├── .env ├── .gitattributes ├── .github ├── CONTRIBUTING.md ├── ISSUE_TEMPLATE.md ├── PULL_REQUEST_TEMPLATE.md └── stale.yml ├── .gitignore ├── .project ├── LICENSE.md ├── PostgresV11.md ├── README.md ├── bin ├── add-ccd-roles.sh ├── add-idam-clients.sh ├── add-idam-roles.sh ├── add-role-assignments.sh ├── add-users.sh ├── am-role-assignments.json ├── ccd-add-role.sh ├── ccd-import-definition.sh ├── ccd-roles.json ├── document-management-store-create-blob-store-container.sh ├── document-management-store-get.sh ├── document-management-store-migrate.sh ├── env_variables_all.txt ├── idam-delete-user.sh ├── set-environment-variables.sh ├── users.json └── utils │ ├── am-add-role-assignment.sh │ ├── idam-add-role.sh │ ├── idam-authenticate.sh │ ├── idam-create-caseworker.sh │ ├── idam-create-service.sh │ ├── idam-get-user.sh │ ├── idam-remove-caseworker.sh │ ├── idam-user-token.sh │ └── lease-service-token.sh ├── bulk-user-setup ├── README.md ├── bulk-user-setup.config ├── bulk-user-setup.sh ├── bulk_processing │ ├── .DS_Store │ └── Templates │ │ └── .DS_Store ├── caseworker-roles-local-testing.txt ├── caseworker-roles-master.txt └── test │ ├── inputs │ ├── ADD-WITH-ID-SSOID.csv │ ├── ADD-WITH-ID.csv │ ├── ADD.csv │ ├── CFTS-4217.csv │ ├── COMMON.csv │ ├── DELETE.csv │ ├── DEMO-ENV-TEST-NOSSOID.csv │ ├── DEMO-ENV-TEST-SSOID.csv │ ├── DEMO-ENV-TEST-UPDATEEMAIL-SSOID.csv │ ├── FIND.csv │ ├── SKIP.csv │ └── UPDATENAME.csv │ └── utils │ ├── add-idam-clients.sh │ ├── add-idam-roles.sh │ ├── add-users.sh │ ├── idam-create-service.sh │ ├── idam-create-users.sh │ ├── idam-create-users.sh.bk │ ├── roles.json │ └── users.json ├── ccd ├── compose ├── backend.yml ├── case-disposer.yml ├── case-document-am.yml ├── ccd-next-hearing-date-updater.yml ├── def-designer.yml ├── defaults.conf ├── dm-store.yml ├── elasticsearch.yml ├── frontend.yml ├── hearings.yml ├── logstash.yml ├── message-publisher.yml ├── operational.yml ├── others.yml ├── sidam-local-ccd.yml ├── sidam-local.yml ├── sidam.yml ├── ts-translation-service.yml └── xui-frontend.yml ├── database ├── Dockerfile └── init-db.sh ├── logstash ├── config │ ├── logstash.yml │ └── pipelines.yml ├── lib │ └── postgresql-42.2.18.jar └── pipeline │ ├── 01_input.conf │ ├── 02_filter.conf │ ├── 03_output.conf │ └── dead_letter_indexing_pipeline.conf └── resources ├── idam_stub_get_details_custom.json ├── improved-ccd-test-automation-users.json ├── original-ccd-test-automation-users.json └── role_assignments ├── get_role_assignments.json ├── get_role_assignments_not_found.json ├── get_role_assignments_with_expired_results.json ├── post_role_assignments_2_record.json ├── post_role_assignments_one_record.json ├── post_role_assignments_query_expired.json └── post_role_assignments_query_notFound_3.json /.env: -------------------------------------------------------------------------------- 1 | # Database 2 | DB_USERNAME=ccd 3 | DB_PASSWORD=ccd 4 | DB_USE_SSL=false 5 | DB_HOST_COMMON=ccd-shared-database 6 | DB_PORT_COMMON=5432 7 | AM_DB=am 8 | AM_DB_USERNAME=amuser 9 | AM_DB_PASSWORD=ampass 10 | 11 | # IDAM Keys 12 | IDAM_KEY_CCD_DEFINITION_STORE=AAAAAAAAAAAAAAAA 13 | IDAM_KEY_CCD_DEFINITION_DESIGNER=AAAAAAAAAAAAAAAE 14 | IDAM_KEY_CCD_DATA_STORE=AAAAAAAAAAAAAAAB 15 | IDAM_KEY_CCD_GATEWAY=AAAAAAAAAAAAAAAC 16 | IDAM_KEY_CCD_ADMIN=AAAAAAAAAAAAAAAD 17 | IDAM_KEY_DM_STORE=AAAAAAAAAAAAAAAA 18 | IDAM_KEY_CCD_PS=AAAAAAAAAAAAAAAA 19 | IDAM_KEY_FPL_CASE_SERVICE=AABBCCDDEEFFGGHH 20 | IDAM_KEY_CASE_DOCUMENT=AABBCCDDEEFFGGHH 21 | IDAM_KEY_BULK_SCAN_PROCESSOR=AAAAAAAAAAAAAAAA 22 | IDAM_KEY_BULK_SCAN_ORCHESTRATOR=AAAAAAAAAAAAAAAA 23 | IDAM_KEY_XUI_WEBAPP=AAAAAAAAAAAAAAAA 24 | IDAM_KEY_AM_ROLE_ASSIGNMENT=AAAAAAAAAAAAAAAA 25 | IDAM_KEY_TS_TRANSLATION_SERVICE=AAAAAAAAAAAAAAAA 26 | 27 | IDAM_KEY_CFT_HEARING_SERVICE=AAAAAAAAAAAAAAAA 28 | IDAM_KEY_API_HMI_INBOUND_ADAPTER=AAAAAAAAAAAAAAAA 29 | 30 | # IDAM OAuth2 secrets 31 | OAUTH2_CLIENT_CCD_GATEWAY=OOOOOOOOOOOOOOOO 32 | OAUTH2_CLIENT_CCD_ADMIN=IIIIIIIIIIIIIIII 33 | 34 | # Microsoft Insights Key 35 | APPINSIGHTS_INSTRUMENTATIONKEY=SomeRandomStringForLocalDocker 36 | 37 | WIREMOCK_SERVER_MAPPINGS_PATH=wiremock 38 | 39 | ES_ENABLED_DOCKER=false 40 | 41 | #uncomment to enable Idam Stub 42 | #IDAM_STUB_SERVICE_NAME=http://ccd-test-stubs-service:5555 43 | #IDAM_STUB_LOCALHOST=http://localhost:5555 44 | 45 | #XUI WEBAPP Oauth2 secrets 46 | BEFTA_S2S_CLIENT_SECRET_OF_XUI_WEBAPP=OOOOOOOOOOOOOOOO 47 | 48 | #ACA Oauth2 secrets 49 | BEFTA_S2S_CLIENT_SECRET_OF_AAC_MANAGE_CASE_ASSIGNMENT=AAAAAAAAAAAAAAAA 50 | 51 | CCD_LOGSTASH_REPOSITORY_URL=hmctspublic.azurecr.io 52 | CCD_LOGSTASH_SERVICES=all 53 | 54 | #ROLE_ASSIGNMENTS 55 | #ENABLE_ATTRIBUTE_BASED_ACCESS_CONTROL=true 56 | #ENABLE_PSEUDO_ROLE_ASSIGNMENTS_GENERATION=true 57 | #ENABLE_PSEUDO_ACCESS_PROFILES_GENERATION=true 58 | #ROLE_ASSIGNMENT_URL=http://ccd-test-stubs-service:5555 59 | 60 | 61 | #ccd-next-hearing-date-updater 62 | CCD_NEXT_HEARING_DATE_PASSWORD=Pa55word11 63 | IDAM_KEY_NEXT_HEARING_UPDATER=AAAAAAAAAAAAAAAA 64 | -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | # Set the default behavior, in case people don't have core.autocrlf set. 2 | * text=auto 3 | 4 | # Declare files that will always have CRLF line endings on checkout. 5 | ccd text eol=lf 6 | *.sh text eol=lf 7 | *.conf text eol=lf 8 | -------------------------------------------------------------------------------- /.github/CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contribution guidelines 2 | 3 | We're happy to accept 3rd-party contributions. Please make sure you read this document before you do any work though, 4 | as we have some expectations related to the content and quality of change sets. 5 | 6 | ## What you should know about this application 7 | 8 | This project is part of a flexible case management system for HMCTS' services. 9 | 10 | ## Before contributing 11 | 12 | Any ideas on the user journeys and general service experience you may have **should be first consulted 13 | with us by submitting a new issue** to this repository. Ideas are always welcome, but if something is divergent or unrelated 14 | to what we're trying to achieve we won't be able to accept it. Please keep this in mind as we don't want to waste anybody's time. 15 | 16 | In the interest of creating a friendly collaboration environment, please read and adhere to an open source contributor's 17 | [code of conduct](http://contributor-covenant.org/version/1/4/). 18 | 19 | ## Making a contribution 20 | 21 | After your idea has been accepted you can implement it. We don't allow direct changes to the codebase from the public, 22 | they have to go through a review first. 23 | 24 | Here's what you should do: 25 | 1. [fork](https://help.github.com/articles/fork-a-repo/) this repository and clone it to your machine, 26 | 2. create a new branch for your change: 27 | * use the latest *master* to branch from, 28 | 3. implement the change in your branch: 29 | * if the change is non-trivial it's a good practice to split it into several logically independent units and deliver 30 | each one as a separate commit, 31 | * make sure the commit messages use proper language and accurately describe commit's content, e.g. *"Unify postcode lookup elements spacing"*. 32 | More information on good commit messages can be found [here](http://chris.beams.io/posts/git-commit/), 33 | 4. test if your feature works as expected and does not break any existing features, this may include implementing additional automated tests or amending existing ones, 34 | 5. push the change to your GitHub fork, 35 | 6. submit a [pull request](https://help.github.com/articles/creating-a-pull-request-from-a-fork/) to our repository: 36 | * ensure that the pull request and related GitHub issue reference each other. 37 | 38 | At this point the pull request will wait for someone from our team to review. It may be accepted straight away, 39 | or we may ask you to make some additional amendments before incorporating it into the main branch. 40 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | ### What would you like to change? 2 | 3 | ### How do you think that would improve the project? 4 | 5 | ### If this entry is related to a bug, please provide the steps to reproduce it 6 | -------------------------------------------------------------------------------- /.github/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | **Before creating a pull request make sure that:** 2 | 3 | - [ ] commit messages are meaningful and follow good commit message guidelines 4 | - [ ] README and other documentation has been updated / added (if needed) 5 | - [ ] tests have been updated / new tests has been added (if needed) 6 | 7 | Please remove this line and everything above and fill the following sections: 8 | 9 | 10 | ### JIRA link (if applicable) ### 11 | 12 | 13 | 14 | ### Change description ### 15 | 16 | 17 | 18 | **Does this PR introduce a breaking change?** (check one with "x") 19 | 20 | ``` 21 | [ ] Yes 22 | [ ] No 23 | ``` 24 | -------------------------------------------------------------------------------- /.github/stale.yml: -------------------------------------------------------------------------------- 1 | # Number of days of inactivity before an issue becomes stale 2 | daysUntilStale: 21 3 | 4 | # Number of days of inactivity before a stale issue is closed 5 | daysUntilClose: 14 6 | 7 | # Issues with these labels will never be considered stale 8 | exemptLabels: 9 | - pinned 10 | - security 11 | - dependencies 12 | 13 | # Label to use when marking an issue as stale 14 | staleLabel: stale 15 | 16 | # Comment to post when marking an issue as stale. Set to `false` to disable 17 | markComment: > 18 | This issue has been automatically marked as stale because it has not had 19 | recent activity. It will be closed if no further activity occurs. Thank you 20 | for your contributions. 21 | 22 | # Comment to post when closing a stale issue. Set to `false` to disable 23 | closeComment: > 24 | This issue is being closed automatically as it was stale 25 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Dynamic image tags 2 | .tags.env 3 | 4 | .workspace 5 | 6 | # IntelliJ IDEA files 7 | .idea/ 8 | *.iml 9 | /.project 10 | -------------------------------------------------------------------------------- /.project: -------------------------------------------------------------------------------- 1 | 2 | 3 | ccd-docker 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | -------------------------------------------------------------------------------- /LICENSE.md: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2017 HMCTS (HM Courts & Tribunals Service) 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: 6 | 7 | The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. 8 | 9 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 10 | -------------------------------------------------------------------------------- /PostgresV11.md: -------------------------------------------------------------------------------- 1 | # Steps to migrate existing v9.6 PostgreSQL database to v11 2 | 3 | ## 1 Backup old database. Migrate data to the new database. (Optional Step) 4 | 5 | **The following steps describe the process of backing up the old DB in to the new DB. 6 | These steps can be ignored in the case of building a new environment from scratch** 7 | 8 | * Get your old DB container id, for instance: a210d7e11a5b 9 | ``` 10 | docker ps | grep compose_ccd-shared-database_1 11 | ``` 12 | * Backup all DBs to a dumpfile file. Verify the dumpfile is stored in your current directory 13 | ``` 14 | docker exec -it a210d7e11a5b /usr/bin/pg_dumpall -U postgres > dumpfile 15 | ``` 16 | 17 | 18 | ## 2 Pull latest ccd-docker (MANDATORY) 19 | **Note:** If you want to keep your current database data, please go the step above, [Backup old database](#1--backup-old-database-migrate-data-to-the-new-database--optional-step-) 20 | * Make sure images/volumes of microservices are deleted with the following. 21 | **This has to be in place to be able to _migrate_ from postgres V9 to v11.** 22 | ``` 23 | ./ccd compose down 24 | ``` 25 | * Make sure all microservices are running the same branch, for instance: 'master'. 26 | ``` 27 | ./ccd status 28 | ``` 29 | * Please ensure you've exported/updated the required environment variables using the script, [set-environment-variables.sh](bin/set-environment-variables.sh) 30 | * Start ccd-docker and make sure ccd-shared-database is up and running. 31 | ``` 32 | ./ccd compose up -d 33 | ``` 34 | 35 | **Note:** Skip Step 3 and go to [Step 4](#4-settings-for-ccd-docker--mandatory-) if you did not make a backup of your DB data 36 | 37 | 38 | ## 3 Restore database from backup 39 | * Get the container id of the new v11 DB for instance: **36a8eb5cccba** 40 | ``` 41 | docker ps | grep compose_ccd-shared-database_1-V11 42 | ```` 43 | * Copy the dumpfile from your directory to the v11 DB container 44 | ``` 45 | docker cp dumpfile 36a8eb5cccba:/home 46 | ``` 47 | * Open a shell into your v11 DB container 48 | ``` 49 | docker exec -it 36a8eb5cccba bash 50 | ``` 51 | * Change the permission of the dumpfile file 52 | ``` 53 | chmod 777 /home/dumpfile 54 | ``` 55 | * Import the dumpfile and wait ..... 56 | ```$xslt 57 | su - postgres 58 | cd /home/ 59 | psql < dumpfile 60 | 61 | ``` 62 | * Check the v11 DB data 63 | ```$xslt 64 | psql 65 | SELECT datname FROM pg_database; 66 | \dt 67 | select * from event; 68 | 69 | ``` 70 | 71 | 72 | ## 4 Settings for ccd-docker (MANDATORY) 73 | 74 | **The following steps should be done to define the microservices dependency to the new V11 DB container** 75 | 76 | Stop and restart the old DB container. 77 | * Get the DB container id, for instance: 36a8eb5cccba. 78 | ``` 79 | docker ps | grep compose_ccd-shared-database 80 | ``` 81 | 82 | * Stop the container. 83 | ``` 84 | docker stop 36a8eb5cccba 85 | ``` 86 | * Restart using. 87 | ``` 88 | ./ccd compose up -d 89 | ``` 90 | 91 | * In case you did not use the back-up from your old DB, you have to set up CCD users again, following the main guideline steps shown below: 92 | * CCD Quick Start 93 | ``` 94 | ./bin/add-idam-clients.sh 95 | ./bin/add-idam-roles.sh 96 | ./bin/add-users.sh 97 | ./bin/add-ccd-roles.sh 98 | ./bin/add-role-assignments.sh 99 | ``` 100 | 101 | 102 | 103 | -------------------------------------------------------------------------------- /bin/add-ccd-roles.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -eu 4 | dir=$(dirname ${0}) 5 | jq -c '(.[])' ${dir}/ccd-roles.json | while read args; do 6 | role=$(jq -r '.role' <<< $args) 7 | class=$(jq -r '.security_classification' <<< $args) 8 | echo Creating/updating CCD role $role with classification $class 9 | ${dir}/ccd-add-role.sh $role $class 10 | echo 11 | done 12 | -------------------------------------------------------------------------------- /bin/add-idam-clients.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -eu 4 | 5 | dir=$(dirname ${0}) 6 | 7 | ${dir}/utils/idam-create-service.sh "ccd_gateway" "ccd_gateway" "ccd_gateway_secret" "http://localhost:3451/oauth2redirect" "false" "profile openid roles" 8 | 9 | ${dir}/utils/idam-create-service.sh "xuiwebapp" "xuiwebapp" "OOOOOOOOOOOOOOOO" "http://localhost:3455/oauth2/callback" "false" "profile openid roles manage-user create-user search-user" 10 | 11 | ${dir}/utils/idam-create-service.sh "ccd_admin" "ccd_admin" "ccd_admin_secret" "https://localhost:3100/oauth2redirect" "false" "profile openid roles" 12 | 13 | ${dir}/utils/idam-create-service.sh "am_role_assignment" "am_role_assignment" "am_role_assignment_secret" "http://localhost:4096/oauth2redirect" "false" "profile openid roles search-user" 14 | 15 | ${dir}/utils/idam-create-service.sh "ccd_data_store_api" "ccd_data_store_api" "idam_data_store_client_secret" "http://ccd-data-store-api/oauth2redirect" "false" "profile openid roles manage-user" 16 | 17 | ${dir}/utils/idam-create-service.sh "ccd_case_disposer" "ccd_case_disposer" "idam_ccd_case_disposer_secret" "http://ccd-case-disposer/oauth2redirect" "false" "profile openid roles" 18 | 19 | ${dir}/utils/idam-create-service.sh "ccd_next_hearing_date_updater" "ccd_next_hearing_date_updater" "AAAAAAAAAAAAAAAA" "http://ccd-next-hearing-date-updater/oauth2redirect" "false" "profile openid roles" 20 | 21 | ${dir}/utils/idam-create-service.sh "hmc_hmi_inbound_adapter" "hmc_hmi_inbound_adapter" "hmc_hmi_inbound_adapter_secret" "https://hmi-inbound-adapter/oauth2redirect" "false" "profile openid roles manage-user" -------------------------------------------------------------------------------- /bin/add-idam-roles.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -eu 4 | dir=$(dirname ${0}) 5 | jq -r '[(.[] | .roles | split(",")) | .[] ] | unique[]' ${dir}/users.json | while read args; do 6 | ${dir}/utils/idam-add-role.sh "$args" 7 | done 8 | -------------------------------------------------------------------------------- /bin/add-role-assignments.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -eu 4 | 5 | dir=$(dirname ${0}) 6 | 7 | jq -c '(.[])' ${dir}/am-role-assignments.json | while read user; do 8 | email=$(jq -r '.email' <<< $user) 9 | idamUser=$(${dir}/utils/idam-get-user.sh $email) 10 | idamId=$(jq -r '.id' <<< $idamUser) 11 | 12 | override=$(jq -r '.overrideAll' <<< $user) 13 | if [ $override == 'true' ]; then 14 | echo "Removing all existing role assignments for user ${email}" 15 | psql -h localhost -p ${DB_EXTERNAL_PORT} -d role_assignment -U ccd -c "DELETE FROM role_assignment WHERE actor_id = '${idamId}'" -q 16 | fi 17 | 18 | jq -c '(.roleAssignments[])' <<< $user | while read assignment; do 19 | roleType=$(jq -r '.roleType' <<< $assignment) 20 | roleName=$(jq -r '.roleName' <<< $assignment) 21 | grantType=$(jq -r '.grantType' <<< $assignment) 22 | roleCategory=$(jq -r '.roleCategory' <<< $assignment) 23 | classification=$(jq -r '.classification' <<< $assignment) 24 | readOnly=$(jq -r '.readOnly' <<< $assignment) 25 | attributes=$(jq -r '.attributes | tostring' <<< $assignment) 26 | 27 | authorisations=$(jq -r 'if .authorisations | length > 0 then "'"'"'{" + (.authorisations | join(",")) + "}'"'"'" else null end' <<< $assignment) 28 | 29 | echo "Creating '${roleName}' assignment of type '${roleType}' for user ${email}" 30 | ${dir}/utils/am-add-role-assignment.sh $idamId $roleType $roleName $classification $grantType $roleCategory $readOnly $attributes $authorisations 31 | done 32 | echo 33 | done 34 | -------------------------------------------------------------------------------- /bin/add-users.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -eu 4 | 5 | dir=$(dirname ${0}) 6 | 7 | jq -r '.[] | .email + " " + .roles + " " + .lastName + " " + .firstName' ${dir}/users.json | while read args; do 8 | ${dir}/utils/idam-create-caseworker.sh $args 9 | done 10 | -------------------------------------------------------------------------------- /bin/am-role-assignments.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "email": "auto.test.cnp@gmail.com", 4 | "roleAssignments": [ 5 | { 6 | "roleType": "ORGANISATION", 7 | "roleName": "staff", 8 | "grantType": "STANDARD", 9 | "roleCategory": "LEGAL_OPERATIONS", 10 | "classification": "PUBLIC", 11 | "readOnly": false, 12 | "attributes": { "caseType": "AAT", "jurisdiction": "AUTOTEST1" }, 13 | "authorisations": [] 14 | }, 15 | { 16 | "roleType": "ORGANISATION", 17 | "roleName": "staff", 18 | "grantType": "STANDARD", 19 | "roleCategory": "LEGAL_OPERATIONS", 20 | "classification": "PUBLIC", 21 | "readOnly": false, 22 | "attributes": { "caseType": "MAPPER", "jurisdiction": "AUTOTEST1" }, 23 | "authorisations": [] 24 | } 25 | ], 26 | "overrideAll": true 27 | }, 28 | 29 | { 30 | "email": "ccd.ac.superuser@gmail.com", 31 | "roleAssignments": [ 32 | { 33 | "roleType": "ORGANISATION", 34 | "roleName": "Solicitor", 35 | "grantType": "STANDARD", 36 | "roleCategory": "PROFESSIONAL", 37 | "classification": "RESTRICTED", 38 | "readOnly": false, 39 | "attributes": { "jurisdiction":"J1", "caseType":"CT2" }, 40 | "authorisations": [] 41 | } 42 | ], 43 | "overrideAll": true 44 | }, 45 | 46 | { 47 | "email": "ccd.ac.solicitor1@gmail.com", 48 | "roleAssignments": [ 49 | { 50 | "roleType": "ORGANISATION", 51 | "roleName": "Solicitor", 52 | "grantType": "STANDARD", 53 | "roleCategory": "PROFESSIONAL", 54 | "classification": "PUBLIC", 55 | "readOnly": false, 56 | "attributes": { "jurisdiction":"J1", "caseType":"CT1" }, 57 | "authorisations": [] 58 | }, 59 | { 60 | "roleType": "ORGANISATION", 61 | "roleName": "Solicitor", 62 | "grantType": "STANDARD", 63 | "roleCategory": "PROFESSIONAL", 64 | "classification": "PUBLIC", 65 | "readOnly": false, 66 | "attributes": { "jurisdiction":"J1", "caseType":"CT2" }, 67 | "authorisations": [] 68 | }, 69 | { 70 | "roleType": "ORGANISATION", 71 | "roleName": "Solicitor", 72 | "grantType": "STANDARD", 73 | "roleCategory": "PROFESSIONAL", 74 | "classification": "PUBLIC", 75 | "readOnly": true, 76 | "attributes": { "jurisdiction":"J1", "caseType":"CT4" }, 77 | "authorisations": [] 78 | }, 79 | { 80 | "roleType": "ORGANISATION", 81 | "roleName": "Solicitor", 82 | "grantType": "STANDARD", 83 | "roleCategory": "PROFESSIONAL", 84 | "classification": "PUBLIC", 85 | "readOnly": false, 86 | "attributes": { "jurisdiction":"J1", "caseType":"CT5" }, 87 | "authorisations": [] 88 | }, 89 | { 90 | "roleType": "ORGANISATION", 91 | "roleName": "Solicitor", 92 | "grantType": "STANDARD", 93 | "roleCategory": "PROFESSIONAL", 94 | "classification": "PUBLIC", 95 | "readOnly": true, 96 | "attributes": { "jurisdiction":"J1", "caseType":"CT6" }, 97 | "authorisations": [] 98 | }, 99 | 100 | { 101 | "roleType": "CASE", 102 | "roleName": "Appellant", 103 | "grantType": "SPECIFIC", 104 | "roleCategory": "PROFESSIONAL", 105 | "classification": "PUBLIC", 106 | "readOnly": false, 107 | "attributes": { "jurisdiction":"J1", "caseType":"CT2", "CaseId" : "J1-CT2-01" }, 108 | "authorisations": [] 109 | }, 110 | { 111 | "roleType": "CASE", 112 | "roleName": "Appellant", 113 | "grantType": "SPECIFIC", 114 | "roleCategory": "PROFESSIONAL", 115 | "classification": "PRIVATE", 116 | "readOnly": false, 117 | "attributes": { "jurisdiction":"J1", "caseType":"CT2", "CaseId" : "J1-CT2-02" }, 118 | "authorisations": [] 119 | }, 120 | { 121 | "roleType": "CASE", 122 | "roleName": "Appellant", 123 | "grantType": "SPECIFIC", 124 | "roleCategory": "PROFESSIONAL", 125 | "classification": "PUBLIC", 126 | "readOnly": false, 127 | "attributes": { "jurisdiction":"J1", "caseType":"CT1", "CaseId" : "J1-CT1-02" }, 128 | "authorisations": [] 129 | }, 130 | { 131 | "roleType": "CASE", 132 | "roleName": "[CREATOR]", 133 | "grantType": "SPECIFIC", 134 | "roleCategory": "PROFESSIONAL", 135 | "classification": "PUBLIC", 136 | "readOnly": false, 137 | "attributes": { "jurisdiction":"J1", "caseType":"CT7", "CaseId" : "J1-CT7-01" }, 138 | "authorisations": [] 139 | } 140 | ], 141 | "overrideAll": true 142 | }, 143 | 144 | { 145 | "email": "hmc.superuser@gmail.com", 146 | "roleAssignments": [ 147 | { 148 | "roleType": "ORGANISATION", 149 | "roleName": "hearing-manager", 150 | "grantType": "STANDARD", 151 | "roleCategory": "PROFESSIONAL", 152 | "classification": "PUBLIC", 153 | "readOnly": false, 154 | "attributes": { }, 155 | "authorisations": [] 156 | }, 157 | { 158 | "roleType": "ORGANISATION", 159 | "roleName": "hearing-viewer", 160 | "grantType": "STANDARD", 161 | "roleCategory": "PROFESSIONAL", 162 | "classification": "PUBLIC", 163 | "readOnly": true, 164 | "attributes": { }, 165 | "authorisations": [] 166 | }, 167 | { 168 | "roleType": "ORGANISATION", 169 | "roleName": "listed-hearing-viewer", 170 | "grantType": "STANDARD", 171 | "roleCategory": "PROFESSIONAL", 172 | "classification": "PUBLIC", 173 | "readOnly": true, 174 | "attributes": { }, 175 | "authorisations": [] 176 | } 177 | ], 178 | "overrideAll": true 179 | }, 180 | 181 | { 182 | "email": "hmc.listed-hearing-viewer@gmail.com ", 183 | "roleAssignments": [ 184 | { 185 | "roleType": "ORGANISATION", 186 | "roleName": "listed-hearing-viewer", 187 | "grantType": "STANDARD", 188 | "roleCategory": "PROFESSIONAL", 189 | "classification": "PUBLIC", 190 | "readOnly": true, 191 | "attributes": { }, 192 | "authorisations": [] 193 | } 194 | ], 195 | "overrideAll": true 196 | }, 197 | 198 | { 199 | "email": "hmc.hearing-viewer@gmail.com", 200 | "roleAssignments": [ 201 | { 202 | "roleType": "ORGANISATION", 203 | "roleName": "hearing-viewer", 204 | "grantType": "STANDARD", 205 | "roleCategory": "PROFESSIONAL", 206 | "classification": "PUBLIC", 207 | "readOnly": true, 208 | "attributes": { }, 209 | "authorisations": [] 210 | } 211 | ], 212 | "overrideAll": true 213 | }, 214 | 215 | { 216 | "email": "hmc.hearing-manager@gmail.com", 217 | "roleAssignments": [ 218 | { 219 | "roleType": "ORGANISATION", 220 | "roleName": "hearing-manager", 221 | "grantType": "STANDARD", 222 | "roleCategory": "PROFESSIONAL", 223 | "classification": "PUBLIC", 224 | "readOnly": false, 225 | "attributes": { }, 226 | "authorisations": [] 227 | } 228 | ], 229 | "overrideAll": true 230 | }, 231 | 232 | { 233 | "email": "master.caseworker.staff@gmail.com", 234 | "roleAssignments": [ 235 | { 236 | "roleType": "ORGANISATION", 237 | "roleName": "ft_hmcts-staff", 238 | "grantType": "BASIC", 239 | "roleCategory": "PROFESSIONAL", 240 | "classification": "PUBLIC", 241 | "readOnly": false, 242 | "attributes": null, 243 | "authorisations": [] 244 | } 245 | ], 246 | "overrideAll": true 247 | }, 248 | 249 | { 250 | "email": "master.caseworker.regional-staff@gmail.com", 251 | "roleAssignments": [ 252 | { 253 | "roleType": "ORGANISATION", 254 | "roleName": "ft_hmcts-staff", 255 | "grantType": "BASIC", 256 | "roleCategory": "PROFESSIONAL", 257 | "classification": "PUBLIC", 258 | "readOnly": false, 259 | "attributes": null, 260 | "authorisations": [] 261 | }, 262 | { 263 | "roleType": "ORGANISATION", 264 | "roleName": "ft_regional-staff", 265 | "grantType": "STANDARD", 266 | "roleCategory": "PROFESSIONAL", 267 | "classification": "PUBLIC", 268 | "readOnly": false, 269 | "attributes": { 270 | "region": "123", 271 | "location": "1" 272 | }, 273 | "authorisations": [] 274 | } 275 | ], 276 | "overrideAll": true 277 | }, 278 | 279 | { 280 | "email": "master.caseworker.role1.basic@gmail.com", 281 | "roleAssignments": [ 282 | { 283 | "roleType": "ORGANISATION", 284 | "roleName": "Role1", 285 | "grantType": "BASIC", 286 | "roleCategory": "PROFESSIONAL", 287 | "classification": "PUBLIC", 288 | "readOnly": false, 289 | "attributes": null, 290 | "authorisations": [] 291 | } 292 | ], 293 | "overrideAll": true 294 | }, 295 | 296 | { 297 | "email": "master.caseworker.role1.standard@gmail.com", 298 | "roleAssignments": [ 299 | { 300 | "roleType": "ORGANISATION", 301 | "roleName": "Role1", 302 | "grantType": "STANDARD", 303 | "roleCategory": "PROFESSIONAL", 304 | "classification": "PUBLIC", 305 | "readOnly": false, 306 | "attributes": null, 307 | "authorisations": [] 308 | } 309 | ], 310 | "overrideAll": true 311 | }, 312 | 313 | { 314 | "email": "master.caseworker.role3.challenged@gmail.com", 315 | "roleAssignments": [ 316 | { 317 | "roleType": "ORGANISATION", 318 | "roleName": "Role1", 319 | "grantType": "BASIC", 320 | "roleCategory": "PROFESSIONAL", 321 | "classification": "PUBLIC", 322 | "readOnly": false, 323 | "attributes": null, 324 | "authorisations": [] 325 | }, 326 | { 327 | "roleType": "ORGANISATION", 328 | "roleName": "Role3", 329 | "grantType": "CHALLENGED", 330 | "roleCategory": "PROFESSIONAL", 331 | "classification": "PUBLIC", 332 | "readOnly": false, 333 | "attributes": { "region": "123" }, 334 | "authorisations": [] 335 | } 336 | ], 337 | "overrideAll": true 338 | } 339 | ] 340 | -------------------------------------------------------------------------------- /bin/ccd-add-role.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ## Usage: ./ccd-add-role.sh role [classification] 3 | ## 4 | ## Options: 5 | ## - role: Name of the role. Must be an existing IDAM role. 6 | ## - classification: Classification granted to the role; one of `PUBLIC`, 7 | ## `PRIVATE` or `RESTRICTED`. Default to `PUBLIC`. 8 | ## 9 | ## Add support for an IDAM role in CCD by adding role to definition store. 10 | 11 | role=$1 12 | classification=${2:-PUBLIC} 13 | 14 | if [ -z "$role" ] 15 | then 16 | echo "Usage: ./ccd-add-role.sh role [classification]" 17 | exit 1 18 | fi 19 | 20 | case $classification in 21 | PUBLIC|PRIVATE|RESTRICTED) 22 | ;; 23 | *) 24 | echo "Classification must be one of: PUBLIC, PRIVATE or RESTRICTED" 25 | exit 1 ;; 26 | esac 27 | 28 | binFolder=$(dirname "$0") 29 | 30 | userToken="$(${binFolder}/utils/idam-user-token.sh)" 31 | serviceToken="$(${binFolder}/utils/lease-service-token.sh ccd_gw)" 32 | 33 | curl -XPUT \ 34 | http://localhost:4451/api/user-role \ 35 | -H "Authorization: Bearer ${userToken}" \ 36 | -H "ServiceAuthorization: Bearer ${serviceToken}" \ 37 | -H "Content-Type: application/json" \ 38 | -d '{"role":"'${role}'","security_classification":"'${classification}'"}' 39 | -------------------------------------------------------------------------------- /bin/ccd-import-definition.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ## Usage: ./ccd-import-definition.sh path_to_definition 3 | ## 4 | ## Import the given definition in CCD's definition store. 5 | ## 6 | ## Prerequisites: 7 | ## - Microservice `ccd_gw` must be authorised to call service `ccd-definition-store-api` 8 | 9 | if [ -z "$1" ] 10 | then 11 | echo "Usage: ./ccd-import-definition.sh path_to_definition" 12 | exit 1 13 | elif [ ! -f "$1" ] 14 | then 15 | echo "File not found: $1" 16 | exit 1 17 | fi 18 | 19 | binFolder=$(dirname "$0") 20 | 21 | userToken="$(${binFolder}/utils/idam-user-token.sh)" 22 | serviceToken="$(${binFolder}/utils/lease-service-token.sh ccd_gw)" 23 | 24 | curl -S --silent \ 25 | http://localhost:4451/import \ 26 | -H "Authorization: Bearer ${userToken}" \ 27 | -H "ServiceAuthorization: ${serviceToken}" \ 28 | -F file="@$1" \ 29 | -w "\n" 30 | -------------------------------------------------------------------------------- /bin/ccd-roles.json: -------------------------------------------------------------------------------- 1 | [ 2 | { "role": "caseworker", "security_classification": "PUBLIC" }, 3 | { "role": "caseworker-approver", "security_classification": "PUBLIC" }, 4 | { "role": "caseworker-autotest1", "security_classification": "PUBLIC" }, 5 | { "role": "caseworker-autotest1-private", "security_classification": "PRIVATE" }, 6 | { "role": "caseworker-autotest1-senior", "security_classification": "RESTRICTED" }, 7 | { "role": "caseworker-autotest1-solicitor", "security_classification": "PRIVATE" }, 8 | { "role": "caseworker-autotest2", "security_classification": "PUBLIC" }, 9 | { "role": "caseworker-autotest2-private", "security_classification": "PRIVATE" }, 10 | { "role": "caseworker-autotest2-senior", "security_classification": "RESTRICTED" }, 11 | { "role": "caseworker-autotest2-solicitor", "security_classification": "PRIVATE" }, 12 | { "role": "caseworker-befta_jurisdiction_1", "security_classification": "PUBLIC" }, 13 | { "role": "caseworker-befta_jurisdiction_2", "security_classification": "PUBLIC" }, 14 | { "role": "caseworker-befta_jurisdiction_2-solicitor_1", "security_classification": "PUBLIC" }, 15 | { "role": "caseworker-befta_jurisdiction_2-solicitor_2", "security_classification": "PUBLIC" }, 16 | { "role": "caseworker-befta_jurisdiction_2-solicitor_3", "security_classification": "PUBLIC" }, 17 | { "role": "caseworker-befta_jurisdiction_3", "security_classification": "PUBLIC" }, 18 | { "role": "caseworker-befta_jurisdiction_3-solicitor", "security_classification": "PUBLIC" }, 19 | { "role": "caseworker-befta_master", "security_classification": "PUBLIC" }, 20 | { "role": "caseworker-befta_master-junior", "security_classification": "PUBLIC" }, 21 | { "role": "caseworker-befta_master-manager", "security_classification": "PUBLIC" }, 22 | { "role": "caseworker-befta_master-solicitor", "security_classification": "PUBLIC" }, 23 | { "role": "caseworker-befta_master-solicitor_1", "security_classification": "PUBLIC" }, 24 | { "role": "caseworker-befta_master-solicitor_2", "security_classification": "PUBLIC" }, 25 | { "role": "caseworker-befta_master-solicitor_3", "security_classification": "PUBLIC" }, 26 | { "role": "caseworker-caa", "security_classification": "PUBLIC" }, 27 | { "role": "ccd-import", "security_classification": "PUBLIC" }, 28 | { "role": "manage-translations", "security_classification": "PUBLIC" }, 29 | { "role": "load-translations", "security_classification": "PUBLIC" }, 30 | { "role": "citizen", "security_classification": "PUBLIC" }, 31 | { "role": "pui-caa", "security_classification": "PUBLIC" }, 32 | { "role": "next-hearing-date-admin", "security_classification": "PUBLIC" }, 33 | { "role": "GS_profile", "security_classification": "PUBLIC" }, 34 | { "role": "ft_accessprofile_1", "security_classification": "PUBLIC" }, 35 | { "role": "ft_accessprofile_3", "security_classification": "PUBLIC" } 36 | ] 37 | -------------------------------------------------------------------------------- /bin/document-management-store-create-blob-store-container.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ## Usage: ./document-management-store-create-blob-store-container.sh containerName 3 | ## 4 | ## Create a container in Azurite - Blob Store emulator 5 | ## containerName - name of the container to create 6 | ## 7 | containerName=${1:-hmctstestcontainer} 8 | 9 | curl -XPUT --verbose \ 10 | http://127.0.0.1:10000/devstoreaccount1/${containerName}?restype=container 11 | 12 | # list containers 13 | # curl -X GET http://127.0.0.1:10000/devstoreaccount1?comp=list 14 | -------------------------------------------------------------------------------- /bin/document-management-store-get.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ## Usage: ./document-management-store-get.sh documentId 3 | ## 4 | ## Get the file from DM store. 5 | ## documentId - UUID identifying the resource 6 | ## 7 | 8 | documentId=$1 9 | binFolder=$(dirname "$0") 10 | 11 | userToken="$(${binFolder}/utils/idam-user-token.sh)" 12 | serviceToken="$(${binFolder}/utils/lease-service-token.sh ccd_gw)" 13 | 14 | curl --verbose \ 15 | http://localhost:4603/documents/${documentId} \ 16 | -H "Authorization: Bearer ${userToken}" \ 17 | -H "ServiceAuthorization: Bearer ${serviceToken}" 18 | -------------------------------------------------------------------------------- /bin/document-management-store-migrate.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ## Usage: ./document-management-store-get.sh documentId versionId 3 | ## 4 | ## Get the file from DM store. 5 | ## documentId - UUID identifying the resource 6 | ## 7 | 8 | documentId=$1 9 | versionId=$2 10 | binFolder=$(dirname "$0") 11 | 12 | userToken="$(${binFolder}/utils/idam-user-token.sh)" 13 | serviceToken="$(${binFolder}/utils/lease-service-token.sh ccd_gw)" 14 | 15 | curl -XPOST --verbose \ 16 | http://localhost:4603/documents/${documentId}/versions/${versionId}/migrate \ 17 | -H "Authorization: Bearer ${userToken}" \ 18 | -H "ServiceAuthorization: ${serviceToken}" 19 | -------------------------------------------------------------------------------- /bin/env_variables_all.txt: -------------------------------------------------------------------------------- 1 | AM_ROLE_ASSIGNMENT_ADMIN_PWD=Pa55word11 2 | APPINSIGHTS_INSTRUMENTATIONKEY=SomeRandomStringForLocalDocker 3 | BEFTA_RESPONSE_HEADER_CHECK_POLICY=JUST_WARN 4 | BEFTA_OAUTH2_ACCESS_TOKEN_TYPE_OF_XUIWEBAPP=OIDC 5 | BEFTA_OAUTH2_CLIENT_ID_OF_XUIWEBAPP=xuiwebapp 6 | BEFTA_OAUTH2_REDIRECT_URI_OF_XUIWEBAPP=http://localhost:3455/oauth2/callback 7 | BEFTA_OAUTH2_CLIENT_SECRET_OF_XUIWEBAPP=OOOOOOOOOOOOOOOO 8 | BEFTA_OAUTH2_SCOPE_VARIABLES_OF_XUIWEBAPP=profile openid roles 9 | BEFTA_S2S_CLIENT_ID=ccd_gw 10 | BEFTA_S2S_CLIENT_ID_OF_CCD_DEFINITION=ccd_definition 11 | BEFTA_S2S_CLIENT_SECRET=AAAAAAAAAAAAAAAC 12 | BEFTA_S2S_CLIENT_SECRET_OF_AAC_MANAGE_CASE_ASSIGNMENT=AAAAAAAAAAAAAAAA 13 | BEFTA_S2S_CLIENT_SECRET_OF_BULK_SCAN_PROCESSOR=AAAAAAAAAAAAAAAA 14 | BEFTA_S2S_CLIENT_SECRET_OF_CCD_DATA=AAAAAAAAAAAAAAAB 15 | BEFTA_S2S_CLIENT_SECRET_OF_CCD_DEFINITION=AAAAAAAAAAAAAAAA 16 | BEFTA_S2S_CLIENT_SECRET_OF_PAYMENT_APP=1OOOOOOOOOOOOOO1 17 | BEFTA_S2S_CLIENT_ID_OF_XUI_WEBAPP=xui_webapp 18 | BEFTA_S2S_CLIENT_SECRET_OF_XUI_WEBAPP=OOOOOOOOOOOOOOOO 19 | BEFTA_TEST_STUB_SERVICE_BASE_URL=http://localhost:5555 20 | CASE_DOCUMENT_AM_URL=http://localhost:4455 21 | CCD_API_GATEWAY_OAUTH2_CLIENT_ID=ccd_gateway 22 | CCD_API_GATEWAY_OAUTH2_CLIENT_SECRET=ccd_gateway_secret 23 | CCD_API_GATEWAY_OAUTH2_REDIRECT_URL=http://localhost:3451/oauth2redirect 24 | CCD_API_GATEWAY_S2S_ID=ccd_gw 25 | CCD_API_GATEWAY_S2S_KEY=AAAAAAAAAAAAAAAC 26 | CCD_BEFTA_CASEWORKER_1_NO_PROFILE_PWD=Pa55word11 27 | CCD_BEFTA_CASEWORKER_1_PWD=Pa55word11 28 | CCD_BEFTA_CASEWORKER_2_PWD=Pa55word11 29 | CCD_BEFTA_CASEWORKER_2_SOLICITOR_1_PWD=Pa55word11 30 | CCD_BEFTA_CASEWORKER_2_SOLICITOR_2_PWD=Pa55word11 31 | CCD_BEFTA_CASEWORKER_2_SOLICITOR_3_PWD=Pa55word11 32 | CCD_BEFTA_CASEWORKER_3_PWD=Pa55word11 33 | CCD_BEFTA_CASEWORKER_CAA_PWD=Pa55word11 34 | CCD_BEFTA_CITIZEN_2_PWD=Pa55word11 35 | CCD_BEFTA_CITIZEN_3_PWD=Pa55word11 36 | CCD_BEFTA_MASTER_CASEWORKER_PWD=Pa55word11 37 | CCD_BEFTA_MASTER_CASEWORKER_REGIONAL_STAFF_PWD=Pa55word11 38 | CCD_BEFTA_MASTER_CASEWORKER_ROLE1_BASIC_PWD=Pa55word11 39 | CCD_BEFTA_MASTER_CASEWORKER_ROLE1_STANDARD_PWD=Pa55word11 40 | CCD_BEFTA_MASTER_CASEWORKER_ROLE3_CHALLENGED_PWD=Pa55word11 41 | CCD_BEFTA_MASTER_CASEWORKER_STAFF_PWD=Pa55word11 42 | CCD_BEFTA_MASTER_SOLICITOR_1_PWD=Pa55word11 43 | CCD_BEFTA_MASTER_SOLICITOR_2_PWD=Pa55word11 44 | CCD_BEFTA_MASTER_SOLICITOR_3_PWD=Pa55word11 45 | CCD_BEFTA_MASTER_SOLICITOR_4_PWD=Pa55word11 46 | CCD_BEFTA_MASTER_SOLICITOR_5_PWD=Pa55word11 47 | CCD_BEFTA_MASTER_SOLICITOR_6_PWD=Pa55word11 48 | CCD_BEFTA_MASTER_SOLICITOR_MUTLU_PWD=Pa55word11 49 | CCD_BEFTA_MASTER_SOLICITOR_RICHARD_PWD=Pa55word11 50 | CCD_BEFTA_MASTER_SOLICITOR_TONY_PWD=Pa55word11 51 | CCD_BEFTA_JURISDICTION_3_SOLICITOR_1_PWD=Pa55word11 52 | CCD_BEFTA_SOLICITOR_3_PWD=Pa55word11 53 | CCD_CASEWORKER_AUTOTEST_EMAIL=auto.test.cnp@gmail.com 54 | CCD_CASEWORKER_AUTOTEST_FE_PASSWORD=Pa55word11 55 | CCD_CASEWORKER_AUTOTEST_PASSWORD=Pa55word11 56 | CCD_DATA_STORE_API_BASE_URL=http://localhost:4452 57 | CCD_DOCUMENT_URL_PATTERN=http://dm-store:8080/documents/[A-Za-z0-9-]+(?:/binary)? 58 | CCD_GW_SERVICE_NAME=ccd_gw 59 | CCD_GW_SERVICE_SECRET=AAAAAAAAAAAAAAAC 60 | CCD_IMPORT_AUTOTEST_EMAIL=auto.test.cnp@gmail.com 61 | CCD_IMPORT_AUTOTEST_PASSWORD=Pa55word11 62 | CCD_PRIVATE_CASEWORKER_AUTOTEST_1AND2_PASSWORD=Pa55word11 63 | CCD_PRIVATE_CASEWORKER_EMAIL=auto.test.cnp+private@gmail.com 64 | CCD_PRIVATE_CASEWORKER_PASSWORD=Pa55word11 65 | CCD_PRIVATE_CASEWORKER_SOLICITOR_EMAIL=auto.test.cnp+solc@gmail.com 66 | CCD_PRIVATE_CASEWORKER_SOLICITOR_PASSWORD=Pa55word11 67 | CCD_PRIVATE_CROSS_CASE_TYPE_CASEWORKER_EMAIL=auto.test12.cnp+private@gmail.com 68 | CCD_PRIVATE_CROSS_CASE_TYPE_CASEWORKER_PASSWORD=Pa55word11 69 | CCD_PRIVATE_CROSS_CASE_TYPE_SOLICITOR_EMAIL=auto.test12.cnp+solc@gmail.com 70 | CCD_PRIVATE_CROSS_CASE_TYPE_SOLICITOR_PASSWORD=Pa55word11 71 | CCD_RESTRICTED_CASEWORKER_EMAIL=auto.test.cnp+senior@gmail.com 72 | CCD_RESTRICTED_CASEWORKER_PASSWORD=Pa55word11 73 | CCD_RESTRICTED_CROSS_CASE_TYPE_CASEWORKER_EMAIL=auto.test12.cnp+senior@gmail.com 74 | CCD_RESTRICTED_CROSS_CASE_TYPE_CASEWORKER_PASSWORD=Pa55word11 75 | CCD_STUB_SERVICE_URI_BASE=ccd-test-stubs-service:5555 76 | DATA_STORE_IDAM_KEY=AAAAAAAAAAAAAAAB 77 | DATA_STORE_S2S_AUTHORISED_SERVICES=ccd_gw,ccd_gateway,fpl_case_service,ccd_data,ccd_ps,aac_manage_case_assignment,ccd_case_document_am_api 78 | DATA_STORE_TOKEN_SECRET=iuasbcuasdcbasdgcasdgcuysachjsacyasdgjcgasdj 79 | DB_EXTERNAL_PORT=5050 80 | DB_PASSWORD=Pa55word11 81 | DB_USERNAME=ccd 82 | DEFINITION_IMPORTER_USERNAME=auto.test.cnp@gmail.com 83 | DEFINITION_IMPORTER_PASSWORD=Pa55word11 84 | DEFINITION_STORE_DB_USE_SSL=false 85 | DEFINITION_STORE_HOST=http://localhost:4451 86 | DEFINITION_STORE_IDAM_KEY=AAAAAAAAAAAAAAAA 87 | DEFINITION_STORE_S2S_AUTHORISED_SERVICES=ccd_data,ccd_gw,ccd_admin,aac_manage_case_assignment,ccd_case_disposer 88 | DEFINITION_STORE_URL_BASE=http://localhost:4451 89 | DM_STORE_BASE_URL=http://dm-store:8080 90 | ELASTIC_SEARCH_ENABLED=true 91 | ELASTIC_SEARCH_HOST=localhost 92 | ELASTIC_SEARCH_HOSTS=http://localhost:9200 93 | ELASTIC_SEARCH_PORT=9200 94 | ELASTIC_SEARCH_SCHEME=http 95 | IDAM_API_URL_BASE=http://localhost:5000 96 | IDAM_API_BASE_URL=http://localhost:5000 97 | IDAM_KEY_BULK_SCAN_PROCESSOR=AAAAAAAAAAAAAAAA 98 | IDAM_KEY_BULK_SCAN_ORCHESTRATOR=AAAAAAAAAAAAAAAA 99 | IDAM_KEY_CASE_DOCUMENT=AABBCCDDEEFFGGHH 100 | IDAM_KEY_CCD_ADMIN=AAAAAAAAAAAAAAAD 101 | IDAM_KEY_CCD_DATA_STORE=AAAAAAAAAAAAAAAB 102 | IDAM_KEY_CCD_DEFINITION_DESIGNER=AAAAAAAAAAAAAAAE 103 | IDAM_KEY_CCD_DEFINITION_STORE=AAAAAAAAAAAAAAAA 104 | IDAM_KEY_CCD_GATEWAY=AAAAAAAAAAAAAAAC 105 | IDAM_KEY_DM_STORE=AAAAAAAAAAAAAAAA 106 | IDAM_KEY_FPL_CASE_SERVICE=AABBCCDDEEFFGGHH 107 | IDAM_KEY_TS_TRANSLATION_SERVICE=AAAAAAAAAAAAAAAA 108 | IDAM_KEY_XUI_WEBAPP=AAAAAAAAAAAAAAAA 109 | IDAM_KEY_AM_ROLE_ASSIGNMENT=AAAAAAAAAAAAAAAA 110 | IDAM_KEY_API_GW=AAAAAAAAAAAAAAAA 111 | IDAM_KEY_API_HMI_INBOUND_ADAPTER=AAAAAAAAAAAAAAAA 112 | IDAM_KEY_CCD_CASE_DISPOSER=AAAAAAAAAAAAAAAA 113 | IDAM_OAUTH2_CLIENT_ID=ccd_gateway 114 | IDAM_OAUTH2_CLIENT_SECRET=ccd_gateway_secret 115 | IDAM_S2S_URL=http://service-auth-provider-api:8080 116 | IDAM_URL=http://localhost:5000 117 | IDAM_USER_URL=http://localhost:5000 118 | MIGRATIONS_ENDPOINT_ENABLED=true 119 | OAUTH2_CLIENT_CCD_ADMIN=IIIIIIIIIIIIIIII 120 | OAUTH2_CLIENT_CCD_GATEWAY=ccd_gateway_secret 121 | OAUTH2_CLIENT_ID=ccd_gateway 122 | OAUTH2_CLIENT_SECRET=ccd_gateway_secret 123 | OAUTH2_REDIRECT_URI=http://localhost:3451/oauth2redirect 124 | RD_LOCATION_REF_API_BASE_URL=http://localhost:5555 125 | RD_PROFESSIONAL_API_BASE_URL=http://localhost:5555 126 | ROLE_ASSIGNMENT_USER_EMAIL=ccd.ac.solicitor1@gmail.com 127 | ROLE_ASSIGNMENT_USER_PASSWORD=Pa55word11 128 | ROLE_ASSIGNMENT_HOST=http://localhost:4096 129 | ROLE_ASSIGNMENT_API_GATEWAY_S2S_CLIENT_ID=ccd_data 130 | ROLE_ASSIGNMENT_API_GATEWAY_S2S_CLIENT_KEY=AAAAAAAAAAAAAAAB 131 | ROLE_ASSIGNMENT_SOLICITOR_USER=ccd.ac.solicitor1@gmail.com 132 | ROLE_ASSIGNMENT_SOLICITOR_USER_PWD=Pa55word11 133 | ROLE_ASSIGNMENT_STAFF1_USER=ccd.ac.staff1@gmail.com 134 | ROLE_ASSIGNMENT_STAFF1_USER_PWD=Pa55word11 135 | ROLE_ASSIGNMENT_STAFF2_USER=ccd.ac.staff2@gmail.com 136 | ROLE_ASSIGNMENT_STAFF2_USER_PWD=Pa55word11 137 | ROLE_ASSIGNMENT_SUPER_USER=ccd.ac.superuser@gmail.com 138 | ROLE_ASSIGNMENT_SUPER_USER_PWD=Pa55word11 139 | S2S_URL=http://localhost:4502 140 | S2S_URL_BASE=http://localhost:4502 141 | TEST_STUB_SERVICE_BASE_URL=http://host.docker.internal:5555 142 | TEST_URL=http://localhost:4452 143 | TESTING_SUPPORT_ENABLED=true 144 | TS_SERVICE_TRANSLATION_USERS_PWD=Pa55word11 145 | USER=someuser 146 | USER_PROFILE_HOST=http://ccd-user-profile-api:4453 147 | USER_PROFILE_S2S_AUTHORISED_SERVICES=ccd_data,ccd_definition,ccd_admin 148 | XUI_LAUNCH_DARKLY_CLIENT_ID=1 149 | DB_USE_SSL=false 150 | ES_ENABLED_DOCKER=false 151 | IDAM_KEY_CCD_PS=AAAAAAAAAAAAAAAA 152 | IDAM_KEY_NEXT_HEARING_UPDATER=AAAAAAAAAAAAAAAA 153 | CCD_NEXT_HEARING_DATE_PASSWORD=Pa55word11 154 | IDAM_KEY_CFT_HEARING_SERVICE=AAAAAAAAAAAAAAAA 155 | IDAM_KEY_API_HMI_INBOUND_ADAPTER=AAAAAAAAAAAAAAAA 156 | HMC_DB_USERNAME=hmc 157 | HMC_DB_PASSWORD=hmc 158 | HMC_HEARING_SERVICE_USERS_PWD=Pa55word11 159 | -------------------------------------------------------------------------------- /bin/idam-delete-user.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ## Usage: ./idam-delete-caseworker.sh email 3 | ## 4 | ## Options: 5 | ## - email: Email address 6 | ## 7 | 8 | email=$1 9 | 10 | # Build roles JSON array 11 | 12 | curl -XDELETE "http://localhost:5000/testing-support/accounts/${email}" -H "Content-Type: application/json" 13 | -------------------------------------------------------------------------------- /bin/set-environment-variables.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ## set the environment variables for CCD_Data_Store and 4 | ## CCD_definition_Store 5 | 6 | function set_env_variables() { 7 | set_env_variables_from_file "./env_variables_all.txt" 8 | } 9 | 10 | function set_env_variables_from_file() { 11 | file=$1 12 | if [ -f ${file} ] 13 | then 14 | osName="$(uname -s)" 15 | echo "Setting env variables from [$file] on [$osName]." 16 | while IFS="=" read -r key value 17 | do 18 | if [[ "Darwin" == "$osName" ]];then 19 | command="export $key=$value" 20 | $command 21 | else 22 | setx "$key" $(echo $value | sed -e 's/\r//g') 23 | fi 24 | done < "$file" 25 | else 26 | echo "Environment variable file : $file NOT found. Variables NOT set." 27 | fi 28 | } 29 | 30 | originDir=$PWD 31 | parent_path=$( cd "$(dirname "${BASH_SOURCE[0]}")" ; pwd -P ) 32 | cd "$parent_path" 33 | set_env_variables 34 | cd "$originDir" 35 | 36 | -------------------------------------------------------------------------------- /bin/users.json: -------------------------------------------------------------------------------- 1 | [ 2 | {"email": "befta.pui.caa.1@gmail.com", "roles": "pui-caa", "lastName": "CAA", "firstName": "Pui"}, 3 | {"email": "ccd.docker.default@hmcts.net", "roles": "ccd-import", "lastName": "Default CCD_Docker"}, 4 | 5 | {"email": "auto.test.cnp@gmail.com", "roles": "caseworker,caseworker-autotest1,ccd-import", "lastName": "testsurname"}, 6 | {"email": "auto.test.cnp+private@gmail.com", "roles": "caseworker,caseworker-autotest1,caseworker-autotest1-private"}, 7 | {"email": "auto.test.cnp+senior@gmail.com", "roles": "caseworker,caseworker-autotest1,caseworker-autotest1-senior"}, 8 | {"email": "auto.test.cnp+solc@gmail.com", "roles": "caseworker,caseworker-autotest1,caseworker-autotest1-solicitor"}, 9 | {"email": "auto.test2.cnp@gmail.com", "roles": "caseworker,caseworker-autotest2"}, 10 | {"email": "auto.test2.cnp+private@gmail.com", "roles": "caseworker,caseworker-autotest2,caseworker-autotest2-private"}, 11 | {"email": "auto.test2.cnp+senior@gmail.com", "roles": "caseworker,caseworker-autotest2,caseworker-autotest2-senior"}, 12 | {"email": "auto.test2.cnp+solc@gmail.com", "roles": "caseworker,caseworker-autotest2,caseworker-autotest2-solicitor"}, 13 | {"email": "auto.test12.cnp@gmail.com", "roles": "caseworker,caseworker-autotest1,caseworker-autotest2"}, 14 | {"email": "auto.test12.cnp+private@gmail.com", "roles": "caseworker,caseworker-autotest1,caseworker-autotest1-private,caseworker-autotest2,caseworker-autotest2-private"}, 15 | {"email": "auto.test12.cnp+solc@gmail.com", "roles": "caseworker,caseworker-autotest1,caseworker-autotest1-solicitor,caseworker-autotest2,caseworker-autotest2-solicitor"}, 16 | {"email": "auto.test12.cnp+senior@gmail.com", "roles": "caseworker,caseworker-autotest1,caseworker-autotest1-senior,caseworker-autotest2,caseworker-autotest2-senior"}, 17 | {"email": "ccdimportdomain@gmail.com", "roles": "caseworker,caseworker-autotest1,caseworker-autotest1-senior"}, 18 | 19 | {"email": "befta.citizen.2@gmail.com", "roles": "citizen"}, 20 | {"email": "befta.citizen.3@gmail.com", "roles": "citizen"}, 21 | 22 | {"email": "befta.caseworker.1@gmail.com", "roles": "caseworker,caseworker-befta_jurisdiction_1"}, 23 | {"email": "befta.caseworker.1.noprofile@gmail.com", "roles": "caseworker,caseworker-befta_jurisdiction_1", "lastName": "testsurname", "firstName": "testfirstname"}, 24 | 25 | {"email": "befta.caseworker.2@gmail.com", "roles": "caseworker,caseworker-befta_jurisdiction_2"}, 26 | {"email": "befta.caseworker.2.solicitor.1@gmail.com", "roles": "caseworker,caseworker-befta_jurisdiction_2,caseworker-befta_jurisdiction_2-solicitor_1"}, 27 | {"email": "befta.caseworker.2.solicitor.2@gmail.com", "roles": "caseworker,caseworker-befta_jurisdiction_2,caseworker-befta_jurisdiction_2-solicitor_2"}, 28 | {"email": "befta.caseworker.2.solicitor.3@gmail.com", "roles": "caseworker,caseworker-befta_jurisdiction_2,caseworker-befta_jurisdiction_2-solicitor_3"}, 29 | 30 | {"email": "befta.caseworker.3@gmail.com", "roles": "caseworker,caseworker-befta_jurisdiction_3"}, 31 | {"email": "befta.solicitor.3@gmail.com", "roles": "caseworker,caseworker-befta_jurisdiction_3,caseworker-befta_jurisdiction_3-solicitor"}, 32 | {"email": "befta.solicitor.4@gmail.com", "roles": "caseworker,caseworker-befta_jurisdiction_3,caseworker-befta_jurisdiction_3-solicitor"}, 33 | 34 | {"email": "master.caseworker@gmail.com", "roles": "caseworker,caseworker-befta_master", "lastName": "befta", "firstName": "master"}, 35 | 36 | {"email": "master.solicitor.1@gmail.com", "roles": "caseworker,caseworker-befta_master,caseworker-befta_master-solicitor_1", "lastName": "befta", "firstName": "solicitor1"}, 37 | {"email": "master.solicitor.2@gmail.com","roles": "caseworker,caseworker-befta_master,caseworker-befta_master-solicitor_2", "lastName": "befta", "firstName": "solicitor2"}, 38 | {"email": "master.solicitor.3@gmail.com", "roles": "caseworker,caseworker-befta_master,caseworker-befta_master-solicitor_3", "lastName": "befta", "firstName": "solicitor3"}, 39 | 40 | {"email": "befta.master.solicitor.becky@gmail.com", "roles": "caseworker,caseworker-befta_master,caseworker-befta_master-solicitor", "lastName": "Solicington", "firstName": "Becky"}, 41 | {"email": "befta.master.solicitor.benjamin@gmail.com", "roles": "caseworker,caseworker-befta_master,caseworker-befta_master-solicitor", "lastName": "Solicington", "firstName": "Benjamin"}, 42 | {"email": "befta.master.solicitor.bill@gmail.com", "roles": "caseworker,caseworker-befta_master,caseworker-befta_master-solicitor", "lastName": "Solicington", "firstName": "Bill"}, 43 | {"email": "befta.master.solicitor.emma@gmail.com", "roles": "caseworker,caseworker-befta_master,caseworker-befta_master-solicitor", "lastName": "Solicington", "firstName": "Emma"}, 44 | {"email": "befta.master.solicitor.jane@gmail.com", "roles": "caseworker,caseworker-befta_master,caseworker-befta_master-solicitor,pui-caa", "lastName": "Solicington", "firstName": "Jane"}, 45 | {"email": "befta.master.solicitor.david@gmail.com", "roles": "caseworker,caseworker-befta_master,caseworker-befta_master-solici", "lastName": "Solicington", "firstName": "David"}, 46 | 47 | {"email": "befta.master.solicitor.mutlu@gmail.com", "roles": "caseworker,caseworker-befta_master,caseworker-befta_master-solicitor", "lastName": "Solicington", "firstName": "Mutlu"}, 48 | {"email": "befta.master.solicitor.richard@gmail.com", "roles": "caseworker,caseworker-befta_master,caseworker-befta_master-solicitor", "lastName": "Solicington", "firstName": "Richard"}, 49 | {"email": "befta.master.solicitor.tony@gmail.com", "roles": "caseworker,caseworker-befta_master,caseworker-befta_master-solicitor", "lastName": "Solicington", "firstName": "Tony"}, 50 | 51 | {"email": "befta.jurisdiction.3.solicitor.alice@gmail.com", "roles": "caseworker,caseworker-befta_jurisdiction_3,caseworker-befta_jurisdiction_3-solicitor,pui-caa", "lastName": "Solicington", "firstName": "Alice"}, 52 | 53 | {"email": "befta.caseworker.caa@gmail.com", "roles": "caseworker,caseworker-caa", "lastName": "CAA", "firstName": "Caseworker"}, 54 | 55 | {"email": "role.assignment.admin@gmail.com", "roles": "caseworker", "lastName": "RA", "firstName": "Admin"}, 56 | {"email": "data.store.idam.system.user@gmail.com", "roles": "", "lastName": "System User", "firstName": "Data Store"}, 57 | 58 | {"email": "ccd.ac.superuser@gmail.com", "roles": "caseworker", "lastName": "AC System User", "firstName": "Data Store"}, 59 | {"email": "ccd.ac.solicitor1@gmail.com", "roles": "caseworker", "lastName": "AC Solicitor1", "firstName": "Data Store"}, 60 | {"email": "ccd.ac.solicitor2@gmail.com", "roles": "caseworker", "lastName": "AC Solicitor2", "firstName": "Data Store"}, 61 | {"email": "ccd.ac.staff1@gmail.com", "roles": "caseworker", "lastName": "AC Staff1", "firstName": "Data Store"}, 62 | {"email": "ccd.ac.staff2@gmail.com", "roles": "caseworker", "lastName": "AC Staff2", "firstName": "Data Store"}, 63 | {"email": "ccd.ac.staff3@gmail.com", "roles": "caseworker", "lastName": "AC Staff3", "firstName": "Data Store"}, 64 | {"email": "ccd.ac.staff5@gmail.com", "roles": "caseworker", "lastName": "AC Staff5", "firstName": "Data Store"}, 65 | {"email": "ccd.ac.staff6@gmail.com", "roles": "caseworker", "lastName": "AC Staff6", "firstName": "Data Store"}, 66 | {"email": "ccd.ac.staff7@gmail.com", "roles": "caseworker", "lastName": "AC Staff7", "firstName": "Data Store"}, 67 | {"email": "ccd.ac.staff8@gmail.com", "roles": "caseworker", "lastName": "AC Staff8", "firstName": "Data Store"}, 68 | {"email": "ccd.ac.other1@gmail.com", "roles": "caseworker", "lastName": "AC Other1", "firstName": "Data Store"}, 69 | 70 | {"email": "ts.service.translation-manage@gmail.com", "roles": "ccd-import,manage-translations", "lastName": "Translations", "firstName": "Manage"}, 71 | {"email": "ts.service.translation-load@gmail.com", "roles": "ccd-import,load-translations", "lastName":"Translations", "firstName": "Load"}, 72 | {"email": "ts.service.translation-manage-load@gmail.com", "roles": "ccd-import,load-translations,manage-translations", "lastName": "Translations", "firstName": "Manage-Load"}, 73 | 74 | {"email": "next.hearing.date.admin@gmail.com", "roles": "caseworker,next-hearing-date-admin", "lastName": "hearing", "firstName": "next-day"}, 75 | 76 | {"email": "master.caa@gmail.com", "roles": "caseworker,caseworker-caa", "lastName": "caa", "firstName": "master"}, 77 | {"email": "noc.approver@gmail.com", "roles": "caseworker-approver", "lastName": "noc", "firstName": "approver"}, 78 | 79 | {"email": "hmc.hearing-manager@gmail.com", "roles": "caseworker,caseworker-befta_master", "lastName": "hearing-manager", "firstName": "hmc"}, 80 | {"email": "hmc.hearing-viewer@gmail.com", "roles": "caseworker,caseworker-befta_master", "lastName": "hearing-viewer", "firstName": "hmc"}, 81 | {"email": "hmc.listed-hearing-viewer@gmail.com", "roles": "caseworker,caseworker-befta_master", "lastName": "listed-hearing-viewer", "firstName": "hmc"}, 82 | {"email": "hmc.superuser@gmail.com", "roles": "caseworker,caseworker-befta_master", "lastName": "superuser", "firstName": "hmc"}, 83 | 84 | {"email": "master.caseworker.staff@gmail.com", "roles": "caseworker,caseworker-befta_master", "lastName": "master.caseworker", "firstName": "staff"}, 85 | {"email": "master.caseworker.regional-staff@gmail.com", "roles": "caseworker,caseworker-befta_master", "lastName": "master.caseworker", "firstName": "regional-staff"}, 86 | 87 | {"email": "master.caseworker.role1.basic@gmail.com", "roles": "caseworker,caseworker-befta_master", "lastName": "master.caseworker", "firstName": "role1-basic"}, 88 | {"email": "master.caseworker.role1.standard@gmail.com", "roles": "caseworker,caseworker-befta_master", "lastName": "master.caseworker", "firstName": "role1-standard"}, 89 | {"email": "master.caseworker.role3.challenged@gmail.com", "roles": "caseworker,caseworker-befta_master", "lastName": "master.caseworker", "firstName": "role3-challenged"} 90 | ] 91 | -------------------------------------------------------------------------------- /bin/utils/am-add-role-assignment.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -eu 4 | 5 | userId=${1} 6 | type=${2} 7 | roleName=${3} 8 | classification=${4} 9 | grantType=${5} 10 | roleCategory=${6} 11 | readOnly=${7} 12 | startTime="now()" 13 | endTime="now() + interval '10 years'" 14 | attributes=${8} 15 | authorisations=${9} 16 | 17 | psql -h localhost -p ${DB_EXTERNAL_PORT} -d role_assignment -U ccd -c "INSERT INTO role_assignment (id, actor_id_type, actor_id, role_type, role_name, classification, grant_type, role_category, read_only, begin_time, end_time, attributes, created, authorisations) VALUES ('$(uuidgen)', 'IDAM', '${userId}', '${type}', '${roleName}', '${classification}', '${grantType}', '${roleCategory}', ${readOnly}, ${startTime}, ${endTime}, '${attributes}', 'now()', ${authorisations})" -q 18 | 19 | psql -h localhost -p ${DB_EXTERNAL_PORT} -d role_assignment -U ccd -c "INSERT INTO actor_cache_control (actor_id, etag, json_response) VALUES ('${userId}', 1, '{}') ON CONFLICT (actor_id) DO UPDATE SET etag = actor_cache_control.etag + 1" -q 20 | -------------------------------------------------------------------------------- /bin/utils/idam-add-role.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -eu 4 | 5 | if [ "${ENVIRONMENT:-local}" != "local" ]; then 6 | exit 0; 7 | fi 8 | 9 | dir=$(dirname ${0}) 10 | 11 | ID=${1} 12 | 13 | apiToken=$(${dir}/idam-authenticate.sh "${IDAM_ADMIN_USER}" "${IDAM_ADMIN_PASSWORD}") 14 | 15 | echo -e "\nCreating IDAM role: ${ID}" 16 | 17 | STATUS=$(curl --silent --output /dev/null --write-out '%{http_code}' -H 'Content-Type: application/json' -H "Authorization: AdminApiAuthToken ${apiToken}" \ 18 | ${IDAM_API_BASE_URL:-http://localhost:5000}/roles -d '{ 19 | "id": "'${ID}'", 20 | "name": "'${ID}'", 21 | "description": "'${ID}'", 22 | "assignableRoles": [ ], 23 | "conflictingRoles": [ ] 24 | }') 25 | 26 | if [ $STATUS -eq 201 ]; then 27 | echo "Role created successfully" 28 | elif [ $STATUS -eq 409 ]; then 29 | echo "Role already exists!" 30 | else 31 | echo "ERROR: HTTPCODE = $STATUS" 32 | exit 1 33 | fi 34 | -------------------------------------------------------------------------------- /bin/utils/idam-authenticate.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | set -eu 4 | 5 | USERNAME=$1 6 | PASSWORD=$2 7 | 8 | curl --silent --show-error --header 'Content-Type: application/x-www-form-urlencoded' -H 'Accept: application/json' -d "username=${USERNAME}&password=${PASSWORD}" "${IDAM_API_BASE_URL:-http://localhost:5000}/loginUser" | docker run --rm --interactive ghcr.io/jqlang/jq -r .api_auth_token 9 | -------------------------------------------------------------------------------- /bin/utils/idam-create-caseworker.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | ###################### 4 | ## FUNCTIONS 5 | ###################### 6 | 7 | get_user_roles() { 8 | docker run -e PGPASSWORD='openidm' --rm --network ccd-network postgres:15-alpine psql --host shared-db --username openidm --tuples-only --command "SELECT data.roles FROM managedObjects mo, LATERAL (SELECT regexp_replace(string_agg((element::json -> '_ref')::text, ','), '( *\\w*\\/)|(\")', '', 'g') AS roles FROM json_array_elements_text(mo.fullobject->'effectiveRoles') as data(element)) data WHERE mo.fullobject ->> 'userName'='${1}';" openidm 9 | } 10 | 11 | create_user_request() { 12 | response=$( 13 | curl --insecure --show-error --silent --output /dev/null --write-out "%{http_code}" -X POST \ 14 | "${IDAM_API_BASE_URL:-http://localhost:5000}"/testing-support/accounts \ 15 | -H "Content-Type: application/json" \ 16 | -d '{ 17 | "email":"'"${email}"'", 18 | "forename":"'"${firstName}"'", 19 | "surname":"'"${surname}"'", 20 | "password":"Pa55word11", 21 | "levelOfAccess":1, 22 | "roles": [ 23 | '"${rolesJson}"' 24 | ], 25 | "userGroup": {"code": "caseworker"}} 26 | ' 27 | ) 28 | 29 | echo "$response" 30 | } 31 | 32 | delete_user_request() { 33 | response=$(curl --insecure --show-error --silent --output /dev/null --write-out "%{http_code}" -X DELETE \ 34 | "${IDAM_API_BASE_URL:-http://localhost:5000}"/testing-support/accounts/"${email}") 35 | echo "$response" 36 | } 37 | 38 | # if user exists 39 | # check roles ✅ 40 | # if roles are the same do nothing ✅ 41 | # otherwise delete ✅ 42 | # and create user ✅ with same id ❌ <-- Apparently having the same id doesn't matter on local 43 | 44 | recreate_user() { 45 | printf "%s%s\n" "Checking IDAM user: " "${email}" 46 | _roles=$(echo $(get_user_roles "${email}") | tr -d [:space:]) # Remove whitespace 47 | if [[ "$_roles" == "$rolesStr" ]]; then 48 | printf "%s%s\n" "Maintaining IDAM user: " "${email}" 49 | exit 0 # Nothing to delete and user already exists so just exit 50 | else 51 | printf "%s%s\n" "Deleting IDAM user: " "${email}" 52 | deleteResponse=$(delete_user_request) 53 | if [[ "$deleteResponse" -eq 404 ]]; then 54 | printf "%s%s%s\n" "User " "${email}" " doesn't exist" 55 | exit 1 56 | elif [[ "$deleteResponse" -ne 200 && "$deleteResponse" -ne 204 ]]; then 57 | printf "%s%s\n" "Unexpected HTTP status code from IDAM: " "${deleteResponse}" 58 | exit 1 59 | else 60 | printf "%s%s\n" "Recreating IDAM user: " "${email}" 61 | createResponse=$(create_user_request) 62 | if [[ "$createResponse" -eq 403 ]]; then 63 | printf "%s%s%s\n" "User " "${email}" " already exists" 64 | exit 1 65 | elif [[ "$createResponse" -ne 201 ]]; then 66 | printf "%s%s\n" "Unexpected HTTP status code from IDAM: " "${createResponse}" 67 | exit 1 68 | else 69 | printf "%s%s%s\n" "User " "${email}" " - updated in IDAM" 70 | fi 71 | fi 72 | fi 73 | } 74 | 75 | ###################### 76 | ## MAIN 77 | ###################### 78 | 79 | set -eu 80 | 81 | if [ "${ENVIRONMENT:-local}" != "local" ]; then 82 | exit 0; 83 | fi 84 | 85 | email=${1} 86 | rolesStr=${2} 87 | surname=${3:-"Tester"} 88 | firstName=${4:-${email}} 89 | 90 | IFS=',' read -ra roles <<<"${rolesStr}" 91 | 92 | rolesJson='' 93 | for role in "${roles[@]}"; do 94 | if [[ -n ${rolesJson} ]]; then 95 | rolesJson="${rolesJson}," 96 | fi 97 | rolesJson=${rolesJson}'{"code":"'${role}'"}' 98 | done 99 | 100 | printf "\n%s%s\n" "Creating IDAM user: " "${email}" 101 | 102 | userCreationResponse=$(create_user_request) 103 | 104 | # Unfortunately trying to create the same user throws 403, so we don't know what went wrong 105 | if [[ $userCreationResponse -eq 403 ]]; then 106 | printf "%s%s%s\n" "User " "${email}" " already exists" 107 | recreate_user 108 | elif [[ $userCreationResponse -ne 201 ]]; then 109 | printf "%s%s\n" "Unexpected HTTP status code from IDAM: " "${userCreationResponse}" 110 | exit 1 111 | else 112 | printf "%s%s%s\n" "User " "${email}" " - added to IDAM" 113 | fi 114 | -------------------------------------------------------------------------------- /bin/utils/idam-create-service.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -eu 4 | 5 | dir=$(dirname ${0}) 6 | 7 | LABEL=${1} 8 | CLIENT_ID=${2} 9 | CLIENT_SECRET=${3} 10 | REDIRECT_URL=${4} 11 | SELF_REGISTRATION=${5:-"false"} 12 | SCOPE=${6:-"openid profile roles"} 13 | 14 | apiToken=$(${dir}/idam-authenticate.sh "${IDAM_ADMIN_USER}" "${IDAM_ADMIN_PASSWORD}") 15 | 16 | echo -e "\nCreating service with:\nLabel: ${LABEL}\nClient ID: ${CLIENT_ID}\nClient Secret: ${CLIENT_SECRET}\nRedirect URL: ${REDIRECT_URL}\n" 17 | 18 | STATUS=$(curl --silent --output /dev/null --write-out '%{http_code}' -X POST -H 'Content-Type: application/json' -H "Authorization: AdminApiAuthToken ${apiToken}" \ 19 | ${IDAM_API_BASE_URL:-http://localhost:5000}/services \ 20 | -d '{ 21 | "allowedRoles": [], 22 | "description": "'${LABEL}'", 23 | "label": "'${LABEL}'", 24 | "oauth2ClientId": "'${CLIENT_ID}'", 25 | "oauth2ClientSecret": "'${CLIENT_SECRET}'", 26 | "oauth2RedirectUris": ["'${REDIRECT_URL}'"], 27 | "oauth2Scope": "'"${SCOPE}"'", 28 | "selfRegistrationAllowed": "'${SELF_REGISTRATION}'" 29 | }') 30 | 31 | if [ $STATUS -eq 201 ]; then 32 | echo "Service created successfully" 33 | elif [ $STATUS -eq 409 ]; then 34 | echo "Service already exists!" 35 | else 36 | echo "ERROR: HTTPCODE = $STATUS" 37 | exit 1 38 | fi 39 | -------------------------------------------------------------------------------- /bin/utils/idam-get-user.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -eu 4 | 5 | if [ "${ENVIRONMENT:-local}" != "local" ]; then 6 | exit 0; 7 | fi 8 | 9 | dir=$(dirname ${0}) 10 | 11 | email=${1} 12 | 13 | apiToken=$(${dir}/idam-authenticate.sh "${IDAM_ADMIN_USER}" "${IDAM_ADMIN_PASSWORD}") 14 | 15 | curl --silent --show-error -H 'Content-Type: application/json' -H "Authorization: AdminApiAuthToken ${apiToken}" \ 16 | ${IDAM_API_BASE_URL:-http://localhost:5000}/users?email=${email} 17 | -------------------------------------------------------------------------------- /bin/utils/idam-remove-caseworker.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | ###################### 4 | ## FUNCTIONS 5 | ###################### 6 | 7 | remove_user_request() { 8 | response=$(curl --insecure --show-error --silent --output /dev/null --write-out "%{http_code}" -X DELETE \ 9 | "${IDAM_API_BASE_URL:-http://localhost:5000}"/testing-support/accounts/"${email}") 10 | echo "$response" 11 | } 12 | 13 | set -eu 14 | 15 | if [ "${ENVIRONMENT:-local}" != "local" ]; then 16 | exit 0; 17 | fi 18 | 19 | email=${1} 20 | 21 | printf "\n%s%s\n" "Removing IDAM user: " "${email}" 22 | 23 | userRemovalResponse=$(remove_user_request) 24 | 25 | if [[ $userRemovalResponse -ne 204 ]]; then 26 | printf "%s%s\n" "Unexpected HTTP status code from IDAM: " "${userRemovalResponse}" 27 | exit 1 28 | else 29 | printf "%s%s%s\n" "User " "${email}" " - removed from IDAM" 30 | fi 31 | -------------------------------------------------------------------------------- /bin/utils/idam-user-token.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | IMPORTER_USERNAME=${1:-ccd.docker.default@hmcts.net} 4 | IMPORTER_PASSWORD=${2:-Pa55word11} 5 | IDAM_URI=${IDAM_STUB_LOCALHOST:-http://localhost:5000} 6 | REDIRECT_URI="http://localhost:3451/oauth2redirect" 7 | CLIENT_ID="ccd_gateway" 8 | CLIENT_SECRET="ccd_gateway_secret" 9 | CURL_OPTS="$CURL_OPTS -S --silent" 10 | code=$(curl ${CURL_OPTS} -u "${IMPORTER_USERNAME}:${IMPORTER_PASSWORD}" -XPOST "${IDAM_URI}/oauth2/authorize?redirect_uri=${REDIRECT_URI}&response_type=code&client_id=${CLIENT_ID}" -d "" | jq -r .code) 11 | 12 | curl ${CURL_OPTS} -H "Content-Type: application/x-www-form-urlencoded" -u "${CLIENT_ID}:${CLIENT_SECRET}" -XPOST "${IDAM_URI}/oauth2/token?code=${code}&redirect_uri=${REDIRECT_URI}&grant_type=authorization_code" -d "" | jq -r .access_token 13 | -------------------------------------------------------------------------------- /bin/utils/lease-service-token.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -eu 4 | 5 | microservice=${1:-ccd_gw} 6 | 7 | curl --insecure --fail --show-error --silent -X POST \ 8 | ${SERVICE_AUTH_PROVIDER_API_BASE_URL:-http://localhost:4502}/testing-support/lease \ 9 | -H "Content-Type: application/json" \ 10 | -d '{ 11 | "microservice": "'${microservice}'" 12 | }' \ 13 | -w "\n" 14 | 15 | -------------------------------------------------------------------------------- /bulk-user-setup/README.md: -------------------------------------------------------------------------------- 1 | # The bulk user creation script 2 | 3 | The script requires the following bash utilities. Please install them depending on your OS. 4 | 5 | 1. jq - [Json Processor](https://ghcr.io/jqlang/jq) 6 | 7 | 2. [csvkit](https://formulae.brew.sh/formula/csvkit) - collection of CSV tools 8 | 9 | ---- 10 | The script will prompt for the following information dependent on what is passed to the prompt for 'environment to use': 11 | 12 | default environment is assumed to be 'local', for testing against the local docker environment no further prompts will be displayed 13 | as all the required information is contained within 'bulk-user-setup.config' 14 | 15 | 1. environment (default if nothing provided is 'local') 16 | 17 | If any other environment is passed i.e. 'prod' the following prompts will appear: 18 | 19 | 2. directory path containing csv input files (only enter the directory path) 20 | 3. ccd idam-admin username 21 | 4. ccd idam-admin password 22 | 5. idam oauth2 secret for ccd-bulk-user-register client - 23 | 24 | 25 | To get the oauth2 secret for idam client against the prod environment run the following: 26 | 27 | az login (if not already logged in to Azure) 28 | az keyvault secret show --vault-name ccd-prod --name ccd_bulk_user_management_secret 29 | 30 | Generated log file and output files will be placed in bulk-user-setup/test/outputs/{Date} folder. 31 | 32 | ---- 33 | 34 | ## CSV file format 35 | 36 | The CSV input file must contain the following *mandatory* elements, including a header row. 37 | 38 | | Header | Mandatory | Description | 39 | |-------------------|--------------------------|---------------------------------------------------------------------| 40 | | operation | **Yes** | `add` or `delete` or `updateName` or `find` | 41 | | email | **Yes** | Email address of the user. | 42 | | firstName | **Depends on operation** | First name of the user. | 43 | | lastName | **Depends on operation** | Last name of the user. | 44 | | roles | **Depends on operation** | A pipe delimited list of roles for the user to be added or removed. | 45 | | isActive | (output) | active state of the user (TRUE/FALSE or blank) | 46 | | lastModified | (output) | datetime stamp user last updated or blank | 47 | | status | (output) | Status of operation, e.g. `SUCCESS`, `FAILED`, `SKIPPED` | 48 | | responseMessage | (output) | additional output message for operation | 49 | 50 | To enable overall testing we can supply the following headers in the test input files: 51 | 52 | operation,email,firstName,lastName,roles,userExists,result,prerequisite,comment 53 | 54 | where: 55 | userExists is a boolean value (TRUE/FALSE) which can later be used for verification 56 | result is a string value (SUCCESS/FAILED/SKIPPED). If this header is provided and populated the test will verify the actual 57 | result of the operation. 58 | 59 | 60 | > Note: The field headings are case-sensitive but the order of the columns is not important. Any additional columns 61 | will be ignored by the process. 62 | 63 | The import CSV file is renamed by the process to discourage its accidental re-use. However, at the end of the process 64 | a copy of the output file is copied to the original input file location. This new file will contain the additional 65 | output fields listed above. 66 | 67 | > Note: In the unlikely event the script terminates early; then manual intervention would be required to generate the 68 | ‘next’ input file: by combining the unprocessed input records with those already present in the latest output file. 69 | **Care should be taken to ensure the CSV data columns copied from the input file are in the same order as those in 70 | the output file.** 71 | 72 | ---- 73 | 74 | ## Local docker testing setup 75 | 76 | Run the following scripts to create the client and required users and roles for local testing. 77 | 78 | **************************************************************************************************************************************************************************** 79 | ** Testing ssoID logic can only be currently performed in the Demo environment. This is due to a limitation on local 80 | as the idam_api for search user does not return the ssoId attributes when using local docker instance image 81 | 82 | To test in demo, ensure the required demo test accounts are created first using the steps below 83 | a. Connect to the VPN 84 | b. Open a browser tab to 'https://idam-api.demo.platform.hmcts.net/swagger-ui/index.html?urls.primaryName=Testing%20Support#/Testing%20Support/createTestAccount' 85 | c. click try-it out 86 | d. Enter body payload, example: 87 | { 88 | "email": "ccd.test.add.ssoid@eJudiciary.net", 89 | "forename": "test", 90 | "surname": "tester", 91 | "password": "Password123!", 92 | "ssoId": "72b606e0-dd56-4c49-9335-2b0bd8f56f86", 93 | "ssoProvider": "eJudiciary.net" 94 | } 95 | e. When executing the ./bulk-user-setup.sh, enter the following details for the demo environment 'ccd-bulk-user-register' service: 96 | environment: demo 97 | directory path: 98 | username: test1.demo.bulkscript@hmcts.net 99 | password: Password123! 100 | oauth2 secret: 101 | If an account does not exist in demo (i.e. if the above is not used within 90 days the password will expire and a new account may be required) 102 | create the account such that it has the following roles: ccd-admin, ccd-import, idam-user-dashboard--access 103 | **************************************************************************************************************************************************************************** 104 | 105 | 1. open terminal ensuring to change directory into root folder "bulk-user-setup" 106 | 2. execute ./test/utils/add-idam-clients.sh (this needs to be done the first time only) 107 | 3. execute ./test/utils/add-idam-roles.sh (this should be executed the first time and any time new roles need to be added) 108 | ** Roles to be added are defined in the file: roles.json 109 | 4. execute ./test/utils/add-users.sh (see below first) 110 | 111 | ** Users to be added are defined in the file: users.json. Please ensure roles are created before assigning to them to users 112 | ** To add a user without any roles, pass the roles as "''" as can be seen in the example file included in this repo 113 | 114 | ** Note: In 'bulk-user-setup.config' the variable CREATE_TEST_USERS=true implies test users will be created 115 | prior to processing any input file 116 | 117 | ** Since the search user api now uses the /api/v1 elastic search end-point, CREATE_TEST_USERS is set to false 118 | please wait some time between creating the test users and running the test cases (due to cache commits etc.) 119 | 120 | ** Before running the main script make sure the input csv file(s) are copied to bulk-user-setup/test/inputs folder. 121 | 122 | 5. execute ./bulk-user-setup.sh 123 | ** For testing in local, enter 'local' when prompted for environment 124 | 125 | After running the main script input files copied to bulk-user-setup/test/inputs will be processed in turn (only files with extension .csv will be considered) 126 | Generated output and backup of input files will be copied to ../outputs/{DateTime} (i.e. /bulk-user-setup/test/outputs/{DateTime}) folder. 127 | Any invalid input file will be skipped (i.e. due to missing or incorrect mandatory CSV header) and remain in the original bulk-user-setup/test/inputs folder. 128 | 129 | ## Verifying results when testing locally against the test input scenario files 130 | 131 | 1. After all the .csv test input files are processed you should find a output log file i.e. BULK-SCRIPT-OUTPUT2022-11-14.log 132 | 2. Open this file and locate lines beginning with "Start - processing input file ../bulk-user-setup/test/inputs/.csv" 133 | and "End - processing input file ../bulk-user-setup/test/inputs/.csv" 134 | 3. Assuming the file was not skipped over (due to invalid format or invalid header attributes), you should see one of 135 | the following just after each "End - processing input file..." statement 136 | "INFO **** ALL TESTS PASSED ****" or "INFO **** ALL TESTS FAILED ****" or "INFO **** NOT ALL TESTS PASSED ****" 137 | 4. If all tests did not pass in a particular input file, the log will display the line number of the failing test i.e. 138 | "DEBUG test failed at record number: 10" 139 | 140 | When running the script you will be prompted for which environment to use (default being 'local'). This translates to the idam api url to use i.e.: 141 | 142 | prod = https://idam-api.platform.hmcts.net 143 | local = http://localhost:5000 144 | other = https://idam-api.${other}.platform.hmcts.net 145 | 146 | ## Production setup / user guide 147 | 148 | To use this bulk script in any environment other than local the following should be changed (if required): 149 | 150 | 1. Open a terminal session at the root directory 'bulk-user-setup' 151 | 2. In 'bulk-user-setup.config' change CREATE_TEST_USERS=true to CREATE_TEST_USERS=false 152 | 3. Issue the command ./bulk-user-setup.sh 153 | 4. Provide inputs as required 154 | 5. Finally check output (results and logs to understand console output other than success, i.e. skipped, failed executions) 155 | 6. if ENABLE_CASEWORKER_CHECKS=true is set within 'bulk-user-setup.config', the script will (after processing the CSV input files) 156 | check the local master caseworker file (caseworker-roles-master.txt) against the remote caseworker roles fetched via a GET api call 157 | Comparison results will be outputted to the console and log file. There is no automated process for updating the local master file. 158 | Refer to the output and decide if the missing caseworker roles need to be added to the processing logic. 159 | 160 | -------------------------------------------------------------------------------- /bulk-user-setup/bulk-user-setup.config: -------------------------------------------------------------------------------- 1 | ####################################### 2 | # Logging Constants / global variables 3 | ####################################### 4 | LOGFILE='' #Will be set based on input file 5 | LOGLEVEL='DEBUG' 6 | #whether to create log per input file, if false only one log file will be generated. If true each input file will have a corresponding log file. 7 | LOG_PER_INPUT_FILE=false 8 | 9 | ############################################# 10 | # String Constants 11 | ############################################# 12 | InvalidEmailDetected="Invalid email detected" 13 | NoRolesDefined="No roles defined" 14 | RolesDefinedContainInvalidCharacters="Roles defined contain invalid characters" 15 | userNotFound="user not found" 16 | BothFirstAndLastnameCannotBeEmpty="both firstName and lastName cannot be empty" 17 | UserExistsNotActive="User exists but not active" 18 | 19 | ###################################################### 20 | # Global Constants / script mandatory variables 21 | ###################################################### 22 | ADMIN_USER="idamOwner@hmcts.net" 23 | ADMIN_USER_PWD="Ref0rmIsFun" 24 | IDAM_CLIENT_SECRET="ccd-bulk-user-register-secret" 25 | REDIRECT_URI="https://create-bulk-user-test/oauth2redirect" 26 | CLIENT_ID="ccd-bulk-user-register" 27 | ENABLE_SCOPE_USER_SEARCH=true 28 | 29 | CSV_DIR_PATH="../bulk-user-setup/test/inputs" 30 | ENV="local" 31 | CSV_PROCESSED_DIR_NAME="../outputs/$(date -u +"%FT%H:%M:%SZ")" 32 | 33 | #Boolean to determine if test case users should be created 34 | CREATE_TEST_USERS=false 35 | 36 | #Boolean to determine if local caseworker to remote caseworker comparisons should be completed 37 | ENABLE_CASEWORKER_CHECKS=true 38 | 39 | #Boolean to process an operation on a user where state is inactive 40 | PROCESS_INACTIVE_USER=false 41 | 42 | #Boolean to set user active if inactive (for add operation mostly) 43 | SET_INACTIVE_USER_TO_ACTIVE=false 44 | 45 | #Boolean to allow user registrations with id 46 | #if set to true and input file does not contain column 'id' file will be skipped 47 | #if set to false and input file contains column 'id' file will be skipped 48 | ENABLE_USERID_REGISTRATIONS=false 49 | 50 | ########################## 51 | # console colours / fonts 52 | ########################## 53 | RED=$(tput setaf 1) 54 | YELLOW=$(tput setaf 3) 55 | GREEN=$(tput setaf 2) 56 | BOLD=$(tput bold) 57 | NORMAL=$(tput sgr0) 58 | 59 | ########################################### 60 | # Special case Constants / global variables 61 | ########################################### 62 | 63 | IGNORED_ROLES_FROM_USER_ADD_REQUEST="caseworker" 64 | 65 | IGNORED_ROLES_FROM_USER_DELETE_REQUEST="caseworker|payments|payments-refund|payments-refund-approver" 66 | 67 | #'|' delimited string of roles. 68 | #These roles will be added by default for all caseworkers when there are other caseworker related roles available for that user 69 | ADD_ROLES_BY_DEFAULT="caseworker" 70 | 71 | #'|' delimited string of roles. 72 | #These roles will be deleted by default for all caseworkers when there is no other caseworker related roles available for that user 73 | DELETE_ROLES_BY_DEFAULT="caseworker|payments|payments-refund|payments-refund-approver" 74 | 75 | #'|' delimited string of roles. These roles should not be processed by this script as they require a snow ticket 76 | MANUAL_ROLES="judiciary" 77 | 78 | # If Op is Delete and roles provided is ALL_ROLES, then remove all roles from the user and de-activate them 79 | ALL_ROLES="all-roles" 80 | 81 | ##################################### 82 | # Operations supported by this script 83 | ##################################### 84 | OPS=("add" "updatename" "delete" "find" "updateemail" "suspend") 85 | 86 | ########################################################################## 87 | # Predifined roles 88 | # the '|' role set will be applied if parent key is present in input file 89 | ########################################################################## 90 | DIVORCE_ROLES="caseworker-divorce|caseworker-divorce-bulkscan|caseworker-divorce-courtadmin|caseworker-divorce-courtadmin-la|caseworker-divorce-courtadmin_beta|caseworker-divorce-judge|caseworker-divorce-pcqextractor|caseworker-divorce-solicitor|caseworker-divorce-superuser" 91 | DIVORCE_FR_ROLES="caseworker-divorce|caseworker-divorce-bulkscan|caseworker-divorce-courtadmin|caseworker-divorce-courtadmin-la|caseworker-divorce-courtadmin_beta|caseworker-divorce-judge|caseworker-divorce-pcqextractor|caseworker-divorce-solicitor|caseworker-divorce-superuser|caseworker-divorce-financialremedy|caseworker-divorce-financialremedy-courtadmin|caseworker-divorce-financialremedy-solicitor|caseworker-divorce-financialremedy-judiciary|caseworker-divorce-financialremedy-superuser|caseworker-divorce-systemupdate|caseworker-approver" 92 | EMPLOYMENT_ROLES="caseworker-employment|caseworker-employment-api|caseworker-employment-bristol|caseworker-employment-englandwales|caseworker-employment-etjudge|caseworker-employment-etjudge-englandwales|caseworker-employment-etjudge-scotland|caseworker-employment-leeds|caseworker-employment-legalrep-solicitor|caseworker-employment-londoncentral|caseworker-employment-londoneast|caseworker-employment-londonsouth|caseworker-employment-manchester|caseworker-employment-midlandseast|caseworker-employment-midlandswest|caseworker-employment-newcastle|caseworker-employment-scotland|caseworker-employment-wales|caseworker-employment-watford|caseworker-et-pcqextractor|caseworker-employment-etjudge-bristol|caseworker-employment-etjudge-leeds|caseworker-employment-etjudge-londoncentral|caseworker-employment-etjudge-londoneast|caseworker-employment-etjudge-londonsouth|caseworker-employment-etjudge-manchester|caseworker-employment-etjudge-midlandseast|caseworker-employment-etjudge-midlandswest|caseworker-employment-etjudge-newcastle|caseworker-employment-etjudge-wales|caseworker-employment-etjudge-watford|et-acas-api" 93 | FR_ROLES="caseworker-divorce-financialremedy|caseworker-divorce-financialremedy-courtadmin|caseworker-divorce-financialremedy-solicitor|caseworker-divorce-financialremedy-judiciary|caseworker-divorce-financialremedy-superuser|caseworker-divorce-systemupdate|caseworker-divorce-bulkscan|caseworker-approver" 94 | IA_ROLES="caseworker-ia|caseworker-ia-admofficer|caseworker-ia-bails|caseworker-ia-caseofficer|caseworker-ia-homeofficeapc|caseworker-ia-homeofficebail|caseworker-ia-homeofficelart|caseworker-ia-homeofficepou|caseworker-ia-iacjudge|caseworker-ia-judiciary|caseworker-ia-legalrep-solicitor|caseworker-ia-readonly|caseworker-ia-respondentofficer|caseworker-ia-srcaseofficer|caseworker-ia-system|caseworker-ia-system-access|caseworker-iac-bulkscan|caseworker-iac-systemupdate" 95 | PRIVATELAW_ROLES="caseworker-privatelaw|caseworker-privatelaw-bulkscan|caseworker-privatelaw-bulkscansystemupdate|caseworker-privatelaw-courtadmin|caseworker-privatelaw-judge|caseworker-privatelaw-la|caseworker-privatelaw-solicitor|caseworker-privatelaw-superuser|caseworker-privatelaw-systemupdate|courtnav|caseworker-privatelaw-cafcass" 96 | PUBLICLAW_ROLES="caseworker-publiclaw|caseworker-publiclaw-bulkscan|caseworker-publiclaw-bulkscansystemupdate|caseworker-publiclaw-cafcass|caseworker-publiclaw-courtadmin|caseworker-publiclaw-gatekeeper|caseworker-publiclaw-judiciary|caseworker-publiclaw-localAuthority|caseworker-publiclaw-magistrate|caseworker-publiclaw-solicitor|caseworker-publiclaw-superuser|caseworker-publiclaw-systemupdate" 97 | SSCS_ROLES="caseworker-sscs|caseworker-sscs-anonymouscitizen|caseworker-sscs-bulkscan|caseworker-sscs-callagent|caseworker-sscs-clerk|caseworker-sscs-dwpresponsewriter|caseworker-sscs-judge|caseworker-sscs-panelmember|caseworker-sscs-pcqextractor|caseworker-sscs-registrar|caseworker-sscs-superuser|caseworker-sscs-systemupdate" -------------------------------------------------------------------------------- /bulk-user-setup/bulk_processing/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmcts/ccd-docker/e858b1742a993bf59efb0591c67d55ac659e2a18/bulk-user-setup/bulk_processing/.DS_Store -------------------------------------------------------------------------------- /bulk-user-setup/bulk_processing/Templates/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmcts/ccd-docker/e858b1742a993bf59efb0591c67d55ac659e2a18/bulk-user-setup/bulk_processing/Templates/.DS_Store -------------------------------------------------------------------------------- /bulk-user-setup/caseworker-roles-local-testing.txt: -------------------------------------------------------------------------------- 1 | caseworker-role-five 2 | caseworker-role-four 3 | caseworker-role 4 | caseworker-befta_jurisdiction_1 5 | caseworker-befta_jurisdiction_2 6 | caseworker-befta_jurisdiction_2-solicitor_1 7 | caseworker-befta_jurisdiction_2-solicitor_2 8 | caseworker-befta_jurisdiction_2-solicitor_3 9 | caseworker-befta_jurisdiction_3 10 | caseworker-befta_jurisdiction_3-solicitor 11 | caseworker-befta_master 12 | caseworker-befta_master-solici 13 | caseworker-befta_master-solicitor 14 | caseworker-befta_master-solicitor_1 15 | caseworker-befta_master-solicitor_2 16 | caseworker-befta_master-solicitor_3 17 | caseworker_role_six 18 | caseworker-role-one 19 | caseworker-role-six 20 | caseworker-role-three 21 | caseworker-role-two 22 | caseworker-role-eight 23 | caseworker-role-seven 24 | caseworker_role_three 25 | caseworker 26 | caseworker-autotest1 27 | caseworker-autotest1-private 28 | caseworker-autotest1-senior 29 | caseworker-autotest1-solicitor 30 | caseworker-autotest2 31 | caseworker-autotest2-private 32 | caseworker-autotest2-senior 33 | caseworker-autotest2-solicitor 34 | caseworker-caa 35 | caseworker-ia 36 | caseworker-ia-admofficer 37 | caseworker-ia-bails 38 | caseworker-ia-caseofficer 39 | caseworker-ia-homeofficeapc 40 | caseworker-ia-homeofficebail 41 | caseworker-ia-homeofficelart 42 | caseworker-ia-homeofficepou 43 | caseworker-ia-iacjudge 44 | caseworker-ia-legalrep-solicitor 45 | caseworker-ia-respondentofficer 46 | caseworker-ia-judiciary 47 | caseworker-ia-readonly 48 | caseworker-ia-srcaseofficer 49 | caseworker-ia-system 50 | caseworker-ia-system-access 51 | caseworker-iac-systemupdate -------------------------------------------------------------------------------- /bulk-user-setup/caseworker-roles-master.txt: -------------------------------------------------------------------------------- 1 | caseworker 2 | caseworker-adoption 3 | caseworker-adoption-caseworker 4 | caseworker-adoption-courtadmin 5 | caseworker-adoption-judge 6 | caseworker-adoption-la 7 | caseworker-adoption-solicitor 8 | caseworker-adoption-superuser 9 | caseworker-autotest1 10 | caseworker-autotest1-junior 11 | caseworker-autotest1-manager 12 | caseworker-autotest1-private 13 | caseworker-autotest1-protected 14 | caseworker-autotest1-public 15 | caseworker-autotest1-senior 16 | caseworker-autotest1-solicitor 17 | caseworker-autotest2 18 | caseworker-autotest2-junior 19 | caseworker-autotest2-manager 20 | caseworker-autotest2-private 21 | caseworker-autotest2-protected 22 | caseworker-autotest2-public 23 | caseworker-autotest2-senior 24 | caseworker-autotest2-solicitor 25 | caseworker-caa 26 | caseworker-civil 27 | caseworker-civil-admin 28 | caseworker-civil-judge 29 | caseworker-civil-solicitor 30 | caseworker-civil-staff 31 | caseworker-civil-systemupdate 32 | caseworker-cmc 33 | caseworker-cmc-anonymouscitizen 34 | caseworker-cmc-bulkscan 35 | caseworker-cmc-courtAdmin 36 | caseworker-cmc-judge 37 | caseworker-cmc-legaladvisor 38 | caseworker-cmc-pcqextractor 39 | caseworker-cmc-solicitor 40 | caseworker-cmc-systemupdate 41 | caseworker-da 42 | caseworker-da-barrister 43 | caseworker-da-casecreator 44 | caseworker-da-caseworker 45 | caseworker-da-courtadmin 46 | caseworker-da-judge 47 | caseworker-da-la 48 | caseworker-da-magistrate 49 | caseworker-da-solicitor 50 | caseworker-da-superuser 51 | caseworker-divorce 52 | caseworker-divorce-bulkscan 53 | caseworker-divorce-courtadmin 54 | caseworker-divorce-courtadmin-la 55 | caseworker-divorce-courtadmin_beta 56 | caseworker-divorce-financialremedy 57 | caseworker-divorce-financialremedy-courtadmin 58 | caseworker-divorce-financialremedy-judiciary 59 | caseworker-divorce-financialremedy-solicitor 60 | caseworker-divorce-judge 61 | caseworker-divorce-pcqextractor 62 | caseworker-divorce-solicitor 63 | caseworker-divorce-superuser 64 | caseworker-domesticabuse 65 | caseworker-domesticabuse-barrister 66 | caseworker-domesticabuse-casecreator 67 | caseworker-domesticabuse-caseworker 68 | caseworker-domesticabuse-courtadmin 69 | caseworker-domesticabuse-judge 70 | caseworker-domesticabuse-la 71 | caseworker-domesticabuse-magistrate 72 | caseworker-domesticabuse-solicitor 73 | caseworker-domesticabuse-superuser 74 | caseworker-employment 75 | caseworker-employment-api 76 | caseworker-employment-bristol 77 | caseworker-employment-englandwales 78 | caseworker-employment-etjudge 79 | caseworker-employment-etjudge-englandwales 80 | caseworker-employment-etjudge-scotland 81 | caseworker-employment-leeds 82 | caseworker-employment-legalrep-solicitor 83 | caseworker-employment-londoncentral 84 | caseworker-employment-londoneast 85 | caseworker-employment-londonsouth 86 | caseworker-employment-manchester 87 | caseworker-employment-midlandseast 88 | caseworker-employment-midlandswest 89 | caseworker-employment-newcastle 90 | caseworker-employment-scotland 91 | caseworker-employment-tribunal-api 92 | caseworker-employment-tribunal-glasgow 93 | caseworker-employment-tribunal-glasgow-api 94 | caseworker-employment-tribunal-glasgow-caseofficer 95 | caseworker-employment-tribunal-glasgow-casesupervisor 96 | caseworker-employment-tribunal-manchester 97 | caseworker-employment-tribunal-manchester-api 98 | caseworker-employment-tribunal-manchester-caseofficer 99 | caseworker-employment-tribunal-manchester-casesupervisor 100 | caseworker-employment-wales 101 | caseworker-employment-watford 102 | caseworker-et-pcqextractor 103 | caseworker-fpla-bulkscan 104 | caseworker-fpla-systemupdate 105 | caseworker-hrs 106 | caseworker-hrs-searcher 107 | caseworker-ia 108 | caseworker-ia-admofficer 109 | caseworker-ia-bails 110 | caseworker-ia-caseofficer 111 | caseworker-ia-homeofficeapc 112 | caseworker-ia-homeofficebail 113 | caseworker-ia-homeofficelart 114 | caseworker-ia-homeofficepou 115 | caseworker-ia-iacjudge 116 | caseworker-ia-judiciary 117 | caseworker-ia-legalrep-solicitor 118 | caseworker-ia-readonly 119 | caseworker-ia-respondentofficer 120 | caseworker-ia-srcaseofficer 121 | caseworker-ia-system 122 | caseworker-ia-system-access 123 | caseworker-iac-bulkscan 124 | caseworker-iac-systemupdate 125 | caseworker-privatelaw 126 | caseworker-privatelaw-bulkscan 127 | caseworker-privatelaw-bulkscansystemupdate 128 | caseworker-privatelaw-cafcass 129 | caseworker-privatelaw-casecreator 130 | caseworker-privatelaw-courtadmin 131 | caseworker-privatelaw-judge 132 | caseworker-privatelaw-la 133 | caseworker-privatelaw-solicitor 134 | caseworker-privatelaw-superuser 135 | caseworker-privatelaw-systemupdate 136 | caseworker-probate 137 | caseworker-probate-authoriser 138 | caseworker-probate-bulkscan 139 | caseworker-probate-caseadmin 140 | caseworker-probate-caseofficer 141 | caseworker-probate-charity 142 | caseworker-probate-examiner 143 | caseworker-probate-issuer 144 | caseworker-probate-judge 145 | caseworker-probate-pcqextractor 146 | caseworker-probate-registrar 147 | caseworker-probate-scheduler 148 | caseworker-probate-solicitor 149 | caseworker-probate-superuser 150 | caseworker-probate-systemupdate 151 | caseworker-publiclaw 152 | caseworker-publiclaw-bulkscan 153 | caseworker-publiclaw-bulkscansystemupdate 154 | caseworker-publiclaw-cafcass 155 | caseworker-publiclaw-courtadmin 156 | caseworker-publiclaw-gatekeeper 157 | caseworker-publiclaw-judiciary 158 | caseworker-publiclaw-localAuthority 159 | caseworker-publiclaw-magistrate 160 | caseworker-publiclaw-solicitor 161 | caseworker-publiclaw-superuser 162 | caseworker-publiclaw-systemupdate 163 | caseworker-ras-validation 164 | caseworker-reference-data 165 | caseworker-sscs 166 | caseworker-sscs-anonymouscitizen 167 | caseworker-sscs-bulkscan 168 | caseworker-sscs-callagent 169 | caseworker-sscs-clerk 170 | caseworker-sscs-dwpresponsewriter 171 | caseworker-sscs-judge 172 | caseworker-sscs-panelmember 173 | caseworker-sscs-pcqextractor 174 | caseworker-sscs-registrar 175 | caseworker-sscs-superuser 176 | caseworker-sscs-systemupdate 177 | caseworker-test 178 | caseworker-test-junior 179 | caseworker-test-manager 180 | caseworker-test-private 181 | caseworker-test-protected 182 | caseworker-test-public 183 | caseworker-test-senior 184 | caseworker-test-solicitor 185 | caseworker-wa-task-configuration 186 | caseworker-sscs-hmrcresponsewriter 187 | caseworker-approver 188 | caseworker-adoption-bulkscan 189 | caseworker-adoption-bulkscansystemupdate 190 | caseworker-adoption-systemupdate 191 | caseworker-bsp-systemupdate 192 | caseworker-divorce-systemupdate 193 | caseworker-employment-etjudge-bristol 194 | caseworker-employment-etjudge-leeds 195 | caseworker-employment-etjudge-londoncentral 196 | caseworker-employment-etjudge-londoneast 197 | caseworker-employment-etjudge-londonsouth 198 | caseworker-employment-etjudge-manchester 199 | caseworker-employment-etjudge-midlandseast 200 | caseworker-employment-etjudge-midlandswest 201 | caseworker-employment-etjudge-newcastle 202 | caseworker-employment-etjudge-wales 203 | caseworker-employment-etjudge-watford 204 | caseworker-finrem-systemupdate 205 | caseworker-ia-judge 206 | caseworker-ia-respondentlocalauthority 207 | caseworker-ia-respondentnaab 208 | caseworker-sscs-teamleader 209 | fpl-caseworker-publiclaw 210 | fpl-caseworker-publiclaw-cafcass 211 | fpl-caseworker-publiclaw-courtadmin 212 | fpl-caseworker-publiclaw-gatekeeper 213 | fpl-caseworker-publiclaw-judiciary 214 | fpl-caseworker-publiclaw-solicitor 215 | fpl-caseworker-publiclaw-systemupdate 216 | -------------------------------------------------------------------------------- /bulk-user-setup/test/inputs/ADD-WITH-ID-SSOID.csv: -------------------------------------------------------------------------------- 1 | operation,email,firstName,lastName,roles,id,ssoId,userExists,result,prerequisite,comment 2 | add,ccd.test.add.user00@hmcts.gov.uk,,,caseworker|caseworker-role-one,,b2e98223-9ce6-4278-8707-d2e6ab8cc8c9,FALSE,FAILED,ENABLE_USERID_REGISTRATIONS=true,"id is unique, both first name and last name cannot be empty" 3 | add,ccd.test.add.user1@hmcts.gov.uk,fn1,ln1,,,b2e98223-9ce6-4278-8707-d2e6ab8cc8c9,TRUE,FAILED,"ENABLE_USERID_REGISTRATIONS=true, id already exists",Roles are mandatory 4 | add,ccd.test.add.user1@hmcts.gov.uk,fn1,ln1,caseworker|caseworker-role-one,,b2e98223-9ce6-4278-8707-d2e6ab8cc8c9,TRUE,FAILED,"ENABLE_USERID_REGISTRATIONS=true, id already exists",User with given email already exists 5 | add,ccd.test.add.user03@hmcts.gov.uk,fn03,ln03,caseworker|caseworker-role-one,,b2e98223-9ce6-4278-8707-d2e6ab8cc8c9,FALSE,SUCCESS,ENABLE_USERID_REGISTRATIONS=true,id is unique 6 | add,ccd.test.add.user04@hmcts.gov.uk,fn04,ln04,caseworker|caseworker-role-one,,b2e98223-9ce6-4278-8707-d2e6ab8cc8c9,FALSE,SKIPPED,ENABLE_USERID_REGISTRATIONS=true,id is MUST be provided 7 | add,ccd.test.add.user1@hmcts.gov.uk,fn1,ln1,caseworker|caseworker-role-one,,b2e98223-9ce6-4278-8707-d2e6ab8cc8c9,TRUE,FAILED,ENABLE_USERID_REGISTRATIONS=true,"id is unique, conflict active user already exists" 8 | add,ccd.test.add.userXYZ@hmcts.gov.uk,fn1,ln1,caseworker|caseworker-role-one,,b2e98223-9ce6-4278-8707-d2e6ab8cc8c9,TRUE,FAILED,"ENABLE_USERID_REGISTRATIONS=true, id already exists",User with given id already exists -------------------------------------------------------------------------------- /bulk-user-setup/test/inputs/ADD-WITH-ID.csv: -------------------------------------------------------------------------------- 1 | operation,email,firstName,lastName,roles,id,userExists,result,prerequisite,comment 2 | add,ccd.test.add.user00@hmcts.gov.uk,,,caseworker|caseworker-role-one,b2e98223-9ce6-4278-8707-d2e6ab8cc8c9,FALSE,FAILED,ENABLE_USERID_REGISTRATIONS=true,"id is unique, both first name and last name cannot be empty" 3 | add,ccd.test.add.user1@hmcts.gov.uk,fn1,ln1,,use-existing-user-id,TRUE,FAILED,"ENABLE_USERID_REGISTRATIONS=true, id already exists",Roles are mandatory 4 | add,ccd.test.add.user1@hmcts.gov.uk,fn1,ln1,caseworker|caseworker-role-one,use-existing-user-id,TRUE,FAILED,"ENABLE_USERID_REGISTRATIONS=true, id already exists",User with given email already exists 5 | add,ccd.test.add.user03@hmcts.gov.uk,fn03,ln03,caseworker|caseworker-role-one,b2e98223-9ce6-4278-8707-d2e6ab8cc8c9,FALSE,SUCCESS,ENABLE_USERID_REGISTRATIONS=true,id is unique 6 | add,ccd.test.add.user04@hmcts.gov.uk,fn04,ln04,caseworker|caseworker-role-one,,FALSE,SKIPPED,ENABLE_USERID_REGISTRATIONS=true,id is MUST be provided 7 | add,ccd.test.add.user1@hmcts.gov.uk,fn1,ln1,caseworker|caseworker-role-one,b2e98223-9ce6-4278-8707-d2e6ab8cc8c9,TRUE,FAILED,ENABLE_USERID_REGISTRATIONS=true,"id is unique, conflict active user already exists" 8 | add,ccd.test.add.userXYZ@hmcts.gov.uk,fn1,ln1,caseworker|caseworker-role-one,f3e6eb49-f429-462c-9712-3fdf87f4b50c,TRUE,FAILED,"ENABLE_USERID_REGISTRATIONS=true, id already exists",User with given id already exists -------------------------------------------------------------------------------- /bulk-user-setup/test/inputs/ADD.csv: -------------------------------------------------------------------------------- 1 | operation,email,firstName,lastName,roles,userExists,result,prerequisite,comment 2 | add,ccd.test.add.user0@hmcts.gov.uk,fn1,ln1,,FALSE,FAILED,,User not found. Roles are mandatory 3 | add,ccd.test.add.user0@hmcts.gov.uk,,,manage-translations|caseworker-role-one,FALSE,FAILED,,User not found. Both first name and last name cannot be empty 4 | add,ccd.test.add.user01@hmcts.gov.uk,fn01,ln01,caseworker-role-one|caseworker-role-two,FALSE,SUCCESS,,User not found. should add caseworker role if there are other caseworker related roles to be added 5 | add,ccd.test.add.user02@hmcts.gov.uk,fn02,ln02,manage-translations,FALSE,SUCCESS,,User not found. should NOT add caseworker role if there are no other caseworker related roles to be added 6 | add,ccd.test.add.user03@hmcts.gov.uk,fn03,ln03,manage-translations|caseworker-role-one|judiciary,FALSE,SUCCESS,,"add all roles except judiciary, warn about judiciary" 7 | add,ccd.test.add.user04@hmcts.gov.uk,fn04,ln04,caseworker-role-three|caseworker-role-four,FALSE,SUCCESS,,User not found. User 1 added with some roles 8 | add,ccd.test.add.user04@hmcts.gov.uk,fn04,ln04,caseworker-role-two,FALSE,SUCCESS,re-run of script where status = SUCCESS,User not found. User 1 added with different roles for the second time 9 | add,ccd.test.add.user05@hmcts.gov.uk,fn05,,caseworker-role-five|caseworker-role-six,FALSE,SUCCESS,,"User not found. If only first name present, keep space for last name" 10 | add,ccd.test.add.user06@hmcts.gov.uk,,ln06,caseworker-role-five|caseworker-role-six,FALSE,SUCCESS,,"User not found. If only last name present, keep space for first name" 11 | add,ccd.test.add.user1@hmcts.gov.uk,fn1,ln1,,TRUE,FAILED,User is inactive,roles are always mandatory for add /delete 12 | add,ccd.test.add.user2@hmcts.gov.uk,,,caseworker-role-two,TRUE,SUCCESS,user inactive and no roles or only caseworker,Both first name and last name ignored 13 | add,ccd.test.add.user3@hmcts.gov.uk,,,caseworker-role-three|caseworker-role-four,TRUE,SUCCESS,user inactive no roles,Should activate the user and add all the roles including caseworker role 14 | add,ccd.test.add.user4@hmcts.gov.uk,,,manage-translations,TRUE,SUCCESS,user inactive no roles,Should activate the user and add all the roles and no caseworker role 15 | add,ccd.test.add.user5@hmcts.gov.uk,,,caseworker-role-five|judiciary,TRUE,SUCCESS,user inactive with or without roles,"add all roles except judiciary, warn about judiciary" 16 | add,ccd.test.add.user6@hmcts.gov.uk,,,,TRUE,FAILED,user exists,User found. Roles are mandatory 17 | add,ccd.test.add.user7@hmcts.gov.uk,,,caseworker-role-five|caseworker-role-six,TRUE,SUCCESS,user exists,User found. Both first name and last name ignored 18 | add,ccd.test.add.user8@hmcts.gov.uk,,,caseworker-role-two|caseworker-role-three,TRUE,SUCCESS,user exists with no roles,User found. should add caseworker role if there are other caseworker related roles to be added 19 | add,ccd.test.add.user9@hmcts.gov.uk,,,manage-translations,TRUE,SUCCESS,,User found. should NOT add caseworker role if there are no other caseworker related roles to be added 20 | add,ccd.test.add.user10@hmcts.gov.uk,,,caseworker-role-six|judiciary,TRUE,SUCCESS,,"add all roles except judiciary, warn about judiciary" 21 | add,ccd.test.add.user07@hmcts.gov.uk,fn07,ln07,caseworker|caseworker-role-six,FALSE,SUCCESS,user exists with no roles,User not found. Caseworker role mentioned in the roles 22 | add,ccd.test.add.user11@hmcts.gov.uk,,,caseworker|caseworker-role-six,TRUE,SUCCESS,user inactive no roles,User is inactive. Caseworker role mentioned in the roles 23 | add,ccd.test.add.user12@hmcts.gov.uk,,,caseworker|caseworker-role-six,TRUE,SUCCESS,"user exists, active no roles",User found. Caseworker role mentioned in the roles 24 | add,ccd.test.add.user13@hmcts.gov.uk,,,caseworker|caseworker-role-six,TRUE,SKIPPED,"user exists, active all roles already assigned",nothing to change 25 | add,ccd.test.add.user07@hmcts.gov.uk,fn07,ln07,caseworker-role-two|ia-roles,FALSE,FAILED,user does not exist,User does not exist. Should fail as ia-roles does not exist 26 | add,ccd.test.add.user08@hmcts.gov.uk,fn08,ln08,judiciary,FALSE,FAILED,user does not exist,"skip judicary, fail cannot create user with no roles to apply" 27 | add,ccd.test.add.user13@hmcts.gov.uk,,,judiciary,TRUE,SKIPPED,user exists with or without roles,"skip judicary, Skip as no roles to apply" -------------------------------------------------------------------------------- /bulk-user-setup/test/inputs/CFTS-4217.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmcts/ccd-docker/e858b1742a993bf59efb0591c67d55ac659e2a18/bulk-user-setup/test/inputs/CFTS-4217.csv -------------------------------------------------------------------------------- /bulk-user-setup/test/inputs/COMMON.csv: -------------------------------------------------------------------------------- 1 | operation,email,firstName,lastName,roles,userExists,result,prerequisite,comment 2 | add, ccd.test.common.user0@hmcts.gov.uk ,fn0 ,ln0,caseworker-role-one,FALSE,SUCCESS,user does not exist,Spaces (front and back) in email 3 | add,ccd.test.common.user1hmcts.gov.uk,,,,NA,FAILED,,Invalid Email address format 4 | add,ccd.test.common.user1@hmcts.gov.uk,,,caseworker|caseworker+test,TRUE,FAILED,,Invalid Role format 5 | add,ccd.test.common.user1@hmcts.gov.uk,,,"caseworker,caseworker-role-one",TRUE,FAILED,,Invalid Role separator 6 | add ,ccd.test.common.user2@hmcts.gov.uk,,,caseworker-role-one,TRUE,SUCCESS,"user exists, no roles",Spaces (front and back) in operation 7 | add, ccd.test.common.user3@hmcts.gov.uk ,,,caseworker-role-one,TRUE,SUCCESS,"user exists, no roles",Spaces (front and back) in email 8 | add,ccd.test.common.user0@hmcts.gov.uk, fn0 ,ln0,caseworker-role-one,FALSE,SUCCESS,,Spaces (front and back) in first name 9 | add,ccd.test.common.user01@hmcts.gov.uk,fn01, ln01 ,caseworker-role-one|caseworker-role-two,FALSE,SUCCESS,,Spaces (front and back) in last name 10 | add,ccd.test.common.user4@hmcts.gov.uk,,,caseworker-role-one | caseworker-role-two,TRUE,SUCCESS,user exists no roles,Spaces in between roles 11 | add,ccd.test.common.user5@hmcts.gov.uk,,,caseworker-role -one|caseworker-ro le-two,TRUE,SUCCESS,user exists no roles,Spaces inside roles (DO WE NEED TO FIX THESE?) 12 | add,ccd.test.common.user6@hmcts.gov.uk,,,caseworker-role-ONE|caseWorkEr-role-two,TRUE,SUCCESS,user exists no roles,Roles in upper case - should be converted to lower case 13 | ADD,ccd.test.common.user06@hmcts.gov.uk,fn06,ln06,caseworker-role-five|caseworker-role-six,FALSE,SUCCESS,,Operation in upper case - should be working 14 | add,ccd.test.common.user07@hmcts.gov.uk,fn7,ln7,caseworker-role-six|caseworker_role_six,FALSE,SUCCESS,"user does not exist, roles do exist",Roles with - and _ should be allowed 15 | add, ,,,,NA,FAILED,,Empty email id 16 | find,ccd.test.common.user1@,,,,NA,FAILED,,Invalid Email address format 17 | find ,ccd.test.common.user1@hmcts.gov.uk,,,,TRUE,SUCCESS,,Spaces (front and back) in operation 18 | find, ccd.test.common.user1@hmcts.gov.uk ,,,,TRUE,SUCCESS,,Spaces (front and back) in email 19 | FIND,ccd.test.common.user1@hmcts.gov.uk,fn6,ln6,caseworker-role-five|caseworker-role-six,TRUE,SUCCESS,user exists,Operation in upper case - should be working 20 | find,,,,,NA,FAILED,,Empty email id 21 | find,ccd.test.common.user1@hmcts.gov.uk,sometext,sometext,sometext,TRUE,SUCCESS,user exists,WARN firstName/lastName/roles given but not required 22 | find,ccd.test.common.user1@hmcts.gov.uk,sometext,sometext,,TRUE,SUCCESS,user exists,WARN firstName/lastName given but not required 23 | find,ccd.test.common.user1@hmcts.gov.uk,sometext,,sometext,TRUE,SUCCESS,user exists,WARN firstName/roles given but not required 24 | find,Ccd.Test.Common.user1@hmcts.gov.uk,sometext,,sometext,TRUE,SUCCESS,user exists,WARN firstName/roles given but not required 25 | updatename,ccd.test.common.user1@%^&hmcts.gov.uk,,,,NA,FAILED,,Invalid Email address format 26 | updatename ,ccd.test.common.user1@hmcts.gov.uk,fn1,ln1,,TRUE,SUCCESS,user exists,Spaces (front and back) in operation 27 | updatename, ccd.test.common.user1@hmcts.gov.uk ,fn2,ln2,,TRUE,SUCCESS,user exists,Spaces (front and back) in email 28 | updatename,ccd.test.common.user1@hmcts.gov.uk, fn0 ,ln0,,TRUE,SUCCESS,user exists,Spaces (front and back) in first name 29 | updatename,ccd.test.common.user1@hmcts.gov.uk,fn02, ln02 ,,TRUE,SUCCESS,user exists,Spaces (front and back) in last name 30 | UPDATENAME,ccd.test.common.user1@hmcts.gov.uk,fn1,ln1,,TRUE,SUCCESS,user exists,Operation in upper case - should be working 31 | updatename,,,,,NA,FAILED,,Empty email id 32 | updatename,ccd.test.common.user1@hmcts.gov.uk,fn03,ln03,sometext,TRUE,SUCCESS,user exists,WARN roles given but not required 33 | delete,ccd.test.common.user1@ hmcts.gov.uk,,,,NA,FAILED,,Invalid Email address format 34 | delete,ccd.test.common.user1@hmcts.gov.uk,,,caseworker|caseworker=test,TRUE,FAILED,,Invalid Role format 35 | delete,ccd.test.common.user1@hmcts.gov.uk,,,caseworker&caseworker-role-one,TRUE,FAILED,,Invalid Role separator 36 | delete ,ccd.test.common.user2@hmcts.gov.uk,,,caseworker-role-one,TRUE,SUCCESS,,Spaces (front and back) in operation 37 | delete, ccd.test.common.user3@hmcts.gov.uk ,,,caseworker-role-one,TRUE,SUCCESS,,Spaces (front and back) in email 38 | delete,ccd.test.common.user4@hmcts.gov.uk,,,caseworker-role-one | caseworker-role-two,TRUE,SUCCESS,user exists with roles,Spaces in between roles 39 | delete,ccd.test.common.user5@hmcts.gov.uk,,,caseworker-role -one|caseworker-ro le-two,TRUE,SUCCESS,user exists no roles,Spaces inside roles 40 | delete,ccd.test.common.user6@hmcts.gov.uk,,,caseworker-role-ONE|caseWorkEr-role-two,TRUE,SUCCESS,user exists with roles,Roles in upper case - should be converted to lower case 41 | DELETE,ccd.test.common.user8@hmcts.gov.uk,fn06,ln06,caseworker-role-five|caseworker-role-six,FALSE,SUCCESS,user exists with roles,Operation in upper case - should be working 42 | delete,ccd.test.common.user07@hmcts.gov.uk,fn7,ln7,caseworker-role-six|caseworker_role_six,FALSE,SKIPPED,"user does not exist, roles do exist",Roles with - and _ should be allowed 43 | delete,,,,,NA,FAILED,,Empty email id 44 | delete,ccd.test.common.user1@hmcts.gov.uk,fn1,ln1,caseworker-role-six|caseworker_role_six,TRUE,SUCCESS,user exists,WARN first and last name given but not required 45 | Update,ccd.test.common.user1@hmcts.gov.uk,fn1,ln1,caseworker-role-six|caseworker_role_six,,FAILED,,Invalid Operation name 46 | ,ccd.test.common.user1@hmcts.gov.uk,fn1,ln1,caseworker-role-six|caseworker_role_six,,FAILED,,Empty Operation name 47 | add, ccd.test.common.user0@hmcts.gov.uk ,fn0 ,ln0,caseworker-role-one||caseworker-role-two | |caseworker-role-three|,FALSE,SUCCESS,user does not exist,Roles with empty delimeter or ending in delimiter should work -------------------------------------------------------------------------------- /bulk-user-setup/test/inputs/DELETE.csv: -------------------------------------------------------------------------------- 1 | operation,email,firstName,lastName,roles,userExists,result,prerequisite,comment 2 | delete,ccd.test.delete.user0@hmcts.gov.uk,,,caseworker|caseworker-role-one,FALSE,SKIPPED,user does not exist,user does not exist 3 | delete,ccd.test.delete.user1@hmcts.gov.uk,,,caseworker-role-two|caseworker-role-three,TRUE,SKIPPED,user has none of the roles in request,None of the roles found with the user 4 | delete,ccd.test.delete.user2@hmcts.gov.uk,,,caseworker-role-two,TRUE,SUCCESS,user has caseworker and caseworker-role-two already,Caseworker role not mentioned in the list but it is the last role with the user - deactivate user 5 | delete,ccd.test.delete.user3@hmcts.gov.uk,,,caseworker-role-three,TRUE,SUCCESS,"user has caseworker, caseworker-role-three and caseworker-role-four already",Caseworker role not mentioned in the list but it is NOT the last role with the user and some caseworker related role present - do not deactivate user 6 | delete,ccd.test.delete.user4@hmcts.gov.uk,,,caseworker-role-four,TRUE,SUCCESS,user has caseworker-role-four and some-other-role,"Caseworker role not mentioned in the list but it is NOT the last role with the user, but only non-caseworker roles present - do not deactivate user" 7 | delete,ccd.test.delete.user05@hmcts.gov.uk,fn0,ln1,caseworker|caseworker-role-one,FALSE,SKIPPED,user does not exist,First/last name mentioned - ignore and log warning 8 | delete,ccd.test.delete.user6@hmcts.gov.uk,,,caseworker|caseworker-role-five|judiciary,TRUE,FAILED,user exists with or without roles,Roles contains judiciary (or other restricted roles?) 9 | delete,ccd.test.delete.user7@hmcts.gov.uk,,,caseworker-role-five|caseworker-role-six|some-other-role,TRUE,SUCCESS,"user exists with roles caseworker-five,caseworker-role-six",Role deletion partially failed for any reason while deleting role by role 10 | delete,ccd.test.delete.user8@hmcts.gov.uk,,,caseworker-role-five|caseworker-role-six|some-other-role,TRUE,SUCCESS,Few roles removed and remaining are not found with the user,Few roles removed and remaining are not found with the user 11 | delete,ccd.test.delete.user9@hmcts.gov.uk,,,caseworker,TRUE,SUCCESS,should user have no role or only caseworker?,Caseworker role mentioned in the list and no role present with the user - deactivate user 12 | delete,ccd.test.delete.user10@hmcts.gov.uk,,,caseworker|caseworker-role-one,TRUE,SKIPPED,User inactive - ignore and log warning,User inactive - ignore and log warning 13 | delete,ccd.test.delete.user11@hmcts.gov.uk,fn07,ln07,caseworker-role-two|ia-roles,TRUE,SUCCESS,"user exists with caseworker-role-two, caseworker and all the ia_roles. Should remove all roles and de-activate user","User exists, should remove all roles and de-activate the user" 14 | delete,ccd.test.delete.user12@hmcts.gov.uk,fn07,ln07,ia-roles,TRUE,SUCCESS,"user exists with caseworker-role-two, caseworker and all the ia_roles. Should remove all ia roles","User exists, should remove all ia roles - do not remove caseworker role and do not deactivate the user" 15 | delete,ccd.test.delete.user13@hmcts.gov.uk,,,caseworker-role-two,TRUE,SUCCESS,"user exists with caseworker-role-two, caseworker only",should remove caseworker-role-two and caseworker and deactivate the user 16 | delete,ccd.test.delete.user14@hmcts.gov.uk,,,caseworker-role-two,TRUE,SUCCESS,"user exists with caseworker-role-one, caseworker-role-two, caseworker and payment",should remove only caseworker-role-two user should remain active 17 | delete,ccd.test.delete.user15@hmcts.gov.uk,,,caseworker-role-one|caseworker-role-two,TRUE,SUCCESS,"user exists with caseworker-role-one, caseworker-role-two, caseworker and payment",should remove all caseworker roles leave payment user should remain active 18 | delete,ccd.test.delete.user16@hmcts.gov.uk,,,caseworker|caseworker-role-one|caseworker-role-two,TRUE,SUCCESS,"user exists with caseworker-role-one, caseworker-role-two, caseworker and payment",should remove all caseworker roles leave payment user should remain active 19 | delete,ccd.test.delete.user17@hmcts.gov.uk,,,caseworker,TRUE,SUCCESS,user exists with caseworker,should remove caseworker role and deactivate the user 20 | delete,ccd.test.delete.user18@hmcts.gov.uk,,,caseworker,TRUE,SUCCESS,user exists with caseworker and payment,should remove caseworker role leave payment user should remain active 21 | delete,ccd.test.delete.user19@hmcts.gov.uk,,,all-roles,TRUE,SUCCESS,user exists with or without roles,should remove ALL roles user should be de-actived 22 | delete,ccd.test.delete.user20@hmcts.gov.uk,,,ia-roles,TRUE,SUCCESS,user exists with all ia-roles and all sscs roles,should remove all ia-roles but none of the sscs roles or caseworker default role 23 | delete,ccd.test.delete.user21@hmcts.gov.uk,,,employment-roles,TRUE,SUCCESS,"user exists and active with some employment roles, other caseworker roles and caseworker role",should leave caseworker role and remain active 24 | delete,ccd.test.delete.user22@hmcts.gov.uk,,,employment-roles|ia-roles|cwd-user|payments,TRUE,SUCCESS,"user exists with some employment roles, some ia-roles, cwd-user, payment and caseworker role",should remove all roles and deactive the user 25 | delete,ccd.test.delete.user23@hmcts.gov.uk,,,employment-roles|ia-roles|cwd-user|payments,TRUE,SUCCESS,user exists with NO roles assigned,should deactivate the user 26 | delete,ccd.test.delete.user24@hmcts.gov.uk,,,caseworker-role-two,TRUE,SUCCESS,user exists with only caseworker role,should remove caseworker and deactivate the user 27 | delete,ccd.test.delete.user25@hmcts.gov.uk,,,caseworker-role-one,TRUE,SUCCESS,user exists with payments|payments-refund|payments-refund-approver|caseworker|caseworker-role-one,should remove caseworker and other default delete roles and deactivate the user 28 | delete,ccd.test.delete.user26@hmcts.gov.uk,,,payments|payments-refund|payments-refund-approver|caseworker-role-one,TRUE,SUCCESS,user exists with payments|payments-refund|payments-refund-approver|caseworker|caseworker-role-one,"should remove caseworker and other default delete roles and deactivate the user, should log ignoring default delete roles initially" -------------------------------------------------------------------------------- /bulk-user-setup/test/inputs/DEMO-ENV-TEST-NOSSOID.csv: -------------------------------------------------------------------------------- 1 | operation,email,firstName,lastName,roles,userExists,result,prerequisite,comment 2 | add,ccd.test.add.ssoid@eJudiciary.net,,,caseworker-test-public|caseworker-test-senior,TRUE,SUCCESS,,"user exists, sso id not provided" 3 | add,ccd.test.add.ssoid@eJudiciary.net,fn1,ln1,caseworker-test-public|caseworker-test-senior,TRUE,SUCCESS,,"user exists, sso id not provided" 4 | updatename,ccd.test.add.ssoid@eJudiciary.net,updatedfn,updatedln,caseworker-test-public|caseworker-test-senior,TRUE,SUCCESS,,"user exists, sso id not provided" 5 | updatename,ccd.test.add.ssoid@eJudiciary.net,updatedfn,updatedln,caseworker-test-public|caseworker-test-senior,TRUE,SUCCESS,,"user exists, sso id not provided" 6 | find,ccd.test.add.ssoid@eJudiciary.net,,,caseworker-test-public|caseworker-test-senior,TRUE,SUCCESS,,"user exists, sso id not provided" 7 | find,ccd.test.add.ssoid@eJudiciary.net,,,caseworker-test-public|caseworker-test-senior,TRUE,SUCCESS,,"user exists, sso id not provided" 8 | find,ccd.test.add.ssoid@eJudiciary.net,,,caseworker-test-public|caseworker-test-senior,TRUE,SUCCESS,,"user exists, sso id not provided" -------------------------------------------------------------------------------- /bulk-user-setup/test/inputs/DEMO-ENV-TEST-SSOID.csv: -------------------------------------------------------------------------------- 1 | operation,email,firstName,lastName,roles,ssoId,userExists,result,prerequisite,comment 2 | add,ccd.test.add.ssoid@eJudiciary.net,,,caseworker-test-public|caseworker-test-senior,72b606e0-dd56-4c49-9335-2b0bd8f56f86,TRUE,SUCCESS,,"user exists, sso id is correct, no roles assigned" 3 | add,ccd.test.add.ssoid@eJudiciary.net,fn1,ln1,caseworker-test-public|caseworker-test-senior,82b606e0-dd56-4c49-9335-2b0bd8f56f87,TRUE,FAILED,,"user exists, sso id is incorrect" 4 | updatename,ccd.test.add.ssoid@eJudiciary.net,updatedfn,updatedln,caseworker-test-public|caseworker-test-senior,72b606e0-dd56-4c49-9335-2b0bd8f56f86,TRUE,SUCCESS,,"user exists, sso id is correct" 5 | updatename,ccd.test.add.ssoid@eJudiciary.net,updatedfn,updatedln,caseworker-test-public|caseworker-test-senior,82b606e0-dd56-4c49-9335-2b0bd8f56f87,TRUE,FAILED,,"user exists, sso id is incorrect" 6 | find,ccd.test.add.ssoid@eJudiciary.net,,,caseworker-test-public|caseworker-test-senior,72b606e0-dd56-4c49-9335-2b0bd8f56f86,TRUE,SUCCESS,,"user exists, sso id is correct" 7 | find,ccd.test.add.ssoid@eJudiciary.net,,,caseworker-test-public|caseworker-test-senior,82b606e0-dd56-4c49-9335-2b0bd8f56f87,TRUE,FAILED,,"user exists, sso id is incorrect" 8 | find,ccd.test.add.ssoid@eJudiciary.net,,,caseworker-test-public|caseworker-test-senior,,TRUE,SUCCESS,,"user exists, sso id not provided" -------------------------------------------------------------------------------- /bulk-user-setup/test/inputs/DEMO-ENV-TEST-UPDATEEMAIL-SSOID.csv: -------------------------------------------------------------------------------- 1 | operation,email,firstName,lastName,roles,ssoId,userExists,result,prerequisite,comment 2 | updateemail,ccd.test.ssoid@eJudiciary.net,,,rolenotrequired,72b606e0-dd56-4c49-9335-2b0bd8f56f86,TRUE,SKIPPED,,"user exists, sso id is correct, email is correct, skip nothing to change" 3 | updateemail,ccd.test.ssoid@eJudiciary.net,fn1,ln1,caseworker-test-public|caseworker-test-senior,a6c25c74-e590-4a9c-b429-04759b1639ab,TRUE,FAILED,,"user exists, sso id is incorrect" 4 | updateemail,ccd.test.ssoid-patched@eJudiciary.net,,,caseworker-test-public|caseworker-test-senior,72b606e0-dd56-4c49-9335-2b0bd8f56f86,TRUE,SUCCESS,,"user exists, sso id is correct email is incorrect, change email" 5 | updateemail,ccd.test.ssoid-patched@eJudiciary.net,,,caseworker-test-public|caseworker-test-senior,,TRUE,SKIPPED,,"user exists, sso id not provided email is correct, skip nothing to change" -------------------------------------------------------------------------------- /bulk-user-setup/test/inputs/FIND.csv: -------------------------------------------------------------------------------- 1 | operation,email,firstName,lastName,roles,userExists,result,prerequisite,comment 2 | find,ccd.test.user0@hmcts.gov.uk,,,,FALSE,FAILED,user does not exist, 3 | find,ccd.test.add.user1@hmcts.gov.uk,,,,TRUE,SUCCESS,"output file will populate firstname/lastname, roles, active status, last modified etc", 4 | find,ccd.test.add.user2@hmcts.gov.uk,fn1,Ln1,caseworker,TRUE,SUCCESS,"populate cells from api, warn log as firstname/lastname/roles provided but not needed", 5 | find,ccd.test.add.user3@hmcts.gov.uk,,,,TRUE,SUCCESS,user is inactive, -------------------------------------------------------------------------------- /bulk-user-setup/test/inputs/SKIP.csv: -------------------------------------------------------------------------------- 1 | operation,email,firstName,LastName,roles,userExists,result,prerequisite,comment 2 | add,ccd.test.user0@hmcts.gov.uk,fn1,ln1,,FALSE,FAILED,,User not found. Roles are mandatory -------------------------------------------------------------------------------- /bulk-user-setup/test/inputs/UPDATENAME.csv: -------------------------------------------------------------------------------- 1 | operation,email,firstName,lastName,roles,userExists,result,prerequisite,comment 2 | updatename,ccd.test.updatename.user0@hmcts.gov.uk,fn0,ln0,,FALSE,SKIPPED,user does not exist,user does not exist 3 | updatename,ccd.test.updatename.user1@hmcts.gov.uk,fn1-1,ln1-1,manage-translations|caseworker|somerole,TRUE,SUCCESS,user exists with fn1 and ln1,ignore the roles if specified - put a warning log 4 | updatename,ccd.test.updatename.user2@hmcts.gov.uk,fn2,ln2,,TRUE,SKIPPED,user exists with fn2 and ln2,nothing to change 5 | updatename,ccd.test.updatename.user3@hmcts.gov.uk,fn3-3,,,TRUE,SUCCESS,user exists,change first name 6 | updatename,ccd.test.updatename.user4@hmcts.gov.uk,,ln4-4,,TRUE,SUCCESS,user exists,change last name 7 | updatename,ccd.test.updatename.user5@hmcts.gov.uk,fn5-5,ln5-5,,TRUE,SUCCESS,user exists,change first and last names 8 | updatename,ccd.test.updatename.user1@hmcts.gov.uk,,,,TRUE,FAILED,,no first and last names 9 | updatename,ccd.test.updatename.user1@hmcts.gov.uk, ,,,TRUE,FAILED,,first name is given as (space) 10 | updatename,ccd.test.updatename.user1@hmcts.gov.uk, , ,,TRUE,FAILED,,last name is given as (space) 11 | updatename,ccd.test.updatename.user1@hmcts.gov.uk, , ,,TRUE,FAILED,,both first and last name are given as (space) 12 | updatename,ccd.test.updatename.user6@hmcts.gov.uk, ,ln6-6,,TRUE,SUCCESS,,first name is given as (space) and last name has valid value 13 | updatename,ccd.test.updatename.user7@hmcts.gov.uk,fn7-7, ,,TRUE,SUCCESS,,last name is given as (space) and first name has valid value 14 | updatename,ccd.test.updatename.user8@hmcts.gov.uk,fn8-8,ln8-8,,TRUE,SKIPPED,,user inactive - put a warning log -------------------------------------------------------------------------------- /bulk-user-setup/test/utils/add-idam-clients.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -eu 4 | 5 | dir=$(dirname ${0}) 6 | 7 | ${dir}/idam-create-service.sh "ccd-bulk-user-register" "ccd-bulk-user-register" "ccd-bulk-user-register-secret" "https://create-bulk-user-test/oauth2redirect" "false" "openid roles create-user manage-user search-user" -------------------------------------------------------------------------------- /bulk-user-setup/test/utils/add-idam-roles.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -eu 4 | dir=$(dirname ${0}) 5 | jq -r '[(.[] | .roles | split(",")) | .[] ] | unique[]' ${dir}/roles.json | while read args; do 6 | ${dir}/../../../bin/utils/idam-add-role.sh "$args" 7 | done 8 | -------------------------------------------------------------------------------- /bulk-user-setup/test/utils/add-users.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -eu 4 | 5 | dir=$(dirname ${0}) 6 | 7 | jq -r '.[] | .email + " " + .roles + " " + .lastName + " " + .firstName + " " + .active' ${dir}/users.json | while read args; do 8 | ${dir}/idam-create-users.sh $args 9 | done 10 | -------------------------------------------------------------------------------- /bulk-user-setup/test/utils/idam-create-service.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -eu 4 | 5 | dir=$(dirname ${0}) 6 | 7 | LABEL=${1} 8 | CLIENT_ID=${2} 9 | CLIENT_SECRET=${3} 10 | REDIRECT_URL=${4} 11 | SELF_REGISTRATION=${5:-"false"} 12 | SCOPE=${6:-"openid roles create-user manage-user search-user"} 13 | 14 | apiToken=$(${dir}/../../../bin/utils/idam-authenticate.sh "${IDAM_ADMIN_USER}" "${IDAM_ADMIN_PASSWORD}") 15 | 16 | echo -e "\nCreating service with:\nLabel: ${LABEL}\nClient ID: ${CLIENT_ID}\nClient Secret: ${CLIENT_SECRET}\nRedirect URL: ${REDIRECT_URL}\n" 17 | 18 | STATUS=$(curl --silent --output /dev/null --write-out '%{http_code}' -X POST -H 'Content-Type: application/json' -H "Authorization: AdminApiAuthToken ${apiToken}" \ 19 | ${IDAM_API_BASE_URL:-http://localhost:5000}/services \ 20 | -d '{ 21 | "allowedRoles": [], 22 | "description": "'${LABEL}'", 23 | "label": "'${LABEL}'", 24 | "oauth2ClientId": "'${CLIENT_ID}'", 25 | "oauth2ClientSecret": "'${CLIENT_SECRET}'", 26 | "oauth2RedirectUris": ["'${REDIRECT_URL}'"], 27 | "oauth2Scope": "'"${SCOPE}"'", 28 | "selfRegistrationAllowed": "'${SELF_REGISTRATION}'" 29 | }') 30 | 31 | if [ $STATUS -eq 201 ]; then 32 | echo "Service created sucessfully" 33 | elif [ $STATUS -eq 409 ]; then 34 | echo "Service already exists!" 35 | else 36 | echo "ERROR: HTTPCODE = $STATUS" 37 | exit 1 38 | fi -------------------------------------------------------------------------------- /bulk-user-setup/test/utils/idam-create-users.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | ###################### 4 | ## FUNCTIONS 5 | ###################### 6 | 7 | get_user_roles() { 8 | docker run -e PGPASSWORD='openidm' --rm --network ccd-network postgres:11-alpine psql --host shared-db --username openidm --tuples-only --command "SELECT data.roles FROM managedObjects mo, LATERAL (SELECT regexp_replace(string_agg((element::json -> '_ref')::text, ','), '( *\\w*\\/)|(\")', '', 'g') AS roles FROM json_array_elements_text(mo.fullobject->'effectiveRoles') as data(element)) data WHERE mo.fullobject ->> 'userName'='${1}';" openidm 9 | } 10 | 11 | function get_idam_token() { 12 | 13 | curl_result=$( 14 | curl -w $"\n%{http_code}" --silent --show-error -X POST "${IDAM_URL}/o/token" \ 15 | -H "accept: application/json" \ 16 | -H "Content-Type: application/x-www-form-urlencoded" \ 17 | --data-urlencode "client_id=${CLIENT_ID}" \ 18 | --data-urlencode "client_secret=${IDAM_CLIENT_SECRET}" \ 19 | --data-urlencode "grant_type=password" \ 20 | --data-urlencode "username=${ADMIN_USER}" \ 21 | --data-urlencode "password=${ADMIN_USER_PWD}" \ 22 | --data-urlencode "scope=openid roles create-user manage-user" 23 | ) 24 | 25 | exit_code=$? 26 | if ! [ $exit_code -eq 0 ]; then 27 | # error so echo response and abort 28 | echo "${RED}ERROR: Token request has failed with curl exit code: $exit_code${NORMAL}" 29 | exit $exit_code 30 | fi 31 | 32 | # seperate body and status into an array 33 | IFS=$'\n' arr=($curl_result) 34 | 35 | array_length=${#arr[@]} 36 | http_body=${arr[0]} 37 | http_status=${arr[${array_length}-1]} 38 | 39 | if [ $(( http_status )) -lt 300 ]; then 40 | # success so return access token 41 | idam_token=$(echo "$http_body" | jq -r '.access_token') 42 | echo "$idam_token" 43 | else 44 | # else show error 45 | if [ $array_length -eq 2 ]; then 46 | echo "${RED}ERROR: Token request has failed with status: ${http_status}, response:${NORMAL} ${http_body}" 47 | else 48 | echo "${RED}ERROR: Token request has failed with status: ${http_status}${NORMAL}" 49 | fi 50 | # then quit with non-zero exit code 51 | exit $(( http_status )) 52 | fi 53 | } 54 | 55 | function check_exit_code_for_error() { 56 | local PREVIOUS_EXIT_CODE=$1; 57 | local PREVIOUS_RESPONSE=$2; 58 | 59 | if ! [ $PREVIOUS_EXIT_CODE -eq 0 ]; then 60 | # error so echo response and abort 61 | echo $PREVIOUS_RESPONSE 62 | exit $PREVIOUS_EXIT_CODE 63 | fi 64 | } 65 | 66 | create_user_request() { 67 | response=$( 68 | curl --insecure --show-error --silent --output /dev/null --write-out "%{http_code}" -X POST \ 69 | "${IDAM_API_BASE_URL:-http://localhost:5000}"/testing-support/accounts \ 70 | -H "Content-Type: application/json" \ 71 | -d '{ 72 | "email":"'"${email}"'", 73 | "forename":"'"${firstName}"'", 74 | "surname":"'"${surname}"'", 75 | "password":"Pa55word11", 76 | "levelOfAccess":1, 77 | "roles": [ 78 | '"${rolesJson}"' 79 | ] 80 | } 81 | ' 82 | ) 83 | 84 | echo "$response" 85 | } 86 | 87 | function get_user() { 88 | local EMAIL=$1 89 | 90 | curl_result=$( 91 | curl -w $"\n%{http_code}" --silent -X GET "${IDAM_URL}/users?email=${EMAIL}" -H "accept: */*" -H "authorization:Bearer ${IDAM_ACCESS_TOKEN}" 92 | ) 93 | 94 | exit_code=$? 95 | if [ $exit_code -eq 0 ]; then 96 | # seperate body and status into an array 97 | IFS=$'\n' response_array=($curl_result) 98 | 99 | array_length=${#response_array[@]} 100 | if [ $array_length -eq 1 ]; then 101 | response_body='' # clear body 102 | response_status=${response_array[0]} 103 | else 104 | response_body=${response_array[0]} 105 | response_status=${response_array[${array_length}-1]} 106 | fi 107 | 108 | if [ $(( response_status )) -gt 199 ] && [ $(( response_status )) -lt 300 ]; then 109 | # SUCCESS: 110 | response=${response_body} 111 | else 112 | # FAIL: 113 | response="HTTP-${response_status} 114 | ${response_body}" 115 | echo "HTTP-${response_status} 116 | ERROR: Request for UserID with email address ${EMAIL} failed with http response: HTTP-${response_status}" 117 | fi 118 | else 119 | # format a response for low level curl error (e.g. exit code 7 = 'Failed to connect() to host or proxy.') 120 | response="CURL-${exit_code} 121 | ERROR: Request for UserID with email address ${EMAIL} failed with curl exit code: ${exit_code}" 122 | fi 123 | echo "$response" 124 | 125 | } 126 | 127 | function update_user() { 128 | local USERID=$1 129 | local USERBODY=$2 130 | 131 | curl_result=$( 132 | curl -w $"\n%{http_code}" --silent -X PATCH "${IDAM_URL}/api/v1/users/${USERID}" -H "accept: application/json" -H "Content-Type: application/json" \ 133 | -H "authorization:Bearer ${IDAM_ACCESS_TOKEN}" \ 134 | -d "${USERBODY}" 135 | ) 136 | 137 | exit_code=$? 138 | if [ $exit_code -eq 0 ]; then 139 | 140 | # seperate body and status into an array 141 | IFS=$'\n' response_array=($curl_result) 142 | 143 | array_length=${#response_array[@]} 144 | if [ $array_length -eq 1 ]; then 145 | response_body='' # clear body 146 | response_status=${response_array[0]} 147 | else 148 | response_body=${response_array[0]} 149 | response_status=${response_array[${array_length}-1]} 150 | fi 151 | 152 | if [ $(( response_status )) -gt 199 ] && [ $(( response_status )) -lt 300 ]; then 153 | # SUCCESS: 154 | response=${response_body} 155 | else 156 | # FAIL: 157 | response="HTTP-${response_status} 158 | ${response_body}" 159 | echo "HTTP-${response_status} 160 | ERROR: Request for update_user of user UserID ${USERID} failed with http response: HTTP-${response_status}" 161 | fi 162 | else 163 | # format a response for low level curl error (e.g. exit code 7 = 'Failed to connect() to host or proxy.') 164 | response="CURL-${exit_code} 165 | ERROR: Request for update_user of user UserID ${USERID} failed with curl exit code: ${exit_code}" 166 | fi 167 | echo "$response" 168 | 169 | } 170 | 171 | function put_user_roles() { 172 | #Replaces the entire set of role grants to the user 173 | 174 | local USER=$1 175 | local ROLES=$2 176 | 177 | curl_result=$( 178 | curl -w $"\n%{http_code}" --silent -X PUT "${IDAM_URL}/api/v1/users/${USER}/roles" -H "accept: application/json" -H "Content-Type: application/json" \ 179 | -H "authorization:Bearer ${IDAM_ACCESS_TOKEN}" \ 180 | -d "${ROLES}" 181 | ) 182 | 183 | exit_code=$? 184 | if [ $exit_code -eq 0 ]; then 185 | # seperate body and status into an array 186 | IFS=$'\n' response_array=($curl_result) 187 | 188 | array_length=${#response_array[@]} 189 | if [ $array_length -eq 1 ]; then 190 | response_body='' # clear body 191 | response_status=${response_array[0]} 192 | else 193 | response_body=${response_array[0]} 194 | response_status=${response_array[${array_length}-1]} 195 | fi 196 | 197 | if [ $(( response_status )) -gt 199 ] && [ $(( response_status )) -lt 300 ]; then 198 | # SUCCESS: 199 | response="SUCCESS 200 | ${response_body}" 201 | else 202 | # FAIL: 203 | response="HTTP-${response_status} 204 | ${response_body}" 205 | fi 206 | else 207 | # format a response for low level curl error (e.g. exit code 7 = 'Failed to connect() to host or proxy.') 208 | response="CURL-${exit_code} 209 | ERROR: User ${USER} role update request has failed with curl exit code: ${exit_code}" 210 | fi 211 | echo "$response" 212 | } 213 | 214 | ###################### 215 | ## MAIN 216 | ###################### 217 | current_dir=$(pwd) 218 | source ${current_dir}/./bulk-user-setup.config 2> /dev/null 219 | 220 | set -eu 221 | 222 | if [ "${ENVIRONMENT:-local}" != "local" ]; then 223 | exit 0; 224 | fi 225 | 226 | IDAM_URL="http://localhost:5000" 227 | IDAM_ACCESS_TOKEN=$(get_idam_token) 228 | check_exit_code_for_error $? "$IDAM_ACCESS_TOKEN" 229 | 230 | if [ -z "$IDAM_ACCESS_TOKEN" ] 231 | then 232 | echo "${RED}ERROR: Problem getting idam token for admin user:${NORMAL} $ADMIN_USER" 233 | exit 1 234 | fi 235 | 236 | email=${1} 237 | rolesStr=${2} 238 | surname=${3:-"Tester"} 239 | firstName=${4:-${email}} 240 | active=${5:-"true"} 241 | 242 | IFS=',' read -ra roles <<<"${rolesStr}" 243 | 244 | getUserResponse=$(get_user "$email") 245 | 246 | if [[ ${getUserResponse} != *"HTTP-"* ]] && [[ ${getUserResponse} != *"ERROR"* ]]; then 247 | #user found 248 | echo "User with email ${email} successfully found" 249 | 250 | userId=$(echo $getUserResponse | jq --raw-output '.id') 251 | 252 | #remove the roles attribute from teh existing user as patch does not allow role update 253 | body=$(echo $getUserResponse | jq 'del(.roles)') 254 | 255 | #update all attributes to match test case 256 | body=$(echo $body | jq --arg email "${email}" '.email = ($email)') 257 | body=$(echo $body | jq --arg surname "${surname}" '.surname = ($surname)') 258 | body=$(echo $body | jq --arg firstName "${firstName}" '.forename = ($firstName)') 259 | body=$(echo $body | jq --argjson active "${active}" '.active = ($active)' ) 260 | 261 | update_user_response=$(update_user "${userId}" "${body}") 262 | if [[ ${update_user_response} != *"HTTP-"* ]] && [[ ${update_user_response} != *"ERROR"* ]]; then 263 | echo "User details for ${email} successfully updated" 264 | 265 | #update the roles to match test case using PUT 266 | 267 | isRoleStringEmpty=true 268 | 269 | rolesJson='' 270 | for role in "${roles[@]}"; do 271 | if [[ -n ${rolesJson} ]]; then 272 | isRoleStringEmpty=false 273 | rolesJson="${rolesJson}," 274 | fi 275 | rolesJson=${rolesJson}'{"name":"'${role}'"}' 276 | done 277 | 278 | if [[ "$isRoleStringEmpty" = true ]]; then 279 | rolesJson="[]" 280 | else 281 | rolesJson="[${rolesJson}]" 282 | fi 283 | 284 | put_user_roles_response=$(put_user_roles "${userId}" "${rolesJson}") 285 | if [[ ${put_user_roles_response} != *"HTTP-"* ]] && [[ ${put_user_roles_response} != *"ERROR"* ]]; then 286 | echo "User roles for ${email} successfully updated" 287 | else 288 | echo "Failed updating roles for ${email}, roles ${rolesJson}" 289 | fi 290 | else 291 | echo "Failed updating user ${email}" 292 | fi 293 | else 294 | #create user 295 | 296 | rolesJson='' 297 | for role in "${roles[@]}"; do 298 | if [[ -n ${rolesJson} ]]; then 299 | rolesJson="${rolesJson}," 300 | fi 301 | rolesJson=${rolesJson}'{"code":"'${role}'"}' 302 | done 303 | 304 | create_user_request_response=$(create_user_request) 305 | 306 | IFS=$'\n' arr=($create_user_request_response) 307 | array_length=${#arr[@]} 308 | http_body=${arr[0]} 309 | http_status=${arr[${array_length}-1]} 310 | 311 | if [ ${http_status} -ne 201 ]; then 312 | echo "Failed creating user ${email}" 313 | else 314 | echo "Successfully created user ${email}" 315 | if [ "${active}" == "false" ]; then 316 | getUserResponse=$(get_user "$email") 317 | if [[ ${getUserResponse} != *"HTTP-"* ]] && [[ ${getUserResponse} != *"ERROR"* ]]; then 318 | userId=$(echo $getUserResponse | jq --raw-output '.id') 319 | echo "Setting active state to false for user ${email}" 320 | body='{"active":false}' 321 | submit_response=$(update_user "${userId}" "${body}") 322 | fi 323 | fi 324 | fi 325 | fi 326 | -------------------------------------------------------------------------------- /bulk-user-setup/test/utils/idam-create-users.sh.bk: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | ###################### 4 | ## FUNCTIONS 5 | ###################### 6 | 7 | get_user_roles() { 8 | docker run -e PGPASSWORD='openidm' --rm --network ccd-network postgres:11-alpine psql --host shared-db --username openidm --tuples-only --command "SELECT data.roles FROM managedObjects mo, LATERAL (SELECT regexp_replace(string_agg((element::json -> '_ref')::text, ','), '( *\\w*\\/)|(\")', '', 'g') AS roles FROM json_array_elements_text(mo.fullobject->'effectiveRoles') as data(element)) data WHERE mo.fullobject ->> 'userName'='${1}';" openidm 9 | } 10 | 11 | function get_idam_token() { 12 | 13 | curl_result=$( 14 | curl -w $"\n%{http_code}" --silent --show-error -X POST "${IDAM_URL}/o/token" \ 15 | -H "accept: application/json" \ 16 | -H "Content-Type: application/x-www-form-urlencoded" \ 17 | --data-urlencode "client_id=${CLIENT_ID}" \ 18 | --data-urlencode "client_secret=${IDAM_CLIENT_SECRET}" \ 19 | --data-urlencode "grant_type=password" \ 20 | --data-urlencode "username=${ADMIN_USER}" \ 21 | --data-urlencode "password=${ADMIN_USER_PWD}" \ 22 | --data-urlencode "scope=openid roles create-user manage-user" 23 | ) 24 | 25 | exit_code=$? 26 | if ! [ $exit_code -eq 0 ]; then 27 | # error so echo response and abort 28 | echo "${RED}ERROR: Token request has failed with curl exit code: $exit_code${NORMAL}" 29 | exit $exit_code 30 | fi 31 | 32 | # seperate body and status into an array 33 | IFS=$'\n' arr=($curl_result) 34 | 35 | array_length=${#arr[@]} 36 | http_body=${arr[0]} 37 | http_status=${arr[${array_length}-1]} 38 | 39 | if [ $(( http_status )) -lt 300 ]; then 40 | # success so return access token 41 | idam_token=$(echo "$http_body" | jq -r '.access_token') 42 | echo "$idam_token" 43 | else 44 | # else show error 45 | if [ $array_length -eq 2 ]; then 46 | echo "${RED}ERROR: Token request has failed with status: ${http_status}, response:${NORMAL} ${http_body}" 47 | else 48 | echo "${RED}ERROR: Token request has failed with status: ${http_status}${NORMAL}" 49 | fi 50 | # then quit with non-zero exit code 51 | exit $(( http_status )) 52 | fi 53 | } 54 | 55 | function check_exit_code_for_error() { 56 | local PREVIOUS_EXIT_CODE=$1; 57 | local PREVIOUS_RESPONSE=$2; 58 | 59 | if ! [ $PREVIOUS_EXIT_CODE -eq 0 ]; then 60 | # error so echo response and abort 61 | echo $PREVIOUS_RESPONSE 62 | exit $PREVIOUS_EXIT_CODE 63 | fi 64 | } 65 | 66 | create_user_request() { 67 | response=$( 68 | curl --insecure --show-error --silent --output /dev/null --write-out "%{http_code}" -X POST \ 69 | "${IDAM_API_BASE_URL:-http://localhost:5000}"/testing-support/accounts \ 70 | -H "Content-Type: application/json" \ 71 | -d '{ 72 | "email":"'"${email}"'", 73 | "forename":"'"${firstName}"'", 74 | "surname":"'"${surname}"'", 75 | "password":"Pa55word11", 76 | "levelOfAccess":1, 77 | "roles": [ 78 | '"${rolesJson}"' 79 | ] 80 | } 81 | ' 82 | ) 83 | 84 | echo "$response" 85 | } 86 | 87 | delete_user_request() { 88 | response=$(curl --insecure --show-error --silent --output /dev/null --write-out "%{http_code}" -X DELETE \ 89 | "${IDAM_API_BASE_URL:-http://localhost:5000}"/testing-support/accounts/"${email}") 90 | echo "$response" 91 | } 92 | 93 | # if user exists 94 | # check roles ✅ 95 | # if roles are the same do nothing ✅ 96 | # otherwise delete ✅ 97 | # and create user ✅ with same id ❌ <-- Apparently having the same id doesn't matter on local 98 | 99 | recreate_user() { 100 | printf "%s%s\n" "Deleting IDAM user: " "${email}" 101 | deleteResponse=$(delete_user_request) 102 | if [[ "$deleteResponse" -ne 200 && "$deleteResponse" -ne 204 ]]; then 103 | printf "%s%s\n" "Unexpected HTTP status code from IDAM: " "${deleteResponse}" 104 | #exit 1 105 | elif [[ "$deleteResponse" -eq 404 ]]; then 106 | printf "%s%s%s\n" "User " "${email}" " doesn't exist" 107 | elif [[ "$deleteResponse" -eq 200 ]]; then 108 | printf "%s%s%s\n" "User " "${email}" " deleted" 109 | fi 110 | 111 | printf "%s%s\n" "Creating/Re-Creating IDAM user: " "${email}" 112 | createResponse=$(create_user_request) 113 | echo $createResponse 114 | } 115 | 116 | function get_user() { 117 | local EMAIL=$1 118 | 119 | curl_result=$( 120 | curl -w $"\n%{http_code}" --silent -X GET "${IDAM_URL}/users?email=${EMAIL}" -H "accept: */*" -H "authorization:Bearer ${IDAM_ACCESS_TOKEN}" 121 | ) 122 | 123 | exit_code=$? 124 | if [ $exit_code -eq 0 ]; then 125 | # seperate body and status into an array 126 | IFS=$'\n' response_array=($curl_result) 127 | 128 | array_length=${#response_array[@]} 129 | if [ $array_length -eq 1 ]; then 130 | response_body='' # clear body 131 | response_status=${response_array[0]} 132 | else 133 | response_body=${response_array[0]} 134 | response_status=${response_array[${array_length}-1]} 135 | fi 136 | 137 | if [ $(( response_status )) -gt 199 ] && [ $(( response_status )) -lt 300 ]; then 138 | # SUCCESS: 139 | response=${response_body} 140 | else 141 | # FAIL: 142 | response="HTTP-${response_status} 143 | ${response_body}" 144 | echo "HTTP-${response_status} 145 | ERROR: Request for UserID with email address ${EMAIL} failed with http response: HTTP-${response_status}" 146 | fi 147 | else 148 | # format a response for low level curl error (e.g. exit code 7 = 'Failed to connect() to host or proxy.') 149 | response="CURL-${exit_code} 150 | ERROR: Request for UserID with email address ${EMAIL} failed with curl exit code: ${exit_code}" 151 | fi 152 | echo "$response" 153 | 154 | } 155 | 156 | function update_user() { 157 | local USERID=$1 158 | local USERBODY=$2 159 | 160 | curl_result=$( 161 | curl -w $"\n%{http_code}" --silent -X PATCH "${IDAM_URL}/api/v1/users/${USERID}" -H "accept: application/json" -H "Content-Type: application/json" \ 162 | -H "authorization:Bearer ${IDAM_ACCESS_TOKEN}" \ 163 | -d "${USERBODY}" 164 | ) 165 | 166 | exit_code=$? 167 | if [ $exit_code -eq 0 ]; then 168 | 169 | # separate body and status into an array 170 | IFS=$'\n' response_array=($curl_result) 171 | 172 | array_length=${#response_array[@]} 173 | if [ $array_length -eq 1 ]; then 174 | response_body='' # clear body 175 | response_status=${response_array[0]} 176 | else 177 | response_body=${response_array[0]} 178 | response_status=${response_array[${array_length}-1]} 179 | fi 180 | 181 | if [ $(( response_status )) -gt 199 ] && [ $(( response_status )) -lt 300 ]; then 182 | # SUCCESS: 183 | response=${response_body} 184 | else 185 | # FAIL: 186 | response="HTTP-${response_status} 187 | ${response_body}" 188 | echo "HTTP-${response_status} 189 | ERROR: Request for update_user of user UserID ${USERID} failed with http response: HTTP-${response_status}" 190 | fi 191 | else 192 | # format a response for low level curl error (e.g. exit code 7 = 'Failed to connect() to host or proxy.') 193 | response="CURL-${exit_code} 194 | ERROR: Request for update_user of user UserID ${USERID} failed with curl exit code: ${exit_code}" 195 | fi 196 | echo "$response" 197 | 198 | } 199 | 200 | ###################### 201 | ## MAIN 202 | ###################### 203 | current_dir=$(pwd) 204 | source ${current_dir}/./bulk-user-setup.config 2> /dev/null 205 | 206 | set -eu 207 | 208 | if [ "${ENVIRONMENT:-local}" != "local" ]; then 209 | exit 0; 210 | fi 211 | 212 | IDAM_URL="http://localhost:5000" 213 | IDAM_ACCESS_TOKEN=$(get_idam_token) 214 | check_exit_code_for_error $? "$IDAM_ACCESS_TOKEN" 215 | 216 | if [ -z "$IDAM_ACCESS_TOKEN" ] 217 | then 218 | echo "${RED}ERROR: Problem getting idam token for admin user:${NORMAL} $ADMIN_USER" 219 | exit 1 220 | fi 221 | 222 | email=${1} 223 | rolesStr=${2} 224 | surname=${3:-"Tester"} 225 | firstName=${4:-${email}} 226 | active=${5:-"true"} 227 | 228 | 229 | IFS=',' read -ra roles <<<"${rolesStr}" 230 | 231 | rolesJson='' 232 | for role in "${roles[@]}"; do 233 | if [[ -n ${rolesJson} ]]; then 234 | rolesJson="${rolesJson}," 235 | fi 236 | rolesJson=${rolesJson}'{"code":"'${role}'"}' 237 | done 238 | 239 | recreateResponse=$(recreate_user) 240 | IFS=$'\n' arr=($recreateResponse) 241 | array_length=${#arr[@]} 242 | http_body=${arr[0]} 243 | http_status=${arr[${array_length}-1]} 244 | 245 | # Unfortunately trying to create the same user throws 403, so we don't know what went wrong 246 | 247 | if [ ${http_status} -ne 201 ]; then 248 | printf "%s%s\n" "Unexpected HTTP status code from IDAM: " "${recreateResponse}" 249 | exit 1 250 | else 251 | printf "%s%s%s\n" "User " "${email}" " - added to IDAM" 252 | 253 | if [ "${active}" == "false" ]; then 254 | rawReturnedValue=$(get_user "$email") 255 | if [[ $rawReturnedValue != *"HTTP-"* ]]; then 256 | userId=$(echo $rawReturnedValue | jq --raw-output '.id') 257 | printf "%s%s%s\n" "Setting active state to false for user " "${email}" "" 258 | body='{"active":false}' 259 | submit_response=$(update_user "${userId}" "${body}") 260 | fi 261 | fi 262 | fi 263 | -------------------------------------------------------------------------------- /bulk-user-setup/test/utils/roles.json: -------------------------------------------------------------------------------- 1 | [ 2 | {"roles": "caseworker,caseworker-role-one,caseworker-role-two,caseworker-role-three"}, 3 | {"roles": "caseworker-role-four,caseworker-role-five,caseworker-role-six"}, 4 | {"roles": "caseworker_role_three,caseworker_role_six"}, 5 | {"roles": "caseworker-ia,caseworker-ia-admofficer,caseworker-ia-bails,caseworker-ia-caseofficer,caseworker-ia-homeofficeapc,caseworker-ia-homeofficebail,caseworker-ia-homeofficelart,caseworker-ia-homeofficepou,caseworker-ia-iacjudge,caseworker-ia-judiciary,caseworker-ia-legalrep-solicitor,caseworker-ia-readonly,caseworker-ia-respondentofficer,caseworker-ia-srcaseofficer,caseworker-ia-system,caseworker-ia-system-access,caseworker-iac-bulkscan,caseworker-iac-systemupdate"}, 6 | {"roles": "caseworker-sscs,caseworker-sscs-anonymouscitizencaseworker-sscs-bulkscan,caseworker-sscs-callagent,caseworker-sscs-clerk,caseworker-sscs-dwpresponsewriter,caseworker-sscs-judge,caseworker-sscs-panelmember,caseworker-sscs-pcqextractor,caseworker-sscs-registrar,caseworker-sscs-superuser,caseworker-sscs-systemupdate"}, 7 | {"roles": "caseworker-employment,caseworker-employment-api,caseworker-employment-bristol,caseworker-employment-englandwales,caseworker-employment-etjudge,caseworker-employment-etjudge-englandwales,caseworker-employment-etjudge-scotland,caseworker-employment-leeds,caseworker-employment-legalrep-solicitor,caseworker-employment-londoncentral,caseworker-employment-londoneast,caseworker-employment-londonsouth,caseworker-employment-manchester,caseworker-employment-midlandseast,caseworker-employment-midlandswest,caseworker-employment-newcastle,caseworker-employment-scotland,caseworker-employment-wales,caseworker-employment-watford,caseworker-et-pcqextractor,caseworker-employment-etjudge-bristol,caseworker-employment-etjudge-leeds,caseworker-employment-etjudge-londoncentral,caseworker-employment-etjudge-londoneast,caseworker-employment-etjudge-londonsouth,caseworker-employment-etjudge-manchester,caseworker-employment-etjudge-midlandseast,caseworker-employment-etjudge-midlandswest,caseworker-employment-etjudge-newcastle,caseworker-employment-etjudge-wales,caseworker-employment-etjudge-watford,et-acas-api"}, 8 | {"roles": "cwd-user"}, 9 | {"roles": "caseworker-civil,caseworker-civil-staff"}, 10 | {"roles": "payments,payments-refund,payments-refund-approver"}, 11 | {"roles": "manage-translations"}, 12 | {"roles": "caseworker-probate,caseworker-probate-pcqextractor,caseworker-probate-issuer,caseworker-probate-solicitor,caseworker-probate-systemupdate,caseworker-probate-charity,caseworker-probate-superuser,caseworker-probate-scheduler,caseworker-probate-caseofficer,caseworker-probate-registrar,caseworker-probate-caseadmin"}, 13 | {"roles": "caseworker-divorce,caseworker-divorce-bulkscan,caseworker-divorce-courtadmin,caseworker-divorce-courtadmin-la,caseworker-divorce-courtadmin_beta,caseworker-divorce-judge,caseworker-divorce-pcqextractor,caseworker-divorce-solicitor,caseworker-divorce-superuser"} 14 | ] -------------------------------------------------------------------------------- /bulk-user-setup/test/utils/users.json: -------------------------------------------------------------------------------- 1 | [ 2 | {"email": "ccd.test.add.user1@hmcts.gov.uk", "roles": "caseworker,caseworker_role_six", "lastName": "addln1", "firstName": "addfn1", "active": "false"}, 3 | {"email": "ccd.test.add.user2@hmcts.gov.uk", "roles": "''", "lastName": "addln2", "firstName": "addfn2", "active": "false"}, 4 | {"email": "ccd.test.add.user3@hmcts.gov.uk", "roles": "''", "lastName": "addln3", "firstName": "addfn3", "active": "false"}, 5 | {"email": "ccd.test.add.user4@hmcts.gov.uk", "roles": "''", "lastName": "addln4", "firstName": "addfn4", "active": "false"}, 6 | {"email": "ccd.test.add.user5@hmcts.gov.uk", "roles": "caseworker", "lastName": "addln5", "firstName": "addfn5", "active": "false"}, 7 | {"email": "ccd.test.add.user6@hmcts.gov.uk", "roles": "caseworker", "lastName": "addln6", "firstName": "addfn6"}, 8 | {"email": "ccd.test.add.user7@hmcts.gov.uk", "roles": "caseworker", "lastName": "addln7", "firstName": "addfn7"}, 9 | {"email": "ccd.test.add.user8@hmcts.gov.uk", "roles": "''", "lastName": "addln8", "firstName": "addfn8"}, 10 | {"email": "ccd.test.add.user9@hmcts.gov.uk", "roles": "''", "lastName": "addln9", "firstName": "addfn9"}, 11 | {"email": "ccd.test.add.user10@hmcts.gov.uk", "roles": "caseworker-role-two,caseworker,caseworker-ia,caseworker-ia-admofficer,caseworker-ia-bails,caseworker-ia-caseofficer,caseworker-ia-homeofficeapc,caseworker-ia-homeofficebail,caseworker-ia-homeofficelart,caseworker-ia-homeofficepou,caseworker-ia-iacjudge,caseworker-ia-judiciary,caseworker-ia-legalrep-solicitor,caseworker-ia-readonly,caseworker-ia-respondentofficer,caseworker-ia-srcaseofficer,caseworker-ia-system,caseworker-ia-system-access,caseworker-iac-bulkscan,caseworker-iac-systemupdate", "lastName": "addln10", "firstName": "addfn10"}, 12 | {"email": "ccd.test.add.user11@hmcts.gov.uk", "roles": "''", "lastName": "addln11", "firstName": "addfn11", "active": "false"}, 13 | {"email": "ccd.test.add.user12@hmcts.gov.uk", "roles": "''", "lastName": "addln12", "firstName": "addfn12"}, 14 | {"email": "ccd.test.add.user13@hmcts.gov.uk", "roles": "caseworker,caseworker-role-six", "lastName": "addln13", "firstName": "addfn13"}, 15 | {"email": "ccd.test.delete.user1@hmcts.gov.uk", "roles": "caseworker,caseworker-role-four", "lastName": "deleteln1", "firstName": "deletefn1"}, 16 | {"email": "ccd.test.delete.user2@hmcts.gov.uk", "roles": "caseworker,caseworker-role-two", "lastName": "deleteln2", "firstName": "deletefn2"}, 17 | {"email": "ccd.test.delete.user3@hmcts.gov.uk", "roles": " caseworker,caseworker-role-three,caseworker-role-four", "lastName": "deleteln3", "firstName": "deletefn3"}, 18 | {"email": "ccd.test.delete.user4@hmcts.gov.uk", "roles": "caseworker,caseworker-role-four,payments", "lastName": "deleteln4", "firstName": "deletefn4"}, 19 | {"email": "ccd.test.delete.user6@hmcts.gov.uk", "roles": "caseworker,caseworker-role-one,caseworker-role-two", "lastName": "deleteln6", "firstName": "deletefn6"}, 20 | {"email": "ccd.test.delete.user7@hmcts.gov.uk", "roles": "caseworker,caseworker-role-five,caseworker-role-six", "lastName": "deleteln7", "firstName": "deletefn7"}, 21 | {"email": "ccd.test.delete.user8@hmcts.gov.uk", "roles": "caseworker,caseworker-role-five,caseworker-role-six", "lastName": "deleteln8", "firstName": "deletefn8"}, 22 | {"email": "ccd.test.delete.user9@hmcts.gov.uk", "roles": "caseworker", "lastName": "deleteln9", "firstName": "deletefn9"}, 23 | {"email": "ccd.test.delete.user10@hmcts.gov.uk", "roles": "caseworker", "lastName": "deleteln10", "firstName": "deletefn10", "active": "false"}, 24 | {"email": "ccd.test.delete.user11@hmcts.gov.uk", "roles": "caseworker,caseworker-role-two,caseworker-ia,caseworker-ia-admofficer,caseworker-ia-bails,caseworker-ia-caseofficer,caseworker-ia-homeofficeapc,caseworker-ia-homeofficebail,caseworker-ia-homeofficelart,caseworker-ia-homeofficepou,caseworker-ia-iacjudge,caseworker-ia-judiciary,caseworker-ia-legalrep-solicitor,caseworker-ia-readonly,caseworker-ia-respondentofficer,caseworker-ia-srcaseofficer,caseworker-ia-system,caseworker-ia-system-access,caseworker-iac-bulkscan,caseworker-iac-systemupdate", "lastName": "deleteln11", "firstName": "deletefn11"}, 25 | {"email": "ccd.test.delete.user12@hmcts.gov.uk", "roles": "caseworker,caseworker-role-two,caseworker-ia,caseworker-ia-admofficer,caseworker-ia-bails,caseworker-ia-caseofficer,caseworker-ia-homeofficeapc,caseworker-ia-homeofficebail,caseworker-ia-homeofficelart,caseworker-ia-homeofficepou,caseworker-ia-iacjudge,caseworker-ia-judiciary,caseworker-ia-legalrep-solicitor,caseworker-ia-readonly,caseworker-ia-respondentofficer,caseworker-ia-srcaseofficer,caseworker-ia-system,caseworker-ia-system-access,caseworker-iac-bulkscan,caseworker-iac-systemupdate", "lastName": "deleteln12", "firstName": "deletefn12"}, 26 | {"email": "ccd.test.delete.user13@hmcts.gov.uk", "roles": "caseworker,caseworker-role-two", "lastName": "deleteln13", "firstName": "deletefn13"}, 27 | {"email": "ccd.test.delete.user14@hmcts.gov.uk", "roles": "caseworker,caseworker-role-one,caseworker-role-two,payments", "lastName": "deleteln14", "firstName": "deletefn14"}, 28 | {"email": "ccd.test.delete.user15@hmcts.gov.uk", "roles": "caseworker,caseworker-role-one,caseworker-role-two,payments", "lastName": "deleteln15", "firstName": "deletefn15"}, 29 | {"email": "ccd.test.delete.user16@hmcts.gov.uk", "roles": "caseworker,caseworker-role-one,caseworker-role-two,payments", "lastName": "deleteln16", "firstName": "deletefn16"}, 30 | {"email": "ccd.test.delete.user17@hmcts.gov.uk", "roles": "caseworker", "lastName": "deleteln17", "firstName": "deletefn17"}, 31 | {"email": "ccd.test.delete.user18@hmcts.gov.uk", "roles": "caseworker,payments", "lastName": "deleteln18", "firstName": "deletefn18"}, 32 | {"email": "ccd.test.delete.user19@hmcts.gov.uk", "roles": "caseworker,caseworker-role-one", "lastName": "deleteln19", "firstName": "deletefn19"}, 33 | {"email": "ccd.test.delete.user20@hmcts.gov.uk", "roles": "caseworker,caseworker-ia,caseworker-ia-admofficer,caseworker-ia-bails,caseworker-ia-caseofficer,caseworker-ia-homeofficeapc,caseworker-ia-homeofficebail,caseworker-ia-homeofficelart,caseworker-ia-homeofficepou,caseworker-ia-iacjudge,caseworker-ia-judiciary,caseworker-ia-legalrep-solicitor,caseworker-ia-readonly,caseworker-ia-respondentofficer,caseworker-ia-srcaseofficer,caseworker-ia-system,caseworker-ia-system-access,caseworker-iac-bulkscan,caseworker-iac-systemupdate,caseworker-sscs,caseworker-sscs-anonymouscitizencaseworker-sscs-bulkscan,caseworker-sscs-callagent,caseworker-sscs-clerk,caseworker-sscs-dwpresponsewriter,caseworker-sscs-judge,caseworker-sscs-panelmember,caseworker-sscs-pcqextractor,caseworker-sscs-registrar,caseworker-sscs-superuser,caseworker-sscs-systemupdate", "lastName": "deleteln20", "firstName": "deletefn20"}, 34 | {"email": "ccd.test.delete.user21@hmcts.gov.uk", "roles": "caseworker,cwd-user,payments,caseworker-employment,caseworker-employment-londonsouth", "lastName": "deleteln21", "firstName": "deletefn21"}, 35 | {"email": "ccd.test.delete.user22@hmcts.gov.uk", "roles": "caseworker,caseworker-ia,caseworker-ia-caseofficer,cwd-user,payments,caseworker-employment,caseworker-employment-londonsouth", "lastName": "deleteln22", "firstName": "deletefn22"}, 36 | {"email": "ccd.test.delete.user23@hmcts.gov.uk", "roles": "''", "lastName": "deleteln23", "firstName": "deletefn23"}, 37 | {"email": "ccd.test.delete.user24@hmcts.gov.uk", "roles": "caseworker", "lastName": "deleteln24", "firstName": "deletefn24"}, 38 | {"email": "ccd.test.delete.user25@hmcts.gov.uk", "roles": "payments,payments-refund,payments-refund-approver,caseworker,caseworker-role-one", "lastName": "deleteln25", "firstName": "deletefn25"}, 39 | {"email": "ccd.test.delete.user26@hmcts.gov.uk", "roles": "payments,payments-refund,payments-refund-approver,caseworker,caseworker-role-one", "lastName": "deleteln26", "firstName": "deletefn26"}, 40 | {"email": "ccd.test.common.user1@hmcts.gov.uk", "roles": "''", "lastName": "commonln1", "firstName": "commonfn1"}, 41 | {"email": "ccd.test.common.user2@hmcts.gov.uk", "roles": "''", "lastName": "commonln2", "firstName": "commonfn2"}, 42 | {"email": "ccd.test.common.user3@hmcts.gov.uk", "roles": "''", "lastName": "commonln3", "firstName": "commonfn3"}, 43 | {"email": "ccd.test.common.user4@hmcts.gov.uk", "roles": "''", "lastName": "commonln4", "firstName": "commonfn4"}, 44 | {"email": "ccd.test.common.user5@hmcts.gov.uk", "roles": "''", "lastName": "commonln5", "firstName": "commonfn5"}, 45 | {"email": "ccd.test.common.user6@hmcts.gov.uk", "roles": "''", "lastName": "commonln6", "firstName": "commonfn6"}, 46 | {"email": "ccd.test.common.user7@hmcts.gov.uk", "roles": "''", "lastName": "commonln7", "firstName": "commonfn7"}, 47 | {"email": "ccd.test.common.user8@hmcts.gov.uk", "roles": "caseworker-role-five,caseworker-role-six", "lastName": "commonln8", "firstName": "commonfn8"}, 48 | {"email": "ccd.test.updatename.user1@hmcts.gov.uk", "roles": "caseworker,caseworker-role-two", "lastName": "ln1", "firstName": "fn1"}, 49 | {"email": "ccd.test.updatename.user2@hmcts.gov.uk", "roles": "caseworker,caseworker-role-two", "lastName": "ln2", "firstName": "fn2"}, 50 | {"email": "ccd.test.updatename.user3@hmcts.gov.uk", "roles": "caseworker,caseworker-role-two", "lastName": "ln3", "firstName": "fn3"}, 51 | {"email": "ccd.test.updatename.user4@hmcts.gov.uk", "roles": "caseworker,caseworker-role-two", "lastName": "ln4", "firstName": "fn4"}, 52 | {"email": "ccd.test.updatename.user5@hmcts.gov.uk", "roles": "caseworker,caseworker-role-two", "lastName": "ln5", "firstName": "fn5"}, 53 | {"email": "ccd.test.updatename.user6@hmcts.gov.uk", "roles": "caseworker,caseworker-role-two", "lastName": "ln6", "firstName": "fn6"}, 54 | {"email": "ccd.test.updatename.user7@hmcts.gov.uk", "roles": "caseworker,caseworker-role-two", "lastName": "ln7", "firstName": "fn7"}, 55 | {"email": "ccd.test.updatename.user8@hmcts.gov.uk", "roles": "caseworker,caseworker-role-two", "lastName": "ln8", "firstName": "fn8", "active": "false"} 56 | ] -------------------------------------------------------------------------------- /compose/case-disposer.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: '2.4' 3 | 4 | services: 5 | ccd-case-disposer: 6 | image: "${CCD_CASE_DISPOSER_USE_LOCAL-hmctspublic.azurecr.io/}ccd/case-disposer:${CCD_CASE_DISPOSER_TAG:-latest}" 7 | environment: 8 | DATA_STORE_DB_HOST: ccd-shared-database 9 | DATA_STORE_DB_PORT: 5432 10 | DATA_STORE_DB_USERNAME: "${DB_USERNAME}" 11 | DATA_STORE_DB_PASSWORD: "${DB_PASSWORD}" 12 | # Uncomment this line to enable JVM debugging and uncomment the port mapping below 13 | # JAVA_TOOL_OPTIONS: -XX:InitialRAMPercentage=30.0 -XX:MaxRAMPercentage=65.0 -XX:MinRAMPercentage=30.0 -XX:+UseConcMarkSweepGC -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005 14 | #ports: 15 | # Uncomment this and the JAVA_TOOL_OPTIONS flag for JVM debugging 16 | # - 5005:5005 17 | depends_on: 18 | ccd-data-store-api: 19 | condition: service_started 20 | networks: 21 | - ccd-network 22 | 23 | networks: 24 | ccd-network: 25 | external: true 26 | -------------------------------------------------------------------------------- /compose/case-document-am.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: '2.4' 3 | 4 | services: 5 | ccd-case-document-am-api: 6 | image: "${CCD_CASE_DOCUMENT_AM_API_USE_LOCAL-hmctspublic.azurecr.io/}ccd/case-document-am-api:${CCD_CASE_DOCUMENT_AM_API_TAG:-latest}" 7 | environment: 8 | CASE_DOCUMENT_AM_API_S2S_SECRET: "${IDAM_KEY_CASE_DOCUMENT}" 9 | CASE_DOCUMENT_S2S_AUTHORISED_SERVICES: ccd_case_document_am_api,ccd_gw,xui_webapp,ccd_data,bulk_scan_processor,bulk_scan_orchestrator 10 | IDAM_API_URL: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}" 11 | IDAM_OIDC_URL: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}" 12 | S2S_URL: http://service-auth-provider-api:8080 13 | DM_STORE_BASE_URL: http://dm-store:8080 14 | CCD_DATA_STORE_API_BASE_URL: http://ccd-data-store-api:4452 15 | REFORM_SERVICE_NAME: ccd-case-document-am-api 16 | REFORM_TEAM: ccd 17 | REFORM_ENVIRONMENT: local 18 | APPINSIGHTS_INSTRUMENTATIONKEY: key 19 | DOCUMENT_TTL: 3600000 20 | # Uncomment this line to enable JVM debugging and uncomment the port mapping below 21 | # JAVA_TOOL_OPTIONS: '-XX:InitialRAMPercentage=30.0 -XX:MaxRAMPercentage=65.0 -XX:MinRAMPercentage=30.0 -XX:+UseConcMarkSweepGC -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005' 22 | ports: 23 | - 4455:4455 24 | # Uncomment this and the JAVA_TOOL_OPTIONS flag for JVM debugging 25 | # 5005:5005 26 | depends_on: 27 | - ccd-data-store-api 28 | - dm-store 29 | - service-auth-provider-api 30 | networks: 31 | - ccd-network 32 | -------------------------------------------------------------------------------- /compose/ccd-next-hearing-date-updater.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: '2.4' 3 | 4 | services: 5 | ccd-next-hearing-date-updater: 6 | image: "${CCD_NEXT_HEARING_DATE_UPDATER_USE_LOCAL-hmctspublic.azurecr.io/}ccd/next-hearing-date-updater:${CCD_NEXT_HEARING_DATE_UPDATER_TAG:-latest}" 7 | environment: 8 | IDAM_API_URL: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}" 9 | CCD_NEXT_HEARING_DATE_UPDATER_SERVICE_IDAM_CLIENT_SECRET: AAAAAAAAAAAAAAAA 10 | IDAM_NEXT_HEARING_DATE_SYSTEM_USER: "${CCD_NEXT_HEARING_DATE_USERNAME:-next.hearing.date.admin@gmail.com}" 11 | IDAM_NEXT_HEARING_DATE_SYSTEM_PASSWORD: "${CCD_NEXT_HEARING_DATE_PASSWORD}" 12 | IDAM_S2S_URL: "${IDAM_S2S_URL:-http://service-auth-provider-api:8080}" 13 | IDAM_KEY_NEXT_HEARING_UPDATER: AAAAAAAAAAAAAAAA 14 | HEARING_NEXT_DAY_CRON_JOB_PROCESSING_ENABLED: "true" 15 | CCD_DATA_STORE_API_BASE_URL: http://ccd-data-store-api:4452 16 | ES_QUERY_SIZE: 100 17 | MAX_CSV_RECORDS: 10000 18 | CASE_TYPES: FT_NextHearingDate 19 | # Uncomment this line to enable JVM debugging and uncomment the port mapping below 20 | # JAVA_TOOL_OPTIONS: -XX:InitialRAMPercentage=30.0 -XX:MaxRAMPercentage=65.0 -XX:MinRAMPercentage=30.0 -XX:+UseConcMarkSweepGC -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005 21 | #ports: 22 | # Uncomment this and the JAVA_TOOL_OPTIONS flag for JVM debugging 23 | # - 5005:5005 24 | depends_on: 25 | ccd-data-store-api: 26 | condition: service_started 27 | networks: 28 | - ccd-network 29 | 30 | networks: 31 | ccd-network: 32 | external: true 33 | -------------------------------------------------------------------------------- /compose/def-designer.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: '2.4' 3 | 4 | services: 5 | 6 | ccd-api-gateway: 7 | environment: 8 | PROXY_DEFINITION_DESIGNER: http://ccd-definition-designer-api:4544 9 | depends_on: 10 | - ccd-definition-designer-api 11 | 12 | service-auth-provider-api: 13 | environment: 14 | MICROSERVICE_KEYS_DEFINITION_DESIGNER: "${IDAM_KEY_CCD_DEFINITION_DESIGNER}" 15 | 16 | ccd-definition-designer-api: 17 | image: "${CCD_DEFINITION_DESIGNER_API_USE_LOCAL-hmctspublic.azurecr.io/}ccd/definition-designer-api:${CCD_DEFINITION_DESIGNER_API_TAG:-latest}" 18 | command: --wait-for-database 30 19 | healthcheck: 20 | disable: true 21 | environment: 22 | DEFINITION_DESIGNER_DB_HOST: "${DB_HOST_COMMON}" 23 | DEFINITION_DESIGNER_DB_PORT: "${DB_PORT_COMMON}" 24 | DEFINITION_DESIGNER_DB_USERNAME: "${DB_USERNAME}" 25 | DEFINITION_DESIGNER_DB_PASSWORD: "${DB_PASSWORD}" 26 | DEFINITION_DESIGNER_DB_USE_SSL: "${DB_USE_SSL}" 27 | DEFINITION_DESIGNER_IDAM_KEY: "${IDAM_KEY_CCD_DEFINITION_DESIGNER}" 28 | DEFINITION_DESIGNER_S2S_AUTHORISED_SERVICES: ccd_gw,ccd_admin 29 | USER_PROFILE_HOST: http://ccd-user-profile-api:4453 30 | IDAM_USER_URL: http://sidam-api:5000 31 | IDAM_S2S_URL: "${IDAM_S2S_URL:-http://service-auth-provider-api:8080}" 32 | REFORM_TEAM: ccd 33 | REFORM_ENVIRONMENT: local 34 | APPINSIGHTS_INSTRUMENTATIONKEY: key 35 | ELASTIC_SEARCH_ENABLED: "false" 36 | ELASTIC_SEARCH_HOST: "ccd-elasticsearch" 37 | ELASTIC_SEARCH_FAIL_ON_IMPORT: "false" 38 | ports: 39 | - 4544:4544 40 | depends_on: 41 | - ccd-shared-database 42 | - ccd-user-profile-api 43 | networks: 44 | - ccd-network 45 | 46 | networks: 47 | ccd-network: 48 | external: true 49 | -------------------------------------------------------------------------------- /compose/defaults.conf: -------------------------------------------------------------------------------- 1 | backend 2 | frontend 3 | sidam 4 | sidam-local 5 | sidam-local-ccd 6 | -------------------------------------------------------------------------------- /compose/dm-store.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: '2.4' 3 | 4 | services: 5 | ccd-api-gateway: 6 | environment: 7 | PROXY_DOCUMENT_MANAGEMENT: http://dm-store:8080 8 | depends_on: 9 | - dm-store 10 | 11 | ccd-data-store-api: 12 | environment: 13 | CCD_DM_DOMAIN: http://dm-store:8080 14 | 15 | service-auth-provider-api: 16 | environment: 17 | MICROSERVICE_KEYS_EM_GW: "${IDAM_KEY_DM_STORE}" 18 | 19 | dm-store: 20 | image: "${DM_STORE_USE_LOCAL-hmctspublic.azurecr.io/}dm/store:${DM_STORE_TAG:-latest}" 21 | healthcheck: 22 | disable: true 23 | environment: 24 | SERVER_PORT: 8080 25 | IDAM_SUPERUSER_EMAIL: 26 | IDAM_SECRET_KEY: "${IDAM_KEY_DM_STORE}" 27 | GOV_NOTIFY_API_KEY: 28 | SPRING_DATASOURCE_URL: jdbc:postgresql://ccd-shared-database:5432/evidence 29 | SPRING_DATASOURCE_USERNAME: "${DB_USERNAME}" 30 | SPRING_DATASOURCE_PASSWORD: "${DB_PASSWORD}" 31 | ENABLE_AZURE_STORAGE_CONTAINER: "true" 32 | ENABLE_POSTGRES_BLOB_STORAGE: "false" 33 | STORAGEACCOUNT_PRIMARY_CONNECTION_STRING: "${STORAGEACCOUNT_PRIMARY_CONNECTION_STRING:-DefaultEndpointsProtocol=http;AccountName=devstoreaccount1;AccountKey=Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw==;BlobEndpoint=http://azure-storage-emulator-azurite:10000/devstoreaccount1}" 34 | STORAGE_CONTAINER_DOCUMENT_CONTAINER_NAME: "${STORAGE_CONTAINER_DOCUMENT_CONTAINER_NAME:-hmctstestcontainer}" 35 | BLOBSTORE_MIGRATE_CCD_PUBLIC_KEY_REQUIRED: "${BLOBSTORE_MIGRATE_CCD_PUBLIC_KEY_REQUIRED:-false}" 36 | BLOBSTORE_MIGRATE_CCD_PUBLIC_KEY: "${BLOBSTORE_MIGRATE_CCD_PUBLIC_KEY:-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDiQ//gc/G53d9dLCtf123fIYo49gUySuJuxOcw2GtieWTMSy+O7RNtsAIjVf3mCOdDNuN69tZNPEWMdaW8n11s9MwYFahtxDecyn0KIP9MvPsfSMSbxhp/f7kfbdB/H/S5eYea66JTyeJS6uNd76RdHttx0mLO30ZkRcXB25c2SIXhRYsdoeKS5GXHDdNejkQM0S/Ev94x2UunApmYHjWN1XcDhsEsAeF4WHnvYh2XiMn9vHY44AqvbWLlAmCgzaXpz8Xhl0fO7jDKSeReDyuM3UTMaiFFaxuvliGol7aIXq/aVe/miiD2SLxHZ6RxAPW80bhXrzJMTLTCqhCEhzfv someone@somewhere.sometime}" 37 | SPRING_PROFILES_ACTIVE: dev 38 | IDAM_TESTING_SUPPORT_ENABLED: "true" 39 | LOGGING_LEVEL_UK_GOV_HMCTS_IDAM: DEBUG 40 | IDAM_USER_BASE_URI: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}" 41 | IDAM_S2S_BASE_URI: http://service-auth-provider-api:8080 42 | S2S_NAMES_WHITELIST: sscs,divorce,ccd,em_gw,document-management-store,ccd_gw,idam-api,fpl_case_service,xui_webapp,ccd_case_document_am_api,ccd_data,ccd_case_disposer 43 | http_proxy: 44 | https_proxy: 45 | no_proxy: 46 | REFORM_SERVICE_TYPE: java 47 | REFORM_SERVICE_NAME: document-management-store 48 | REFORM_TEAM: cc 49 | REFORM_ENVIRONMENT: docker 50 | # healthcheck env vars 51 | PACKAGES_ENVIRONMENT: docker 52 | PACKAGES_PROJECT: evidence 53 | PACKAGES_NAME: document-management-store 54 | PACKAGES_VERSION: unknown 55 | ENABLE_DB_MIGRATE: "true" 56 | ENABLE_TTL: "true" 57 | # debug mode 58 | # JAVA_OPTS: -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=*:5005 59 | depends_on: 60 | - ccd-shared-database 61 | - service-auth-provider-api 62 | - azure-storage-emulator-azurite 63 | ports: 64 | - 4506:8080 65 | # debug port exposed 66 | # - 5006:5005 67 | networks: 68 | - ccd-network 69 | 70 | azure-storage-emulator-azurite: 71 | image: arafato/azurite 72 | ports: 73 | - 10000:10000 74 | environment: 75 | executable: "blob" 76 | volumes: 77 | - ccd-docker-azure-blob-data:/opt/azurite/folder 78 | networks: 79 | - ccd-network 80 | 81 | volumes: 82 | ccd-docker-azure-blob-data: 83 | 84 | networks: 85 | ccd-network: 86 | external: true 87 | -------------------------------------------------------------------------------- /compose/elasticsearch.yml: -------------------------------------------------------------------------------- 1 | version: '2.4' 2 | services: 3 | ccd-elasticsearch: 4 | image: docker.elastic.co/elasticsearch/elasticsearch:7.17.0 5 | container_name: ccd-elasticsearch 6 | depends_on: 7 | - "ccd-data-store-api" 8 | environment: 9 | - cluster.name=ccd-docker-es-cluster 10 | - discovery.type=single-node 11 | - bootstrap.memory_lock=true 12 | - action.auto_create_index=.security*,.watches,.triggered_watches,.watcher-history-*,.logstash_dead_letter,.ml* 13 | - "ES_JAVA_OPTS=-Xms512m -Xmx512m" 14 | ulimits: 15 | memlock: 16 | soft: -1 17 | hard: -1 18 | volumes: 19 | - esdata1:/usr/share/elasticsearch/data 20 | ports: 21 | - 9200:9200 22 | networks: 23 | - ccd-network 24 | 25 | volumes: 26 | esdata1: 27 | driver: local 28 | 29 | networks: 30 | ccd-network: 31 | external: true 32 | 33 | -------------------------------------------------------------------------------- /compose/frontend.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: '2.4' 3 | 4 | services: 5 | ccd-admin-web: 6 | image: "${CCD_ADMIN_WEB_USE_LOCAL-hmctspublic.azurecr.io/}ccd/admin-web:${CCD_ADMIN_WEB_TAG:-latest}" 7 | container_name: ccd-admin-web 8 | environment: 9 | SECURE_AUTH_COOKIE_ENABLED : "false" 10 | USE_CSRF_PROTECTION : "false" 11 | SECURITY_REFERRER_POLICY : origin 12 | IDAM_BASE_URL: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}" 13 | IDAM_S2S_URL: http://service-auth-provider-api:8080 14 | IDAM_ADMIN_WEB_SERVICE_KEY: AAAAAAAAAAAAAAAD 15 | IDAM_LOGOUT_URL: "${IDAM_STUB_LOCALHOST:-http://localhost:3501}/login" 16 | IDAM_OAUTH2_TOKEN_ENDPOINT: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}/oauth2/token" 17 | IDAM_OAUTH2_LOGOUT_ENDPOINT: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}/session/:token" 18 | IDAM_OAUTH2_AW_CLIENT_SECRET: ccd_admin_secret 19 | IDAM_SERVICE_NAME: ccd_admin 20 | IDAM_OAUTH2_CLIENT_ID : ccd_admin 21 | ADMINWEB_LOGIN_URL: "${IDAM_STUB_LOCALHOST:-http://localhost:3501}/login" 22 | ADMINWEB_IMPORT_URL: http://ccd-definition-store-api:4451/import 23 | ADMINWEB_JURISDICTIONS_URL : http://ccd-definition-store-api:4451/api/data/jurisdictions 24 | ADMINWEB_USER_PROFILE_URL : http://ccd-user-profile-api:4453/users 25 | ADMINWEB_SAVE_USER_PROFILE_URL : http://ccd-user-profile-api:4453/users/save 26 | ADMINWEB_USER_ROLE_URL : http://ccd-definition-store-api:4451/api/user-role 27 | ADMIN_ALL_USER_ROLES_URL : http://ccd-definition-store-api:4451/api/user-roles 28 | ADMINWEB_CREATE_DEFINITION_URL : http://ccd-definition-store-api:4451/api/draft 29 | ADMINWEB_UPDATE_DEFINITION_URL : http://ccd-definition-store-api:4451/api/draft/save 30 | ADMINWEB_DELETE_DEFINITION_URL : http://ccd-definition-store-api:4451/api/draft 31 | ADMINWEB_DEFINITIONS_URL : http://ccd-definition-store-api:4451/api/drafts 32 | ADMINWEB_WHOAMI_URL : http://ccd-definition-store-api:4451/api/idam/profile 33 | ADMINWEB_AUTHORIZATION_URL : http://ccd-definition-store-api:4451/api/idam/adminweb/authorization 34 | ADMINWEB_IMPORT_AUDITS_URL : http://ccd-definition-store-api:4451/api/import-audits 35 | ADMINWEB_ELASTIC_INDEX_URL : http://ccd-definition-store-api:4451/elastic-support/index 36 | ADMINWEB_GET_DICTIONARY_URL: http://ts-translation-service:4650/dictionary 37 | ADMINWEB_ROLES_WHITELIST : "ccd-import,ccd-import-validate" 38 | APPINSIGHTS_INSTRUMENTATIONKEY: key 39 | ports: 40 | - 3100:3100 41 | depends_on: 42 | - service-auth-provider-api 43 | - ccd-definition-store-api 44 | - ccd-user-profile-api 45 | networks: 46 | - ccd-network 47 | 48 | ccd-api-gateway: 49 | image: "${CCD_API_GATEWAY_USE_LOCAL-hmctspublic.azurecr.io/}ccd/api-gateway-web:${CCD_API_GATEWAY_TAG:-latest}" 50 | container_name: ccd-api-gateway-web 51 | environment: 52 | IDAM_BASE_URL: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}" 53 | IDAM_USER_URL: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}" 54 | IDAM_S2S_URL: http://service-auth-provider-api:8080 55 | IDAM_SERVICE_KEY: "${IDAM_KEY_CCD_GATEWAY}" 56 | IDAM_OAUTH2_LOGOUT_ENDPOINT: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}/session/:token" 57 | IDAM_OAUTH2_CLIENT_ID: ccd_gateway 58 | IDAM_OAUTH2_CLIENT_SECRET: ccd_gateway_secret 59 | IDAM_OAUTH2_TOKEN_ENDPOINT: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}/oauth2/token" 60 | ADDRESS_LOOKUP_TOKEN: 61 | PROXY_AGGREGATED: http://ccd-data-store-api:4452 62 | PROXY_DATA: http://ccd-data-store-api:4452 63 | PROXY_CASE_ACTIVITY: http://host.docker.internal:3460 64 | PROXY_PRINT_SERVICE: http://host.docker.internal:3200 65 | PROXY_PAYMENTS: "${PROXY_PAYMENTS_STUB:-http://localhost:9999/payments}" 66 | PROXY_DEFINITION_IMPORT: http://ccd-definition-store-api:4451 67 | PROXY_DEFINITION_DATA: http://ccd-definition-store-api:4451/api/data 68 | PROXY_DEFINITION_DISPLAY: http://ccd-definition-store-api:4451/api/display 69 | APPINSIGHTS_INSTRUMENTATIONKEY: key 70 | ports: 71 | - 3453:3453 72 | depends_on: 73 | - ccd-user-profile-api 74 | - ccd-definition-store-api 75 | - ccd-data-store-api 76 | networks: 77 | - ccd-network 78 | 79 | networks: 80 | ccd-network: 81 | external: true 82 | -------------------------------------------------------------------------------- /compose/hearings.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: '2.4' 3 | 4 | services: 5 | hmc-hmi-outbound-adapter: 6 | image: "${HMC_OUTBOUND_ADAPTER_USE_LOCAL-hmctspublic.azurecr.io/}hmc/hmi-outbound-adapter:${HMC_OUTBOUND_ADAPTER_TAG:-latest}" 7 | container_name: hmi-outbound-adapter 8 | environment: 9 | SERVER_PORT: 4558 10 | APPINSIGHTS_INSTRUMENTATION_KEY: key 11 | CFT_HEARING_SERVICE_DB_HOST: "${CFT_HEARING_SERVICE_DB_HOST:-ccd-shared-database}" 12 | CFT_HEARING_SERVICE_DB_PORT: "${CFT_HEARING_SERVICE_DB_PORT:-5432}" 13 | CFT_HEARING_SERVICE_DB_NAME: "${CFT_HEARING_SERVICE_DB_NAME:-hmc-cft-hearing-service}" 14 | #HMI/LA connection details 15 | CLIENT_ID: "${CLIENT_ID}" 16 | CLIENT_SECRET: "${CLIENT_SECRET}" 17 | FH_BASE_URL: "${FH_BASE_URL}" 18 | FH_GET_TOKEN_URL: "${FH_GET_TOKEN_URL}" 19 | GRANT_TYPE: "client_credentials" 20 | HMC_SERVICE_BUS_OUTBOUND_QUEUE: "${HMC_SERVICE_BUS_OUTBOUND_QUEUE}" 21 | HMC_SERVICE_BUS_INBOUND_QUEUE: "${HMC_SERVICE_BUS_INBOUND_QUEUE}" 22 | HMC_SERVICE_BUS_INBOUND_CONNECTION_STRING: "${HMC_SERVICE_BUS_INBOUND_CONNECTION_STRING}" 23 | HMC_SERVICE_BUS_OUTBOUND_CONNECTION_STRING: "${HMC_SERVICE_BUS_OUTBOUND_CONNECTION_STRING}" 24 | HMI_BASE_URL: "${HMI_BASE_URL}" 25 | HMI_SOURCE_SYSTEM: "CFT" 26 | HMI_DESTINATION_SYSTEM: "MOCK" 27 | REFORM_SERVICE_NAME: hmc-hmi-outbound-adapter 28 | REFORM_ENVIRONMENT: local 29 | SCOPE: "${SCOPE}" 30 | WIREMOCK_URL: "${WIREMOCK_STUB_SERVICE_NAME:-http://hmc-wiremock:4459}" 31 | # Uncomment this line to enable JVM debugging and uncomment the port mapping below 32 | # JAVA_TOOL_OPTIONS: '-XX:InitialRAMPercentage=30.0 -XX:MaxRAMPercentage=65.0 -XX:MinRAMPercentage=30.0 -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005' 33 | ports: 34 | - 4558:4558 35 | # Uncomment this and the JAVA_TOOL_OPTIONS flag for JVM debugging 36 | # - 5005:5005 37 | depends_on: 38 | - hmc-wiremock 39 | networks: 40 | - ccd-network 41 | 42 | hmc-hmi-inbound-adapter: 43 | image: "${HMC_INBOUND_ADAPTER_USE_LOCAL-hmctspublic.azurecr.io/}hmc/hmi-inbound-adapter:${HMC_INBOUND_ADAPTER_TAG:-latest}" 44 | container_name: hmi-inbound-adapter 45 | environment: 46 | SERVER_PORT: 4559 47 | APPINSIGHTS_INSTRUMENTATION_KEY: key 48 | CFT_HEARING_SERVICE_URL: "${CFT_HEARING_SERVICE_URL:-http://hmc-cft-hearing-service:4561}" 49 | HMC_SERVICE_BUS_QUEUE: "${HMC_SERVICE_BUS_INBOUND_QUEUE}" 50 | HMC_SERVICE_BUS_CONNECTION_STRING: "${HMC_SERVICE_BUS_INBOUND_CONNECTION_STRING}" 51 | IDAM_API_URL: "${IDAM_STUB_SERVICE_NAME:-http://docker.for.mac.localhost:5000}" 52 | REFORM_SERVICE_NAME: hmc-hmi-inbound-adapter 53 | REFORM_ENVIRONMENT: local 54 | S2S_URL: "${S2S_URL:-http://service-auth-provider-api:8080}" 55 | # Uncomment this line to enable JVM debugging and uncomment the port mapping below 56 | # JAVA_TOOL_OPTIONS: '-XX:InitialRAMPercentage=30.0 -X 57 | ports: 58 | - 4559:4559 59 | # Uncomment this and the JAVA_TOOL_OPTIONS flag for JVM debugging 60 | # - 5005:5005 61 | depends_on: 62 | - hmc-wiremock 63 | networks: 64 | - ccd-network 65 | 66 | hmc-wiremock: 67 | image: rodolpheche/wiremock 68 | container_name: hmc-wiremock 69 | volumes: 70 | - ./../resources/wiremock:/home/wiremock:rw 71 | ports: 72 | - 4458:8080 73 | networks: 74 | - ccd-network 75 | 76 | hmc-cft-hearing-service: 77 | image: "${HMC_HEARING_SERVICE_USE_LOCAL-hmctspublic.azurecr.io/}hmc/cft-hearing-service:${HMC_HEARING_SERVICE_TAG:-latest}" 78 | container_name: cft-hearing-service 79 | environment: 80 | SERVER_PORT: 4561 81 | APPINSIGHTS_INSTRUMENTATION_KEY: key 82 | CFT_HEARING_SERVICE_DB_PASSWORD: "${CFT_HEARING_SERVICE_DB_PASSWORD:-hmc}" 83 | CFT_HEARING_SERVICE_DB_USERNAME: "${CFT_HEARING_SERVICE_DB_USERNAME:-hmc}" 84 | CFT_HEARING_SERVICE_DB_HOST: "${CFT_HEARING_SERVICE_DB_HOST:-ccd-shared-database}" 85 | CFT_HEARING_SERVICE_DB_PORT: "${CFT_HEARING_SERVICE_DB_PORT:-5432}" 86 | CFT_HEARING_SERVICE_DB_NAME: "${CFT_HEARING_SERVICE_DB_NAME:-hmc_cft_hearing_service}" 87 | CFT_HEARING_SERVICE_S2S_AUTHORISED_SERVICES: xui_webapp,hmc_hmi_inbound_adapter,sscs,fis_hmc_api 88 | CLIENT_ID: "${CLIENT_ID}" 89 | CLIENT_SECRET: "${CLIENT_SECRET}" 90 | FH_BASE_URL: "${FH_BASE_URL:-https://login.microsoftonline.com}" 91 | FH_GET_TOKEN_URL: "${FH_GET_TOKEN_URL}" 92 | GRANT_TYPE: client_credentials 93 | # temporarily switch off role access check while testing 94 | HMC_ACCESS_CONTROL_ENABLED: false 95 | #inbound queue 96 | HMC_QUEUE_CONNECTION_STRING: "${HMC_SERVICE_BUS_INBOUND_CONNECTION_STRING}" 97 | HMC_SERVICE_BUS_QUEUE: "${HMC_SERVICE_BUS_INBOUND_QUEUE}" 98 | #outbound queue 99 | HMC_OUTBOUND_QUEUE_CONNECTION_STRING: "${HMC_SERVICE_BUS_OUTBOUND_CONNECTION_STRING}" 100 | HMC_OUTBOUND_SERVICE_BUS_QUEUE: "${HMC_SERVICE_BUS_OUTBOUND_QUEUE}" 101 | #topic connection 102 | HMC_SERVICE_BUS_CONNECTION_STRING: "${HMC_SERVICE_BUS_CONNECTION_STRING}" 103 | HMC_SERVICE_BUS_TOPIC: "${HMC_SERVICE_BUS_TOPIC}" 104 | HMC_SERVICE_BUS_SUBSCRIPTION: "${HMC_SERVICE_BUS_SUBSCRIPTION}" 105 | IDAM_API_URL: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}" 106 | IDAM_API_BASE_URL: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}" 107 | IDAM_OAUTH2_DATA_STORE_CLIENT_SECRET: idam_data_store_client_secret 108 | IDAM_OIDC_URL: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}" 109 | IDAM_S2S_URL: "${IDAM_S2S_URL:-http://service-auth-provider-api:8080}" 110 | SCOPE: "${SCOPE}" 111 | S2S_URL: "${SERVICE_AUTH_PROVIDER_API_BASE_URL:-http://service-auth-provider-api:8080}" 112 | SERVICE_AUTH_PROVIDER_API_BASE_URL: "${SERVICE_AUTH_PROVIDER_API_BASE_URL:-http://service-auth-provider-api:8080}" 113 | 114 | # Uncomment this line to enable JVM debugging and uncomment the port mapping below 115 | # JAVA_TOOL_OPTIONS: -XX:InitialRAMPercentage=30.0 -XX:MaxRAMPercentage=65.0 -XX:MinRAMPercentage=30.0 -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005 116 | ports: 117 | - 4561:4561 118 | # Uncomment this and the JAVA_TOOL_OPTIONS flag for JVM debugging 119 | # - 5005:5005 120 | depends_on: 121 | - ccd-data-store-api 122 | networks: 123 | - ccd-network 124 | 125 | networks: 126 | ccd-network: 127 | external: true 128 | -------------------------------------------------------------------------------- /compose/logstash.yml: -------------------------------------------------------------------------------- 1 | version: '2.4' 2 | services: 3 | 4 | ccd-logstash: 5 | image: "logstash:7.16.3" 6 | container_name: ccd-logstash 7 | environment: 8 | - XPACK_MONITORING_ENABLED=false 9 | - DATA_STORE_URL=jdbc:postgresql://ccd-shared-database:5432/ccd_data?stringtype=unspecified&ssl=false 10 | - DATA_STORE_USER=ccd 11 | - DATA_STORE_PASS=ccd 12 | - ES_HOSTS=http://ccd-elasticsearch:9200 13 | networks: 14 | - ccd-network 15 | volumes: 16 | - ${PWD}/logstash/config/logstash.yml:/usr/share/logstash/config/logstash.yml 17 | - ${PWD}/logstash/config/pipelines.yml:/usr/share/logstash/config/pipelines.yml 18 | - ${PWD}/logstash/pipeline/01_input.conf:/usr/share/logstash/pipeline/01_input.conf 19 | - ${PWD}/logstash/pipeline/02_filter.conf:/usr/share/logstash/pipeline/02_filter.conf 20 | - ${PWD}/logstash/pipeline/03_output.conf:/usr/share/logstash/pipeline/03_output.conf 21 | - ${PWD}/logstash/pipeline/dead_letter_indexing_pipeline.conf:/usr/share/logstash/pipeline/dead_letter_indexing_pipeline.conf 22 | - ${PWD}/logstash/lib/postgresql-42.2.18.jar:/usr/share/logstash/ccd/postgresql.jar 23 | 24 | networks: 25 | ccd-network: 26 | external: true 27 | 28 | -------------------------------------------------------------------------------- /compose/message-publisher.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: '2.4' 3 | 4 | services: 5 | ccd-message-publisher: 6 | image: "${CCD_MESSAGE_PUBLISHER_USE_LOCAL-hmctspublic.azurecr.io/}ccd/message-publisher:${CCD_MESSAGE_PUBLISHER_TAG:-latest}" 7 | environment: 8 | DATA_STORE_DB_HOST: ccd-shared-database 9 | DATA_STORE_DB_PORT: 5432 10 | DATA_STORE_DB_USERNAME: "${DB_USERNAME}" 11 | DATA_STORE_DB_PASSWORD: "${DB_PASSWORD}" 12 | CCD_CASE_EVENTS_DESTINATION: ccd-case-events 13 | SERVICE_BUS_CONNECTION_STRING: # Update this value if using Azure Service Bus (see line below) 14 | SPRING_PROFILES_ACTIVE: dev # Comment this line to enable Azure Service Bus 15 | # Uncomment this line to enable JVM debugging and uncomment the port mapping below 16 | # JAVA_TOOL_OPTIONS: '-XX:InitialRAMPercentage=30.0 -XX:MaxRAMPercentage=65.0 -XX:MinRAMPercentage=30.0 -XX:+UseConcMarkSweepGC -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005' 17 | ports: 18 | - 4456:4456 19 | # Uncomment this and the JAVA_TOOL_OPTIONS flag for JVM debugging 20 | # - 5005:5005 21 | depends_on: 22 | ccd-shared-database: 23 | condition: service_started 24 | networks: 25 | - ccd-network 26 | 27 | networks: 28 | ccd-network: 29 | external: true 30 | -------------------------------------------------------------------------------- /compose/operational.yml: -------------------------------------------------------------------------------- 1 | version: '2.4' 2 | 3 | services: 4 | hmc-operational-reports-runner: 5 | image: "${HMC_OPERATIONAL_REPORTS_USE_LOCAL-hmctspublic.azurecr.io/}hmc/operational-reports-runner:${HMC_OPERATIONAL_REPORTS_TAG:-latest}" 6 | container_name: operational-reports-runner 7 | environment: 8 | SERVER_PORT: 4459 9 | APPINSIGHTS_INSTRUMENTATIONKEY: "SomeRandomStringForLocalDocker" 10 | NOTIFY_HMC_API_KEY: team_and_guest_list-339063cc-26db-4374-bfad-40edc9033d83-dd0f01c6-6d7b-4e76-869c-d823f3ab780b 11 | NOTIFY_ERROR_TEMPLATE_ID: 952167ce-a823-432f-9a2c-f5a2a28076d9 12 | NOTIFY_ERROR_EMAIL_ADDRESS: rebecca.baker@hmcts.net 13 | NOTIFY_ERROR_REPLY_TO_EMAIL_ADDRESS: 8276915e-dfbc-4791-adbc-5e553607b2bd 14 | NOTIFY_AWAITING_ACTUALS_TEMPLATE_ID: 952167ce-a823-432f-9a2c-f5a2a28076d9 15 | NOTIFY_AWAITING_ACTUALS_EMAIL_ADDRESS: mark.dathorne@hmcts.net 16 | NOTIFY_AWAITING_ACTUALS_REPLY_TO_EMAIL_ADDRESS: 276915e-dfbc-4791-adbc-5e553607b2bd 17 | CFT_HEARING_SERVICE_DB_USERNAME: hmc 18 | CFT_HEARING_SERVICE_DB_PASSWORD: hmc 19 | CFT_HEARING_SERVICE_DB_HOST: "ccd-shared-database" 20 | CFT_HEARING_SERVICE_DB_PORT: 5432 21 | CFT_HEARING_SERVICE_DB_NAME: hmc_cft_hearing_service 22 | # these environment variables are used by java-logging library 23 | ROOT_APPENDER: 24 | JSON_CONSOLE_PRETTY_PRINT: 25 | ROOT_LOGGING_LEVEL: 26 | REFORM_SERVICE_TYPE: 27 | REFORM_SERVICE_NAME: 28 | REFORM_TEAM: 29 | REFORM_ENVIRONMENT: 30 | LOGBACK_DATE_FORMAT: 31 | LOGBACK_REQUIRE_THREAD: 32 | LOGBACK_REQUIRE_ALERT_LEVEL: false 33 | LOGBACK_REQUIRE_ERROR_CODE: false 34 | ports: 35 | - 4459:4459 36 | networks: 37 | - ccd-network 38 | -------------------------------------------------------------------------------- /compose/others.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: '2.4' 3 | #add non core CCD services here 4 | 5 | services: 6 | am-database: 7 | image: hmctspublic.azurecr.io/am/db:latest 8 | container_name: access_management_db 9 | environment: 10 | AM_DB: "${AM_DB}" 11 | AM_DB_USERNAME: "${AM_DB_USERNAME}" 12 | AM_DB_PASSWORD: "${AM_DB_PASSWORD}" 13 | healthcheck: 14 | interval: 10s 15 | timeout: 10s 16 | retries: 10 17 | ports: 18 | - 5600:5432 19 | volumes: 20 | - am-database-data:/var/lib/postgresql/data 21 | networks: 22 | - ccd-network 23 | 24 | networks: 25 | ccd-network: 26 | external: true 27 | 28 | volumes: 29 | am-database-data: -------------------------------------------------------------------------------- /compose/sidam-local-ccd.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: '2.4' 3 | 4 | services: 5 | fr-am: 6 | environment: 7 | JAVA_OPTS: -Xms128m -Xmx512m 8 | networks: 9 | - ccd-network 10 | fr-idm: 11 | environment: 12 | JAVA_TOOL_OPTIONS: -Dcom.sun.management.jmxremote.port=9010 -Dcom.sun.management.jmxremote.local.only=false -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Djava.rmi.server.hostname=vm-ubuntu16 -Dcom.sun.management.jmxremote.rmi.port=9010 13 | JAVA_OPTS: -Xms128m -Xmx512m 14 | networks: 15 | - ccd-network 16 | shared-db: 17 | ports: 18 | - 5051:5432 19 | networks: 20 | - ccd-network 21 | idam-api: 22 | environment: 23 | JAVA_OPTS: -Xms128m -Xmx512m 24 | TESTING_SUPPORT_ENABLED: "true" 25 | networks: 26 | - ccd-network 27 | idam-web-public: 28 | ports: 29 | - 3501:8080 30 | environment: 31 | - JAVA_OPTS=-Xms128m -Xms512m 32 | networks: 33 | - ccd-network 34 | idam-web-admin: 35 | environment: 36 | - JAVA_OPTS=-Xms128m -Xms512m 37 | networks: 38 | - ccd-network 39 | 40 | networks: 41 | ccd-network: 42 | external: true 43 | -------------------------------------------------------------------------------- /compose/sidam-local.yml: -------------------------------------------------------------------------------- 1 | # just a copy of 'docker-compose-local.yml' in https://tools.hmcts.net/confluence/display/SISM/Local+Docker+Setup 2 | # avoid modifying this file directly. Add any customisations to CCD Idam to `sidam-local-ccd.yml` instead 3 | --- 4 | version: '2.4' 5 | 6 | services: 7 | fr-am: 8 | ports: 9 | - 8080:8080 10 | - 1389:1389 11 | environment: 12 | JAVA_OPTS: -Xms128m -Xmx512m 13 | 14 | fr-idm: 15 | ports: 16 | - 18080:18080 17 | - 9010:9010 18 | shared-db: 19 | ports: 20 | - 5432:5432 21 | smtp-server: 22 | ports: 23 | - 1025:1025 24 | - 8025:8025 25 | idam-api: 26 | ports: 27 | - 5000:5000 28 | tmpfs: /opt/app/es 29 | environment: 30 | - JAVA_OPTS=-Xms128m -Xms512m 31 | - IDAMHEALTHCHECK_AM_ENABLED=false 32 | - IDAMHEALTHCHECK_IDM_ENABLED=false 33 | - STRATEGIC_ADMIN_URL=http://idam-web-admin:8082 34 | - STRATEGIC_WEBPUBLIC_URL=http://idam-web-public:9002 35 | - SPRING_PROFILES_ACTIVE=local 36 | - SPRING_DATASOURCE_URL=jdbc:postgresql://shared-db:5432/openidm?currentSchema=fridam 37 | - SPRING_DATASOURCE_USERNAME=openidm 38 | - SPRING_DATASOURCE_PASSWORD=openidm 39 | - SECURITY_OAUTH2_CLIENT_CLIENTSECRET=password 40 | - SECURITY_OAUTH2_CLIENT_PRE_ESTABLISHED_REDIRECT_URI=http://idam-web-public:9002/login 41 | - SECURITY_OAUTH2_CLIENT_REGISTERED_REDIRECT_URI=http://idam-web-public:9002/login 42 | - IDAM_SPI_FORGEROCK_AM_ROOT=http://fr-am:8080/openam 43 | - IDAM_SPI_FORGEROCK_AM_TOPLEVELHOST=fr-am 44 | - IDAM_SPI_FORGEROCK_AM_USERNAME=amadmin 45 | - IDAM_SPI_FORGEROCK_AM_PASSWORD=Pa55word11 46 | - IDAM_SPI_FORGEROCK_AM_JWKSURIFOROAUTH2CLIENTS=http://fr-am:8080/openam/oauth2/hmcts/connect/jwk_uri 47 | - IDAM_SPI_FORGEROCK_IDM_ROOT=http://fr-idm:18080/openidm 48 | - IDAM_SPI_FORGEROCK_IDM_USERNAME=openidm-admin 49 | - IDAM_SPI_FORGEROCK_IDM_PASSWORD=openidm-admin 50 | - IDAM_SPI_FORGEROCK_IDM_PIN_DEFAULTPASSWORD=BlaBlaBlackSh33p 51 | - APPSETTING_NODE_PATH=/opt/app 52 | idam-web-public: 53 | ports: 54 | - 9002:8080 55 | environment: 56 | - JAVA_OPTS=-Xms128m -Xms512m 57 | - STRATEGIC_SERVICE_URL=http://idam-api:5000 58 | idam-web-admin: 59 | ports: 60 | - 8082:8080 61 | environment: 62 | - JAVA_OPTS=-Xms128m -Xms512m 63 | - STRATEGIC_SERVICE_URL=http://idam-api:5000 64 | - STRATEGIC_PUBLIC_URL=http://idam-web-public:9002 65 | -------------------------------------------------------------------------------- /compose/sidam.yml: -------------------------------------------------------------------------------- 1 | # just a copy of 'docker-compose.yml' in https://tools.hmcts.net/confluence/display/SISM/Local+Docker+Setup 2 | # avoid modifying this file directly. Add any customisations to CCD Idam to `sidam-local-ccd.yml` instead 3 | --- 4 | version: '2.4' 5 | 6 | services: 7 | fr-am: 8 | image: hmctsprivate.azurecr.io/idam/idam-fr-am:latest 9 | hostname: localam 10 | depends_on: 11 | shared-db: 12 | condition: service_started 13 | fr-idm: 14 | image: hmctsprivate.azurecr.io/idam/idam-fr-idm:latest 15 | hostname: localidm 16 | depends_on: 17 | fr-am: 18 | condition: service_started 19 | shared-db: 20 | condition: service_started 21 | shared-db: 22 | image: hmctsprivate.azurecr.io/idam/shared-db:latest 23 | smtp-server: 24 | image: mailhog/mailhog 25 | idam-api: 26 | image: hmctspublic.azurecr.io/idam/api:stable 27 | depends_on: 28 | fr-am: 29 | condition: service_started 30 | shared-db: 31 | condition: service_started 32 | idam-web-public: 33 | image: hmctspublic.azurecr.io/idam/web-public:stable 34 | depends_on: 35 | idam-api: 36 | condition: service_started 37 | idam-web-admin: 38 | image: hmctspublic.azurecr.io/idam/web-admin:stable 39 | depends_on: 40 | idam-api: 41 | condition: service_started 42 | -------------------------------------------------------------------------------- /compose/ts-translation-service.yml: -------------------------------------------------------------------------------- 1 | version: '2.4' 2 | 3 | services: 4 | ts-translation-service: 5 | build: 6 | context: . 7 | args: 8 | - http_proxy 9 | - https_proxy 10 | - no_proxy 11 | image: "${TS_TRANSLATION_SERVICE_USE_LOCAL-hmctspublic.azurecr.io/}ts/translation-service:${TS_TRANSLATION_SERVICE_TAG:-latest}" 12 | container_name: translation-service 13 | environment: 14 | TS_TRANSLATION_SERVICE_DB_HOST: ccd-shared-database 15 | TS_TRANSLATION_SERVICE_DB_PORT: 5432 16 | TS_TRANSLATION_SERVICE_DB_NAME: ts_translation_service 17 | TS_TRANSLATION_SERVICE_DB_USERNAME: ${DB_USERNAME} 18 | TS_TRANSLATION_SERVICE_DB_PASSWORD: ${DB_PASSWORD} 19 | IDAM_API_URL: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}" 20 | IDAM_OIDC_URL: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}" 21 | TS_TRANSLATION_SERVICE_S2S_AUTHORISED_SERVICES: xui_webapp,ccd_admin,ccd_definition 22 | S2S_URL: http://service-auth-provider-api:8080 23 | REFORM_SERVICE_NAME: ts-translation-service 24 | REFORM_TEAM: ts 25 | REFORM_ENVIRONMENT: local 26 | TESTING_SUPPORT_ENABLED: "${TESTING_SUPPORT_ENABLED:-true}" 27 | APPINSIGHTS_INSTRUMENTATIONKEY: key 28 | ports: 29 | - "4650:4650" 30 | depends_on: 31 | ccd-shared-database: 32 | condition: service_started 33 | service-auth-provider-api: 34 | condition: service_started 35 | idam-api: 36 | condition: service_started 37 | networks: 38 | - ccd-network 39 | -------------------------------------------------------------------------------- /compose/xui-frontend.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: '2.4' 3 | 4 | services: 5 | xui-manage-cases: 6 | image: "${XUI_MANAGE_CASES_USE_LOCAL-hmctspublic.azurecr.io/}xui/webapp:${XUI_MANAGE_CASES_TAG:-latest}" 7 | container_name: xui-manage-cases 8 | environment: 9 | FEATURE_APP_INSIGHTS_ENABLED: "true" 10 | FEATURE_SECURE_COOKIE_ENABLED: "false" 11 | FEATURE_REDIS_ENABLED: "false" 12 | JURISDICTIONS: AUTOTEST1,DIVORCE,PROBATE,BEFTA_JURISDICTION_3,BEFTA_JURISDICTION_2,BEFTA_JURISDICTION_1,IA,SSCS,BEFTA_MASTER 13 | 14 | MICROSERVICE: "${BEFTA_S2S_CLIENT_ID_OF_XUI_WEBAPP:-xui_webapp}" 15 | PROTOCOL: http 16 | XUI_ENV: local 17 | 18 | SERVICES_DOCUMENTS_API: http://dm-store:8080 19 | SERVICES_PAYMENTS_URL: http://wiremock:8080 20 | SERVICES_EM_ANNO_API: http://ccd-api-gateway:3453 21 | SERVICES_CCD_COMPONENT_API: http://ccd-api-gateway:3453 22 | SERVICES_CCD_DATA_STORE_API: http://ccd-data-store-api:4452 23 | SERVICES_IDAM_API_URL: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}" 24 | SERVICES_IDAM_CLIENT_ID: "${BEFTA_OAUTH2_CLIENT_ID_OF_XUIWEBAPP:-xuiwebapp}" 25 | SERVICES_IDAM_LOGIN_URL: "${IDAM_STUB_LOCALHOST:-http://localhost:3501}" 26 | SERVICES_IDAM_INDEX_URL: / 27 | SERVICES_IDAM_OAUTH_CALLBACK_URL: /oauth2/callback 28 | SERVICES_S2S: http://service-auth-provider-api:8080 29 | REDISCLOUD_URL: http://localhost:6780 30 | SYSTEM_USER_NAME: "dummy" 31 | SYSTEM_USER_PASSWORD: "dummy" 32 | 33 | HEALTH_CCD_COMPONENT_API: http://ccd-api-gateway:3453/health 34 | HEALTH_CCD_DATA_API: http://ccd-data-store-api:4452/health 35 | 36 | APPINSIGHTS_INSTRUMENTATIONKEY: TESTVAR 37 | IDAM_SECRET: "${BEFTA_OAUTH2_CLIENT_SECRET_OF_XUIWEBAPP:-OOOOOOOOOOOOOOOO}" 38 | S2S_SECRET: "${BEFTA_S2S_CLIENT_SECRET_OF_XUI_WEBAPP:-OOOOOOOOOOOOOOOO}" 39 | LAUNCH_DARKLY_CLIENT_ID: "${XUI_LAUNCH_DARKLY_CLIENT_ID:-1}" 40 | 41 | ports: 42 | - 3455:3000 43 | depends_on: 44 | - ccd-api-gateway 45 | - ccd-data-store-api 46 | networks: 47 | - ccd-network 48 | 49 | networks: 50 | ccd-network: 51 | external: true 52 | -------------------------------------------------------------------------------- /database/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM postgres:11.5 2 | 3 | COPY init-db.sh /docker-entrypoint-initdb.d 4 | 5 | HEALTHCHECK --interval=10s --timeout=10s --retries=10 CMD psql -c 'select 1' -d ccd_data -U ${DB_USERNAME} 6 | 7 | EXPOSE 5432 -------------------------------------------------------------------------------- /database/init-db.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -e 4 | 5 | if [ -z "$DB_USERNAME" ] || [ -z "$DB_PASSWORD" ]; then 6 | echo "ERROR: Missing environment variable. Set value for both 'DB_USERNAME' and 'DB_PASSWORD'." 7 | exit 1 8 | fi 9 | 10 | # Create roles and databases 11 | psql -v ON_ERROR_STOP=1 --username postgres --set USERNAME=$DB_USERNAME --set PASSWORD=$DB_PASSWORD <<-EOSQL 12 | CREATE USER :USERNAME WITH PASSWORD ':PASSWORD'; 13 | EOSQL 14 | 15 | for service in idam ccd_user_profile ccd_definition ccd_data evidence ccd_definition_designer role_assignment ts_translation_service; do 16 | echo "Database $service: Creating..." 17 | psql -v ON_ERROR_STOP=1 --username postgres --set USERNAME=$DB_USERNAME --set PASSWORD=$DB_PASSWORD --set DATABASE=$service <<-EOSQL 18 | CREATE DATABASE :DATABASE 19 | WITH OWNER = :USERNAME 20 | ENCODING = 'UTF8' 21 | CONNECTION LIMIT = -1; 22 | EOSQL 23 | echo "Database $service: Created" 24 | done 25 | -------------------------------------------------------------------------------- /logstash/config/logstash.yml: -------------------------------------------------------------------------------- 1 | dead_letter_queue.enable: true 2 | http.host: 0.0.0.0 3 | queue.type: persisted 4 | xpack.monitoring.elasticsearch.hosts: ["${ES_HOSTS}"] 5 | xpack.monitoring.enabled: false 6 | -------------------------------------------------------------------------------- /logstash/config/pipelines.yml: -------------------------------------------------------------------------------- 1 | - pipeline.id: main 2 | path.config: "/usr/share/logstash/pipeline/{01_input,02_filter,03_output}.conf" 3 | pipeline.workers: 4 4 | pipeline.batch.size: 500 5 | queue.type: persisted 6 | - pipeline.id: index-dead-letter-to-es 7 | path.config: "/usr/share/logstash/pipeline/dead_letter_indexing_pipeline.conf" 8 | pipeline.workers: 1 9 | dead_letter_queue.enable: false 10 | -------------------------------------------------------------------------------- /logstash/lib/postgresql-42.2.18.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmcts/ccd-docker/e858b1742a993bf59efb0591c67d55ac659e2a18/logstash/lib/postgresql-42.2.18.jar -------------------------------------------------------------------------------- /logstash/pipeline/01_input.conf: -------------------------------------------------------------------------------- 1 | input { 2 | jdbc { 3 | jdbc_connection_string => "${DATA_STORE_URL}" 4 | jdbc_user => "${DATA_STORE_USER}" 5 | jdbc_password => "${DATA_STORE_PASS}" 6 | jdbc_validate_connection => true 7 | jdbc_driver_library => "/usr/share/logstash/ccd/postgresql.jar" 8 | jdbc_driver_class => "org.postgresql.Driver" 9 | jdbc_default_timezone => "UTC" 10 | statement => "UPDATE case_data SET marked_by_logstash = true WHERE marked_by_logstash = false RETURNING id, created_date, last_modified, jurisdiction, case_type_id, state, last_state_modified_date, data::TEXT as json_data, data_classification::TEXT as json_data_classification, reference, security_classification, supplementary_data::TEXT as json_supplementary_data" 11 | clean_run => false 12 | schedule => "* * * * * *" 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /logstash/pipeline/02_filter.conf: -------------------------------------------------------------------------------- 1 | filter { 2 | json { 3 | source => "json_data" 4 | target => "data" 5 | remove_field => ["json_data"] 6 | } 7 | json { 8 | source => "json_supplementary_data" 9 | target => "supplementary_data" 10 | remove_field => ["json_supplementary_data"] 11 | } 12 | json { 13 | source => "json_data_classification" 14 | target => "data_classification" 15 | remove_field => ["json_data_classification"] 16 | } 17 | if [data][SearchCriteria] { 18 | clone { 19 | clones => ["SearchCriteria"] 20 | } 21 | } 22 | if [type] == "SearchCriteria" { 23 | if [data][SearchCriteria] { 24 | mutate { 25 | rename => { 26 | "[data][SearchCriteria]" => "[data_new][SearchCriteria]" 27 | } 28 | } 29 | } 30 | if [data][caseManagementLocation] { 31 | mutate { 32 | rename => { 33 | "[data][caseManagementLocation]" => "[data_new][caseManagementLocation]" 34 | } 35 | } 36 | } 37 | if [data][CaseAccessCategory] { 38 | mutate { 39 | rename => { 40 | "[data][CaseAccessCategory]" => "[data_new][CaseAccessCategory]" 41 | } 42 | } 43 | } 44 | if [data][caseNameHmctsInternal] { 45 | mutate { 46 | rename => { 47 | "[data][caseNameHmctsInternal]" => "[data_new][caseNameHmctsInternal]" 48 | } 49 | } 50 | } 51 | if [data][caseManagementCategory] { 52 | mutate { 53 | rename => { 54 | "[data][caseManagementCategory]" => "[data_new][caseManagementCategory]" 55 | } 56 | } 57 | } 58 | if [supplementary_data][HMCTSServiceId] { 59 | mutate { 60 | rename => { 61 | "[supplementary_data][HMCTSServiceId]" => "[supplementary_data_new][HMCTSServiceId]" 62 | } 63 | } 64 | } 65 | if [data_classification][SearchCriteria] { 66 | mutate { 67 | rename => { 68 | "[data_classification][SearchCriteria]" => "[data_classification_new][SearchCriteria]" 69 | } 70 | } 71 | } 72 | if [data_classification][CaseAccessCategory] { 73 | mutate { 74 | rename => { 75 | "[data_classification][CaseAccessCategory]" => "[data_classification_new][CaseAccessCategory]" 76 | } 77 | } 78 | } 79 | if [data_classification][caseManagementLocation] { 80 | mutate { 81 | rename => { 82 | "[data_classification][caseManagementLocation]" => "[data_classification_new][caseManagementLocation]" 83 | } 84 | } 85 | } 86 | if [data_classification][caseNameHmctsInternal] { 87 | mutate { 88 | rename => { 89 | "[data_classification][caseNameHmctsInternal]" => "[data_classification_new][caseNameHmctsInternal]" 90 | } 91 | } 92 | } 93 | if [data_classification][caseManagementCategory] { 94 | mutate { 95 | rename => { 96 | "[data_classification][caseManagementCategory]" => "[data_classification_new][caseManagementCategory]" 97 | } 98 | } 99 | } 100 | mutate { 101 | remove_field => ["data", "supplementary_data", "data_classification", "last_state_modified_date", "type", "last_modified", "created_date"] 102 | } 103 | mutate { 104 | rename => { 105 | "[data_new]" => "data" 106 | } 107 | rename => { 108 | "[supplementary_data_new]" => "supplementary_data" 109 | } 110 | rename => { 111 | "[data_classification_new]" => "data_classification" 112 | } 113 | } 114 | mutate { 115 | add_field => { 116 | "index_id" => "global_search" 117 | } 118 | } 119 | mutate { 120 | lowercase => ["index_id"] 121 | } 122 | } else { 123 | mutate { 124 | add_field => { 125 | "index_id" => "%{case_type_id}_cases" 126 | } 127 | } 128 | mutate { 129 | lowercase => ["index_id"] 130 | } 131 | } 132 | } 133 | -------------------------------------------------------------------------------- /logstash/pipeline/03_output.conf: -------------------------------------------------------------------------------- 1 | output { 2 | elasticsearch { 3 | hosts => ["${ES_HOSTS}"] 4 | sniffing => false 5 | index => "%{[index_id]}" 6 | document_type => "_doc" 7 | document_id => "%{id}" 8 | timeout => 60 9 | } 10 | } 11 | -------------------------------------------------------------------------------- /logstash/pipeline/dead_letter_indexing_pipeline.conf: -------------------------------------------------------------------------------- 1 | input { 2 | dead_letter_queue { 3 | path => "${LOGSTASH_HOME}/data/dead_letter_queue" 4 | commit_offsets => true 5 | pipeline_id => "main" 6 | } 7 | } 8 | filter { 9 | # capture the entire event, and write it to a new field; we 'll call that field `failed_case` 10 | ruby { 11 | code => "event.set('failed_case', event.to_json())" 12 | } 13 | # prune every field off the event except for the one we 've just created. Note that this does not prune event metadata. 14 | prune { 15 | whitelist_names => ["^failed_case$"] 16 | } 17 | ruby { 18 | code => "event.set('timestamp', event.get('[@metadata][dead_letter_queue][entry_time]'))" 19 | } 20 | # pull useful information out of the event metadata provided by the dead letter queue, and add it to the new event. 21 | mutate { 22 | add_field => { 23 | "reason" => "%{[@metadata][dead_letter_queue][reason]}" 24 | } 25 | } 26 | } 27 | output { 28 | elasticsearch { 29 | hosts => ["${ES_HOSTS}"] 30 | sniffing => false 31 | index => ".logstash_dead_letter" 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /resources/idam_stub_get_details_custom.json: -------------------------------------------------------------------------------- 1 | { 2 | "request": { 3 | "method": "GET", 4 | "urlPath": "/o/userinfo" 5 | }, 6 | "response": { 7 | "status": 200, 8 | "headers": { 9 | "Content-Type": "application/json" 10 | }, 11 | "jsonBody": { 12 | "sub": "auto.test.cnp@gmail.com", 13 | "uid": "123456", 14 | "roles": [ 15 | "caseworker-autotest1", 16 | "caseworker-autotest2", 17 | "caseworker", 18 | "ccd-import", 19 | "caseworker-divorce" 20 | ], 21 | "name": "CCD", 22 | "given_name": "CCD", 23 | "family_name": "Auto Test (Stub)" 24 | } 25 | 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /resources/improved-ccd-test-automation-users.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "forename": "Becky", 4 | "surname": "Solicington", 5 | "email": "befta.master.solicitor.becky@gmail.com", 6 | "password": "***", 7 | "active": true, 8 | "roles": [ 9 | { 10 | "code": "caseworker" 11 | }, 12 | { 13 | "code": "pui-case-manager" 14 | }, 15 | { 16 | "code": "caseworker-befta_master" 17 | }, 18 | { 19 | "code": "caseworker-befta_master-solicitor" 20 | } 21 | ] 22 | }, 23 | { 24 | "forename": "Benjamin", 25 | "surname": "Solicington", 26 | "email": "befta.master.solicitor.benjamin@gmail.com", 27 | "password": "***", 28 | "active": true, 29 | "roles": [ 30 | { 31 | "code": "caseworker" 32 | }, 33 | { 34 | "code": "pui-case-manager" 35 | }, 36 | { 37 | "code": "caseworker-befta_master" 38 | }, 39 | { 40 | "code": "caseworker-befta_master-solicitor" 41 | } 42 | ] 43 | }, 44 | { 45 | "forename": "CCD Solicitor", 46 | "surname": "Jurisdiction3", 47 | "email": "befta.solicitor.3@gmail.com", 48 | "password": "***", 49 | "active": true, 50 | "roles": [ 51 | { 52 | "code": "caseworker" 53 | }, 54 | { 55 | "code": "caseworker-befta_jurisdiction_3" 56 | }, 57 | { 58 | "code": "caseworker-befta_jurisdiction_3-solicitor" 59 | } 60 | ] 61 | }, 62 | { 63 | "forename": "CCD Solicitor 4", 64 | "surname": "Jurisdiction3", 65 | "email": "befta.solicitor.4@gmail.com", 66 | "password": "***", 67 | "active": true, 68 | "roles": [ 69 | { 70 | "code": "caseworker" 71 | }, 72 | { 73 | "code": "caseworker-befta_jurisdiction_3" 74 | }, 75 | { 76 | "code": "caseworker-befta_jurisdiction_3-solicitor" 77 | } 78 | ] 79 | }, 80 | { 81 | "forename": "CCD PUI", 82 | "surname": "CAA 1", 83 | "email": "befta.pui.caa.1@gmail.com", 84 | "password": "***", 85 | "active": true, 86 | "roles": [ 87 | { 88 | "code": "pui-caa" 89 | } 90 | ] 91 | }, 92 | { 93 | "forename": "AutoTest12 CNP", 94 | "surname": "Private", 95 | "email": "auto.test12.cnp+private@gmail.com", 96 | "password": "***", 97 | "active": true, 98 | "roles": [ 99 | { 100 | "code": "caseworker" 101 | }, 102 | { 103 | "code": "caseworker-autotest1" 104 | }, 105 | { 106 | "code": "caseworker-autotest1-private" 107 | }, 108 | { 109 | "code": "caseworker-autotest2" 110 | }, 111 | { 112 | "code": "caseworker-autotest2-private" 113 | } 114 | ] 115 | }, 116 | { 117 | "forename": "Befta", 118 | "surname": "Caseworker", 119 | "email": "befta.caseworker.2@gmail.com", 120 | "password": "***", 121 | "active": true, 122 | "roles": [ 123 | { 124 | "code": "caseworker" 125 | }, 126 | { 127 | "code": "caseworker-befta_jurisdiction_2" 128 | } 129 | ] 130 | }, 131 | { 132 | "forename": "Autotest", 133 | "surname": "CNP Senior", 134 | "email": "auto.test.cnp+senior@gmail.com", 135 | "password": "***", 136 | "active": true, 137 | "roles": [ 138 | { 139 | "code": "caseworker" 140 | }, 141 | { 142 | "code": "caseworker-autotest1" 143 | }, 144 | { 145 | "code": "caseworker-autotest1-senior" 146 | } 147 | ] 148 | }, 149 | { 150 | "forename": "Caseworker", 151 | "surname": "CAA", 152 | "email": "befta.caseworker.caa@gmail.com", 153 | "password": "***", 154 | "active": true, 155 | "roles": [ 156 | { 157 | "code": "caseworker" 158 | }, 159 | { 160 | "code": "caseworker-caa" 161 | } 162 | ] 163 | } 164 | ] 165 | 166 | -------------------------------------------------------------------------------- /resources/original-ccd-test-automation-users.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "forename": "Caseworker 2", 4 | "surname": "Befta", 5 | "email": "befta.caseworker.2.solicitor.1@gmail.com", 6 | "password": "***", 7 | "active": true, 8 | "roles": [ 9 | { 10 | "code": "caseworker-befta_jurisdiction_2-solicitor_1" 11 | }, 12 | { 13 | "code": "caseworker-befta_jurisdiction_2" 14 | }, 15 | { 16 | "code": "caseworker" 17 | } 18 | ] 19 | } 20 | ] 21 | -------------------------------------------------------------------------------- /resources/role_assignments/get_role_assignments.json: -------------------------------------------------------------------------------- 1 | { 2 | "request": { 3 | "method": "GET", 4 | "urlPattern": "/am/role-assignments/actors/0359819a-aab6-477e-9d9c-24afdf4573b7" 5 | }, 6 | "response": { 7 | "status": 200, 8 | "headers": { 9 | "Content-Type": "application/json" 10 | }, 11 | "jsonBody": { 12 | "roleAssignmentResponse": [ 13 | { 14 | "id": "4d96923f-891a-4cb1-863e-9bec44d1689d", 15 | "actorIdType": "IDAM", 16 | "actorId": "{{userId}}", 17 | "roleType": "CASE", 18 | "roleName": "judge", 19 | "classification": "PUBLIC", 20 | "grantType": "STANDARD", 21 | "roleCategory": "JUDICIAL", 22 | "readOnly": false, 23 | "beginTime": "2021-01-01T00:00:00Z", 24 | "endTime": "2022-01-01T00:00:00Z", 25 | "created": "2020-12-23T06:37:58.096065Z", 26 | "attributes": { 27 | "contractType": "SALARIED", 28 | "jurisdiction": "divorce", 29 | "caseId": "1596104940595122", 30 | "region": "south-east" 31 | }, 32 | "authorisations": [] 33 | }, 34 | { 35 | "id": "e6fc5ebb-63e3-4613-9cfc-b3f9b1559571", 36 | "actorIdType": "IDAM", 37 | "actorId": "{{userId}}", 38 | "roleType": "CASE", 39 | "roleName": "judge", 40 | "classification": "PUBLIC", 41 | "grantType": "STANDARD", 42 | "roleCategory": "JUDICIAL", 43 | "readOnly": false, 44 | "beginTime": "2021-02-01T00:00:00Z", 45 | "endTime": "2022-01-01T00:00:00Z", 46 | "created": "2020-12-23T06:37:58.096065Z", 47 | "attributes": { 48 | "contractType": "SALARIED", 49 | "jurisdiction": "divorce", 50 | "caseId": "1596104840593121", 51 | "region": "south-east" 52 | }, 53 | "authorisations": [] 54 | }, 55 | { 56 | "id": "6d7d10af-b4a4-425b-a0cc-315bbb828361", 57 | "actorIdType": "IDAM", 58 | "actorId": "{{userId}}", 59 | "roleType": "ORGANISATION", 60 | "roleName": "judge", 61 | "classification": "PUBLIC", 62 | "grantType": "STANDARD", 63 | "roleCategory": "JUDICIAL", 64 | "readOnly": false, 65 | "beginTime": "2021-02-01T00:00:00Z", 66 | "endTime": "2022-01-01T00:00:00Z", 67 | "created": "2020-12-23T06:37:58.096065Z", 68 | "attributes": { 69 | "contractType": "SALARIED", 70 | "jurisdiction": "divorce", 71 | "caseId": "1596104840593121", 72 | "region": "south-east" 73 | }, 74 | "authorisations": [] 75 | }, 76 | { 77 | "id": "5d96923f-891a-4cb1-863e-9bec54d1689c", 78 | "actorIdType": "IDAM", 79 | "actorId": "{{userId}}", 80 | "roleType": "CASE", 81 | "roleName": "judge", 82 | "classification": "PUBLIC", 83 | "grantType": "STANDARD", 84 | "roleCategory": "JUDICIAL", 85 | "readOnly": false, 86 | "beginTime": "2019-01-01T00:00:00Z", 87 | "endTime": "2020-01-01T00:00:00Z", 88 | "created": "2020-12-23T06:37:58.096065Z", 89 | "attributes": { 90 | "contractType": "SALARIED", 91 | "jurisdiction": "divorce", 92 | "caseId": "1596109944711818", 93 | "region": "south-east" 94 | }, 95 | "authorisations": [] 96 | }, 97 | { 98 | "id": "6d96923f-991a-4cb1-863e-9bec44d1689a", 99 | "actorIdType": "IDAM", 100 | "actorId": "{{userId}}", 101 | "roleType": "CASE", 102 | "roleName": "judge", 103 | "classification": "PUBLIC", 104 | "grantType": "STANDARD", 105 | "roleCategory": "JUDICIAL", 106 | "readOnly": false, 107 | "beginTime": "2022-01-01T00:00:00Z", 108 | "endTime": "2023-01-01T00:00:00Z", 109 | "created": "2020-12-23T06:37:58.096065Z", 110 | "attributes": { 111 | "contractType": "SALARIED", 112 | "jurisdiction": "divorce", 113 | "caseId": "1596109944711818", 114 | "region": "south-east" 115 | }, 116 | "authorisations": [] 117 | } 118 | ] 119 | }, 120 | "transformers": [ 121 | "dynamic-role-assignments-response-transformer" 122 | ] 123 | } 124 | } 125 | -------------------------------------------------------------------------------- /resources/role_assignments/get_role_assignments_not_found.json: -------------------------------------------------------------------------------- 1 | { 2 | "request": { 3 | "method": "GET", 4 | "urlPattern": "/am/role-assignments/actors/4d11e562-c043-4237-8b04-d6e761003171" 5 | }, 6 | "response": { 7 | "status": 404, 8 | "headers": { 9 | "Content-Type": "application/json" 10 | } 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /resources/role_assignments/get_role_assignments_with_expired_results.json: -------------------------------------------------------------------------------- 1 | { 2 | "request": { 3 | "method": "GET", 4 | "urlPattern": "/am/role-assignments/actors/af3c8e11-bb5c-495f-8baf-4bf64c6ca047" 5 | }, 6 | "response": { 7 | "status": 200, 8 | "headers": { 9 | "Content-Type": "application/json" 10 | }, 11 | "jsonBody": { 12 | "roleAssignmentResponse": [ 13 | { 14 | "id": "4d96923f-891a-4cb1-863e-9bec44d1689d", 15 | "actorIdType": "IDAM", 16 | "actorId": "{{userId}}", 17 | "roleType": "CASE", 18 | "roleName": "judge", 19 | "classification": "PUBLIC", 20 | "grantType": "STANDARD", 21 | "roleCategory": "JUDICIAL", 22 | "readOnly": false, 23 | "beginTime": "2019-01-01T00:00:00Z", 24 | "endTime": "2020-01-01T00:00:00Z", 25 | "created": "2020-12-23T06:37:58.096065Z", 26 | "attributes": { 27 | "contractType": "SALARIED", 28 | "jurisdiction": "divorce", 29 | "caseId": "1596104940595122", 30 | "region": "south-east" 31 | }, 32 | "authorisations": [] 33 | }, 34 | { 35 | "id": "e6fc5ebb-63e3-4613-9cfc-b3f9b1559571", 36 | "actorIdType": "IDAM", 37 | "actorId": "{{userId}}", 38 | "roleType": "CASE", 39 | "roleName": "judge", 40 | "classification": "PUBLIC", 41 | "grantType": "STANDARD", 42 | "roleCategory": "JUDICIAL", 43 | "readOnly": false, 44 | "beginTime": "2019-02-01T00:00:00Z", 45 | "endTime": "2020-01-01T00:00:00Z", 46 | "created": "2020-12-23T06:37:58.096065Z", 47 | "attributes": { 48 | "contractType": "SALARIED", 49 | "jurisdiction": "divorce", 50 | "caseId": "1596104840593121", 51 | "region": "south-east" 52 | }, 53 | "authorisations": [] 54 | }, 55 | { 56 | "id": "6d7d10af-b4a4-425b-a0cc-315bbb828361", 57 | "actorIdType": "IDAM", 58 | "actorId": "{{userId}}", 59 | "roleType": "ORGANISATION", 60 | "roleName": "judge", 61 | "classification": "PUBLIC", 62 | "grantType": "STANDARD", 63 | "roleCategory": "JUDICIAL", 64 | "readOnly": false, 65 | "beginTime": "2021-02-01T00:00:00Z", 66 | "endTime": "2022-01-01T00:00:00Z", 67 | "created": "2020-12-23T06:37:58.096065Z", 68 | "attributes": { 69 | "contractType": "SALARIED", 70 | "jurisdiction": "divorce", 71 | "caseId": "1596104840593121", 72 | "region": "south-east" 73 | }, 74 | "authorisations": [] 75 | }, 76 | { 77 | "id": "5d96923f-891a-4cb1-863e-9bec54d1689c", 78 | "actorIdType": "IDAM", 79 | "actorId": "{{userId}}", 80 | "roleType": "CASE", 81 | "roleName": "judge", 82 | "classification": "PUBLIC", 83 | "grantType": "STANDARD", 84 | "roleCategory": "JUDICIAL", 85 | "readOnly": false, 86 | "beginTime": "2019-01-01T00:00:00Z", 87 | "endTime": "2020-01-01T00:00:00Z", 88 | "created": "2020-12-23T06:37:58.096065Z", 89 | "attributes": { 90 | "contractType": "SALARIED", 91 | "jurisdiction": "divorce", 92 | "caseId": "1596109944711818", 93 | "region": "south-east" 94 | }, 95 | "authorisations": [] 96 | }, 97 | { 98 | "id": "6d96923f-991a-4cb1-863e-9bec44d1689a", 99 | "actorIdType": "IDAM", 100 | "actorId": "{{userId}}", 101 | "roleType": "CASE", 102 | "roleName": "judge", 103 | "classification": "PUBLIC", 104 | "grantType": "STANDARD", 105 | "roleCategory": "JUDICIAL", 106 | "readOnly": false, 107 | "beginTime": "2022-01-01T00:00:00Z", 108 | "endTime": "2023-01-01T00:00:00Z", 109 | "created": "2020-12-23T06:37:58.096065Z", 110 | "attributes": { 111 | "contractType": "SALARIED", 112 | "jurisdiction": "divorce", 113 | "caseId": "1596109944711818", 114 | "region": "south-east" 115 | }, 116 | "authorisations": [] 117 | } 118 | ] 119 | }, 120 | "transformers": [ 121 | "dynamic-role-assignments-response-transformer" 122 | ] 123 | } 124 | } 125 | -------------------------------------------------------------------------------- /resources/role_assignments/post_role_assignments_2_record.json: -------------------------------------------------------------------------------- 1 | { 2 | "request": { 3 | "method": "POST", 4 | "urlPattern": "/am/role-assignments/query", 5 | "bodyPatterns": [ 6 | { 7 | "contains":"\"actorId\":[\"0359819a-aab6-477e-9d9c-24afdf4573b7\"]", 8 | "contains":"\"roleType\":[\"CASE\"]", 9 | "contains":"\"attributes\":[{\"caseId\":[\"1619532860727729\",\"1575978305974222\"]}]" 10 | } 11 | ] 12 | }, 13 | "response": { 14 | "status": 200, 15 | "headers": { 16 | "Content-Type": "application/json" 17 | }, 18 | "jsonBody": { 19 | "roleAssignmentResponse" : [ 20 | { 21 | "id": "4d96923f-891a-4cb1-863e-9bec44d1689d", 22 | "actorIdType": "IDAM", 23 | "actorId": "0359819a-aab6-477e-9d9c-24afdf4573b7", 24 | "roleType": "CASE", 25 | "roleName": "[Defendant]", 26 | "classification": "PUBLIC", 27 | "grantType": "STANDARD", 28 | "roleCategory": "JUDICIAL", 29 | "readOnly": false, 30 | "beginTime": "2021-01-01T00:00:00Z", 31 | "endTime": "2022-01-01T00:00:00Z", 32 | "created": "2020-12-23T06:37:58.096065Z", 33 | "attributes": { 34 | "contractType": "SALARIED", 35 | "jurisdiction": "divorce", 36 | "caseId": "1619532860727729", 37 | "region": "south-east" 38 | }, 39 | "authorisations": [] 40 | }, 41 | { 42 | "id": "e6fc5ebb-63e3-4613-9cfc-b3f9b1559571", 43 | "actorIdType": "IDAM", 44 | "actorId": "0359819a-aab6-477e-9d9c-24afdf4573b7", 45 | "roleType": "CASE", 46 | "roleName": "[Claimant]", 47 | "classification": "PUBLIC", 48 | "grantType": "STANDARD", 49 | "roleCategory": "JUDICIAL", 50 | "readOnly": false, 51 | "beginTime": "2021-02-01T00:00:00Z", 52 | "endTime": "2022-01-01T00:00:00Z", 53 | "created": "2020-12-23T06:37:58.096065Z", 54 | "attributes": { 55 | "contractType": "SALARIED", 56 | "jurisdiction": "divorce", 57 | "caseId": "1575978305974222", 58 | "region": "south-east" 59 | }, 60 | "authorisations": [] 61 | }, 62 | { 63 | "id": "6d7d10af-b4a4-425b-a0cc-315bbb828361", 64 | "actorIdType": "IDAM", 65 | "actorId": "{{userId}}", 66 | "roleType": "ORGANISATION", 67 | "roleName": "judge", 68 | "classification": "PUBLIC", 69 | "grantType": "STANDARD", 70 | "roleCategory": "JUDICIAL", 71 | "readOnly": false, 72 | "beginTime": "2021-02-01T00:00:00Z", 73 | "endTime": "2022-01-01T00:00:00Z", 74 | "created": "2020-12-23T06:37:58.096065Z", 75 | "attributes": { 76 | "contractType": "SALARIED", 77 | "jurisdiction": "divorce", 78 | "caseId": "1596134840593121", 79 | "region": "south-east" 80 | }, 81 | "authorisations": [] 82 | }, 83 | { 84 | "id": "5d96923f-891a-4cb1-863e-9bec54d1689c", 85 | "actorIdType": "IDAM", 86 | "actorId": "{{userId}}", 87 | "roleType": "CASE", 88 | "roleName": "judge", 89 | "classification": "PUBLIC", 90 | "grantType": "STANDARD", 91 | "roleCategory": "JUDICIAL", 92 | "readOnly": false, 93 | "beginTime": "2019-01-01T00:00:00Z", 94 | "endTime": "2020-01-01T00:00:00Z", 95 | "created": "2020-12-23T06:37:58.096065Z", 96 | "attributes": { 97 | "contractType": "SALARIED", 98 | "jurisdiction": "divorce", 99 | "caseId": "1596109944711818", 100 | "region": "south-east" 101 | }, 102 | "authorisations": [] 103 | }, 104 | { 105 | "id": "6d96923f-991a-4cb1-863e-9bec44d1689a", 106 | "actorIdType": "IDAM", 107 | "actorId": "{{userId}}", 108 | "roleType": "CASE", 109 | "roleName": "judge", 110 | "classification": "PUBLIC", 111 | "grantType": "STANDARD", 112 | "roleCategory": "JUDICIAL", 113 | "readOnly": false, 114 | "beginTime": "2022-01-01T00:00:00Z", 115 | "endTime": "2023-01-01T00:00:00Z", 116 | "created": "2020-12-23T06:37:58.096065Z", 117 | "attributes": { 118 | "contractType": "SALARIED", 119 | "jurisdiction": "divorce", 120 | "caseId": "1596109944711818", 121 | "region": "south-east" 122 | }, 123 | "authorisations": [] 124 | } 125 | ] 126 | } 127 | } 128 | } 129 | -------------------------------------------------------------------------------- /resources/role_assignments/post_role_assignments_one_record.json: -------------------------------------------------------------------------------- 1 | { 2 | "request": { 3 | "method": "POST", 4 | "urlPattern": "/am/role-assignments/query", 5 | "bodyPatterns": [ 6 | { 7 | "contains":"\"actorId\":[\"0359819a-aab6-477e-9d9c-24afdf4573b7\"]", 8 | "contains":"\"roleType\":[\"CASE\"]", 9 | "contains":"\"attributes\":[{\"caseId\":[\"1619532860727729\"]}]" 10 | } 11 | ] 12 | }, 13 | "response": { 14 | "status": 200, 15 | "headers": { 16 | "Content-Type": "application/json" 17 | }, 18 | "jsonBody": { 19 | "roleAssignmentResponse" : [ 20 | { 21 | "id": "4d96923f-891a-4cb1-863e-9bec44d1689d", 22 | "actorIdType": "IDAM", 23 | "actorId": "0359819a-aab6-477e-9d9c-24afdf4573b7", 24 | "roleType": "CASE", 25 | "roleName": "[Defendant]", 26 | "classification": "PUBLIC", 27 | "grantType": "STANDARD", 28 | "roleCategory": "JUDICIAL", 29 | "readOnly": false, 30 | "beginTime": "2021-01-01T00:00:00Z", 31 | "endTime": "2022-01-01T00:00:00Z", 32 | "created": "2020-12-23T06:37:58.096065Z", 33 | "attributes": { 34 | "contractType": "SALARIED", 35 | "jurisdiction": "divorce", 36 | "caseId": "1619532860727729", 37 | "region": "south-east" 38 | }, 39 | "authorisations": [] 40 | }, 41 | { 42 | "id": "e6fc5ebb-63e3-4613-9cfc-b3f9b1559571", 43 | "actorIdType": "IDAM", 44 | "actorId": "0359819a-aab6-477e-9d9c-24afdf4573b7", 45 | "roleType": "CASE", 46 | "roleName": "[Claimant]", 47 | "classification": "PUBLIC", 48 | "grantType": "STANDARD", 49 | "roleCategory": "JUDICIAL", 50 | "readOnly": false, 51 | "beginTime": "2020-02-01T00:00:00Z", 52 | "endTime": "2021-01-01T00:00:00Z", 53 | "created": "2020-12-23T06:37:58.096065Z", 54 | "attributes": { 55 | "contractType": "SALARIED", 56 | "jurisdiction": "divorce", 57 | "caseId": "1596104840593121", 58 | "region": "south-east" 59 | }, 60 | "authorisations": [] 61 | }, 62 | { 63 | "id": "6d7d10af-b4a4-425b-a0cc-315bbb828361", 64 | "actorIdType": "IDAM", 65 | "actorId": "{{userId}}", 66 | "roleType": "ORGANISATION", 67 | "roleName": "judge", 68 | "classification": "PUBLIC", 69 | "grantType": "STANDARD", 70 | "roleCategory": "JUDICIAL", 71 | "readOnly": false, 72 | "beginTime": "2021-02-01T00:00:00Z", 73 | "endTime": "2022-01-01T00:00:00Z", 74 | "created": "2020-12-23T06:37:58.096065Z", 75 | "attributes": { 76 | "contractType": "SALARIED", 77 | "jurisdiction": "divorce", 78 | "caseId": "1596134840593121", 79 | "region": "south-east" 80 | }, 81 | "authorisations": [] 82 | }, 83 | { 84 | "id": "5d96923f-891a-4cb1-863e-9bec54d1689c", 85 | "actorIdType": "IDAM", 86 | "actorId": "{{userId}}", 87 | "roleType": "CASE", 88 | "roleName": "judge", 89 | "classification": "PUBLIC", 90 | "grantType": "STANDARD", 91 | "roleCategory": "JUDICIAL", 92 | "readOnly": false, 93 | "beginTime": "2019-01-01T00:00:00Z", 94 | "endTime": "2020-01-01T00:00:00Z", 95 | "created": "2020-12-23T06:37:58.096065Z", 96 | "attributes": { 97 | "contractType": "SALARIED", 98 | "jurisdiction": "divorce", 99 | "caseId": "1596109944711818", 100 | "region": "south-east" 101 | }, 102 | "authorisations": [] 103 | }, 104 | { 105 | "id": "6d96923f-991a-4cb1-863e-9bec44d1689a", 106 | "actorIdType": "IDAM", 107 | "actorId": "{{userId}}", 108 | "roleType": "CASE", 109 | "roleName": "judge", 110 | "classification": "PUBLIC", 111 | "grantType": "STANDARD", 112 | "roleCategory": "JUDICIAL", 113 | "readOnly": false, 114 | "beginTime": "2022-01-01T00:00:00Z", 115 | "endTime": "2023-01-01T00:00:00Z", 116 | "created": "2020-12-23T06:37:58.096065Z", 117 | "attributes": { 118 | "contractType": "SALARIED", 119 | "jurisdiction": "divorce", 120 | "caseId": "1596109944711818", 121 | "region": "south-east" 122 | }, 123 | "authorisations": [] 124 | } 125 | ] 126 | } 127 | } 128 | } 129 | -------------------------------------------------------------------------------- /resources/role_assignments/post_role_assignments_query_expired.json: -------------------------------------------------------------------------------- 1 | { 2 | "request": { 3 | "method": "POST", 4 | "urlPattern": "/am/role-assignments/query", 5 | "bodyPatterns": [ 6 | { 7 | "contains":"\"actorId\":[\"af3c8e11-bb5c-495f-8baf-4bf64c6ca047\n\"]", 8 | "contains":"\"roleType\":[\"CASE\"]", 9 | "contains":"\"attributes\":[{\"caseId\":[\"1575981506437320\"]}]" 10 | } 11 | ] 12 | }, 13 | "response": { 14 | "status": 200, 15 | "headers": { 16 | "Content-Type": "application/json" 17 | }, 18 | "jsonBody": { 19 | "roleAssignmentResponse" : [ 20 | { 21 | "id": "6d7d10af-b4a4-425b-a0cc-315bbb828361", 22 | "actorIdType": "IDAM", 23 | "actorId": "{{userId}}", 24 | "roleType": "ORGANISATION", 25 | "roleName": "judge", 26 | "classification": "PUBLIC", 27 | "grantType": "STANDARD", 28 | "roleCategory": "JUDICIAL", 29 | "readOnly": false, 30 | "beginTime": "2021-02-01T00:00:00Z", 31 | "endTime": "2022-01-01T00:00:00Z", 32 | "created": "2020-12-23T06:37:58.096065Z", 33 | "attributes": { 34 | "contractType": "SALARIED", 35 | "jurisdiction": "divorce", 36 | "caseId": "1596134840593121", 37 | "region": "south-east" 38 | }, 39 | "authorisations": [] 40 | }, 41 | { 42 | "id": "5d96923f-891a-4cb1-863e-9bec54d1689c", 43 | "actorIdType": "IDAM", 44 | "actorId": "{{userId}}", 45 | "roleType": "CASE", 46 | "roleName": "judge", 47 | "classification": "PUBLIC", 48 | "grantType": "STANDARD", 49 | "roleCategory": "JUDICIAL", 50 | "readOnly": false, 51 | "beginTime": "2019-01-01T00:00:00Z", 52 | "endTime": "2020-01-01T00:00:00Z", 53 | "created": "2020-12-23T06:37:58.096065Z", 54 | "attributes": { 55 | "contractType": "SALARIED", 56 | "jurisdiction": "divorce", 57 | "caseId": "1596109944711818", 58 | "region": "south-east" 59 | }, 60 | "authorisations": [] 61 | }, 62 | { 63 | "id": "6d96923f-991a-4cb1-863e-9bec44d1689a", 64 | "actorIdType": "IDAM", 65 | "actorId": "{{userId}}", 66 | "roleType": "CASE", 67 | "roleName": "judge", 68 | "classification": "PUBLIC", 69 | "grantType": "STANDARD", 70 | "roleCategory": "JUDICIAL", 71 | "readOnly": false, 72 | "beginTime": "2022-01-01T00:00:00Z", 73 | "endTime": "2023-01-01T00:00:00Z", 74 | "created": "2020-12-23T06:37:58.096065Z", 75 | "attributes": { 76 | "contractType": "SALARIED", 77 | "jurisdiction": "divorce", 78 | "caseId": "1596109944711818", 79 | "region": "south-east" 80 | }, 81 | "authorisations": [] 82 | } 83 | ] 84 | } 85 | } 86 | } 87 | -------------------------------------------------------------------------------- /resources/role_assignments/post_role_assignments_query_notFound_3.json: -------------------------------------------------------------------------------- 1 | { 2 | "request": { 3 | "method": "POST", 4 | "urlPattern": "/am/role-assignments/query", 5 | "bodyPatterns": [ 6 | { 7 | "contains":"\"actorId\":[\"0359819a-aab6-477e-9d9c-24afdf4573b7\"]", 8 | "contains":"\"roleType\":[\"CASE\"]", 9 | "contains":"\"attributes\":[{\"caseId\":[\"1575633034594367\"]}]" 10 | } 11 | ] 12 | }, 13 | "response": { 14 | "status": 404, 15 | "headers": { 16 | "Content-Type": "application/json" 17 | } 18 | } 19 | } 20 | --------------------------------------------------------------------------------