-130 - AC CRUD external createCase/S-130.7.td.json +++ b/src/aat/resources/features/F-130 - AC CRUD external createCase/S-130.7.td.json @@ -18,7 +18,7 @@ "event": { "id": "createCase" }, - "event_token": "${[scenarioContext][childContexts][S-130.1_Get_Event_Trigger][testData][actualResponse][body][token]}", + "event_token": "${[scenarioContext][childContexts][S-130.7_Get_Event_Trigger][testData][actualResponse][body][token]}", "event_data": { "TextField": "value1" } diff --git a/src/aat/resources/features/F-130 - AC CRUD external createCase/S-130.7_Get_Event_Trigger.td.json b/src/aat/resources/features/F-130 - AC CRUD external createCase/S-130.7_Get_Event_Trigger.td.json new file mode 100644 index 0000000000..fb0b75292e --- /dev/null +++ b/src/aat/resources/features/F-130 - AC CRUD external createCase/S-130.7_Get_Event_Trigger.td.json @@ -0,0 +1,10 @@ +{ + "_guid_" : "S-130.7_Get_Event_Trigger", + "_extends_" : "F-130_Get_Event_Token_Base", + + "request": { + "pathVariables": { + "cid": "FT_CRUD_2" + } + } +} diff --git a/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131.5_CreateCase.td.json b/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131.5_CreateCase.td.json index d8aad3309f..6791933705 100644 --- a/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131.5_CreateCase.td.json +++ b/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131.5_CreateCase.td.json @@ -10,8 +10,7 @@ "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, diff --git a/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131_CreateCase.td.json b/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131_CreateCase.td.json index 3baec1cce4..ff27e8601a 100644 --- a/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131_CreateCase.td.json +++ b/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131_CreateCase.td.json @@ -12,8 +12,7 @@ "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, diff --git a/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131_Test_Data_Base.td.json b/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131_Test_Data_Base.td.json index e2b9c90034..41d92dc89e 100644 --- a/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131_Test_Data_Base.td.json +++ b/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131_Test_Data_Base.td.json @@ -12,8 +12,7 @@ "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, diff --git a/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131_Token_Creation_Base.td.json b/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131_Token_Creation_Base.td.json index 8c2e7c1183..2440878972 100644 --- a/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131_Token_Creation_Base.td.json +++ b/src/aat/resources/features/F-131 - AC CRUD external createEvent/F-131_Token_Creation_Base.td.json @@ -15,8 +15,7 @@ "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, diff --git a/src/aat/resources/features/F-131 - AC CRUD external createEvent/S-131.5_CreateCase_Token_Creation.td.json b/src/aat/resources/features/F-131 - AC CRUD external createEvent/S-131.5_CreateCase_Token_Creation.td.json index 8098d04395..78da47934e 100644 --- a/src/aat/resources/features/F-131 - AC CRUD external createEvent/S-131.5_CreateCase_Token_Creation.td.json +++ b/src/aat/resources/features/F-131 - AC CRUD external createEvent/S-131.5_CreateCase_Token_Creation.td.json @@ -14,7 +14,7 @@ "users": { "invokingUser": { - "_extends_": "BeftaCaseworker1" + "_extends_": "BeftaMasterCaseworker" } }, diff --git a/src/aat/resources/features/F-132 - AC CRUD external getEvent/F-132.2.td.json b/src/aat/resources/features/F-132 - AC CRUD external getEvent/F-132.2.td.json index 836e68dfe4..6319fb9f28 100644 --- a/src/aat/resources/features/F-132 - AC CRUD external getEvent/F-132.2.td.json +++ b/src/aat/resources/features/F-132 - AC CRUD external getEvent/F-132.2.td.json @@ -14,8 +14,7 @@ "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, diff --git a/src/aat/resources/features/F-132 - AC CRUD external getEvent/F-132_Event_Creation_Base.td.json b/src/aat/resources/features/F-132 - AC CRUD external getEvent/F-132_Event_Creation_Base.td.json index 51b41c062a..b6076c74ce 100644 --- a/src/aat/resources/features/F-132 - AC CRUD external getEvent/F-132_Event_Creation_Base.td.json +++ b/src/aat/resources/features/F-132 - AC CRUD external getEvent/F-132_Event_Creation_Base.td.json @@ -13,8 +13,7 @@ "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, diff --git a/src/aat/resources/features/F-132 - AC CRUD external getEvent/F-132_Token_Creation_Base.td.json b/src/aat/resources/features/F-132 - AC CRUD external getEvent/F-132_Token_Creation_Base.td.json index 7b2f819238..7672367eca 100644 --- a/src/aat/resources/features/F-132 - AC CRUD external getEvent/F-132_Token_Creation_Base.td.json +++ b/src/aat/resources/features/F-132 - AC CRUD external getEvent/F-132_Token_Creation_Base.td.json @@ -15,8 +15,7 @@ "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, diff --git a/src/aat/resources/features/F-134 - AC CRUD internal jurisdictions/F-134_Test_Data_Base.td.json b/src/aat/resources/features/F-134 - AC CRUD internal jurisdictions/F-134_Test_Data_Base.td.json index 603fcc7694..40b01694dc 100644 --- a/src/aat/resources/features/F-134 - AC CRUD internal jurisdictions/F-134_Test_Data_Base.td.json +++ b/src/aat/resources/features/F-134 - AC CRUD internal jurisdictions/F-134_Test_Data_Base.td.json @@ -18,8 +18,7 @@ "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, diff --git a/src/aat/resources/features/F-138 - AC CRUD internal case-history/F-138_CreateCase_Token_Creation.td.json b/src/aat/resources/features/F-138 - AC CRUD internal case-history/F-138_CreateCase_Token_Creation.td.json index b271a798f2..b021a81bdc 100644 --- a/src/aat/resources/features/F-138 - AC CRUD internal case-history/F-138_CreateCase_Token_Creation.td.json +++ b/src/aat/resources/features/F-138 - AC CRUD internal case-history/F-138_CreateCase_Token_Creation.td.json @@ -13,7 +13,7 @@ "users": { "invokingUser": { - "_extends_": "BeftaCaseworker1" + "_extends_": "BeftaCaseworkerCaa" } }, diff --git a/src/aat/resources/features/F-138 - AC CRUD internal case-history/F-138_Test_Data_Base.td.json b/src/aat/resources/features/F-138 - AC CRUD internal case-history/F-138_Test_Data_Base.td.json index ccbf9cf5df..86b6836b04 100644 --- a/src/aat/resources/features/F-138 - AC CRUD internal case-history/F-138_Test_Data_Base.td.json +++ b/src/aat/resources/features/F-138 - AC CRUD internal case-history/F-138_Test_Data_Base.td.json @@ -11,8 +11,7 @@ "users": { "invokingUser": { - "username": "master.caseworker@gmail.com", - "password": "[[$CCD_CASEWORKER_AUTOTEST_PASSWORD]]" + "_extends_": "BeftaMasterCaseworker" } }, diff --git a/src/aat/resources/features/F-139 - AC CRUD internal case view/F-139_CreateCase_Token_Creation.td.json b/src/aat/resources/features/F-139 - AC CRUD internal case view/F-139_CreateCase_Token_Creation.td.json new file mode 100644 index 0000000000..32863ec3bd --- /dev/null +++ b/src/aat/resources/features/F-139 - AC CRUD internal case view/F-139_CreateCase_Token_Creation.td.json @@ -0,0 +1,65 @@ +{ + "_guid_": "F-139_CreateCase_Token_Creation", + + "productName": "CCD Data Store", + "operationName": "Start event creation as Case worker", + + "method": "GET", + "uri": "/case-types/FT_CRUD/event-triggers/{etid}", + + "specs": [ + "to create a token for case creation" + ], + + "users": { + "invokingUser": { + "_extends_": "BeftaMasterCaseworker" + } + }, + + "request": { + "headers":{ + "_extends_": "Common_Request_Headers", + "Experimental" : "true" + }, + "pathVariables": { + "etid": "createCase" + } + }, + + "expectedResponse": { + "_extends_": "Common_200_Response", + "headers" : { + "Content-Encoding" : "gzip", + "Content-Length": "[[ANYTHING_PRESENT]]" + }, + "body" : { + "token" : "[[ANYTHING_PRESENT]]", + "_links": { + "self": { + "href": "[[ANYTHING_PRESENT]]" + } + }, + "case_details" : { + "id" : null, + "jurisdiction" : "BEFTA_MASTER", + "state" : null, + "version" : null, + "case_type_id" : "FT_CRUD", + "created_date" : null, + "last_modified" : null, + "last_state_modified_date" : null, + "security_classification" : null, + "case_data" : { }, + "data_classification": {}, + "supplementary_data": null, + "after_submit_callback_response" : null, + "callback_response_status_code" : null, + "callback_response_status" : null, + "delete_draft_response_status_code" : null, + "delete_draft_response_status" : null + }, + "event_id" : "createCase" + } + } +} diff --git a/src/aat/resources/features/F-139 - AC CRUD internal case view/S-139.2_CreateCase.td.json b/src/aat/resources/features/F-139 - AC CRUD internal case view/S-139.2_CreateCase.td.json index 660d38b967..d80335f42b 100644 --- a/src/aat/resources/features/F-139 - AC CRUD internal case view/S-139.2_CreateCase.td.json +++ b/src/aat/resources/features/F-139 - AC CRUD internal case view/S-139.2_CreateCase.td.json @@ -1,10 +1,85 @@ { "_guid_": "S-139.2_CreateCase", - "_extends_": "F-131_CreateCase", + + "productName": "CCD Data Store", + "operationName": "external create case", + "method": "POST", + "uri": "/case-types/{ctid}/cases", + + "specs" : [ + "to create a full case" + ], + + "users": { + "invokingUser": { + "_extends_": "BeftaMasterCaseworker" + } + }, "request": { + "_extends_": "Common_Request", + "pathVariables": { + "ctid": "FT_CRUD" + }, + "headers": { + "experimental": true + }, "body": { - "event_token": "${[scenarioContext][parentContext][childContexts][S-139.2_CreateCase_Token_Creation][testData][actualResponse][body][token]}" + "data": { + "TextField": "value1", + "TextField2": "value2" + }, + "event": { + "id": "createCase", + "summary": "", + "description": "" + }, + "event_token": "${[scenarioContext][parentContext][childContexts][S-139.2_CreateCase_Token_Creation][testData][actualResponse][body][token]}", + "event_data": { + "TextField": "value1", + "TextField2": "value2" + }, + "ignore_warning": false + } + }, + + "expectedResponse": { + "_extends_": "Common_201_Response", + "headers": { + "Content-Length": "[[ANY_NULLABLE]]", + "Content-Encoding": "[[ANY_NULLABLE]]", + "Content-Type": "application/vnd.uk.gov.hmcts.ccd-data-store-api.create-case.v2+json;charset=UTF-8", + "Connection": "[[ANYTHING_PRESENT]]", + "Keep-Alive": "[[ANYTHING_PRESENT]]", + "Transfer-Encoding": "[[ANYTHING_PRESENT]]", + "Strict-Transport-Security": "[[ANY_NULLABLE]]" + }, + "body" : { + "_links": { + "self": { + "href": "[[ANYTHING_PRESENT]]" + } + }, + "id": "[[ANYTHING_PRESENT]]", + "jurisdiction": "BEFTA_MASTER", + "case_type": "FT_CRUD", + "created_on": "[[ANYTHING_PRESENT]]", + "last_modified_on": "[[ANYTHING_PRESENT]]", + "last_state_modified_on": "[[ANYTHING_PRESENT]]", + "state": "CaseCreated", + "security_classification": "PUBLIC", + "data": { + "TextField": "value1" + }, + "data_classification": { + "TextField": "PUBLIC" + }, + "after_submit_callback_response": null, + "callback_response_status_code": null, + "callback_response_status": null, + "delete_draft_response_status_code": null, + "delete_draft_response_status": null } } + } diff --git a/src/aat/resources/features/F-139 - AC CRUD internal case view/S-139.2_CreateCase_Token_Creation.td.json b/src/aat/resources/features/F-139 - AC CRUD internal case view/S-139.2_CreateCase_Token_Creation.td.json index e998535003..8ddf7d1eb2 100644 --- a/src/aat/resources/features/F-139 - AC CRUD internal case view/S-139.2_CreateCase_Token_Creation.td.json +++ b/src/aat/resources/features/F-139 - AC CRUD internal case view/S-139.2_CreateCase_Token_Creation.td.json @@ -1,4 +1,4 @@ { "_guid_": "S-139.2_CreateCase_Token_Creation", - "_extends_": "F-138_CreateCase_Token_Creation" + "_extends_": "F-139_CreateCase_Token_Creation" } diff --git a/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/F-140.feature b/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/F-140.feature index 9366196399..0db267b8af 100644 --- a/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/F-140.feature +++ b/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/F-140.feature @@ -118,7 +118,7 @@ Feature: F-140: CategoriesAndDocument endpoint @S-140.9 #AC9 Scenario: No Categories defined in Categories tab, no categories assigned to Document - Return the hierarchy with ALL documents in the "unCategorisedDocuments" element. - Given a case that has just been created as in [F-140_CreateCase_NoCategories], + Given a case that has just been created as in [S-140.9_CreateCase_NoCategories], And a user with [an active profile in CCD and has read access permissions for all the Document fields], And [a case definition with Document fields in CaseField tab and ComplexTab exist *without* the category Id for case type CT1] in the context, And [a case definition with Collection of Document fields in CaseField tab and ComplexTab exist with the category Id for case type CT1] in the context, diff --git a/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.2_CreateCase_Token_Creation.td.json b/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.2_CreateCase_Token_Creation.td.json index 2723e0ff87..891bc0b629 100644 --- a/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.2_CreateCase_Token_Creation.td.json +++ b/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.2_CreateCase_Token_Creation.td.json @@ -4,7 +4,7 @@ "users": { "invokingUser": { - "_extends_": "BeftaCaseworker2Solicitor2" + "_extends_": "BeftaCaseworkerCaa" } }, diff --git a/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.9.td.json b/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.9.td.json index cc3ade4bd3..b12c2f3a4b 100644 --- a/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.9.td.json +++ b/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.9.td.json @@ -21,7 +21,7 @@ "request": { "_extends_": "Common_Request", "pathVariables": { - "cid": "${[scenarioContext][childContexts][F-140_CreateCase_NoCategories][testData][actualResponse][body][id]}" + "cid": "${[scenarioContext][childContexts][S-140.9_CreateCase_NoCategories][testData][actualResponse][body][id]}" } }, diff --git a/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.9_CreateCase_NoCategories.td.json b/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.9_CreateCase_NoCategories.td.json new file mode 100644 index 0000000000..09203bf6e8 --- /dev/null +++ b/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.9_CreateCase_NoCategories.td.json @@ -0,0 +1,86 @@ +{ + "_guid_": "S-140.9_CreateCase_NoCategories", + "productName": "CCD Data Store", + "operationName": "external create case", + "method": "POST", + "uri": "/case-types/{ctid}/cases", + "specs": [ + "to create a full case" + ], + "prerequisites": [ + { + "Token_Creation": "S-140.9_CreateCase_Token_Creation" + } + ], + "users": { + "invokingUser": { + "_extends_": "BeftaCaseworker2Solicitor2" + } + }, + "request": { + "_extends_": "Common_Request", + "pathVariables": { + "ctid": "BEFTA_CASETYPE_2_1" + }, + "headers": { + "experimental": true + }, + "body": { + "data": { + "DocumentField1": { + "document_url": "${[scenarioContext][siblingContexts][F-140_Document_Upload][testData][actualResponse][body][documents][0][_links][self][href]}", + "document_binary_url": "${[scenarioContext][siblingContexts][F-140_Document_Upload][testData][actualResponse][body][documents][0][_links][binary][href]}", + "document_filename": "${[scenarioContext][siblingContexts][F-140_Document_Upload][testData][actualResponse][body][documents][0][originalDocumentName]}" + } + }, + "event": { + "id": "CREATE" + }, + "event_token": "${[scenarioContext][childContexts][Token_Creation][testData][actualResponse][body][token]}", + "ignore_warning": false + } + }, + "expectedResponse": { + "_extends_": "Common_201_Response", + "headers": { + "Content-Length": "[[ANY_NULLABLE]]", + "Content-Encoding": "[[ANY_NULLABLE]]", + "Content-Type": "application/vnd.uk.gov.hmcts.ccd-data-store-api.create-case.v2+json;charset=UTF-8", + "Connection": "[[ANYTHING_PRESENT]]", + "Keep-Alive": "[[ANYTHING_PRESENT]]", + "Transfer-Encoding": "[[ANYTHING_PRESENT]]", + "Strict-Transport-Security": "[[ANY_NULLABLE]]" + }, + "body": { + "_links": { + "self": { + "href": "[[ANYTHING_PRESENT]]" + } + }, + "id": "[[ANYTHING_PRESENT]]", + "jurisdiction": "BEFTA_JURISDICTION_2", + "case_type": "BEFTA_CASETYPE_2_1", + "created_on": "[[ANYTHING_PRESENT]]", + "last_modified_on": "[[ANYTHING_PRESENT]]", + "last_state_modified_on": "[[ANYTHING_PRESENT]]", + "state": "TODO", + "security_classification": "PUBLIC", + "data": { + "DocumentField1": { + "document_url": "${[scenarioContext][siblingContexts][F-140_Document_Upload][testData][actualResponse][body][documents][0][_links][self][href]}", + "document_binary_url": "${[scenarioContext][siblingContexts][F-140_Document_Upload][testData][actualResponse][body][documents][0][_links][binary][href]}", + "document_filename": "${[scenarioContext][siblingContexts][F-140_Document_Upload][testData][actualResponse][body][documents][0][originalDocumentName]}", + "upload_timestamp": "[[ANYTHING_PRESENT]]" + } + }, + "data_classification": { + "DocumentField1": "PUBLIC" + }, + "after_submit_callback_response": null, + "callback_response_status_code": null, + "callback_response_status": null, + "delete_draft_response_status_code": null, + "delete_draft_response_status": null + } + } +} diff --git a/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.9_CreateCase_Token_Creation.td.json b/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.9_CreateCase_Token_Creation.td.json new file mode 100644 index 0000000000..c9645a3159 --- /dev/null +++ b/src/aat/resources/features/F-140 - CategoriesAndDocument endpoint/S-140.9_CreateCase_Token_Creation.td.json @@ -0,0 +1,67 @@ +{ + "_guid_": "S-140.9_CreateCase_Token_Creation", + + "productName": "CCD Data Store", + "operationName": "Start event creation as Case worker", + + "method": "GET", + "uri": "/case-types/{ctid}/event-triggers/{etid}", + + "specs": [ + "to create a token for case creation", + "As a prerequisite" + ], + + "users": { + "invokingUser": { + "_extends_": "BeftaCaseworker2Solicitor2" + } + }, + + "request": { + "headers":{ + "_extends_": "Common_Request_Headers", + "Experimental" : "true" + }, + "pathVariables": { + "etid": "CREATE", + "ctid": "BEFTA_CASETYPE_2_1" + } + }, + + "expectedResponse": { + "_extends_": "Common_200_Response", + "headers" : { + "Content-Encoding" : "gzip", + "Content-Length": "[[ANYTHING_PRESENT]]" + }, + "body" : { + "token" : "[[ANYTHING_PRESENT]]", + "_links": { + "self": { + "href": "[[ANYTHING_PRESENT]]" + } + }, + "case_details" : { + "id" : null, + "jurisdiction" : "BEFTA_JURISDICTION_2", + "state" : null, + "version" : null, + "case_type_id" : "BEFTA_CASETYPE_2_1", + "created_date" : null, + "last_modified" : null, + "last_state_modified_date" : null, + "security_classification" : null, + "case_data" : { }, + "data_classification": {}, + "supplementary_data": null, + "after_submit_callback_response" : null, + "callback_response_status_code" : null, + "callback_response_status" : null, + "delete_draft_response_status_code" : null, + "delete_draft_response_status" : null + }, + "event_id" : "CREATE" + } + } +} diff --git a/src/aat/resources/features/F-141 - documentData endpoint/S-141.12_CreateCase.td.json b/src/aat/resources/features/F-141 - documentData endpoint/S-141.12_CreateCase.td.json index 6cc7b40e0f..2432bdb471 100644 --- a/src/aat/resources/features/F-141 - documentData endpoint/S-141.12_CreateCase.td.json +++ b/src/aat/resources/features/F-141 - documentData endpoint/S-141.12_CreateCase.td.json @@ -10,7 +10,7 @@ ], "prerequisites" : [ { - "Token_Creation": "F-141_CreateCase_Token_Creation" + "Token_Creation": "S-141.12_CreateCase_Token_Creation" } ], diff --git a/src/aat/resources/features/F-141 - documentData endpoint/S-141.12_CreateCase_Token_Creation.td.json b/src/aat/resources/features/F-141 - documentData endpoint/S-141.12_CreateCase_Token_Creation.td.json new file mode 100644 index 0000000000..d13cc2f876 --- /dev/null +++ b/src/aat/resources/features/F-141 - documentData endpoint/S-141.12_CreateCase_Token_Creation.td.json @@ -0,0 +1,67 @@ +{ + "_guid_": "S-141.12_CreateCase_Token_Creation", + + "productName": "CCD Data Store", + "operationName": "Start event creation as Case worker", + + "method": "GET", + "uri": "/case-types/{ctid}/event-triggers/{etid}", + + "specs": [ + "to create a token for case creation", + "As a prerequisite" + ], + + "users": { + "invokingUser": { + "_extends_": "BeftaMasterCaseworker" + } + }, + + "request": { + "headers":{ + "_extends_": "Common_Request_Headers", + "Experimental" : "true" + }, + "pathVariables": { + "etid": "CREATE", + "ctid": "FT_CaseFileView_2" + } + }, + + "expectedResponse": { + "_extends_": "Common_200_Response", + "headers" : { + "Content-Encoding" : "gzip", + "Content-Length": "[[ANYTHING_PRESENT]]" + }, + "body" : { + "token" : "[[ANYTHING_PRESENT]]", + "_links": { + "self": { + "href": "[[ANYTHING_PRESENT]]" + } + }, + "case_details" : { + "id" : null, + "jurisdiction" : "BEFTA_MASTER", + "state" : null, + "version" : null, + "case_type_id" : "FT_CaseFileView_2", + "created_date" : null, + "last_modified" : null, + "last_state_modified_date" : null, + "security_classification" : null, + "case_data" : { }, + "data_classification": {}, + "supplementary_data": null, + "after_submit_callback_response" : null, + "callback_response_status_code" : null, + "callback_response_status" : null, + "delete_draft_response_status_code" : null, + "delete_draft_response_status" : null + }, + "event_id" : "CREATE" + } + } +} diff --git a/src/aat/resources/features/F-141 - documentData endpoint/S-141.2_CreateCase_Token_Creation.td.json b/src/aat/resources/features/F-141 - documentData endpoint/S-141.2_CreateCase_Token_Creation.td.json index af9ccf48f5..061e000245 100644 --- a/src/aat/resources/features/F-141 - documentData endpoint/S-141.2_CreateCase_Token_Creation.td.json +++ b/src/aat/resources/features/F-141 - documentData endpoint/S-141.2_CreateCase_Token_Creation.td.json @@ -4,7 +4,7 @@ "users": { "invokingUser": { - "_extends_": "BeftaCaseworker2Solicitor2" + "_extends_": "BeftaCaseworkerCaa" } }, diff --git a/src/aat/resources/features/common/case/befta_new/Befta_Case_Creation_Base_Data.td.json b/src/aat/resources/features/common/case/befta_new/Befta_Case_Creation_Base_Data.td.json index afa5bf8c58..96e8493ae2 100644 --- a/src/aat/resources/features/common/case/befta_new/Befta_Case_Creation_Base_Data.td.json +++ b/src/aat/resources/features/common/case/befta_new/Befta_Case_Creation_Base_Data.td.json @@ -24,7 +24,7 @@ "summary": "", "description": "" }, - "event_token": "${[scenarioContext][parentContext][childContexts][Standard_Token_Creation_Data_For_Case_Creation][testData][actualResponse][body][token]}", + "event_token": "${[scenarioContext][parentContext][childContexts][Befta_Default_Full_Case_Creation_Data_Token_Creation][testData][actualResponse][body][token]}", "ignore_warning": false, "draft_id": null } diff --git a/src/aat/resources/features/common/case/befta_new/Befta_Default_Full_Case_Creation_Data_Token_Creation.td.json b/src/aat/resources/features/common/case/befta_new/Befta_Default_Full_Case_Creation_Data_Token_Creation.td.json new file mode 100644 index 0000000000..48a61dc65a --- /dev/null +++ b/src/aat/resources/features/common/case/befta_new/Befta_Default_Full_Case_Creation_Data_Token_Creation.td.json @@ -0,0 +1,62 @@ +{ + "_guid_": "Befta_Default_Full_Case_Creation_Data_Token_Creation", + + "productName": "CCD Data Store", + "operationName": "Start event creation as Case worker", + + "method": "GET", + "uri": "/caseworkers/{uid}/jurisdictions/{jid}/case-types/{ctid}/event-triggers/{etid}/token", + + "specs": [ + "to create a token for case creation" + ], + + "users": { + "invokingUser": { + "_extends_": "BeftaCaseworker1" + } + }, + + "request": { + "headers": { + "_extends_": "Common_Request_Headers" + }, + "pathVariables": { + "uid": "[[DEFAULT_AUTO_VALUE]]", + "jid": "BEFTA_JURISDICTION_1", + "ctid": "BEFTA_CASETYPE_1_1", + "etid": "CREATE" + } + }, + + "expectedResponse": { + "_extends_": "Common_200_Response", + "headers": { + "Content-Encoding": "gzip", + "Content-Length": "[[ANY_INTEGER_NOT_NULLABLE]]" + }, + "body": { + "token": "[[ANY_STRING_NOT_NULLABLE]]", + "case_details": { + "id": null, + "jurisdiction": "[[ANYTHING_PRESENT]]", + "state": null, + "version": null, + "case_type_id": "[[ANYTHING_PRESENT]]", + "created_date": null, + "last_modified": null, + "last_state_modified_date": null, + "security_classification": null, + "case_data": {}, + "data_classification": {}, + "supplementary_data": null, + "after_submit_callback_response": null, + "callback_response_status_code": null, + "callback_response_status": null, + "delete_draft_response_status_code": null, + "delete_draft_response_status": null + }, + "event_id": "CREATE" + } + } +} diff --git a/src/main/java/uk/gov/hmcts/ccd/ApplicationParams.java b/src/main/java/uk/gov/hmcts/ccd/ApplicationParams.java index 1f730a41df..97d0f32299 100644 --- a/src/main/java/uk/gov/hmcts/ccd/ApplicationParams.java +++ b/src/main/java/uk/gov/hmcts/ccd/ApplicationParams.java @@ -233,6 +233,9 @@ public class ApplicationParams { @Value("${enable-case-group-access-filtering}") private boolean enableCaseGroupAccessFiltering; + @Value("${token.claim.validation.enabled}") + private boolean validateTokenClaims; + public static String encode(final String stringToEncode) { try { return URLEncoder.encode(stringToEncode, "UTF-8"); @@ -634,4 +637,9 @@ public void setCaseGroupAccessFilteringEnabled(boolean enableCaseGroupAccessFilt public List getUploadTimestampFeaturedCaseTypes() { return uploadTimestampFeaturedCaseTypes; } + + public boolean isValidateTokenClaims() { + return validateTokenClaims; + } + } diff --git a/src/main/java/uk/gov/hmcts/ccd/CachingConfiguration.java b/src/main/java/uk/gov/hmcts/ccd/CachingConfiguration.java deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/src/main/java/uk/gov/hmcts/ccd/domain/service/callbacks/EventTokenService.java b/src/main/java/uk/gov/hmcts/ccd/domain/service/callbacks/EventTokenService.java index c8eceba627..0a431e822f 100644 --- a/src/main/java/uk/gov/hmcts/ccd/domain/service/callbacks/EventTokenService.java +++ b/src/main/java/uk/gov/hmcts/ccd/domain/service/callbacks/EventTokenService.java @@ -13,6 +13,7 @@ import uk.gov.hmcts.ccd.infrastructure.RandomKeyGenerator; import java.util.Date; +import java.util.Optional; import com.google.common.collect.Maps; import io.jsonwebtoken.Claims; @@ -35,6 +36,8 @@ public class EventTokenService { private final RandomKeyGenerator randomKeyGenerator; private final String tokenSecret; private final CaseService caseService; + private final boolean isValidateTokenClaims; + @Autowired public EventTokenService(final RandomKeyGenerator randomKeyGenerator, @@ -42,6 +45,7 @@ public EventTokenService(final RandomKeyGenerator randomKeyGenerator, final CaseService caseService) { this.randomKeyGenerator = randomKeyGenerator; this.tokenSecret = applicationParams.getTokenSecret(); + this.isValidateTokenClaims = applicationParams.isValidateTokenClaims(); this.caseService = caseService; } @@ -90,7 +94,7 @@ public EventTokenProperties parseToken(final String token) { toString(claims.get(EventTokenProperties.ENTITY_VERSION))); } catch (ExpiredJwtException | SignatureException e) { - throw new EventTokenException(e.getMessage()); + throw new EventTokenException("Token is not valid"); } } @@ -112,30 +116,38 @@ public void validateToken(final String token, throw new BadRequestException("Missing start trigger token"); } - try { - final EventTokenProperties eventTokenProperties = parseToken(token); - - if (!(eventTokenProperties.getEventId() == null - || eventTokenProperties.getEventId().equalsIgnoreCase(event.getId()) - && eventTokenProperties.getCaseId() == null - || eventTokenProperties.getCaseId().equalsIgnoreCase(caseDetails.getId().toString()) - && eventTokenProperties.getJurisdictionId() == null - || eventTokenProperties.getJurisdictionId().equalsIgnoreCase(jurisdictionDefinition.getId()) - && eventTokenProperties.getCaseTypeId() == null - || eventTokenProperties.getCaseTypeId().equalsIgnoreCase(caseTypeDefinition.getId()) - && eventTokenProperties.getUid() == null - || eventTokenProperties.getUid().equalsIgnoreCase(uid))) { - throw new ResourceNotFoundException("Cannot find matching start trigger"); - } - - if (eventTokenProperties.getEntityVersion() != null) { - caseDetails.setVersion(Integer.parseInt(eventTokenProperties.getEntityVersion())); - } - } catch (EventTokenException e) { - throw new SecurityException("Token is not valid"); + final EventTokenProperties eventTokenProperties = parseToken(token); + + if (isValidateTokenClaims && !isTokenPropertiesMatching(eventTokenProperties, uid, caseDetails, event, + jurisdictionDefinition, + caseTypeDefinition)) { + throw new ResourceNotFoundException("Cannot find matching start trigger"); + } + + if (eventTokenProperties.getEntityVersion() != null) { + caseDetails.setVersion(Integer.parseInt(eventTokenProperties.getEntityVersion())); } } + private boolean isTokenPropertiesMatching(EventTokenProperties eventTokenProperties, + String uid, + CaseDetails caseDetails, + CaseEventDefinition event, + JurisdictionDefinition jurisdictionDefinition, + CaseTypeDefinition caseTypeDefinition) { + return isMatching(eventTokenProperties.getEventId(), event.getId()) + && isMatching(eventTokenProperties.getCaseId(), caseDetails.getId()) + && isMatching(eventTokenProperties.getJurisdictionId(), jurisdictionDefinition.getId()) + && isMatching(eventTokenProperties.getCaseTypeId(), caseTypeDefinition.getId()) + && isMatching(eventTokenProperties.getUid(), uid); + } + + private boolean isMatching(String tokenValue, String actualValue) { + return Optional.ofNullable(tokenValue) + .map(value -> value.equalsIgnoreCase(actualValue)) + .orElse(true); + } + /** * Convert to string. * diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index b23aa57281..7cffcdb7a5 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -290,3 +290,5 @@ reference.data.cache.refresh.rate.cron=0 0 4 * * ? definition-store.retry.maxAttempts=${DEFINITION_STORE_RETRY_MAX_ATTEMPTS:3} definition-store.retry.maxDelay=${DEFINITION_STORE_RETRY_MAX_DELAY:1000} + +token.claim.validation.enabled=${TOKEN_CLAIM_VALIDATION_ENABLED:false} diff --git a/src/test/java/uk/gov/hmcts/ccd/domain/service/callbacks/EventTokenServiceTest.java b/src/test/java/uk/gov/hmcts/ccd/domain/service/callbacks/EventTokenServiceTest.java new file mode 100644 index 0000000000..4aceb7af14 --- /dev/null +++ b/src/test/java/uk/gov/hmcts/ccd/domain/service/callbacks/EventTokenServiceTest.java @@ -0,0 +1,428 @@ +package uk.gov.hmcts.ccd.domain.service.callbacks; + +import org.junit.jupiter.api.AfterEach; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; + +import static org.junit.Assert.assertThrows; +import static org.mockito.Mockito.doReturn; +import static org.mockito.Mockito.never; +import static org.mockito.Mockito.spy; +import static org.mockito.Mockito.times; +import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.when; + +import org.mockito.InjectMocks; +import org.mockito.Mock; +import org.mockito.MockitoAnnotations; +import uk.gov.hmcts.ccd.ApplicationParams; +import uk.gov.hmcts.ccd.domain.model.callbacks.EventTokenProperties; +import uk.gov.hmcts.ccd.domain.model.definition.CaseDetails; +import uk.gov.hmcts.ccd.domain.model.definition.CaseEventDefinition; +import uk.gov.hmcts.ccd.domain.model.definition.CaseTypeDefinition; +import uk.gov.hmcts.ccd.domain.model.definition.JurisdictionDefinition; +import uk.gov.hmcts.ccd.endpoint.exceptions.BadRequestException; +import uk.gov.hmcts.ccd.endpoint.exceptions.ResourceNotFoundException; + +class EventTokenServiceTest { + + @InjectMocks + private EventTokenService eventTokenService; + + @Mock + private ApplicationParams applicationParams; + + @Mock + private CaseDetails caseDetails; + + @Mock + private CaseEventDefinition event; + + @Mock + private JurisdictionDefinition jurisdictionDefinition; + + @Mock + private CaseTypeDefinition caseTypeDefinition; + + private String token; + private String uid; + private EventTokenProperties eventTokenProperties; + + + private AutoCloseable openMocks; + + @BeforeEach + public void setUp() { + openMocks = MockitoAnnotations.openMocks(this); + token = "token"; + uid = "userId"; + + when(applicationParams.getTokenSecret()).thenReturn("secretKey"); + + eventTokenProperties = new EventTokenProperties( + uid, + "caseId", + "jurisdictionId", + "eventId", + "caseTypeId", + "version", + "caseState", + "1" + ); + } + + @Test + public void testValidateToken_NullToken() { + assertThrows(BadRequestException.class, () -> eventTokenService.validateToken(null,uid, caseDetails, + event, jurisdictionDefinition, caseTypeDefinition)); + } + + @Test + public void testValidateToken_EmptyToken() { + assertThrows(BadRequestException.class, () -> eventTokenService.validateToken("", uid, caseDetails, + event, jurisdictionDefinition, caseTypeDefinition)); + } + + @Test + public void testValidateToken_ValidTokenAllConditionsMet() { + EventTokenService spyEventTokenService = spy(eventTokenService); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + doReturn(eventTokenProperties).when(spyEventTokenService).parseToken(token); + + spyEventTokenService.validateToken(token, uid, caseDetails, event, jurisdictionDefinition, caseTypeDefinition); + + verify(caseDetails).setVersion(Integer.parseInt(eventTokenProperties.getEntityVersion())); + } + + @Test + public void testValidateToken_ValidTokenAllConditionsMetWithNullValues() { + EventTokenService spyEventTokenService = spy(eventTokenService); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + EventTokenProperties propertiesWithNull = new EventTokenProperties( + null, + null, + null, + null, + null, + "version", + "caseState", + "1" + ); + + doReturn(propertiesWithNull).when(spyEventTokenService).parseToken(token); + + spyEventTokenService.validateToken(token, uid, caseDetails, event, jurisdictionDefinition, caseTypeDefinition); + + verify(caseDetails).setVersion(Integer.parseInt(eventTokenProperties.getEntityVersion())); + } + + @Test + public void testValidateToken_ValidTokenConditionMetWithNullEventId() { + EventTokenService spyEventTokenService = spy(eventTokenService); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + EventTokenProperties eventTokenProperties = new EventTokenProperties( + uid, + "caseId", + "jurisdictionId", + null, + "caseTypeId", + "version", + "caseState", + "1" + ); + + doReturn(eventTokenProperties).when(spyEventTokenService).parseToken(token); + + spyEventTokenService.validateToken(token, uid, caseDetails, event, jurisdictionDefinition, caseTypeDefinition); + + verify(caseDetails).setVersion(Integer.parseInt(eventTokenProperties.getEntityVersion())); + } + + @Test + public void testValidateToken_ValidTokenConditionMetWithNullCaseId() { + EventTokenService spyEventTokenService = spy(eventTokenService); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + EventTokenProperties eventTokenProperties = new EventTokenProperties( + uid, + null, + "jurisdictionId", + "eventId", + "caseTypeId", + "version", + "caseState", + "1" + ); + + doReturn(eventTokenProperties).when(spyEventTokenService).parseToken(token); + + spyEventTokenService.validateToken(token, uid, caseDetails, event, jurisdictionDefinition, caseTypeDefinition); + + verify(caseDetails).setVersion(Integer.parseInt(eventTokenProperties.getEntityVersion())); + } + + @Test + public void testValidateToken_ValidTokenConditionMetWithNullJurisdictionId() { + EventTokenService spyEventTokenService = spy(eventTokenService); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + EventTokenProperties eventTokenProperties = new EventTokenProperties( + uid, + "caseId", + null, + "eventId", + "caseTypeId", + "version", + "caseState", + "1" + ); + + doReturn(eventTokenProperties).when(spyEventTokenService).parseToken(token); + + spyEventTokenService.validateToken(token, uid, caseDetails, event, jurisdictionDefinition, caseTypeDefinition); + + verify(caseDetails).setVersion(Integer.parseInt(eventTokenProperties.getEntityVersion())); + } + + @Test + public void testValidateToken_ValidTokenConditionMetWithNullCaseTypeId() { + EventTokenService spyEventTokenService = spy(eventTokenService); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + EventTokenProperties eventTokenProperties = new EventTokenProperties( + uid, + "caseId", + "jurisdictionId", + "eventId", + null, + "version", + "caseState", + "1" + ); + + doReturn(eventTokenProperties).when(spyEventTokenService).parseToken(token); + + spyEventTokenService.validateToken(token, uid, caseDetails, event, jurisdictionDefinition, caseTypeDefinition); + + verify(caseDetails).setVersion(Integer.parseInt(eventTokenProperties.getEntityVersion())); + } + + @Test + public void testValidateToken_ValidTokenConditionMetWithNullUid() { + EventTokenService spyEventTokenService = spy(eventTokenService); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + EventTokenProperties eventTokenProperties = new EventTokenProperties( + null, + "caseId", + "jurisdictionId", + "eventId", + "caseTypeId", + "version", + "caseState", + "1" + ); + + doReturn(eventTokenProperties).when(spyEventTokenService).parseToken(token); + + spyEventTokenService.validateToken(token, uid, caseDetails, event, jurisdictionDefinition, caseTypeDefinition); + + verify(caseDetails).setVersion(Integer.parseInt(eventTokenProperties.getEntityVersion())); + } + + @Test + public void testValidateToken_InvalidTokenConditionsEventIdNotMet() { + when(applicationParams.isValidateTokenClaims()).thenReturn(true); + EventTokenService spyEventTokenService = spy(new EventTokenService(null, + applicationParams, null)); + + when(event.getId()).thenReturn("differentEventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + doReturn(eventTokenProperties).when(spyEventTokenService).parseToken(token); + + assertThrows(ResourceNotFoundException.class, () -> spyEventTokenService.validateToken(token, uid, + caseDetails, event, jurisdictionDefinition, caseTypeDefinition)); + } + + @Test + public void testValidateToken_InvalidTokenConditionsCaseIdNotMet() { + when(applicationParams.isValidateTokenClaims()).thenReturn(true); + EventTokenService spyEventTokenService = spy(new EventTokenService(null, + applicationParams, null)); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("differentCaseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + doReturn(eventTokenProperties).when(spyEventTokenService).parseToken(token); + + assertThrows(ResourceNotFoundException.class, () -> spyEventTokenService.validateToken(token, uid, + caseDetails, event, jurisdictionDefinition, caseTypeDefinition)); + } + + @Test + public void testValidateToken_InvalidTokenConditionsJurisdictionIdNotMet() { + when(applicationParams.isValidateTokenClaims()).thenReturn(true); + EventTokenService spyEventTokenService = spy(new EventTokenService(null, + applicationParams, null)); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("differentJurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + doReturn(eventTokenProperties).when(spyEventTokenService).parseToken(token); + + assertThrows(ResourceNotFoundException.class, () -> spyEventTokenService.validateToken(token, uid, + caseDetails, event, jurisdictionDefinition, caseTypeDefinition)); + } + + @Test + public void testValidateToken_InvalidTokenConditionsCaseTypeIdNotMet() { + when(applicationParams.isValidateTokenClaims()).thenReturn(true); + EventTokenService spyEventTokenService = spy(new EventTokenService(null, + applicationParams, null)); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("differentCaseTypeId"); + + doReturn(eventTokenProperties).when(spyEventTokenService).parseToken(token); + + assertThrows(ResourceNotFoundException.class, () -> spyEventTokenService.validateToken(token, uid, + caseDetails, event, jurisdictionDefinition, caseTypeDefinition)); + } + + @Test + public void testValidateToken_InvalidTokenConditionsUidNotMet() { + when(applicationParams.isValidateTokenClaims()).thenReturn(true); + EventTokenService spyEventTokenService = spy(new EventTokenService(null, + applicationParams, null)); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + doReturn(eventTokenProperties).when(spyEventTokenService).parseToken(token); + + uid = "differentUid"; + assertThrows(ResourceNotFoundException.class, () -> spyEventTokenService.validateToken(token, uid, + caseDetails, event, jurisdictionDefinition, caseTypeDefinition)); + } + + @Test + public void testValidateToken_DoNothingWhenValidateClaimIsFalseForInvalidTokenConditionsUidNotMet() { + EventTokenService spyEventTokenService = spy(new EventTokenService(null, + applicationParams, null)); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + doReturn(eventTokenProperties).when(spyEventTokenService).parseToken(token); + + uid = "differentUid"; + + spyEventTokenService.validateToken(token, uid, caseDetails, event, jurisdictionDefinition, caseTypeDefinition); + + verify(spyEventTokenService, times(1)).parseToken(token); + verify(caseDetails, times(1)).setVersion(1); + } + + @Test + public void testValidateToken_NonNullEntityVersion() { + EventTokenService spyEventTokenService = spy(eventTokenService); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + EventTokenProperties propertiesWithVersion = new EventTokenProperties( + uid, + "caseId", + "jurisdictionId", + "eventId", + "caseTypeId", + "version", + "caseState", + "2" + ); + + doReturn(propertiesWithVersion).when(spyEventTokenService).parseToken(token); + + spyEventTokenService.validateToken(token, uid, caseDetails, event, jurisdictionDefinition, caseTypeDefinition); + + verify(caseDetails).setVersion(2); + } + + @Test + public void testValidateToken_NullEntityVersion() { + EventTokenService spyEventTokenService = spy(eventTokenService); + + when(event.getId()).thenReturn("eventId"); + when(caseDetails.getId()).thenReturn("caseId"); + when(jurisdictionDefinition.getId()).thenReturn("jurisdictionId"); + when(caseTypeDefinition.getId()).thenReturn("caseTypeId"); + + EventTokenProperties propertiesWithVersion = new EventTokenProperties( + uid, + "caseId", + "jurisdictionId", + "eventId", + "caseTypeId", + "version", + "caseState", + null + ); + + doReturn(propertiesWithVersion).when(spyEventTokenService).parseToken(token); + + spyEventTokenService.validateToken(token, uid, caseDetails, event, jurisdictionDefinition, caseTypeDefinition); + + verify(caseDetails, never()).setVersion(null); + } + + @AfterEach + public void tearDown() throws Exception { + openMocks.close(); + } +} diff --git a/src/test/java/uk/gov/hmcts/ccd/endpoint/std/CaseDetailsEndpointIT.java b/src/test/java/uk/gov/hmcts/ccd/endpoint/std/CaseDetailsEndpointIT.java index 8f39f546f3..a04ea8c3dc 100644 --- a/src/test/java/uk/gov/hmcts/ccd/endpoint/std/CaseDetailsEndpointIT.java +++ b/src/test/java/uk/gov/hmcts/ccd/endpoint/std/CaseDetailsEndpointIT.java @@ -66,10 +66,10 @@ import static org.hamcrest.CoreMatchers.is; import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.empty; +import static org.hamcrest.Matchers.emptyString; import static org.hamcrest.Matchers.equalTo; import static org.hamcrest.Matchers.hasProperty; import static org.hamcrest.Matchers.hasSize; -import static org.hamcrest.Matchers.isEmptyString; import static org.hamcrest.collection.IsIn.isIn; import static org.hamcrest.core.Every.everyItem; import static org.junit.Assert.assertEquals; @@ -230,7 +230,7 @@ private void shouldReturn201WithTTLWhenPostCreateCaseEventWithValidData(String u + urlPortionForCaseType + "/cases/" + caseReference + "/events"; final CaseDataContent caseDetailsToSave = newCaseDataContent().build(); caseDetailsToSave.setEvent(createEvent(TEST_EVENT_ID, SUMMARY, DESCRIPTION)); - final String token = generateEventToken(template, UID, JURISDICTION, urlPortionForCaseType, caseReference, + final String token = generateEventToken(template, UID, JURISDICTION, "TestAddressBookCaseTTL", caseReference, TEST_EVENT_ID); caseDetailsToSave.setToken(token); final JsonNode DATA = mapper.readTree("{" @@ -572,200 +572,201 @@ public void shouldGenerateCaseEventMessagingDefinition() throws Exception { assertEquals("Incorrect number of rows in messageQueue", 1, messageQueueList.size()); assertEquals(messageQueueList.get(0).getMessageInformation().get("AdditionalData").get("Definition"), - mapper.readTree("{\n" - + " \"OtherAlias\": {\n" - + " \"type\": \"SimpleNumber\",\n" - + " \"subtype\": \"Number\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"ComplexNestedField.NestedNumberField\"\n" - + " },\n" - + " \"NumberField\": {\n" - + " \"type\": \"SimpleNumber\",\n" - + " \"subtype\": \"Number\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"NumberField\"\n" - + " },\n" - + " \"ComplexField\": {\n" - + " \"type\": \"Complex\",\n" - + " \"subtype\": \"ComplexType\",\n" - + " \"typeDef\": {\n" - + " \"ComplexTextField\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"ComplexTextField\"\n" - + " },\n" - + " \"ComplexNestedField\": {\n" - + " \"type\": \"Complex\",\n" - + " \"subtype\": \"NestedComplexType\",\n" - + " \"typeDef\": {\n" - + " \"NestedNumberField\": {\n" - + " \"type\": \"SimpleNumber\",\n" - + " \"subtype\": \"Number\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"NestedNumberField\"\n" - + " }\n" - + " },\n" - + " \"originalId\": \"ComplexNestedField\"\n" - + " }\n" - + " },\n" - + " \"originalId\": \"ComplexField\"\n" - + " },\n" - + " \"YesOrNoField\": {\n" - + " \"type\": \"SimpleBoolean\",\n" - + " \"subtype\": \"YesOrNo\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"YesOrNoField\"\n" - + " },\n" - + " \"DateTimeField\": {\n" - + " \"type\": \"SimpleDateTime\",\n" - + " \"subtype\": \"DateTime\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"DateTimeField\"\n" - + " },\n" - + " \"DocumentField\": {\n" - + " \"type\": \"Complex\",\n" - + " \"subtype\": \"Document\",\n" - + " \"typeDef\": {\n" - + " \"document_url\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"document_url\"\n" - + " },\n" - + " \"document_filename\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"document_filename\"\n" - + " },\n" - + " \"document_binary_url\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"document_binary_url\"\n" - + " },\n" - + " \"category_id\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"category_id\"\n" - + " },\n" - + " \"upload_timestamp\": {\n" - + " \"type\": \"SimpleDateTime\",\n" - + " \"subtype\": \"DateTime\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"upload_timestamp\"\n" - + " }\n" - + " },\n" - + " \"originalId\": \"DocumentField\"\n" - + " },\n" - + " \"AddressUKField\": {\n" - + " \"type\": \"Complex\",\n" - + " \"subtype\": \"AddressUK\",\n" - + " \"typeDef\": {\n" - + " \"County\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"County\"\n" - + " },\n" - + " \"Country\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"Country\"\n" - + " },\n" - + " \"PostCode\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"PostCode\"\n" - + " },\n" - + " \"PostTown\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"PostTown\"\n" - + " },\n" - + " \"AddressLine1\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"AddressLine1\"\n" - + " },\n" - + " \"AddressLine2\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"AddressLine2\"\n" - + " },\n" - + " \"AddressLine3\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"AddressLine3\"\n" - + " }\n" - + " },\n" - + " \"originalId\": \"AddressUKField\"\n" - + " },\n" - + " \"CollectionField\": {\n" - + " \"type\": \"Collection\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"CollectionField\"\n" - + " },\n" - + " \"TopLevelPublish\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"ComplexTextField\"\n" - + " },\n" - + " \"AliasForTextField\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"TextField\"\n" - + " },\n" - + " \"ComplexCollectionField\": {\n" - + " \"type\": \"Collection\",\n" - + " \"subtype\": \"ComplexType\",\n" - + " \"typeDef\": {\n" - + " \"ComplexTextField\": {\n" - + " \"type\": \"SimpleText\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"ComplexTextField\"\n" - + " },\n" - + " \"ComplexNestedField\": {\n" - + " \"type\": \"Complex\",\n" - + " \"subtype\": \"NestedComplexType\",\n" - + " \"typeDef\": {\n" - + " \"NestedNumberField\": {\n" - + " \"type\": \"SimpleNumber\",\n" - + " \"subtype\": \"Number\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"NestedNumberField\"\n" - + " },\n" - + " \"NestedCollectionTextField\": {\n" - + " \"type\": \"Collection\",\n" - + " \"subtype\": \"Text\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"NestedCollectionTextField\"\n" - + " }\n" - + " },\n" - + " \"originalId\": \"ComplexNestedField\"\n" - + " },\n" - + " \"ComplexFixedListField\": {\n" - + " \"type\": \"FixedList\",\n" - + " \"subtype\": \"FixedList\",\n" - + " \"typeDef\": null,\n" - + " \"originalId\": \"ComplexFixedListField\"\n" - + " }\n" - + " },\n" - + " \"originalId\": \"ComplexCollectionField\"\n" - + " }\n" - + "}")); + mapper.readTree(""" + { + "OtherAlias": { + "type": "SimpleNumber", + "subtype": "Number", + "typeDef": null, + "originalId": "ComplexNestedField.NestedNumberField" + }, + "NumberField": { + "type": "SimpleNumber", + "subtype": "Number", + "typeDef": null, + "originalId": "NumberField" + }, + "ComplexField": { + "type": "Complex", + "subtype": "ComplexType", + "typeDef": { + "ComplexTextField": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "ComplexTextField" + }, + "ComplexNestedField": { + "type": "Complex", + "subtype": "NestedComplexType", + "typeDef": { + "NestedNumberField": { + "type": "SimpleNumber", + "subtype": "Number", + "typeDef": null, + "originalId": "NestedNumberField" + } + }, + "originalId": "ComplexNestedField" + } + }, + "originalId": "ComplexField" + }, + "YesOrNoField": { + "type": "SimpleBoolean", + "subtype": "YesOrNo", + "typeDef": null, + "originalId": "YesOrNoField" + }, + "DateTimeField": { + "type": "SimpleDateTime", + "subtype": "DateTime", + "typeDef": null, + "originalId": "DateTimeField" + }, + "DocumentField": { + "type": "Complex", + "subtype": "Document", + "typeDef": { + "document_url": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "document_url" + }, + "document_filename": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "document_filename" + }, + "document_binary_url": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "document_binary_url" + }, + "category_id": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "category_id" + }, + "upload_timestamp": { + "type": "SimpleDateTime", + "subtype": "DateTime", + "typeDef": null, + "originalId": "upload_timestamp" + } + }, + "originalId": "DocumentField" + }, + "AddressUKField": { + "type": "Complex", + "subtype": "AddressUK", + "typeDef": { + "County": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "County" + }, + "Country": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "Country" + }, + "PostCode": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "PostCode" + }, + "PostTown": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "PostTown" + }, + "AddressLine1": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "AddressLine1" + }, + "AddressLine2": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "AddressLine2" + }, + "AddressLine3": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "AddressLine3" + } + }, + "originalId": "AddressUKField" + }, + "CollectionField": { + "type": "Collection", + "subtype": "Text", + "typeDef": null, + "originalId": "CollectionField" + }, + "TopLevelPublish": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "ComplexTextField" + }, + "AliasForTextField": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "TextField" + }, + "ComplexCollectionField": { + "type": "Collection", + "subtype": "ComplexType", + "typeDef": { + "ComplexTextField": { + "type": "SimpleText", + "subtype": "Text", + "typeDef": null, + "originalId": "ComplexTextField" + }, + "ComplexNestedField": { + "type": "Complex", + "subtype": "NestedComplexType", + "typeDef": { + "NestedNumberField": { + "type": "SimpleNumber", + "subtype": "Number", + "typeDef": null, + "originalId": "NestedNumberField" + }, + "NestedCollectionTextField": { + "type": "Collection", + "subtype": "Text", + "typeDef": null, + "originalId": "NestedCollectionTextField" + } + }, + "originalId": "ComplexNestedField" + }, + "ComplexFixedListField": { + "type": "FixedList", + "subtype": "FixedList", + "typeDef": null, + "originalId": "ComplexFixedListField" + } + }, + "originalId": "ComplexCollectionField" + } + }""")); } @Test @@ -774,58 +775,59 @@ public void shouldGenerateCaseEventDataMessagingDefinition() throws Exception { String eventId = "CREATE"; String url = "/caseworkers/0/jurisdictions/" + JURISDICTION + "/case-types/" + caseType + "/cases"; - final JsonNode DATA = mapper.readTree("{\n" - + " \"MoneyGBPField\": \"1000\",\n" - + " \"FixedListField\": \"VALUE3\",\n" - + " \"AddressUKField\": {\n" - + " \"AddressLine1\": \"123 street name\",\n" - + " \"AddressLine2\": \"\",\n" - + " \"AddressLine3\": \"\",\n" - + " \"PostTown\": \"town\",\n" - + " \"County\": \"county\",\n" - + " \"PostCode\": \"postcode\",\n" - + " \"Country\": \"\"\n" - + " },\n" - + " \"ComplexField\": {\n" - + " \"ComplexTextField\": \"text in complex\",\n" - + " \"ComplexFixedListField\": \"VALUE3\",\n" - + " \"ComplexNestedField\": {\n" - + " \"NestedNumberField\": \"1\",\n" - + " \"NestedCollectionTextField\": [\n" - + " {\n" - + " \"value\": \"collection of text in nested complex 1\",\n" - + " \"id\": \"62c18dd8-d6d2-4378-b940-8614ee1ab25a\"\n" - + " },\n" - + " {\n" - + " \"value\": \"collection of text in nested complex 2\",\n" - + " \"id\": \"4acd46b4-f292-4e5d-a436-16dcca6b2cfe\"\n" - + " }\n" - + " ]\n" - + " }\n" - + " },\n" - + " \"DateTimeField\": \"2000-12-12T11:11:11.000\",\n" - + " \"PhoneUKField\": \"07986542987\",\n" - + " \"NumberField\": \"2\",\n" - + " \"MultiSelectListField\": [\n" - + " \"OPTION4\",\n" - + " \"OPTION3\"\n" - + " ],\n" - + " \"YesOrNoField\": \"Yes\",\n" - + " \"EmailField\": \"test@test.com\",\n" - + " \"TextField\": \"text field\",\n" - + " \"DateField\": \"2000-12-12\",\n" - + " \"TextAreaField\": \"text area\",\n" - + " \"CollectionField\": [\n" - + " {\n" - + " \"value\": \"collection field\",\n" - + " \"id\": \"9af355b6-19ef-4a19-b5db-ad873772b478\"\n" - + " },\n" - + " {\n" - + " \"value\": \"collection field 2\",\n" - + " \"id\": \"7bce938e-7400-424f-86c9-c896ecbabc1f\"\n" - + " }\n" - + " ]\n" - + "}"); + final JsonNode DATA = mapper.readTree(""" + { + "MoneyGBPField": "1000", + "FixedListField": "VALUE3", + "AddressUKField": { + "AddressLine1": "123 street name", + "AddressLine2": "", + "AddressLine3": "", + "PostTown": "town", + "County": "county", + "PostCode": "postcode", + "Country": "" + }, + "ComplexField": { + "ComplexTextField": "text in complex", + "ComplexFixedListField": "VALUE3", + "ComplexNestedField": { + "NestedNumberField": "1", + "NestedCollectionTextField": [ + { + "value": "collection of text in nested complex 1", + "id": "62c18dd8-d6d2-4378-b940-8614ee1ab25a" + }, + { + "value": "collection of text in nested complex 2", + "id": "4acd46b4-f292-4e5d-a436-16dcca6b2cfe" + } + ] + } + }, + "DateTimeField": "2000-12-12T11:11:11.000", + "PhoneUKField": "07986542987", + "NumberField": "2", + "MultiSelectListField": [ + "OPTION4", + "OPTION3" + ], + "YesOrNoField": "Yes", + "EmailField": "test@test.com", + "TextField": "text field", + "DateField": "2000-12-12", + "TextAreaField": "text area", + "CollectionField": [ + { + "value": "collection field", + "id": "9af355b6-19ef-4a19-b5db-ad873772b478" + }, + { + "value": "collection field 2", + "id": "7bce938e-7400-424f-86c9-c896ecbabc1f" + } + ] + }"""); Map data = JacksonUtils.convertValue(DATA); @@ -1004,7 +1006,8 @@ public void shouldReturn201WithSearchCriteriaWhenPostCreateCaseForCitizen() thro triggeringEvent.setSummary(SHORT_COMMENT); caseDetailsToSave.setEvent(triggeringEvent); - caseDetailsToSave.setToken(generateEventTokenNewCase(UID, JURISDICTION, CASE_TYPE, TEST_EVENT_ID)); + caseDetailsToSave.setToken(generateEventTokenNewCase(UID, JURISDICTION, + "MultipleSearchCriteriaAndSearchParties", TEST_EVENT_ID)); final MvcResult mvcResult = mockMvc.perform(post(URL) .contentType(JSON_CONTENT_TYPE) @@ -1226,7 +1229,8 @@ public void shouldReturn201WithSearchCriteriaWhenPostCreateCaseForCaseworker() t final CaseDataContent caseDetailsToSave = newCaseDataContent().build(); caseDetailsToSave.setEvent(createEvent(TEST_EVENT_ID, SUMMARY, DESCRIPTION)); - caseDetailsToSave.setToken(generateEventTokenNewCase(UID, JURISDICTION, CASE_TYPE, TEST_EVENT_ID)); + caseDetailsToSave.setToken(generateEventTokenNewCase(UID, JURISDICTION, + "MultipleSearchCriteriaAndSearchParties", TEST_EVENT_ID)); caseDetailsToSave.setData(GlobalSearchTestFixture.createCaseData()); final MvcResult mvcResult = mockMvc.perform(post(URL) @@ -1240,6 +1244,63 @@ public void shouldReturn201WithSearchCriteriaWhenPostCreateCaseForCaseworker() t GlobalSearchTestFixture.assertGlobalSearchData(actualData.getData()); } + @Test + public void shouldReturnBadRequestWhenTokenIsNull() throws Exception { + final String URL = "/citizens/0/jurisdictions/" + JURISDICTION + "/case-types/" + CASE_TYPE + "/cases"; + + final CaseDataContent caseDetailsToSave = newCaseDataContent().build(); + caseDetailsToSave.setEvent(createEvent(TEST_EVENT_ID, SUMMARY, DESCRIPTION)); + caseDetailsToSave.setToken(null); + + final MvcResult mvcResult = mockMvc.perform(post(URL) + .contentType(JSON_CONTENT_TYPE) + .content(mapper.writeValueAsBytes(caseDetailsToSave)) + ).andExpect(status().isBadRequest()) + .andReturn(); + + String content = mvcResult.getResponse().getContentAsString(); + assertTrue("The response should contain 'Missing start trigger token'", + content.contains("Missing start trigger token")); + } + + @Test + public void shouldReturnBadRequestWhenTokenIsEmpty() throws Exception { + final String URL = "/citizens/0/jurisdictions/" + JURISDICTION + "/case-types/" + CASE_TYPE + "/cases"; + + final CaseDataContent caseDetailsToSave = newCaseDataContent().build(); + caseDetailsToSave.setEvent(createEvent(TEST_EVENT_ID, SUMMARY, DESCRIPTION)); + caseDetailsToSave.setToken(""); + + final MvcResult mvcResult = mockMvc.perform(post(URL) + .contentType(JSON_CONTENT_TYPE) + .content(mapper.writeValueAsBytes(caseDetailsToSave)) + ).andExpect(status().isBadRequest()) + .andReturn(); + + String content = mvcResult.getResponse().getContentAsString(); + assertTrue("The response should contain 'Missing start trigger token'", + content.contains("Missing start trigger token")); + } + + @Test + public void shouldReturnForbiddenWhenTokenIsInvalid() throws Exception { + final String invalidToken = "eyJhbGciOiJIUzI1NiJ9.e0.KUFDva2DpGi-zmDrHrcMOPMC1DlaKodGHKHIsib3gTA"; + final String URL = "/citizens/0/jurisdictions/" + JURISDICTION + "/case-types/" + CASE_TYPE + "/cases"; + + final CaseDataContent caseDetailsToSave = newCaseDataContent().build(); + caseDetailsToSave.setEvent(createEvent(TEST_EVENT_ID, SUMMARY, DESCRIPTION)); + caseDetailsToSave.setToken(invalidToken); + + final MvcResult mvcResult = mockMvc.perform(post(URL) + .contentType(JSON_CONTENT_TYPE) + .content(mapper.writeValueAsBytes(caseDetailsToSave)) + ).andExpect(status().isForbidden()) + .andReturn(); + + String content = mvcResult.getResponse().getContentAsString(); + assertTrue("The response should contain 'Token is not valid'", content.contains("Token is not valid")); + } + @Test public void shouldReturn201WhenPostCreateCaseWithNoDataForCitizen() throws Exception { final String URL = "/citizens/0/jurisdictions/" + JURISDICTION + "/case-types/" + CASE_TYPE + "/cases"; @@ -2077,7 +2138,7 @@ public void shouldReturn201WithSearchCriteriaWhenPostCreateCaseEventCaseworker() caseDetailsToSave.setEvent(createEvent(PRE_STATES_EVENT_ID, SUMMARY, DESCRIPTION)); final String token = generateEventToken(template, - UID, JURISDICTION, CASE_TYPE, caseReference, PRE_STATES_EVENT_ID); + UID, JURISDICTION, "MultipleSearchCriteriaAndSearchParties", caseReference, PRE_STATES_EVENT_ID); caseDetailsToSave.setToken(token); final MvcResult mvcResult = mockMvc.perform(post(URL) .contentType(JSON_CONTENT_TYPE) @@ -2189,7 +2250,7 @@ public void shouldReturn201WithSearchCriteriaWhenPostCreateCaseEventForCitizen() caseDetailsToSave.setEvent(createEvent(PRE_STATES_EVENT_ID, SUMMARY, DESCRIPTION)); final String token = generateEventToken(template, - UID, JURISDICTION, CASE_TYPE, caseReference, PRE_STATES_EVENT_ID); + UID, JURISDICTION, "MultipleSearchCriteriaAndSearchParties", caseReference, PRE_STATES_EVENT_ID); caseDetailsToSave.setToken(token); final MvcResult mvcResult = mockMvc.perform(post(URL) @@ -3652,18 +3713,21 @@ private void shouldReturn201WithEmptyBodyWhenPostCreateCaseWithNoReadAccessOnCas caseDetailsToSave.setEvent(createEvent(CREATE_EVENT_ID, SUMMARY, DESCRIPTION)); final JsonNode DATA = mapper.readTree( - "{\n" + - " \"PersonFirstName\": \"First Name\",\n" + - " \"PersonLastName\": \"Last Name\",\n" + - " \"PersonAddress\": {\n" + - " \"AddressLine1\": \"Address Line 1\",\n" + - " \"AddressLine2\": \"Address Line 2\"\n" + - " }\n" + - "}\n" + """ + { + "PersonFirstName": "First Name", + "PersonLastName": "Last Name", + "PersonAddress": { + "AddressLine1": "Address Line 1", + "AddressLine2": "Address Line 2" + } + } + """ ); - Map data = JacksonUtils.convertValue(DATA); + Map data = JacksonUtils.convertValue(DATA); caseDetailsToSave.setData(data); - final String token = generateEventTokenNewCase(UID, JURISDICTION, CASE_TYPE, CREATE_EVENT_ID); + final String token = generateEventTokenNewCase(UID, JURISDICTION, + "TestAddressBookCaseNoReadCaseTypeAccess", CREATE_EVENT_ID); caseDetailsToSave.setToken(token); @@ -3673,7 +3737,7 @@ private void shouldReturn201WithEmptyBodyWhenPostCreateCaseWithNoReadAccessOnCas ).andExpect(status().is(201)) .andReturn(); - assertThat(mvcResult.getResponse().getContentAsString(), CoreMatchers.is(isEmptyString())); + assertThat(mvcResult.getResponse().getContentAsString(), CoreMatchers.is(emptyString())); } private void shouldReturn201WithEmptyBodyWhenPostCreateCaseEventWithNoCaseTypeReadAccess(String userRole) @@ -3684,7 +3748,8 @@ private void shouldReturn201WithEmptyBodyWhenPostCreateCaseEventWithNoCaseTypeRe + "/cases/" + caseReference + "/events"; final CaseDataContent caseDetailsToSave = newCaseDataContent().build(); - final String token = generateEventToken(template, UID, JURISDICTION, CASE_TYPE, caseReference, TEST_EVENT_ID); + final String token = generateEventToken(template, UID, JURISDICTION, + "TestAddressBookCaseNoReadCaseTypeAccess", caseReference, TEST_EVENT_ID); caseDetailsToSave.setToken(token); caseDetailsToSave.setEvent(createEvent(TEST_EVENT_ID, SUMMARY, DESCRIPTION)); final JsonNode data = mapper.readTree("{" + @@ -3705,7 +3770,7 @@ private void shouldReturn201WithEmptyBodyWhenPostCreateCaseEventWithNoCaseTypeRe .andReturn(); String response = mvcResult.getResponse().getContentAsString(); - assertThat(response, CoreMatchers.is(isEmptyString())); + assertThat(response, CoreMatchers.is(emptyString())); } @@ -3717,7 +3782,8 @@ private void shouldReturn201WithFieldRemovedWhenPostCreateCaseEventWithNoFieldRe + "/cases/" + caseReference + "/events"; final CaseDataContent caseDetailsToSave = newCaseDataContent().build(); - final String token = generateEventToken(template, UID, JURISDICTION, CASE_TYPE, caseReference, TEST_EVENT_ID); + final String token = generateEventToken(template, UID, JURISDICTION, + "TestAddressBookCaseNoReadFieldAccess", caseReference, TEST_EVENT_ID); caseDetailsToSave.setToken(token); caseDetailsToSave.setEvent(createEvent(TEST_EVENT_ID, SUMMARY, DESCRIPTION)); final JsonNode data = mapper.readTree("{" + @@ -3839,26 +3905,27 @@ private void shouldReturn200WithNoCaseDataWhenGetTokenForStartEventWithNoCaseTyp .andExpect(status().is(200)) .andReturn(); - String expected = "{ \n" + - " \"case_details\":{ \n" + - " \"id\":1504259907353610,\n" + - " \"jurisdiction\":\"PROBATE\",\n" + - " \"state\":\"CaseCreated\",\n" + - " \"case_type_id\":\"TestAddressBookCaseNoReadCaseTypeAccess\",\n" + - " \"last_modified\":null,\n" + - " \"security_classification\":\"PUBLIC\",\n" + - " \"case_data\":{ \n" + - "\n" + - " },\n" + - " \"data_classification\":{ \n" + - "\n" + - " },\n" + - " \"after_submit_callback_response\":null,\n" + - " \"callback_response_status_code\":null,\n" + - " \"callback_response_status\":null\n" + - " },\n" + - " \"event_id\":\"TEST_EVENT\"\n" + - "}"; + String expected = """ + { \s + "case_details":{ \s + "id":1504259907353610, + "jurisdiction":"PROBATE", + "state":"CaseCreated", + "case_type_id":"TestAddressBookCaseNoReadCaseTypeAccess", + "last_modified":null, + "security_classification":"PUBLIC", + "case_data":{ \s + + }, + "data_classification":{ \s + + }, + "after_submit_callback_response":null, + "callback_response_status_code":null, + "callback_response_status":null + }, + "event_id":"TEST_EVENT" + }"""; String actual = mvcResult.getResponse().getContentAsString(); assertAll( () -> JSONAssert.assertEquals(expected, actual, JSONCompareMode.LENIENT), @@ -3910,7 +3977,7 @@ public void shouldReturn201AndInsertCaseLinksWhenCreateCaseEvent() caseDetailsToSave.setEvent(createEvent(PRE_STATES_EVENT_ID, SUMMARY, DESCRIPTION)); final String token = generateEventToken(template, - UID, JURISDICTION, CASE_TYPE, reference, PRE_STATES_EVENT_ID); + UID, JURISDICTION, "TestAddressBookCaseCaseLinks", reference, PRE_STATES_EVENT_ID); caseDetailsToSave.setToken(token); final JsonNode data = mapper.readTree( @@ -3981,7 +4048,7 @@ public void shouldReturn201AndDeleteCaseLinksWhenCreateCaseEvent() caseDetailsToSave.setEvent(createEvent(PRE_STATES_EVENT_ID, SUMMARY, DESCRIPTION)); final String token = generateEventToken(template, - UID, JURISDICTION, CASE_TYPE, reference, PRE_STATES_EVENT_ID); + UID, JURISDICTION, "TestAddressBookCaseCaseLinks", reference, PRE_STATES_EVENT_ID); caseDetailsToSave.setToken(token); mockMvc.perform(post(URL).contentType(JSON_CONTENT_TYPE) @@ -5468,7 +5535,8 @@ private void shouldReturn201WithCaseLinksInsertedInDbWhenPostCreateCaseEventWith + CASE_TYPE_CASELINK + "/cases"; final CaseDataContent caseDetailsToSave = newCaseDataContent().build(); caseDetailsToSave.setEvent(createEvent("TEST_EVENT_NO_PRE_STATE", SUMMARY, DESCRIPTION)); - final String token = generateEventTokenNewCase(UID, JURISDICTION, CASE_TYPE, "TEST_EVENT_NO_PRE_STATE"); + final String token = generateEventTokenNewCase(UID, JURISDICTION, + "TestAddressBookCaseCaseLinks", "TEST_EVENT_NO_PRE_STATE"); caseDetailsToSave.setToken(token); @@ -5525,7 +5593,8 @@ public void shouldReturn422BadRequestWhenCaseLinksSpecifiedDoesNotExist() + CASE_TYPE_CASELINK + "/cases"; final CaseDataContent caseDetailsToSave = newCaseDataContent().build(); caseDetailsToSave.setEvent(createEvent("TEST_EVENT_NO_PRE_STATE", SUMMARY, DESCRIPTION)); - final String token = generateEventTokenNewCase(UID, JURISDICTION, CASE_TYPE, "TEST_EVENT_NO_PRE_STATE"); + final String token = generateEventTokenNewCase(UID, JURISDICTION, + "TestAddressBookCaseCaseLinks", "TEST_EVENT_NO_PRE_STATE"); caseDetailsToSave.setToken(token); final JsonNode data = mapper.readTree( @@ -5572,7 +5641,8 @@ public void shouldReturn201CaseCreatedButNotInsertCaseLinkInDBWhenCaseLinkIsBLan + CASE_TYPE_CASELINK + "/cases"; final CaseDataContent caseDetailsToSave = newCaseDataContent().build(); caseDetailsToSave.setEvent(createEvent("TEST_EVENT_NO_PRE_STATE", SUMMARY, DESCRIPTION)); - final String token = generateEventTokenNewCase(UID, JURISDICTION, CASE_TYPE, "TEST_EVENT_NO_PRE_STATE"); + final String token = generateEventTokenNewCase(UID, JURISDICTION, + "TestAddressBookCaseCaseLinks", "TEST_EVENT_NO_PRE_STATE"); caseDetailsToSave.setToken(token); final JsonNode data = mapper.readTree( diff --git a/src/test/java/uk/gov/hmcts/ccd/v2/external/controller/CaseControllerTestIT.java b/src/test/java/uk/gov/hmcts/ccd/v2/external/controller/CaseControllerTestIT.java index cfeeb1cd8a..25e0368406 100644 --- a/src/test/java/uk/gov/hmcts/ccd/v2/external/controller/CaseControllerTestIT.java +++ b/src/test/java/uk/gov/hmcts/ccd/v2/external/controller/CaseControllerTestIT.java @@ -425,7 +425,8 @@ void shouldPopulateMultipleSearchCriteriaAndSearchPartiesPostCreateEvent() throw .withEventId("HAS_PRE_STATES_EVENT") .withSummary("Short comment") .build()) - .withToken(generateEventTokenNewCase(UID, JURISDICTION, CASE_TYPE, "HAS_PRE_STATES_EVENT")) + .withToken(generateEventTokenNewCase(UID, JURISDICTION, + "MultipleSearchCriteriaAndSearchParties", "HAS_PRE_STATES_EVENT")) .withData(GlobalSearchTestFixture.createCaseData()) .build(); diff --git a/src/test/resources/test.properties b/src/test/resources/test.properties index 73673c7f93..80064390e2 100644 --- a/src/test/resources/test.properties +++ b/src/test/resources/test.properties @@ -49,3 +49,5 @@ reference.data.cache.refresh.rate.cron=- definition-store.retry.maxAttempts=5 definition-store.retry.maxDelay=100 + +token.claim.validation.enabled=true