Feature/JM-8190 (#765)

* task/JM-8193 (#763) * Task/JM-8191 Manually create a juror record (#764) * task/JM-8191 * task/JM-8191 * updates for test fix and styles * adding unit test * updated tests * Update JurorRecordServiceTest.java * Update JurorRecordControllerITest.java
hmcts · Sep 17, 2024 · 47b36af · 47b36af
1 parent 6c2f80a
commit 47b36af
Show file tree

Hide file tree

Showing 19 changed files with 675 additions and 13 deletions.
diff --git a/src/integration-test/java/uk/gov/hmcts/juror/api/TestUtil.java b/src/integration-test/java/uk/gov/hmcts/juror/api/TestUtil.java
@@ -99,6 +99,7 @@ public static String mintBureauJwt(final BureauJwtPayload payload,
  claimsMap.put("staff", payload.getStaff());
 
  claimsMap.put("roles", payload.getRoles());
+ claimsMap.put("permissions", payload.getPermissions());
  claimsMap.put("userType", payload.getUserType());
  claimsMap.put("activeUserType", payload.getActiveUserType() == null
  ? payload.getUserType() : payload.getActiveUserType());

diff --git a/...ration-test/java/uk/gov/hmcts/juror/api/moj/controller/AuthenticationControllerITest.java b/...ration-test/java/uk/gov/hmcts/juror/api/moj/controller/AuthenticationControllerITest.java
@@ -227,7 +227,7 @@ private void responseValidator(JwtDto response,
  assertThat(claims.getIssuedAt()).isAfter(new Date(clock.millis() - 60_000));
 
  assertThat(claims)
- .hasSize(13)
+ .hasSize(14)
  .containsEntry("owner", expectedJwtClaims.getOwner())
  .containsEntry("email", expectedJwtClaims.getEmail())
  .containsEntry("locCode", expectedJwtClaims.getLocCode())
@@ -241,7 +241,8 @@ private void responseValidator(JwtDto response,
  "courts", expectedJwtClaims.getStaff().getCourts()
  ))
  .containsEntry("roles", expectedJwtClaims.getRoles()
- .stream().map(Enum::name).toList());
+ .stream().map(Enum::name).toList())
+ .containsEntry("permissions", List.of());
  }
 
  @Test

diff --git a/...tegration-test/java/uk/gov/hmcts/juror/api/moj/controller/JurorRecordControllerITest.java b/...tegration-test/java/uk/gov/hmcts/juror/api/moj/controller/JurorRecordControllerITest.java
@@ -34,6 +34,7 @@
 import uk.gov.hmcts.juror.api.moj.controller.request.FilterableJurorDetailsRequestDto;
 import uk.gov.hmcts.juror.api.moj.controller.request.JurorAddressDto;
 import uk.gov.hmcts.juror.api.moj.controller.request.JurorCreateRequestDto;
+import uk.gov.hmcts.juror.api.moj.controller.request.JurorManualCreationRequestDto;
 import uk.gov.hmcts.juror.api.moj.controller.request.JurorNameDetailsDto;
 import uk.gov.hmcts.juror.api.moj.controller.request.JurorNotesRequestDto;
 import uk.gov.hmcts.juror.api.moj.controller.request.JurorNumberAndPoolNumberDto;
@@ -75,11 +76,13 @@
 import uk.gov.hmcts.juror.api.moj.domain.JurorPool;
 import uk.gov.hmcts.juror.api.moj.domain.PaginatedList;
 import uk.gov.hmcts.juror.api.moj.domain.PendingJuror;
+import uk.gov.hmcts.juror.api.moj.domain.Permission;
 import uk.gov.hmcts.juror.api.moj.domain.PoliceCheck;
 import uk.gov.hmcts.juror.api.moj.domain.PoolHistory;
 import uk.gov.hmcts.juror.api.moj.domain.PoolRequest;
 import uk.gov.hmcts.juror.api.moj.domain.Role;
 import uk.gov.hmcts.juror.api.moj.domain.SortMethod;
+import uk.gov.hmcts.juror.api.moj.domain.User;
 import uk.gov.hmcts.juror.api.moj.domain.UserType;
 import uk.gov.hmcts.juror.api.moj.domain.jurorresponse.DigitalResponse;
 import uk.gov.hmcts.juror.api.moj.domain.jurorresponse.PaperResponse;
@@ -118,9 +121,11 @@
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.Comparator;
+import java.util.HashSet;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Objects;
+import java.util.Set;
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.junit.jupiter.api.Assertions.assertEquals;
@@ -5324,6 +5329,192 @@ void markJurorAsRespondedBureauJurorNotFound() throws Exception {
 
  }
 
+ @Nested
+ @DisplayName("POST " + CreateManualJurorRecord.URL)
+ class CreateManualJurorRecord {
+
+ private static final String URL = BASE_URL + "/create-juror-manual";
+
+ @Test
+ @Sql({"/db/mod/truncate.sql", "/db/JurorRecordController_createManualJurorRecord.sql"})
+ void createManualJurorRecordPoolHappyPath() throws Exception {
+ String poolNumber = "415220502";
+ final JurorManualCreationRequestDto requestDto = JurorManualCreationRequestDto.builder()
+ .poolNumber(poolNumber)
+ .locationCode("415")
+ .title("Mr")
+ .firstName("John")
+ .lastName("Smith")
+ .address(JurorAddressDto.builder()
+ .lineOne("1 High Street")
+ .lineTwo("Test")
+ .lineThree("Test")
+ .town("Chester")
+ .county("Test")
+ .postcode("CH1 2AB")
+ .build())
+ .primaryPhone("01234567890")
+ .emailAddress("test@test.com")
+ .notes("A manually created juror")
+ .build();
+
+ Set<Role> roles = new HashSet<>();
+ roles.add(Role.MANAGER);
+ Set<Permission> permissions = new HashSet<>();
+ permissions.add(Permission.CREATE_JUROR);
+ User user = User.builder()
+ .username("BUREAU_USER")
+ .roles(roles)
+ .permissions(permissions)
+ .build();
+
+ final BureauJwtPayload bureauJwtPayload = new BureauJwtPayload(user, UserType.BUREAU, "400",
+ Collections.singletonList(CourtLocation.builder()
+ .locCode("400")
+ .name("Bureau")
+ .owner("400")
+ .build()));
+
+ httpHeaders.set(HttpHeaders.AUTHORIZATION, mintBureauJwt(bureauJwtPayload));
+
+ ResponseEntity<?> response =
+ restTemplate.exchange(new RequestEntity<>(requestDto, httpHeaders, POST,
+ URI.create(URL)), String.class);
+
+ assertThat(response.getStatusCode())
+ .as("Expect the HTTP POST request to be CREATED")
+ .isEqualTo(HttpStatus.CREATED);
+
+ validateCreatedJuror(poolNumber);
+ }
+
+ private void validateCreatedJuror(String poolNumber) {
+ // expect this to be the first juror manually created for court 415
+ Juror juror = jurorRepository.findByJurorNumber("041500001");
+ assertThat(juror).isNotNull();
+ assertThat(juror.getTitle()).isEqualTo("Mr");
+ assertThat(juror.getFirstName()).isEqualTo("John");
+ assertThat(juror.getLastName()).isEqualTo("Smith");
+ assertThat(juror.getDateOfBirth()).isNull();
+ assertThat(juror.getPhoneNumber()).isEqualTo("01234567890");
+ assertThat(juror.getEmail()).isEqualTo("test@test.com");
+ assertThat(juror.getNotes()).isEqualTo("A manually created juror");
+
+ assertThat(juror.getAddressLine1()).isEqualTo("1 High Street");
+ assertThat(juror.getAddressLine2()).isEqualTo("Test");
+ assertThat(juror.getAddressLine3()).isEqualTo("Test");
+ assertThat(juror.getAddressLine4()).isEqualTo("Chester");
+ assertThat(juror.getAddressLine5()).isEqualTo("Test");
+ assertThat(juror.getPostcode()).isEqualTo("CH1 2AB");
+
+ JurorPool jurorPool = jurorPoolRepository.findByJurorJurorNumberAndPoolPoolNumber(juror.getJurorNumber(),
+ poolNumber);
+ assertThat(jurorPool).isNotNull();
+ assertThat(jurorPool.getStatus().getStatus()).isEqualTo(IJurorStatus.SUMMONED);
+ assertThat(jurorPool.getOwner()).isEqualTo("400");
+ assertThat(jurorPool.getNextDate()).isEqualTo(LocalDate.now().plusDays(10));
+ assertThat(jurorPool.getPoolNumber()).isEqualTo(poolNumber);
+
+ List<JurorHistory> jurorHistory = jurorHistoryRepository
+ .findByJurorNumberOrderById(juror.getJurorNumber());
+ assertThat(jurorHistory).isNotEmpty();
+ assertThat(jurorHistory.get(0).getHistoryCode()).isEqualTo(HistoryCodeMod.PRINT_SUMMONS);
+
+ List<BulkPrintData> letters = bulkPrintDataRepository.findByJurorNo(juror.getJurorNumber());
+ assertThat(letters).isNotEmpty();
+ BulkPrintData bulkPrintData = letters.get(0);
+ assertThat(bulkPrintData.getJurorNo()).isEqualTo(juror.getJurorNumber());
+ assertThat(bulkPrintData.getFormAttribute().getFormType()).isEqualTo(FormCode.ENG_SUMMONS.getCode());
+ }
+
+
+ @Test
+ void createManualJurorRecordBureauManagerNoCreateForbidden() throws Exception {
+ String poolNumber = "415220502";
+ JurorManualCreationRequestDto requestDto = JurorManualCreationRequestDto.builder()
+ .poolNumber(poolNumber)
+ .locationCode("415")
+ .title("Mr")
+ .firstName("John")
+ .lastName("Smith")
+ .address(JurorAddressDto.builder()
+ .lineOne("1 High Street")
+ .lineTwo("Test")
+ .lineThree("Test")
+ .town("Chester")
+ .county("Test")
+ .postcode("CH1 2AB")
+ .build())
+ .primaryPhone("01234567890")
+ .emailAddress("test@test.com")
+ .notes("A manually created juror")
+ .build();
+
+ Set<Role> roles = new HashSet<>();
+ roles.add(Role.MANAGER);
+ Set<Permission> permissions = new HashSet<>();
+ User user = User.builder()
+ .username("BUREAU2")
+ .roles(roles)
+ .permissions(permissions)
+ .build();
+
+ BureauJwtPayload bureauJwtPayload = new BureauJwtPayload(user, UserType.BUREAU, "400",
+ Collections.singletonList(CourtLocation.builder()
+ .locCode("400")
+ .name("Bureau")
+ .owner("400")
+ .build()));
+
+ httpHeaders.set(HttpHeaders.AUTHORIZATION, mintBureauJwt(bureauJwtPayload));
+
+ ResponseEntity<?> response =
+ restTemplate.exchange(new RequestEntity<>(requestDto, httpHeaders, POST,
+ URI.create(URL)), String.class);
+
+ assertThat(response.getStatusCode())
+ .as("Expect the HTTP POST request to be FORBIDDEN")
+ .isEqualTo(HttpStatus.FORBIDDEN);
+
+ }
+
+ @Test
+ void createManualJurorRecordCourtUserForbidden() throws Exception {
+ String poolNumber = "415220502";
+ JurorManualCreationRequestDto requestDto = JurorManualCreationRequestDto.builder()
+ .poolNumber(poolNumber)
+ .locationCode("415")
+ .title("Mr")
+ .firstName("John")
+ .lastName("Smith")
+ .address(JurorAddressDto.builder()
+ .lineOne("1 High Street")
+ .lineTwo("Test")
+ .lineThree("Test")
+ .town("Chester")
+ .county("Test")
+ .postcode("CH1 2AB")
+ .build())
+ .primaryPhone("01234567890")
+ .emailAddress("test@test.com")
+ .notes("A manually created juror")
+ .build();
+
+ httpHeaders.set(HttpHeaders.AUTHORIZATION, initCourtsJwt("415", Collections.singletonList("415"),
+ UserType.COURT));
+
+ ResponseEntity<?> response =
+ restTemplate.exchange(new RequestEntity<>(requestDto, httpHeaders, POST,
+ URI.create(URL)), String.class);
+
+ assertThat(response.getStatusCode())
+ .as("Expect the HTTP POST request to be FORBIDDEN")
+ .isEqualTo(HttpStatus.FORBIDDEN);
+
+ }
+
+ }
+
  @Nested
  @DisplayName("Search for Juror records")
  @Sql({"/db/mod/truncate.sql", "/db/JurorRecordController_searchForJurorRecords.sql"})

diff --git a/src/integration-test/resources/db/JurorRecordController_createManualJurorRecord.sql b/src/integration-test/resources/db/JurorRecordController_createManualJurorRecord.sql
@@ -0,0 +1,15 @@
+insert into juror_mod.users(created_by, updated_by, username, name, email) values
+('BUREAU1', 'BUREAU1', 'BUREAU_USER', 'BUREAU_USER', 'BUREAU_USER@test.net'),
+('BUREAU1', 'BUREAU1', 'BUREAU2', 'BUREAU USER2', 'BUREAU2@test.net');
+
+INSERT INTO juror_mod.user_roles (username,"role") VALUES
+ ('BUREAU_USER','MANAGER'),
+ ('BUREAU2','MANAGER');
+
+INSERT INTO juror_mod.user_permissions (username,"permission") VALUES
+ ('BUREAU_USER','CREATE_JUROR');
+
+-- create a pool record owned by Bureau
+INSERT INTO juror_mod.pool
+(pool_no, "owner", return_date, total_no_required, no_requested, pool_type, loc_code, new_request, last_update)
+VALUES ('415220502', '400', current_date + 10, 5, 5, 'CRO', '415', 'N', current_date - 1);
diff --git a/src/integration-test/resources/db/mod/truncate.sql b/src/integration-test/resources/db/mod/truncate.sql
@@ -37,6 +37,7 @@ DELETE FROM juror_mod.user_roles_audit;
 DELETE FROM juror_mod.user_courts_audit;
 DELETE FROM juror_mod.users_audit;
 
+DELETE FROM juror_mod.user_permissions;
 DELETE FROM juror_mod.user_roles;
 DELETE FROM juror_mod.user_courts;
 DELETE FROM juror_mod.users;

diff --git a/src/main/java/uk/gov/hmcts/juror/api/config/bureau/BureauJwtPayload.java b/src/main/java/uk/gov/hmcts/juror/api/config/bureau/BureauJwtPayload.java
@@ -11,6 +11,7 @@
 import org.springframework.security.core.authority.AuthorityUtils;
 import org.springframework.util.ObjectUtils;
 import uk.gov.hmcts.juror.api.juror.domain.CourtLocation;
+import uk.gov.hmcts.juror.api.moj.domain.Permission;
 import uk.gov.hmcts.juror.api.moj.domain.Role;
 import uk.gov.hmcts.juror.api.moj.domain.User;
 import uk.gov.hmcts.juror.api.moj.domain.UserType;
@@ -44,6 +45,7 @@ public class BureauJwtPayload {
  private UserType activeUserType;
 
  private Collection<Role> roles;
+ private Collection<Permission> permissions;
 
  public BureauJwtPayload(User user, String locCode, List<CourtLocation> courtLocations) {
  this(user, user.getUserType(), locCode, courtLocations);
@@ -70,6 +72,12 @@ public BureauJwtPayload(User user, UserType activeType, String locCode, List<Cou
  .toList();
  }
 
+ this.permissions = user.getPermissions()
+ .stream()
+ .distinct()
+ .sorted()
+ .toList();
+
  List<String> courts = new ArrayList<>(courtLocations.stream()
  .map(CourtLocation::getLocCode)
  .sorted()
@@ -85,7 +93,7 @@ public BureauJwtPayload(User user, UserType activeType, String locCode, List<Cou
 
  public BureauJwtPayload(String owner, String login, String userLevel,
  Staff staff) {
- this(null, owner, null, login, userLevel, staff, null, null, null);
+ this(null, owner, null, login, userLevel, staff, null, null, null, null);
  }
 
  public List<GrantedAuthority> getGrantedAuthority() {
@@ -108,6 +116,7 @@ public Map<String, Object> toClaims() {
  data.put("userLevel", userLevel);
  data.put("staff", staff.toClaims());
  data.put("roles", roles);
+ data.put("permissions", permissions);
  data.put("userType", userType);
  data.put("activeUserType", activeUserType);
  return data;
@@ -129,6 +138,14 @@ public static BureauJwtPayload fromClaims(Claims claims) {
  .map(o -> Role.valueOf(String.valueOf(o)))
  .toList();
 
+ final List<String> permissionString =
+ claims.containsKey("permissions") ? claims.get("permissions", List.class) : Collections.emptyList();
+
+ final List<Permission> permissions = permissionString
+ .stream()
+ .map(o -> Permission.valueOf(String.valueOf(o)))
+ .toList();
+
  UserType userType = claims.containsKey("userType")
  ? UserType.valueOf(claims.get("userType", String.class))
  : null;
@@ -146,6 +163,7 @@ public static BureauJwtPayload fromClaims(Claims claims) {
  .activeUserType(activeUserType)
  .staff(staff)
  .roles(roles)
+ .permissions(permissions)
  .userType(userType)
  .build();
  }