Merge branch 'master' into CIV-10119

Jenkinsfile_CNP

@@ -43,7 +43,10 @@ def secrets = [
     secret('ccd-importer-username', 'CCD_CONFIGURER_IMPORTER_USERNAME'),
     secret('ccd-importer-password', 'CCD_CONFIGURER_IMPORTER_PASSWORD'),
     secret('postgres-user', 'POSTGRES_USER'),
-    secret('postgres-password', 'POSTGRES_PASSWORD')
+    secret('postgres-password', 'POSTGRES_PASSWORD'),
+    secret('default-password','DEFAULT_PASSWORD'),
+    secret('judge-default-password','JUDGE_DEFAULT_PASSWORD'),
+    secret('iac-default-password','IAC_DEFAULT_PASSWORD')
   ]
 ]
 
@@ -141,7 +144,7 @@ withPipeline(type, product, component) {
     env.CCD_DATA_STORE_URL = "https://civil-service-data-store-staging-aat.service.core-compute-aat.internal"
     env.DM_STORE_URL = "http://dm-store-aat.service.core-compute-aat.internal"
     env.CIVIL_SERVICE_URL="https://civil-service-staging.aat.platform.hmcts.net"
-    env.AAC_API_URL="https://manage-case-assignment-civil-service-staging-aat.service.core-compute-aat.internal"
+    env.AAC_API_URL="https://civil-service-manage-case-assignment-staging.aat.platform.hmcts.net"
   }
 
   afterAlways('functionalTest:aat') {

Jenkinsfile_nightly

@@ -14,6 +14,8 @@ properties([
       description: 'The URL of service auth provider'),
     string(name: 'CCD_DATA_STORE_URL', defaultValue: 'http://ccd-data-store-api-aat.service.core-compute-aat.internal',
       description: 'The URL of ccd data store'),
+    string(name: 'AAC_API_URL', defaultValue: 'http://aac-manage-case-assignment-aat.service.core-compute-aat.internal',
+      description: 'The URL of AAC service'),
     string(name: 'CIVIL_SERVICE_URL', defaultValue: 'http://civil-service-aat.service.core-compute-aat.internal',
       description: 'The URL of civil service'),
     string(name: 'WAIT_FOR_TIMEOUT_MS',
@@ -42,7 +44,10 @@ static Map<String, Object> secret(String secretName, String envVariable) {
 
 def secrets = [
   'civil-${env}': [
-    secret('microservicekey-civil-service', 'S2S_SECRET')
+    secret('microservicekey-civil-service', 'S2S_SECRET'),
+    secret('default-password', 'DEFAULT_PASSWORD'),
+    secret('judge-default-password', 'JUDGE_DEFAULT_PASSWORD'),
+    secret('iac-default-password', 'IAC_DEFAULT_PASSWORD')
   ]
 ]
 
@@ -57,6 +62,7 @@ withNightlyPipeline(type, product, component) {
   env.URL_FOR_SECURITY_SCAN = params.CIVIL_SERVICE_URL
   env.TESTS_FOR_ACCESSIBILITY = true
   env.NIGHTLY_RUN = true
+  env.AAC_API_URL = params.AAC_API_URL
   overrideVaultEnvironments([
   'aat': params.ENVIRONMENT
   ])

bin/add-roles.sh

@@ -30,6 +30,7 @@
 ./bin/utils/ccd-add-role.sh "cui-admin-profile"
 ./bin/utils/ccd-add-role.sh "cui-nbc-profile"
 ./bin/utils/ccd-add-role.sh "citizen-profile"
+./bin/utils/ccd-add-role.sh "caseworker-civil-citizen-ui-pcqextractor"
 
 roles=("solicitor" "systemupdate" "admin" "staff")
 for role in "${roles[@]}"

build.gradle

@@ -75,8 +75,8 @@ allprojects {
 
   dependencyManagement {
     dependencies {
-      //CVE-2022-41881
-      dependencySet(group: 'io.netty', version: '4.1.94.Final') {
+      //CVE-2023-44487
+      dependencySet(group: 'io.netty', version: '4.1.100.Final') {
         entry 'netty-handler'
         entry 'netty-handler-proxy'
         entry 'netty-transport-native-epoll'
@@ -369,7 +369,7 @@ configurations.all {
 }
 
 dependencies {
-  implementation 'com.github.hmcts:civil-commons:1.0.21'
+  implementation 'com.github.hmcts:civil-commons:1.0.33'
   implementation group: 'org.springframework.boot', name: 'spring-boot-starter-web'
   implementation group: 'org.springframework.boot', name: 'spring-boot-starter-actuator'
   implementation group: 'org.springframework.boot', name: 'spring-boot-starter-aop'
@@ -401,11 +401,18 @@ dependencies {
   implementation group: 'io.github.openfeign', name: 'feign-httpclient', version: '12.4'
   implementation group: 'org.springframework.retry', name: 'spring-retry'
 
+  implementation group: 'com.github.hmcts', name: 'java-logging', version: '6.0.1'
+
   implementation group: 'com.github.hmcts', name: 'ccd-client', version: '4.9.1'
   implementation group: 'uk.gov.hmcts.reform', name: 'document-management-client', version: '7.0.0'
   implementation group: 'uk.gov.hmcts.reform', name: 'send-letter-client', version: '3.0.3'
-  implementation group: 'com.github.hmcts', name: 'fees-java-client', version: '0.0.6'
-  implementation group: 'com.github.hmcts', name: 'payments-java-client', version: '1.5.2'
+  implementation('com.github.hmcts:fees-java-client:0.0.6') {
+    exclude group: 'java-logging', module: ' java-logging'
+  }
+
+  implementation('com.github.hmcts:payments-java-client:1.5.2') {
+    exclude group: 'java-logging', module: ' java-logging'
+  }
   implementation group: 'uk.gov.hmcts.reform', name: 'service-auth-provider-client', version: '4.0.0'
   implementation group: 'uk.gov.hmcts.reform', name: 'properties-volume-spring-boot-starter', version: '0.1.0'
   implementation group: 'uk.gov.service.notify', name: 'notifications-java-client', version: '4.1.0-RELEASE'
@@ -433,8 +440,8 @@ dependencies {
   implementation group: 'org.apache.logging.log4j', name: 'log4j-api', version: '2.20.0'
   implementation group: 'org.apache.logging.log4j', name: 'log4j-to-slf4j', version: '2.20.0'
   implementation group: 'org.apache.commons', name: 'commons-text', version: '1.10.0'
-  implementation group: 'org.apache.tomcat.embed', name: 'tomcat-embed-core', version: '9.0.80'
-  implementation group: 'org.apache.tomcat.embed', name: 'tomcat-embed-websocket', version: '10.1.13'
+  implementation group: 'org.apache.tomcat.embed', name: 'tomcat-embed-core', version: '9.0.82'
+  implementation group: 'org.apache.tomcat.embed', name: 'tomcat-embed-websocket', version: '10.1.14'
   implementation group: 'org.elasticsearch', name: 'elasticsearch', version: '7.17.9'
   implementation group: 'com.networknt', name: 'json-schema-validator', version: '1.0.78'
 

charts/civil-service/Chart.yaml

@@ -2,13 +2,13 @@ apiVersion: v2
 description: A Helm chart for civil-service App
 name: civil-service
 home: https://github.com/hmcts/civil-service
-version: 0.0.48
+version: 0.0.52
 maintainers:
   - name: HMCTS Civil team
 
 dependencies:
   - name: java
-    version: 4.0.13
+    version: 5.0.0
     repository: 'https://hmctspublic.azurecr.io/helm/v1/repo/'
   - name: ccd
     version: 8.0.29

charts/civil-service/values.aat.template.yaml

@@ -24,6 +24,9 @@ java:
         - ordnance-survey-api-key
         - notification-caseworker-spec-receiver
         - launch-darkly-sdk-key
+        - default-password
+        - judge-default-password
+        - iac-default-password
   environment:
     CORE_CASE_DATA_API_URL: http://${SERVICE_NAME}-ccd-data-store-api
     OIDC_ISSUER: https://forgerock-am.service.core-compute-idam-aat2.internal:8443/openam/oauth2/realms/root/realms/hmcts
@@ -42,6 +45,7 @@ java:
     DOCUMENT_MANAGEMENT_SECURED: true
     STITCHING_API_ENABLED: true
     RELEASE_REVISION: "{{ .Release.Revision }}"
+    ACA_SERVICE_API_BASEURL: http://${SERVICE_NAME}-aac-manage-case-assignment
     HMC_HEARINGS_SUBSCRIPTION_ENABLED: false
   postgresql:
     enabled: true
@@ -212,7 +216,7 @@ aac-manage-case-assignment:
     imagePullPolicy: Always
     releaseNameOverride: ${SERVICE_NAME}-aac-manage-case-assignment
     image: hmctspublic.azurecr.io/aac/manage-case-assignment:latest
-    ingressHost: manage-case-assignment-civil-service-staging-aat.service.core-compute-aat.internal
+    ingressHost: civil-service-manage-case-assignment-staging.aat.platform.hmcts.net
     environment:
       IDAM_API_URL: https://idam-api.aat.platform.hmcts.net
       IDAM_OIDC_URL: https://idam-web-public.aat.platform.hmcts.net

charts/civil-service/values.preview.template.yaml

@@ -25,6 +25,9 @@ java:
         - robotics-notification-multipartyrecipient
         - ordnance-survey-api-key
         - notification-caseworker-spec-receiver
+        - default-password
+        - judge-default-password
+        - iac-default-password
   environment:
     CORE_CASE_DATA_API_URL: http://${SERVICE_NAME}-ccd-data-store-api
     OIDC_ISSUER: https://forgerock-am.service.core-compute-idam-aat2.internal:8443/openam/oauth2/realms/root/realms/hmcts
@@ -49,6 +52,8 @@ java:
   postgresql:
     enabled: true
     image:
+      registry: hmctspublic.azurecr.io
+      repository: imported/bitnami/postgresql
       tag: '11.6.0'
     primary:
       persistence:

charts/civil-service/values.yaml

@@ -64,6 +64,7 @@ java:
     DOCUMENT_MANAGEMENT_SECURED: true
     REST_TEMPLATE_TIMEOUT: 30000
     POLLING_EVENT_EMITTER_ENABLED: false
+    WA_TOGGLE: Prod
     HMC_HEARINGS_TOPIC_NAMESPACE: 'hmc-servicebus-{{ .Values.global.environment }}'
     HMC_HEARINGS_TOPIC_NAME: 'hmc-to-cft-{{ .Values.global.environment }}'
     HMC_HEARINGS_TOPIC_SUBSCRIPTION_NAME: 'hmc-to-civil-subscription-{{ .Values.global.environment }}'

config/owasp/suppressions.xml

@@ -9,6 +9,7 @@
     <notes>False positive. We don't have any reference to json-java_project:json-java
       nor any reference to hutool:hutool:5.8.10. Suppressed long-term to re-assess and possibly delete.</notes>
     <cve>CVE-2022-45688</cve>
+    <cve>CVE-2023-5072</cve>
   </suppress>
   <suppress>
     <notes>Temporarily suppressing it as the latest camunda connector 1.5.6 seem to have the vulnerability.</notes>
@@ -30,7 +31,9 @@
     <cve>CVE-2021-42306</cve>
     <cve>CVE-2023-20861</cve>
     <cve>CVE-2023-20883</cve>
-
+    <cve>CVE-2023-4586</cve>
+    <cve>CVE-2023-5072</cve>
+    <cve>CVE-2023-44487</cve>
   </suppress>
 
 </suppressions>

src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/cases/CasesControllerTest.java

@@ -12,18 +12,19 @@
 import uk.gov.hmcts.reform.civil.exceptions.CaseDataInvalidException;
 import uk.gov.hmcts.reform.civil.exceptions.CaseNotFoundException;
 import uk.gov.hmcts.reform.civil.exceptions.UserNotFoundOnCaseException;
-import uk.gov.hmcts.reform.civil.exceptions.CaseNotFoundException;
-import uk.gov.hmcts.reform.civil.exceptions.UserNotFoundOnCaseException;
 import uk.gov.hmcts.reform.civil.helpers.CaseDetailsConverter;
 import uk.gov.hmcts.reform.civil.model.CaseData;
 import uk.gov.hmcts.reform.civil.model.bulkclaims.CaseworkerSubmitEventDTo;
 import uk.gov.hmcts.reform.civil.model.citizenui.DashboardClaimInfo;
 import uk.gov.hmcts.reform.civil.model.citizenui.DashboardResponse;
+import uk.gov.hmcts.reform.civil.model.citizenui.dto.ExtendedDeadlineDto;
 import uk.gov.hmcts.reform.civil.model.citizenui.dto.EventDto;
+import uk.gov.hmcts.reform.civil.model.repaymentplan.ClaimantProposedPlan;
 import uk.gov.hmcts.reform.civil.service.CoreCaseDataService;
 import uk.gov.hmcts.reform.civil.service.RoleAssignmentsService;
 import uk.gov.hmcts.reform.civil.service.bulkclaims.CaseworkerCaseEventService;
 import uk.gov.hmcts.reform.civil.service.citizen.events.CaseEventService;
+import uk.gov.hmcts.reform.civil.service.citizen.repaymentplan.RepaymentPlanDecisionService;
 import uk.gov.hmcts.reform.civil.service.citizenui.DashboardClaimInfoService;
 import uk.gov.hmcts.reform.civil.service.citizenui.responsedeadline.DeadlineExtensionCalculatorService;
 import uk.gov.hmcts.reform.civil.ras.model.RoleAssignmentResponse;
@@ -40,11 +41,15 @@
 import java.util.Map;
 
 import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.anyInt;
 import static org.mockito.ArgumentMatchers.anyString;
 import static org.mockito.ArgumentMatchers.eq;
+import static org.mockito.BDDMockito.given;
 import static org.mockito.Mockito.when;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+import static uk.gov.hmcts.reform.civil.enums.RespondentResponsePartAdmissionPaymentTimeLRspec.IMMEDIATELY;
+import static uk.gov.hmcts.reform.civil.model.citizenui.dto.RepaymentDecisionType.IN_FAVOUR_OF_CLAIMANT;
 
 public class CasesControllerTest extends BaseIntegrationTest {
 
@@ -68,6 +73,7 @@ public class CasesControllerTest extends BaseIntegrationTest {
     private static final String CALCULATE_DEADLINE_URL = "/cases/response/deadline";
     private static final String AGREED_RESPONSE_DEADLINE_DATE_URL = "/cases/response/agreeddeadline/{claimId}";
     private static final String USER_CASE_ROLES = "/cases/{caseId}/userCaseRoles";
+    private static final String COURT_DECISION_URL = "/cases/{caseId}/courtDecision";
     private static final List<DashboardClaimInfo> claimResults =
         Collections.singletonList(DashboardClaimInfo.builder()
                                       .claimAmount(new BigDecimal(
@@ -117,6 +123,9 @@ public class CasesControllerTest extends BaseIntegrationTest {
     @MockBean
     private UserInformationService userInformationService;
 
+    @MockBean
+    private RepaymentPlanDecisionService repaymentPlanDecisionService;
+
     @Test
     @SneakyThrows
     public void shouldReturnHttp200() {
@@ -219,10 +228,10 @@ void shouldSubmitEventSuccessfully() {
     @SneakyThrows
     void shouldCalculateDeadlineSuccessfully() {
         LocalDate extensionDate = LocalDate.of(2022, 6, 6);
-        when(deadlineExtensionCalculatorService.calculateExtendedDeadline(any())).thenReturn(extensionDate);
+        when(deadlineExtensionCalculatorService.calculateExtendedDeadline(any(), anyInt())).thenReturn(extensionDate);
         doPost(
             BEARER_TOKEN,
-            extensionDate,
+            ExtendedDeadlineDto.builder().responseDate(extensionDate).plusDays(5).build(),
             CALCULATE_DEADLINE_URL
         )
             .andExpect(content().json(toJson(extensionDate)))
@@ -410,4 +419,14 @@ void shouldThrowUserNotFoundOnCaseExceptionWhenRolesIsEmpty() {
 
     }
 
+    @Test
+    @SneakyThrows
+    void shouldReturnDecisionMadeForTheClaimantRepaymentPlan() {
+        //Given
+        given(repaymentPlanDecisionService.getCalculatedDecision(any(), any())).willReturn(IN_FAVOUR_OF_CLAIMANT);
+        //When
+        doPost(BEARER_TOKEN, ClaimantProposedPlan.builder().proposedRepaymentType(IMMEDIATELY).build(), COURT_DECISION_URL, "1")
+            .andExpect(status().isOk());
+    }
+
 }

src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/cases/HearingValuesControllerTest.java

@@ -4,7 +4,7 @@
 import org.junit.jupiter.api.Test;
 import org.springframework.boot.test.mock.mockito.MockBean;
 import uk.gov.hmcts.reform.civil.controllers.BaseIntegrationTest;
-import uk.gov.hmcts.reform.civil.exceptions.PartyIdsUpdatedException;
+import uk.gov.hmcts.reform.civil.exceptions.MissingFieldsUpdatedException;
 import uk.gov.hmcts.reform.civil.model.HearingValuesRequest;
 import uk.gov.hmcts.reform.civil.exceptions.CaseNotFoundException;
 import uk.gov.hmcts.reform.civil.model.hearingvalues.ServiceHearingValuesModel;
@@ -55,7 +55,7 @@ public void shouldReturnHttp400_whenCaseNotFoundExceptionThrown() {
     @SneakyThrows
     public void shouldReturnHttp404_whenPartyIdsUpdatedExceptionThrown() {
         when(hearingValuesService.getValues(anyLong(), anyString(), anyString()))
-            .thenThrow(PartyIdsUpdatedException.class);
+            .thenThrow(MissingFieldsUpdatedException.class);
 
         HearingValuesRequest requestBody = HearingValuesRequest.builder().caseReference(1L).hearingId("hearingid").build();
 

src/main/java/uk/gov/hmcts/reform/civil/advice/ControllerExceptionHandler.java

@@ -11,7 +11,7 @@
 import uk.gov.hmcts.reform.civil.documentmanagement.DocumentUploadException;
 import uk.gov.hmcts.reform.civil.exceptions.CaseDataInvalidException;
 import uk.gov.hmcts.reform.civil.exceptions.CaseNotFoundException;
-import uk.gov.hmcts.reform.civil.exceptions.PartyIdsUpdatedException;
+import uk.gov.hmcts.reform.civil.exceptions.MissingFieldsUpdatedException;
 import uk.gov.hmcts.reform.civil.exceptions.UserNotFoundOnCaseException;
 import uk.gov.hmcts.reform.civil.service.pininpost.exception.PinNotMatchException;
 import uk.gov.hmcts.reform.civil.service.search.exceptions.SearchServiceCaseNotFoundException;
@@ -50,10 +50,10 @@ public ResponseEntity<Object> documentUploadException(MaxUploadSizeExceededExcep
         return new ResponseEntity<>("Document upload unsuccessful", new HttpHeaders(), HttpStatus.BAD_REQUEST);
     }
 
-    @ExceptionHandler(PartyIdsUpdatedException.class)
-    public ResponseEntity<Object> partyIdsUpdatedException(PartyIdsUpdatedException partyIdsUpdatedException) {
-        log.error(partyIdsUpdatedException.getMessage());
-        return new ResponseEntity<>("Party IDs updated", new HttpHeaders(), HttpStatus.NOT_FOUND);
+    @ExceptionHandler(MissingFieldsUpdatedException.class)
+    public ResponseEntity<Object> partyIdsUpdatedException(MissingFieldsUpdatedException missingFieldsUpdatedException) {
+        log.error(missingFieldsUpdatedException.getMessage());
+        return new ResponseEntity<>("Missing fields updated", new HttpHeaders(), HttpStatus.NOT_FOUND);
     }
 
     @ExceptionHandler(CaseDataInvalidException.class)

src/main/java/uk/gov/hmcts/reform/civil/advice/ResourceExceptionHandler.java

@@ -2,6 +2,7 @@
 
 import feign.FeignException;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.catalina.connector.ClientAbortException;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
@@ -29,6 +30,14 @@ public ResponseEntity<Object> notFound(Exception exception) {
         return new ResponseEntity<>(exception.getMessage(), new HttpHeaders(), HttpStatus.NOT_FOUND);
     }
 
+    @ExceptionHandler({ClientAbortException.class})
+    public ResponseEntity<String> handleClientAbortException(Exception exception) {
+        log.debug(exception.getMessage(), exception);
+        return new ResponseEntity<>(exception.getMessage(),
+                                    new HttpHeaders(), HttpStatus.REQUEST_TIMEOUT
+        );
+    }
+
     @ExceptionHandler({
         StateFlowException.class,
         IllegalArgumentException.class