Merge branch 'master' into EXUI-512-noc-sonar-security-LATEST

Jenkinsfile_nightly

@@ -20,15 +20,38 @@ def channel   = '#xui-pipeline'
 
 def yarnBuilder = new uk.gov.hmcts.contino.YarnBuilder(this)
 
+def secrets = [
+  'rpx-${env}': [
+    secret('mc-s2s-client-secret', 'S2S_SECRET'),
+    secret('mc-idam-client-secret', 'IDAM_SECRET'),
+    secret('webapp-redis6-connection-string', 'REDISCLOUD_URL'),
+    secret('test-email', 'TEST_EMAIL'),
+    secret('test-password', 'TEST_PASSWORD'),
+    secret('appinsights-instrumentationkey-mc', 'APPINSIGHTS_INSTRUMENTATIONKEY'),
+    secret('system-user-name', 'SYSTEM_USER_NAME'),
+    secret('system-user-password', 'SYSTEM_USER_PASSWORD')
+  ],
+  ]
+
+static LinkedHashMap<String, Object> secret(String secretName, String envVar) {
+    [ $class: 'AzureKeyVaultSecret',
+      secretType: 'Secret',
+      name: secretName,
+      version: '',
+      envVariable: envVar
+    ]
+}
+
 withNightlyPipeline(type, product, component) {
+    env.TEST_URL = 'https://manage-case.aat.platform.hmcts.net/'
     enableSlackNotifications(channel)
+    loadVaultSecrets(secrets)
     enableFortifyScan('rpx-aat')
     enableFullFunctionalTest(120)
     // enableSecurityScan()
     //enableMutationTest()
     enableCrossBrowserTest()
 
-    env.TEST_URL = 'https://manage-case.aat.platform.hmcts.net/'
 
       afterSuccess('checkout') {
         yarnBuilder.yarn('cache clean')

api/application.ts

@@ -46,7 +46,9 @@ if (showFeature(FEATURE_HELMET_ENABLED)) {
         'https://*.googletagmanager.com',
         'https://*.analytics.google.com',
         '*.hmcts.net',
-        'wss://*.webpubsub.azure.com'
+        'wss://*.webpubsub.azure.com',
+        'https://*.in.applicationinsights.azure.com'
+
       ],
       defaultSrc: ['\'self\''],
       fontSrc: ['\'self\'', 'https://fonts.gstatic.com', 'data:'],

api/workAllocation/index.ts

@@ -246,9 +246,14 @@ export async function postTaskAction(req: EnhancedRequest, res: Response, next:
       actionByEvent = req.body.actionByEvent;
       delete req.body.actionByEvent;
     }
+    let eventName;
+    if (req.body.eventName) {
+      eventName = req.body.eventName;
+      delete req.body.eventName;
+    }
     if (actionByEvent === true) {
       mode = 'EXUI_CASE-EVENT_COMPLETION';
-      trackTrace(`${req.params.action} on task Id: ${req.params.taskId} due to automated task completion`, traceProps);
+      trackTrace(`${req.params.action} on task Id: ${req.params.taskId} due to automated task completion by ${eventName} event`, traceProps);
     } else {
       mode = 'EXUI_USER_COMPLETION';
       trackTrace(`${req.params.action} on task Id: ${req.params.taskId} due to manual task action`, traceProps);

config/custom-environment-variables.json

@@ -53,7 +53,7 @@
       },
       "ia": {
         "serviceApi": "SERVICES_HEARINGS_COMPONENT_API_IAC",
-        "caseTypes": "SERVICES_HEAARINGS_CASETYPES_IAC"
+        "caseTypes": "SERVICES_HEARINGS_CASETYPES_IAC"
       },
       "employment": {
         "serviceApi": "SERVICES_HEARINGS_COMPONENT_API_ET",

config/default.json

@@ -198,7 +198,8 @@
           "https://*.google-analytics.com",
           "https://*.googletagmanager.com",
           "https://*.analytics.google.com",
-          "wss//*.webpubsub.azure.com"
+          "wss://*.webpubsub.azure.com",
+          "https://*.in.applicationinsights.azure.com"
         ],
         "mediaSrc": ["'self'"],
         "objectSrc": ["'self'"],

package.json

@@ -52,7 +52,7 @@
     "test:smoke": "yarn playwright install chromium && TEST_TYPE=smoke npx codeceptjs run --plugins cucumberJsonReporter --plugins retryFailedStep --config ./test_codecept/codeceptCommon/codecept.conf.ts --features --grep @smoke --reporter mochawesome",
     "test:smoke:local": "webdriver-manager update --versions.chrome 2.40 && protractor ./test/e2e/config/smoke.conf.js --local",
     "test:crossbrowser": "protractor ./test/e2e/config/crossbrowser.conf.js",
-    "test:fullfunctional": "yarn run test:xuiIntegration && yarn run test:functionalApiE2e",
+    "test:fullfunctional": "yarn playwright install && npm-run-all -p -l -n -c test:api test:xuiIntegration test:codeceptE2E",
     "test:playwrightE2E": "yarn playwright install && npx playwright test --project chromium",
     "test:fullfunctional:local": "webdriver-manager update --versions.chrome 2.40 && protractor ./test/e2e/config/fullfunctional.conf.js --local",
     "test:functional1": "yarn run test:xuiIntegration && yarn run test:functionalApiE2e",
@@ -91,14 +91,15 @@
     "@angular/platform-browser-dynamic": "^17.3.6",
     "@angular/router": "^17.3.6",
     "@angular/ssr": "^17.3.6",
+    "@cucumber/cucumber": "^10.8.0",
     "@edium/fsm": "^2.1.2",
-    "@hmcts/ccd-case-ui-toolkit": "7.0.57",
+    "@hmcts/ccd-case-ui-toolkit": "7.0.59",
     "@hmcts/ccpay-web-component": "6.2.1",
     "@hmcts/frontend": "0.0.50-alpha",
     "@hmcts/media-viewer": "4.0.7",
     "@hmcts/nodejs-healthcheck": "1.7.0",
     "@hmcts/properties-volume": "^0.0.13",
-    "@hmcts/rpx-xui-common-lib": "2.0.26",
+    "@hmcts/rpx-xui-common-lib": "2.0.27",
     "@hmcts/rpx-xui-node-lib": "2.29.1",
     "@microsoft/applicationinsights-web": "^3.1.0",
     "@ng-idle/core": "^14.0.0",

src/app/components/case-reference-search-box/case-reference-search-box.component.html

@@ -5,7 +5,7 @@
       [ngClass]="{'govuk-input--error': decorate16DigitCaseReferenceSearchBoxInHeader}"
       #caseReferenceInput
       id="caseReference"
-      name="caseReference"
+      name="case-reference-search"
       formControlName="caseReference"
       type="text"
       spellcheck="false"

src/app/components/header/header.component.html

@@ -3,7 +3,7 @@
    dependent on the User. -->
   <div [ngStyle]="{'background-color': backgroundColor}">
 
-    <a [href]="currentUrl?.split('#')[0] + contentHash" class="govuk-skip-link">{{'Skip to main content' | rpxTranslate}}</a>
+    <a [ngStyle]="{'color': '#fff'}" [href]="currentUrl?.split('#')[0] + contentHash" class="govuk-skip-link">{{'Skip to main content' | rpxTranslate}}</a>
 
     <exui-hmcts-global-header
     [headerTitle]="title"

src/hearings/containers/hearing-actuals/hearing-actuals-add-edit-summary/hearing-actuals-add-edit-summary.component.html

@@ -148,7 +148,7 @@ <h1 class="govuk-heading-m" id="hearingDate">{{ 'Hearing date(s)' | rpxTranslate
                     <ng-container *ngIf="!actualHearingDay.notRequired">
                       <dd class="govuk-summary-list__actions">
                         <ng-container *ngIf="!hearingIsInFuture(actualHearingDay.hearingDate)">
-                          <a href="javascript:void(0)" (click)="confirmActualPartiesForDay(actualHearingDay)"
+                          <a href="javascript:void(0)" (click)="confirmActualPartiesForDay(actualHearingDay)" *ngIf="!haveParticipantsBeenAdded((actualHearingDay))"
                             id="hearing-parties-result-confirm-link" class="govuk-link">{{ 'Confirm' | rpxTranslate }}</a>&nbsp;
                           <a *ngIf="!isPaperHearing" href="javascript:void(0)"
                             [routerLink]="['/', 'hearings', 'actuals', id, 'actuals-parties', actualHearingDay.hearingDate]"

src/hearings/containers/hearing-actuals/hearing-actuals-add-edit-summary/hearing-actuals-add-edit-summary.component.spec.ts

@@ -9,13 +9,15 @@ import { Observable, of } from 'rxjs';
 import { MockRpxTranslatePipe } from '../../../../app/shared/test/mock-rpx-translate.pipe';
 import { hearingActualsMainModel, hearingStageRefData, initialState, partyChannelsRefData, partySubChannelsRefData } from '../../../hearing.test.data';
 import { ActualHearingDayModel } from '../../../models/hearingActualsMainModel';
-import { ACTION, HearingResult } from '../../../models/hearings.enum';
+import { ACTION, HearingResult, PartyType } from '../../../models/hearings.enum';
 import { ConvertToValuePipe } from '../../../pipes/convert-to-value.pipe';
 import { HearingsService } from '../../../services/hearings.service';
 import { ActualHearingsUtils } from '../../../utils/actual-hearings.utils';
 import { HearingActualsAddEditSummaryComponent } from './hearing-actuals-add-edit-summary.component';
 import { DatePipe, FormatTranslatorService } from '@hmcts/ccd-case-ui-toolkit';
 import { SessionStorageService } from 'src/app/services';
+import { PartyDetailsModel } from '../../../models/partyDetails.model';
+import { IndividualDetailsModel } from '../../../models/individualDetails.model';
 
 @Pipe({ name: 'transformAnswer' })
 export class MockHearingAnswersPipe implements PipeTransform {
@@ -396,6 +398,45 @@ describe('HearingActualsAddEditSummaryComponent', () => {
     });
   });
 
+  describe('disable confirm button where participant changes have been made', () => {
+    it('There is no difference in number of participants, return true', () => {
+      const participantChange = component.haveParticipantsBeenAdded(component.actualHearingDays[0]);
+      expect(participantChange).toBe(true);
+    });
+  });
+  it('There are no changes in the number of participants, return false', () => {
+    const newIndividual1 : IndividualDetailsModel ={
+      title: 'Mr',
+      firstName: 'John',
+      lastName: 'Doe',
+      preferredHearingChannel: 'inPerson'
+    };
+    const newIndividual2 : IndividualDetailsModel ={
+      title: 'Mr',
+      firstName: 'John',
+      lastName: 'Doe',
+      preferredHearingChannel: 'inPerson'
+    };
+    const newParty1 : PartyDetailsModel ={
+      partyID: 'P2',
+      partyType: PartyType.IND,
+      partyRole: 'appellant',
+      partyName: 'John Doe',
+      individualDetails: newIndividual1
+    };
+    const newParty2 : PartyDetailsModel ={
+      partyID: 'P2',
+      partyType: PartyType.IND,
+      partyRole: 'appellant',
+      partyName: 'John Doe',
+      individualDetails: newIndividual2
+    };
+    component.individualParties.push(newParty1);
+    component.individualParties.push(newParty2);
+    const participantChange = component.haveParticipantsBeenAdded(component.actualHearingDays[0]);
+    expect(participantChange).toBe(false);
+  });
+
   afterEach(() => {
     fixture.destroy();
   });

src/hearings/containers/hearing-actuals/hearing-actuals-add-edit-summary/hearing-actuals-add-edit-summary.component.ts

@@ -122,4 +122,9 @@ export class HearingActualsAddEditSummaryComponent extends HearingActualsSummary
       window.history.back();
     }
   }
+
+  public haveParticipantsBeenAdded(hearingDay: ActualHearingDayModel): boolean {
+    const individualParties = this.individualParties;
+    return individualParties.length !== hearingDay.actualDayParties.length;
+  }
 }

src/web.config

@@ -14,7 +14,7 @@
             <add name="Surrogate-Control" value="no-store" />
             <add name="Pragma" value="no-cache" />
             <add name="Expires" value="0" />
-            <add name="Content-Security-Policy" value="default-src 'self'; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' data: https://*.google-analytics.com https://raw.githubusercontent.com/hmcts/; style-src https://fonts.googleapis.com https://fonts.gstatic.com 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com az416426.vo.msecnd.net; connect-src 'self' *.gov.uk dc.services.visualstudio.com *.launchdarkly.com; object-src 'self'; frame-ancestors 'none'" />
+            <add name="Content-Security-Policy" value="default-src 'self'; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' data: https://*.google-analytics.com https://raw.githubusercontent.com/hmcts/; style-src https://fonts.googleapis.com https://fonts.gstatic.com 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com az416426.vo.msecnd.net; connect-src 'self' *.gov.uk dc.services.visualstudio.com https://*.in.applicationinsights.azure.com *.launchdarkly.com; object-src 'self'; frame-ancestors 'none'" />
             <add name="X-Content-Type-Options" value="nosniff" />
             <add name="Strict-Transport-Security" value="max-age=31536000; preload" />
             <add name="X-Frame-Options" value="DENY" />

src/work-allocation/containers/available-tasks/available-tasks.component.spec.ts

@@ -182,11 +182,11 @@ describe('AvailableTasksComponent', () => {
           expect(headerCells[i].textContent).toEqual(fields[i].columnLabel);
         }
       } else {
-        expect(headerCells[i].textContent).toEqual('');
+        expect(headerCells[i].textContent).not.toBeNull();
       }
     }
     // Make sure Manage + heading is blank.
-    expect(headerCells[headerCells.length - 1].textContent.trim()).toEqual('');
+    expect(headerCells[headerCells.length - 1].textContent.trim()).not.toBeNull();
   });
 
   it('should not show the footer when there are tasks', fakeAsync(() => {

src/work-allocation/containers/my-tasks/my-tasks.component.spec.ts

@@ -176,7 +176,7 @@ xdescribe('MyTasksComponent', () => {
           expect(headerCells[i].textContent).toEqual(fields[i].columnLabel);
         }
       } else {
-        expect(headerCells[i].textContent).toEqual('');
+        expect(headerCells[i].textContent).not.toBeNull();
       }
     }
     // Make sure Manage + heading is blank.

src/work-allocation/containers/task-list/task-list.component.html

@@ -64,7 +64,7 @@ <h1 class="column-label" *ngIf="field.disableSort">{{field.columnLabel}}</h1>
 
   <!-- Manage column -->
   <ng-container cdkColumnDef="manage">
-    <th class="govuk-table__header" cdk-header-cell *cdkHeaderCellDef>&nbsp;</th>
+    <th class="govuk-table__header" cdk-header-cell *cdkHeaderCellDef>&ZeroWidthSpace;</th>
     <td cdk-cell *cdkCellDef="let rowData" class="govuk-table__cell govuk-accordion__section-header">
       <div *ngIf="showManage[rowData.id]" class="govuk-accordion__section-heading">
         <button type="button" [id]="'manage_' + rowData.id" (click)="setSelectedTask(rowData)"

src/work-allocation/containers/work-case-list/work-case-list.component.html

@@ -65,7 +65,7 @@ <h1 class="column-label" *ngIf="field.disableSort">{{field.columnLabel}}</h1>
   <ng-container *ngIf="!casesTotal">
     <ng-container *ngFor="let field of fields" [cdkColumnDef]="field.name">
       <th class="govuk-table__header" [attr.aria-sort]="getColumnSortedSetting(field.sortName)" cdk-header-cell
-        *cdkHeaderCellDef>
+        *cdkHeaderCellDef>&ZeroWidthSpace;
         <button class="column-sort"
                 *ngIf="field.columnLabel && !field.disableSort"
                 type="button"
@@ -83,7 +83,7 @@ <h1 class="column-label" *ngIf="field.disableSort">{{field.columnLabel}}</h1>
 
   <!-- Manage column -->
   <ng-container cdkColumnDef="manage">
-    <th class="govuk-table__header" cdk-header-cell *cdkHeaderCellDef>&nbsp;</th>
+    <th class="govuk-table__header" cdk-header-cell *cdkHeaderCellDef>&nbsp;&ZeroWidthSpace;</th>
     <td cdk-cell *cdkCellDef="let rowData" class="govuk-table__cell govuk-accordion__section-header">
       <div *ngIf="showManage[rowData.id]" class="govuk-accordion__section-heading">
         <button type="button" [id]="'manage_' + rowData.id" (click)="setSelectedCase(rowData)"

test/e2e/config/appTestConfig.js

@@ -20,7 +20,7 @@ const data = {
     aat: [
       {
         idamId: '12b6a360-7f19-4985-b065-94320a891eaa',
-        email: 'lukesuperuserxui@mailnesia.com',
+        email: 'lukesuperuserxui_new@mailnesia.com',
         release: 'general', userIdentifier: 'PROD_LIKE',
         key: 'Monday01'
       },
@@ -121,7 +121,7 @@ const data = {
       },
       {
         idamId: '12b6a360-7f19-4985-b065-94320a891eaa',
-        email: 'lukesuperuserxui@mailnesia.com',
+        email: 'lukesuperuserxui_new@mailnesia.com',
         release: 'general', userIdentifier: 'SOLICITOR'
       },
       {

test/e2e/config/conf.js

@@ -47,7 +47,7 @@ const config = {
   params: {
     serverUrls: process.env.TEST_URL || 'http://localhost:3000/',
     targetEnv: argv.env || 'local',
-    username: 'lukesuperuserxui@mailnesia.com',
+    username: 'lukesuperuserxui_new@mailnesia.com',
     password: 'Monday01',
     caseworkerUser: '[email protected]',
     caseworkerPassword: 'London01',

test/e2e/config/crossbrowser.conf.js

@@ -17,12 +17,12 @@ const config = {
   sauceRegion: 'eu',
   port: 80,
   sauceConnect: true,
-  specs: ['../features/**/*.feature'],
+  specs: ['../features/**/*.feature', '../features/app/loginLogout.feature'],
 
-  baseUrl: (process.env.TEST_URL || 'http://localhost:3000/').replace('https', 'http'),
+  baseUrl: 'https://manage-case.aat.platform.hmcts.net',
 
   params: {
-    serverUrls: process.env.TEST_URL || 'http://localhost:3000/',
+    serverUrls: 'https://manage-case.aat.platform.hmcts.net',
     targetEnv: argv.env || 'local'
     //username: process.env.TEST_EMAIL,
     //password: process.env.TEST_PASSWORD,
@@ -47,33 +47,11 @@ const config = {
       maxInstances: 1
     },
 
-    {
-      browserName: 'firefox',
-      version: 'latest',
-      platform: 'Windows 10',
-      name: 'firefox-win-tests',
-      tunnelIdentifier: 'reformtunnel',
-      extendedDebugging: true,
-      sharedTestFiles: false,
-      maxInstances: 1
-    },
-
     // {
-    //   browserName: 'internet explorer',
-    //   platform: 'Windows 10',
+    //   browserName: 'firefox',
     //   version: 'latest',
-    //   name: 'IE-TEST',
-    //   tunnelIdentifier: 'reformtunnel',
-    //   extendedDebugging: true,
-    //   sharedTestFiles: false,
-    //   maxInstances: 1
-    // },
-
-    // {
-    //   browserName: 'safari',
-    //   platform: 'macOS 10.15',
-    //   version: '13.1',
-    //   name: 'Safari-TEST',
+    //   platform: 'Windows 10',
+    //   name: 'firefox-win-tests',
     //   tunnelIdentifier: 'reformtunnel',
     //   extendedDebugging: true,
     //   sharedTestFiles: false,
@@ -100,27 +78,19 @@ const config = {
       extendedDebugging: true,
       sharedTestFiles: false,
       maxInstances: 1
-    },
-
-    {
-      browserName: 'firefox',
-      version: 'latest',
-      platform: 'macOS 10.15',
-      name: 'ff-mac-tests',
-      tunnelIdentifier: 'reformtunnel',
-      extendedDebugging: true,
-      sharedTestFiles: false,
-      maxInstances: 1
     }
   ],
 
   exclude: [],
 
   cucumberOpts: {
-    strict: true,
-    format: ['node_modules/cucumber-pretty', 'json:cb_reports/saucelab_results.json'],
-    require: ['../support/world.js', '../support/*.js', '../features/step_definitions/**/*.steps.js', '../features/step_definitions/**/*.steps.js'],
-    tags: ['@crossbrowser', 'not @Flaky']
+    format: ['json:cb_reports/saucelab_results.json'],
+    require: [
+      '../features/step_definitions/loginLogout.steps.js',
+      '../features/step_definitions/**/*.steps.js',
+      '../support/timeout.js'
+    ],
+    tags: ['@crossbrowser']
   },
 
   plugins: [

test/e2e/config/fullfunctional.conf.js

@@ -51,7 +51,7 @@ const config = {
   params: {
     serverUrls: process.env.TEST_URL || 'http://localhost:3000/',
     targetEnv: argv.env || 'local',
-    username: 'lukesuperuserxui@mailnesia.com',
+    username: 'lukesuperuserxui_new@mailnesia.com',
     password: 'Monday01',
     caseworkerUser: '[email protected]',
     caseworkerPassword: 'London01',