├── .env
├── .gitattributes
├── .github
├── CONTRIBUTING.md
├── ISSUE_TEMPLATE.md
├── PULL_REQUEST_TEMPLATE.md
└── stale.yml
├── .gitignore
├── .project
├── LICENSE.md
├── PostgresV11.md
├── README.md
├── bin
├── add-ccd-roles.sh
├── add-idam-clients.sh
├── add-idam-roles.sh
├── add-role-assignments.sh
├── add-users.sh
├── am-role-assignments.json
├── ccd-add-role.sh
├── ccd-import-definition.sh
├── ccd-roles.json
├── document-management-store-create-blob-store-container.sh
├── document-management-store-get.sh
├── document-management-store-migrate.sh
├── env_variables_all.txt
├── idam-delete-user.sh
├── set-environment-variables.sh
├── users.json
└── utils
│ ├── am-add-role-assignment.sh
│ ├── idam-add-role.sh
│ ├── idam-authenticate.sh
│ ├── idam-create-caseworker.sh
│ ├── idam-create-service.sh
│ ├── idam-get-user.sh
│ ├── idam-remove-caseworker.sh
│ ├── idam-user-token.sh
│ └── lease-service-token.sh
├── bulk-user-setup
├── README.md
├── bulk-user-setup.config
├── bulk-user-setup.sh
├── bulk_processing
│ ├── .DS_Store
│ └── Templates
│ │ └── .DS_Store
├── caseworker-roles-local-testing.txt
├── caseworker-roles-master.txt
└── test
│ ├── inputs
│ ├── ADD-WITH-ID-SSOID.csv
│ ├── ADD-WITH-ID.csv
│ ├── ADD.csv
│ ├── CFTS-4217.csv
│ ├── COMMON.csv
│ ├── DELETE.csv
│ ├── DEMO-ENV-TEST-NOSSOID.csv
│ ├── DEMO-ENV-TEST-SSOID.csv
│ ├── DEMO-ENV-TEST-UPDATEEMAIL-SSOID.csv
│ ├── FIND.csv
│ ├── SKIP.csv
│ └── UPDATENAME.csv
│ └── utils
│ ├── add-idam-clients.sh
│ ├── add-idam-roles.sh
│ ├── add-users.sh
│ ├── idam-create-service.sh
│ ├── idam-create-users.sh
│ ├── idam-create-users.sh.bk
│ ├── roles.json
│ └── users.json
├── ccd
├── compose
├── backend.yml
├── case-disposer.yml
├── case-document-am.yml
├── ccd-next-hearing-date-updater.yml
├── def-designer.yml
├── defaults.conf
├── dm-store.yml
├── elasticsearch.yml
├── frontend.yml
├── hearings.yml
├── logstash.yml
├── message-publisher.yml
├── operational.yml
├── others.yml
├── sidam-local-ccd.yml
├── sidam-local.yml
├── sidam.yml
├── ts-translation-service.yml
└── xui-frontend.yml
├── database
├── Dockerfile
└── init-db.sh
├── logstash
├── config
│ ├── logstash.yml
│ └── pipelines.yml
├── lib
│ └── postgresql-42.2.18.jar
└── pipeline
│ ├── 01_input.conf
│ ├── 02_filter.conf
│ ├── 03_output.conf
│ └── dead_letter_indexing_pipeline.conf
└── resources
├── idam_stub_get_details_custom.json
├── improved-ccd-test-automation-users.json
├── original-ccd-test-automation-users.json
└── role_assignments
├── get_role_assignments.json
├── get_role_assignments_not_found.json
├── get_role_assignments_with_expired_results.json
├── post_role_assignments_2_record.json
├── post_role_assignments_one_record.json
├── post_role_assignments_query_expired.json
└── post_role_assignments_query_notFound_3.json
/.env:
--------------------------------------------------------------------------------
1 | # Database
2 | DB_USERNAME=ccd
3 | DB_PASSWORD=ccd
4 | DB_USE_SSL=false
5 | DB_HOST_COMMON=ccd-shared-database
6 | DB_PORT_COMMON=5432
7 | AM_DB=am
8 | AM_DB_USERNAME=amuser
9 | AM_DB_PASSWORD=ampass
10 |
11 | # IDAM Keys
12 | IDAM_KEY_CCD_DEFINITION_STORE=AAAAAAAAAAAAAAAA
13 | IDAM_KEY_CCD_DEFINITION_DESIGNER=AAAAAAAAAAAAAAAE
14 | IDAM_KEY_CCD_DATA_STORE=AAAAAAAAAAAAAAAB
15 | IDAM_KEY_CCD_GATEWAY=AAAAAAAAAAAAAAAC
16 | IDAM_KEY_CCD_ADMIN=AAAAAAAAAAAAAAAD
17 | IDAM_KEY_DM_STORE=AAAAAAAAAAAAAAAA
18 | IDAM_KEY_CCD_PS=AAAAAAAAAAAAAAAA
19 | IDAM_KEY_FPL_CASE_SERVICE=AABBCCDDEEFFGGHH
20 | IDAM_KEY_CASE_DOCUMENT=AABBCCDDEEFFGGHH
21 | IDAM_KEY_BULK_SCAN_PROCESSOR=AAAAAAAAAAAAAAAA
22 | IDAM_KEY_BULK_SCAN_ORCHESTRATOR=AAAAAAAAAAAAAAAA
23 | IDAM_KEY_XUI_WEBAPP=AAAAAAAAAAAAAAAA
24 | IDAM_KEY_AM_ROLE_ASSIGNMENT=AAAAAAAAAAAAAAAA
25 | IDAM_KEY_TS_TRANSLATION_SERVICE=AAAAAAAAAAAAAAAA
26 |
27 | IDAM_KEY_CFT_HEARING_SERVICE=AAAAAAAAAAAAAAAA
28 | IDAM_KEY_API_HMI_INBOUND_ADAPTER=AAAAAAAAAAAAAAAA
29 |
30 | # IDAM OAuth2 secrets
31 | OAUTH2_CLIENT_CCD_GATEWAY=OOOOOOOOOOOOOOOO
32 | OAUTH2_CLIENT_CCD_ADMIN=IIIIIIIIIIIIIIII
33 |
34 | # Microsoft Insights Key
35 | APPINSIGHTS_INSTRUMENTATIONKEY=SomeRandomStringForLocalDocker
36 |
37 | WIREMOCK_SERVER_MAPPINGS_PATH=wiremock
38 |
39 | ES_ENABLED_DOCKER=false
40 |
41 | #uncomment to enable Idam Stub
42 | #IDAM_STUB_SERVICE_NAME=http://ccd-test-stubs-service:5555
43 | #IDAM_STUB_LOCALHOST=http://localhost:5555
44 |
45 | #XUI WEBAPP Oauth2 secrets
46 | BEFTA_S2S_CLIENT_SECRET_OF_XUI_WEBAPP=OOOOOOOOOOOOOOOO
47 |
48 | #ACA Oauth2 secrets
49 | BEFTA_S2S_CLIENT_SECRET_OF_AAC_MANAGE_CASE_ASSIGNMENT=AAAAAAAAAAAAAAAA
50 |
51 | CCD_LOGSTASH_REPOSITORY_URL=hmctspublic.azurecr.io
52 | CCD_LOGSTASH_SERVICES=all
53 |
54 | #ROLE_ASSIGNMENTS
55 | #ENABLE_ATTRIBUTE_BASED_ACCESS_CONTROL=true
56 | #ENABLE_PSEUDO_ROLE_ASSIGNMENTS_GENERATION=true
57 | #ENABLE_PSEUDO_ACCESS_PROFILES_GENERATION=true
58 | #ROLE_ASSIGNMENT_URL=http://ccd-test-stubs-service:5555
59 |
60 |
61 | #ccd-next-hearing-date-updater
62 | CCD_NEXT_HEARING_DATE_PASSWORD=Pa55word11
63 | IDAM_KEY_NEXT_HEARING_UPDATER=AAAAAAAAAAAAAAAA
64 |
--------------------------------------------------------------------------------
/.gitattributes:
--------------------------------------------------------------------------------
1 | # Set the default behavior, in case people don't have core.autocrlf set.
2 | * text=auto
3 |
4 | # Declare files that will always have CRLF line endings on checkout.
5 | ccd text eol=lf
6 | *.sh text eol=lf
7 | *.conf text eol=lf
8 |
--------------------------------------------------------------------------------
/.github/CONTRIBUTING.md:
--------------------------------------------------------------------------------
1 | # Contribution guidelines
2 |
3 | We're happy to accept 3rd-party contributions. Please make sure you read this document before you do any work though,
4 | as we have some expectations related to the content and quality of change sets.
5 |
6 | ## What you should know about this application
7 |
8 | This project is part of a flexible case management system for HMCTS' services.
9 |
10 | ## Before contributing
11 |
12 | Any ideas on the user journeys and general service experience you may have **should be first consulted
13 | with us by submitting a new issue** to this repository. Ideas are always welcome, but if something is divergent or unrelated
14 | to what we're trying to achieve we won't be able to accept it. Please keep this in mind as we don't want to waste anybody's time.
15 |
16 | In the interest of creating a friendly collaboration environment, please read and adhere to an open source contributor's
17 | [code of conduct](http://contributor-covenant.org/version/1/4/).
18 |
19 | ## Making a contribution
20 |
21 | After your idea has been accepted you can implement it. We don't allow direct changes to the codebase from the public,
22 | they have to go through a review first.
23 |
24 | Here's what you should do:
25 | 1. [fork](https://help.github.com/articles/fork-a-repo/) this repository and clone it to your machine,
26 | 2. create a new branch for your change:
27 | * use the latest *master* to branch from,
28 | 3. implement the change in your branch:
29 | * if the change is non-trivial it's a good practice to split it into several logically independent units and deliver
30 | each one as a separate commit,
31 | * make sure the commit messages use proper language and accurately describe commit's content, e.g. *"Unify postcode lookup elements spacing"*.
32 | More information on good commit messages can be found [here](http://chris.beams.io/posts/git-commit/),
33 | 4. test if your feature works as expected and does not break any existing features, this may include implementing additional automated tests or amending existing ones,
34 | 5. push the change to your GitHub fork,
35 | 6. submit a [pull request](https://help.github.com/articles/creating-a-pull-request-from-a-fork/) to our repository:
36 | * ensure that the pull request and related GitHub issue reference each other.
37 |
38 | At this point the pull request will wait for someone from our team to review. It may be accepted straight away,
39 | or we may ask you to make some additional amendments before incorporating it into the main branch.
40 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE.md:
--------------------------------------------------------------------------------
1 | ### What would you like to change?
2 |
3 | ### How do you think that would improve the project?
4 |
5 | ### If this entry is related to a bug, please provide the steps to reproduce it
6 |
--------------------------------------------------------------------------------
/.github/PULL_REQUEST_TEMPLATE.md:
--------------------------------------------------------------------------------
1 | **Before creating a pull request make sure that:**
2 |
3 | - [ ] commit messages are meaningful and follow good commit message guidelines
4 | - [ ] README and other documentation has been updated / added (if needed)
5 | - [ ] tests have been updated / new tests has been added (if needed)
6 |
7 | Please remove this line and everything above and fill the following sections:
8 |
9 |
10 | ### JIRA link (if applicable) ###
11 |
12 |
13 |
14 | ### Change description ###
15 |
16 |
17 |
18 | **Does this PR introduce a breaking change?** (check one with "x")
19 |
20 | ```
21 | [ ] Yes
22 | [ ] No
23 | ```
24 |
--------------------------------------------------------------------------------
/.github/stale.yml:
--------------------------------------------------------------------------------
1 | # Number of days of inactivity before an issue becomes stale
2 | daysUntilStale: 21
3 |
4 | # Number of days of inactivity before a stale issue is closed
5 | daysUntilClose: 14
6 |
7 | # Issues with these labels will never be considered stale
8 | exemptLabels:
9 | - pinned
10 | - security
11 | - dependencies
12 |
13 | # Label to use when marking an issue as stale
14 | staleLabel: stale
15 |
16 | # Comment to post when marking an issue as stale. Set to `false` to disable
17 | markComment: >
18 | This issue has been automatically marked as stale because it has not had
19 | recent activity. It will be closed if no further activity occurs. Thank you
20 | for your contributions.
21 |
22 | # Comment to post when closing a stale issue. Set to `false` to disable
23 | closeComment: >
24 | This issue is being closed automatically as it was stale
25 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | # Dynamic image tags
2 | .tags.env
3 |
4 | .workspace
5 |
6 | # IntelliJ IDEA files
7 | .idea/
8 | *.iml
9 | /.project
10 |
--------------------------------------------------------------------------------
/.project:
--------------------------------------------------------------------------------
1 |
2 |
3 | ccd-docker
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/LICENSE.md:
--------------------------------------------------------------------------------
1 | The MIT License (MIT)
2 |
3 | Copyright (c) 2017 HMCTS (HM Courts & Tribunals Service)
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
6 |
7 | The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
8 |
9 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
10 |
--------------------------------------------------------------------------------
/PostgresV11.md:
--------------------------------------------------------------------------------
1 | # Steps to migrate existing v9.6 PostgreSQL database to v11
2 |
3 | ## 1 Backup old database. Migrate data to the new database. (Optional Step)
4 |
5 | **The following steps describe the process of backing up the old DB in to the new DB.
6 | These steps can be ignored in the case of building a new environment from scratch**
7 |
8 | * Get your old DB container id, for instance: a210d7e11a5b
9 | ```
10 | docker ps | grep compose_ccd-shared-database_1
11 | ```
12 | * Backup all DBs to a dumpfile file. Verify the dumpfile is stored in your current directory
13 | ```
14 | docker exec -it a210d7e11a5b /usr/bin/pg_dumpall -U postgres > dumpfile
15 | ```
16 |
17 |
18 | ## 2 Pull latest ccd-docker (MANDATORY)
19 | **Note:** If you want to keep your current database data, please go the step above, [Backup old database](#1--backup-old-database-migrate-data-to-the-new-database--optional-step-)
20 | * Make sure images/volumes of microservices are deleted with the following.
21 | **This has to be in place to be able to _migrate_ from postgres V9 to v11.**
22 | ```
23 | ./ccd compose down
24 | ```
25 | * Make sure all microservices are running the same branch, for instance: 'master'.
26 | ```
27 | ./ccd status
28 | ```
29 | * Please ensure you've exported/updated the required environment variables using the script, [set-environment-variables.sh](bin/set-environment-variables.sh)
30 | * Start ccd-docker and make sure ccd-shared-database is up and running.
31 | ```
32 | ./ccd compose up -d
33 | ```
34 |
35 | **Note:** Skip Step 3 and go to [Step 4](#4-settings-for-ccd-docker--mandatory-) if you did not make a backup of your DB data
36 |
37 |
38 | ## 3 Restore database from backup
39 | * Get the container id of the new v11 DB for instance: **36a8eb5cccba**
40 | ```
41 | docker ps | grep compose_ccd-shared-database_1-V11
42 | ````
43 | * Copy the dumpfile from your directory to the v11 DB container
44 | ```
45 | docker cp dumpfile 36a8eb5cccba:/home
46 | ```
47 | * Open a shell into your v11 DB container
48 | ```
49 | docker exec -it 36a8eb5cccba bash
50 | ```
51 | * Change the permission of the dumpfile file
52 | ```
53 | chmod 777 /home/dumpfile
54 | ```
55 | * Import the dumpfile and wait .....
56 | ```$xslt
57 | su - postgres
58 | cd /home/
59 | psql < dumpfile
60 |
61 | ```
62 | * Check the v11 DB data
63 | ```$xslt
64 | psql
65 | SELECT datname FROM pg_database;
66 | \dt
67 | select * from event;
68 |
69 | ```
70 |
71 |
72 | ## 4 Settings for ccd-docker (MANDATORY)
73 |
74 | **The following steps should be done to define the microservices dependency to the new V11 DB container**
75 |
76 | Stop and restart the old DB container.
77 | * Get the DB container id, for instance: 36a8eb5cccba.
78 | ```
79 | docker ps | grep compose_ccd-shared-database
80 | ```
81 |
82 | * Stop the container.
83 | ```
84 | docker stop 36a8eb5cccba
85 | ```
86 | * Restart using.
87 | ```
88 | ./ccd compose up -d
89 | ```
90 |
91 | * In case you did not use the back-up from your old DB, you have to set up CCD users again, following the main guideline steps shown below:
92 | * CCD Quick Start
93 | ```
94 | ./bin/add-idam-clients.sh
95 | ./bin/add-idam-roles.sh
96 | ./bin/add-users.sh
97 | ./bin/add-ccd-roles.sh
98 | ./bin/add-role-assignments.sh
99 | ```
100 |
101 |
102 |
103 |
--------------------------------------------------------------------------------
/bin/add-ccd-roles.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | set -eu
4 | dir=$(dirname ${0})
5 | jq -c '(.[])' ${dir}/ccd-roles.json | while read args; do
6 | role=$(jq -r '.role' <<< $args)
7 | class=$(jq -r '.security_classification' <<< $args)
8 | echo Creating/updating CCD role $role with classification $class
9 | ${dir}/ccd-add-role.sh $role $class
10 | echo
11 | done
12 |
--------------------------------------------------------------------------------
/bin/add-idam-clients.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | set -eu
4 |
5 | dir=$(dirname ${0})
6 |
7 | ${dir}/utils/idam-create-service.sh "ccd_gateway" "ccd_gateway" "ccd_gateway_secret" "http://localhost:3451/oauth2redirect" "false" "profile openid roles"
8 |
9 | ${dir}/utils/idam-create-service.sh "xuiwebapp" "xuiwebapp" "OOOOOOOOOOOOOOOO" "http://localhost:3455/oauth2/callback" "false" "profile openid roles manage-user create-user search-user"
10 |
11 | ${dir}/utils/idam-create-service.sh "ccd_admin" "ccd_admin" "ccd_admin_secret" "https://localhost:3100/oauth2redirect" "false" "profile openid roles"
12 |
13 | ${dir}/utils/idam-create-service.sh "am_role_assignment" "am_role_assignment" "am_role_assignment_secret" "http://localhost:4096/oauth2redirect" "false" "profile openid roles search-user"
14 |
15 | ${dir}/utils/idam-create-service.sh "ccd_data_store_api" "ccd_data_store_api" "idam_data_store_client_secret" "http://ccd-data-store-api/oauth2redirect" "false" "profile openid roles manage-user"
16 |
17 | ${dir}/utils/idam-create-service.sh "ccd_case_disposer" "ccd_case_disposer" "idam_ccd_case_disposer_secret" "http://ccd-case-disposer/oauth2redirect" "false" "profile openid roles"
18 |
19 | ${dir}/utils/idam-create-service.sh "ccd_next_hearing_date_updater" "ccd_next_hearing_date_updater" "AAAAAAAAAAAAAAAA" "http://ccd-next-hearing-date-updater/oauth2redirect" "false" "profile openid roles"
20 |
21 | ${dir}/utils/idam-create-service.sh "hmc_hmi_inbound_adapter" "hmc_hmi_inbound_adapter" "hmc_hmi_inbound_adapter_secret" "https://hmi-inbound-adapter/oauth2redirect" "false" "profile openid roles manage-user"
--------------------------------------------------------------------------------
/bin/add-idam-roles.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | set -eu
4 | dir=$(dirname ${0})
5 | jq -r '[(.[] | .roles | split(",")) | .[] ] | unique[]' ${dir}/users.json | while read args; do
6 | ${dir}/utils/idam-add-role.sh "$args"
7 | done
8 |
--------------------------------------------------------------------------------
/bin/add-role-assignments.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | set -eu
4 |
5 | dir=$(dirname ${0})
6 |
7 | jq -c '(.[])' ${dir}/am-role-assignments.json | while read user; do
8 | email=$(jq -r '.email' <<< $user)
9 | idamUser=$(${dir}/utils/idam-get-user.sh $email)
10 | idamId=$(jq -r '.id' <<< $idamUser)
11 |
12 | override=$(jq -r '.overrideAll' <<< $user)
13 | if [ $override == 'true' ]; then
14 | echo "Removing all existing role assignments for user ${email}"
15 | psql -h localhost -p ${DB_EXTERNAL_PORT} -d role_assignment -U ccd -c "DELETE FROM role_assignment WHERE actor_id = '${idamId}'" -q
16 | fi
17 |
18 | jq -c '(.roleAssignments[])' <<< $user | while read assignment; do
19 | roleType=$(jq -r '.roleType' <<< $assignment)
20 | roleName=$(jq -r '.roleName' <<< $assignment)
21 | grantType=$(jq -r '.grantType' <<< $assignment)
22 | roleCategory=$(jq -r '.roleCategory' <<< $assignment)
23 | classification=$(jq -r '.classification' <<< $assignment)
24 | readOnly=$(jq -r '.readOnly' <<< $assignment)
25 | attributes=$(jq -r '.attributes | tostring' <<< $assignment)
26 |
27 | authorisations=$(jq -r 'if .authorisations | length > 0 then "'"'"'{" + (.authorisations | join(",")) + "}'"'"'" else null end' <<< $assignment)
28 |
29 | echo "Creating '${roleName}' assignment of type '${roleType}' for user ${email}"
30 | ${dir}/utils/am-add-role-assignment.sh $idamId $roleType $roleName $classification $grantType $roleCategory $readOnly $attributes $authorisations
31 | done
32 | echo
33 | done
34 |
--------------------------------------------------------------------------------
/bin/add-users.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | set -eu
4 |
5 | dir=$(dirname ${0})
6 |
7 | jq -r '.[] | .email + " " + .roles + " " + .lastName + " " + .firstName' ${dir}/users.json | while read args; do
8 | ${dir}/utils/idam-create-caseworker.sh $args
9 | done
10 |
--------------------------------------------------------------------------------
/bin/am-role-assignments.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "email": "auto.test.cnp@gmail.com",
4 | "roleAssignments": [
5 | {
6 | "roleType": "ORGANISATION",
7 | "roleName": "staff",
8 | "grantType": "STANDARD",
9 | "roleCategory": "LEGAL_OPERATIONS",
10 | "classification": "PUBLIC",
11 | "readOnly": false,
12 | "attributes": { "caseType": "AAT", "jurisdiction": "AUTOTEST1" },
13 | "authorisations": []
14 | },
15 | {
16 | "roleType": "ORGANISATION",
17 | "roleName": "staff",
18 | "grantType": "STANDARD",
19 | "roleCategory": "LEGAL_OPERATIONS",
20 | "classification": "PUBLIC",
21 | "readOnly": false,
22 | "attributes": { "caseType": "MAPPER", "jurisdiction": "AUTOTEST1" },
23 | "authorisations": []
24 | }
25 | ],
26 | "overrideAll": true
27 | },
28 |
29 | {
30 | "email": "ccd.ac.superuser@gmail.com",
31 | "roleAssignments": [
32 | {
33 | "roleType": "ORGANISATION",
34 | "roleName": "Solicitor",
35 | "grantType": "STANDARD",
36 | "roleCategory": "PROFESSIONAL",
37 | "classification": "RESTRICTED",
38 | "readOnly": false,
39 | "attributes": { "jurisdiction":"J1", "caseType":"CT2" },
40 | "authorisations": []
41 | }
42 | ],
43 | "overrideAll": true
44 | },
45 |
46 | {
47 | "email": "ccd.ac.solicitor1@gmail.com",
48 | "roleAssignments": [
49 | {
50 | "roleType": "ORGANISATION",
51 | "roleName": "Solicitor",
52 | "grantType": "STANDARD",
53 | "roleCategory": "PROFESSIONAL",
54 | "classification": "PUBLIC",
55 | "readOnly": false,
56 | "attributes": { "jurisdiction":"J1", "caseType":"CT1" },
57 | "authorisations": []
58 | },
59 | {
60 | "roleType": "ORGANISATION",
61 | "roleName": "Solicitor",
62 | "grantType": "STANDARD",
63 | "roleCategory": "PROFESSIONAL",
64 | "classification": "PUBLIC",
65 | "readOnly": false,
66 | "attributes": { "jurisdiction":"J1", "caseType":"CT2" },
67 | "authorisations": []
68 | },
69 | {
70 | "roleType": "ORGANISATION",
71 | "roleName": "Solicitor",
72 | "grantType": "STANDARD",
73 | "roleCategory": "PROFESSIONAL",
74 | "classification": "PUBLIC",
75 | "readOnly": true,
76 | "attributes": { "jurisdiction":"J1", "caseType":"CT4" },
77 | "authorisations": []
78 | },
79 | {
80 | "roleType": "ORGANISATION",
81 | "roleName": "Solicitor",
82 | "grantType": "STANDARD",
83 | "roleCategory": "PROFESSIONAL",
84 | "classification": "PUBLIC",
85 | "readOnly": false,
86 | "attributes": { "jurisdiction":"J1", "caseType":"CT5" },
87 | "authorisations": []
88 | },
89 | {
90 | "roleType": "ORGANISATION",
91 | "roleName": "Solicitor",
92 | "grantType": "STANDARD",
93 | "roleCategory": "PROFESSIONAL",
94 | "classification": "PUBLIC",
95 | "readOnly": true,
96 | "attributes": { "jurisdiction":"J1", "caseType":"CT6" },
97 | "authorisations": []
98 | },
99 |
100 | {
101 | "roleType": "CASE",
102 | "roleName": "Appellant",
103 | "grantType": "SPECIFIC",
104 | "roleCategory": "PROFESSIONAL",
105 | "classification": "PUBLIC",
106 | "readOnly": false,
107 | "attributes": { "jurisdiction":"J1", "caseType":"CT2", "CaseId" : "J1-CT2-01" },
108 | "authorisations": []
109 | },
110 | {
111 | "roleType": "CASE",
112 | "roleName": "Appellant",
113 | "grantType": "SPECIFIC",
114 | "roleCategory": "PROFESSIONAL",
115 | "classification": "PRIVATE",
116 | "readOnly": false,
117 | "attributes": { "jurisdiction":"J1", "caseType":"CT2", "CaseId" : "J1-CT2-02" },
118 | "authorisations": []
119 | },
120 | {
121 | "roleType": "CASE",
122 | "roleName": "Appellant",
123 | "grantType": "SPECIFIC",
124 | "roleCategory": "PROFESSIONAL",
125 | "classification": "PUBLIC",
126 | "readOnly": false,
127 | "attributes": { "jurisdiction":"J1", "caseType":"CT1", "CaseId" : "J1-CT1-02" },
128 | "authorisations": []
129 | },
130 | {
131 | "roleType": "CASE",
132 | "roleName": "[CREATOR]",
133 | "grantType": "SPECIFIC",
134 | "roleCategory": "PROFESSIONAL",
135 | "classification": "PUBLIC",
136 | "readOnly": false,
137 | "attributes": { "jurisdiction":"J1", "caseType":"CT7", "CaseId" : "J1-CT7-01" },
138 | "authorisations": []
139 | }
140 | ],
141 | "overrideAll": true
142 | },
143 |
144 | {
145 | "email": "hmc.superuser@gmail.com",
146 | "roleAssignments": [
147 | {
148 | "roleType": "ORGANISATION",
149 | "roleName": "hearing-manager",
150 | "grantType": "STANDARD",
151 | "roleCategory": "PROFESSIONAL",
152 | "classification": "PUBLIC",
153 | "readOnly": false,
154 | "attributes": { },
155 | "authorisations": []
156 | },
157 | {
158 | "roleType": "ORGANISATION",
159 | "roleName": "hearing-viewer",
160 | "grantType": "STANDARD",
161 | "roleCategory": "PROFESSIONAL",
162 | "classification": "PUBLIC",
163 | "readOnly": true,
164 | "attributes": { },
165 | "authorisations": []
166 | },
167 | {
168 | "roleType": "ORGANISATION",
169 | "roleName": "listed-hearing-viewer",
170 | "grantType": "STANDARD",
171 | "roleCategory": "PROFESSIONAL",
172 | "classification": "PUBLIC",
173 | "readOnly": true,
174 | "attributes": { },
175 | "authorisations": []
176 | }
177 | ],
178 | "overrideAll": true
179 | },
180 |
181 | {
182 | "email": "hmc.listed-hearing-viewer@gmail.com ",
183 | "roleAssignments": [
184 | {
185 | "roleType": "ORGANISATION",
186 | "roleName": "listed-hearing-viewer",
187 | "grantType": "STANDARD",
188 | "roleCategory": "PROFESSIONAL",
189 | "classification": "PUBLIC",
190 | "readOnly": true,
191 | "attributes": { },
192 | "authorisations": []
193 | }
194 | ],
195 | "overrideAll": true
196 | },
197 |
198 | {
199 | "email": "hmc.hearing-viewer@gmail.com",
200 | "roleAssignments": [
201 | {
202 | "roleType": "ORGANISATION",
203 | "roleName": "hearing-viewer",
204 | "grantType": "STANDARD",
205 | "roleCategory": "PROFESSIONAL",
206 | "classification": "PUBLIC",
207 | "readOnly": true,
208 | "attributes": { },
209 | "authorisations": []
210 | }
211 | ],
212 | "overrideAll": true
213 | },
214 |
215 | {
216 | "email": "hmc.hearing-manager@gmail.com",
217 | "roleAssignments": [
218 | {
219 | "roleType": "ORGANISATION",
220 | "roleName": "hearing-manager",
221 | "grantType": "STANDARD",
222 | "roleCategory": "PROFESSIONAL",
223 | "classification": "PUBLIC",
224 | "readOnly": false,
225 | "attributes": { },
226 | "authorisations": []
227 | }
228 | ],
229 | "overrideAll": true
230 | },
231 |
232 | {
233 | "email": "master.caseworker.staff@gmail.com",
234 | "roleAssignments": [
235 | {
236 | "roleType": "ORGANISATION",
237 | "roleName": "ft_hmcts-staff",
238 | "grantType": "BASIC",
239 | "roleCategory": "PROFESSIONAL",
240 | "classification": "PUBLIC",
241 | "readOnly": false,
242 | "attributes": null,
243 | "authorisations": []
244 | }
245 | ],
246 | "overrideAll": true
247 | },
248 |
249 | {
250 | "email": "master.caseworker.regional-staff@gmail.com",
251 | "roleAssignments": [
252 | {
253 | "roleType": "ORGANISATION",
254 | "roleName": "ft_hmcts-staff",
255 | "grantType": "BASIC",
256 | "roleCategory": "PROFESSIONAL",
257 | "classification": "PUBLIC",
258 | "readOnly": false,
259 | "attributes": null,
260 | "authorisations": []
261 | },
262 | {
263 | "roleType": "ORGANISATION",
264 | "roleName": "ft_regional-staff",
265 | "grantType": "STANDARD",
266 | "roleCategory": "PROFESSIONAL",
267 | "classification": "PUBLIC",
268 | "readOnly": false,
269 | "attributes": {
270 | "region": "123",
271 | "location": "1"
272 | },
273 | "authorisations": []
274 | }
275 | ],
276 | "overrideAll": true
277 | },
278 |
279 | {
280 | "email": "master.caseworker.role1.basic@gmail.com",
281 | "roleAssignments": [
282 | {
283 | "roleType": "ORGANISATION",
284 | "roleName": "Role1",
285 | "grantType": "BASIC",
286 | "roleCategory": "PROFESSIONAL",
287 | "classification": "PUBLIC",
288 | "readOnly": false,
289 | "attributes": null,
290 | "authorisations": []
291 | }
292 | ],
293 | "overrideAll": true
294 | },
295 |
296 | {
297 | "email": "master.caseworker.role1.standard@gmail.com",
298 | "roleAssignments": [
299 | {
300 | "roleType": "ORGANISATION",
301 | "roleName": "Role1",
302 | "grantType": "STANDARD",
303 | "roleCategory": "PROFESSIONAL",
304 | "classification": "PUBLIC",
305 | "readOnly": false,
306 | "attributes": null,
307 | "authorisations": []
308 | }
309 | ],
310 | "overrideAll": true
311 | },
312 |
313 | {
314 | "email": "master.caseworker.role3.challenged@gmail.com",
315 | "roleAssignments": [
316 | {
317 | "roleType": "ORGANISATION",
318 | "roleName": "Role1",
319 | "grantType": "BASIC",
320 | "roleCategory": "PROFESSIONAL",
321 | "classification": "PUBLIC",
322 | "readOnly": false,
323 | "attributes": null,
324 | "authorisations": []
325 | },
326 | {
327 | "roleType": "ORGANISATION",
328 | "roleName": "Role3",
329 | "grantType": "CHALLENGED",
330 | "roleCategory": "PROFESSIONAL",
331 | "classification": "PUBLIC",
332 | "readOnly": false,
333 | "attributes": { "region": "123" },
334 | "authorisations": []
335 | }
336 | ],
337 | "overrideAll": true
338 | }
339 | ]
340 |
--------------------------------------------------------------------------------
/bin/ccd-add-role.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | ## Usage: ./ccd-add-role.sh role [classification]
3 | ##
4 | ## Options:
5 | ## - role: Name of the role. Must be an existing IDAM role.
6 | ## - classification: Classification granted to the role; one of `PUBLIC`,
7 | ## `PRIVATE` or `RESTRICTED`. Default to `PUBLIC`.
8 | ##
9 | ## Add support for an IDAM role in CCD by adding role to definition store.
10 |
11 | role=$1
12 | classification=${2:-PUBLIC}
13 |
14 | if [ -z "$role" ]
15 | then
16 | echo "Usage: ./ccd-add-role.sh role [classification]"
17 | exit 1
18 | fi
19 |
20 | case $classification in
21 | PUBLIC|PRIVATE|RESTRICTED)
22 | ;;
23 | *)
24 | echo "Classification must be one of: PUBLIC, PRIVATE or RESTRICTED"
25 | exit 1 ;;
26 | esac
27 |
28 | binFolder=$(dirname "$0")
29 |
30 | userToken="$(${binFolder}/utils/idam-user-token.sh)"
31 | serviceToken="$(${binFolder}/utils/lease-service-token.sh ccd_gw)"
32 |
33 | curl -XPUT \
34 | http://localhost:4451/api/user-role \
35 | -H "Authorization: Bearer ${userToken}" \
36 | -H "ServiceAuthorization: Bearer ${serviceToken}" \
37 | -H "Content-Type: application/json" \
38 | -d '{"role":"'${role}'","security_classification":"'${classification}'"}'
39 |
--------------------------------------------------------------------------------
/bin/ccd-import-definition.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | ## Usage: ./ccd-import-definition.sh path_to_definition
3 | ##
4 | ## Import the given definition in CCD's definition store.
5 | ##
6 | ## Prerequisites:
7 | ## - Microservice `ccd_gw` must be authorised to call service `ccd-definition-store-api`
8 |
9 | if [ -z "$1" ]
10 | then
11 | echo "Usage: ./ccd-import-definition.sh path_to_definition"
12 | exit 1
13 | elif [ ! -f "$1" ]
14 | then
15 | echo "File not found: $1"
16 | exit 1
17 | fi
18 |
19 | binFolder=$(dirname "$0")
20 |
21 | userToken="$(${binFolder}/utils/idam-user-token.sh)"
22 | serviceToken="$(${binFolder}/utils/lease-service-token.sh ccd_gw)"
23 |
24 | curl -S --silent \
25 | http://localhost:4451/import \
26 | -H "Authorization: Bearer ${userToken}" \
27 | -H "ServiceAuthorization: ${serviceToken}" \
28 | -F file="@$1" \
29 | -w "\n"
30 |
--------------------------------------------------------------------------------
/bin/ccd-roles.json:
--------------------------------------------------------------------------------
1 | [
2 | { "role": "caseworker", "security_classification": "PUBLIC" },
3 | { "role": "caseworker-approver", "security_classification": "PUBLIC" },
4 | { "role": "caseworker-autotest1", "security_classification": "PUBLIC" },
5 | { "role": "caseworker-autotest1-private", "security_classification": "PRIVATE" },
6 | { "role": "caseworker-autotest1-senior", "security_classification": "RESTRICTED" },
7 | { "role": "caseworker-autotest1-solicitor", "security_classification": "PRIVATE" },
8 | { "role": "caseworker-autotest2", "security_classification": "PUBLIC" },
9 | { "role": "caseworker-autotest2-private", "security_classification": "PRIVATE" },
10 | { "role": "caseworker-autotest2-senior", "security_classification": "RESTRICTED" },
11 | { "role": "caseworker-autotest2-solicitor", "security_classification": "PRIVATE" },
12 | { "role": "caseworker-befta_jurisdiction_1", "security_classification": "PUBLIC" },
13 | { "role": "caseworker-befta_jurisdiction_2", "security_classification": "PUBLIC" },
14 | { "role": "caseworker-befta_jurisdiction_2-solicitor_1", "security_classification": "PUBLIC" },
15 | { "role": "caseworker-befta_jurisdiction_2-solicitor_2", "security_classification": "PUBLIC" },
16 | { "role": "caseworker-befta_jurisdiction_2-solicitor_3", "security_classification": "PUBLIC" },
17 | { "role": "caseworker-befta_jurisdiction_3", "security_classification": "PUBLIC" },
18 | { "role": "caseworker-befta_jurisdiction_3-solicitor", "security_classification": "PUBLIC" },
19 | { "role": "caseworker-befta_master", "security_classification": "PUBLIC" },
20 | { "role": "caseworker-befta_master-junior", "security_classification": "PUBLIC" },
21 | { "role": "caseworker-befta_master-manager", "security_classification": "PUBLIC" },
22 | { "role": "caseworker-befta_master-solicitor", "security_classification": "PUBLIC" },
23 | { "role": "caseworker-befta_master-solicitor_1", "security_classification": "PUBLIC" },
24 | { "role": "caseworker-befta_master-solicitor_2", "security_classification": "PUBLIC" },
25 | { "role": "caseworker-befta_master-solicitor_3", "security_classification": "PUBLIC" },
26 | { "role": "caseworker-caa", "security_classification": "PUBLIC" },
27 | { "role": "ccd-import", "security_classification": "PUBLIC" },
28 | { "role": "manage-translations", "security_classification": "PUBLIC" },
29 | { "role": "load-translations", "security_classification": "PUBLIC" },
30 | { "role": "citizen", "security_classification": "PUBLIC" },
31 | { "role": "pui-caa", "security_classification": "PUBLIC" },
32 | { "role": "next-hearing-date-admin", "security_classification": "PUBLIC" },
33 | { "role": "GS_profile", "security_classification": "PUBLIC" },
34 | { "role": "ft_accessprofile_1", "security_classification": "PUBLIC" },
35 | { "role": "ft_accessprofile_3", "security_classification": "PUBLIC" }
36 | ]
37 |
--------------------------------------------------------------------------------
/bin/document-management-store-create-blob-store-container.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | ## Usage: ./document-management-store-create-blob-store-container.sh containerName
3 | ##
4 | ## Create a container in Azurite - Blob Store emulator
5 | ## containerName - name of the container to create
6 | ##
7 | containerName=${1:-hmctstestcontainer}
8 |
9 | curl -XPUT --verbose \
10 | http://127.0.0.1:10000/devstoreaccount1/${containerName}?restype=container
11 |
12 | # list containers
13 | # curl -X GET http://127.0.0.1:10000/devstoreaccount1?comp=list
14 |
--------------------------------------------------------------------------------
/bin/document-management-store-get.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | ## Usage: ./document-management-store-get.sh documentId
3 | ##
4 | ## Get the file from DM store.
5 | ## documentId - UUID identifying the resource
6 | ##
7 |
8 | documentId=$1
9 | binFolder=$(dirname "$0")
10 |
11 | userToken="$(${binFolder}/utils/idam-user-token.sh)"
12 | serviceToken="$(${binFolder}/utils/lease-service-token.sh ccd_gw)"
13 |
14 | curl --verbose \
15 | http://localhost:4603/documents/${documentId} \
16 | -H "Authorization: Bearer ${userToken}" \
17 | -H "ServiceAuthorization: Bearer ${serviceToken}"
18 |
--------------------------------------------------------------------------------
/bin/document-management-store-migrate.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | ## Usage: ./document-management-store-get.sh documentId versionId
3 | ##
4 | ## Get the file from DM store.
5 | ## documentId - UUID identifying the resource
6 | ##
7 |
8 | documentId=$1
9 | versionId=$2
10 | binFolder=$(dirname "$0")
11 |
12 | userToken="$(${binFolder}/utils/idam-user-token.sh)"
13 | serviceToken="$(${binFolder}/utils/lease-service-token.sh ccd_gw)"
14 |
15 | curl -XPOST --verbose \
16 | http://localhost:4603/documents/${documentId}/versions/${versionId}/migrate \
17 | -H "Authorization: Bearer ${userToken}" \
18 | -H "ServiceAuthorization: ${serviceToken}"
19 |
--------------------------------------------------------------------------------
/bin/env_variables_all.txt:
--------------------------------------------------------------------------------
1 | AM_ROLE_ASSIGNMENT_ADMIN_PWD=Pa55word11
2 | APPINSIGHTS_INSTRUMENTATIONKEY=SomeRandomStringForLocalDocker
3 | BEFTA_RESPONSE_HEADER_CHECK_POLICY=JUST_WARN
4 | BEFTA_OAUTH2_ACCESS_TOKEN_TYPE_OF_XUIWEBAPP=OIDC
5 | BEFTA_OAUTH2_CLIENT_ID_OF_XUIWEBAPP=xuiwebapp
6 | BEFTA_OAUTH2_REDIRECT_URI_OF_XUIWEBAPP=http://localhost:3455/oauth2/callback
7 | BEFTA_OAUTH2_CLIENT_SECRET_OF_XUIWEBAPP=OOOOOOOOOOOOOOOO
8 | BEFTA_OAUTH2_SCOPE_VARIABLES_OF_XUIWEBAPP=profile openid roles
9 | BEFTA_S2S_CLIENT_ID=ccd_gw
10 | BEFTA_S2S_CLIENT_ID_OF_CCD_DEFINITION=ccd_definition
11 | BEFTA_S2S_CLIENT_SECRET=AAAAAAAAAAAAAAAC
12 | BEFTA_S2S_CLIENT_SECRET_OF_AAC_MANAGE_CASE_ASSIGNMENT=AAAAAAAAAAAAAAAA
13 | BEFTA_S2S_CLIENT_SECRET_OF_BULK_SCAN_PROCESSOR=AAAAAAAAAAAAAAAA
14 | BEFTA_S2S_CLIENT_SECRET_OF_CCD_DATA=AAAAAAAAAAAAAAAB
15 | BEFTA_S2S_CLIENT_SECRET_OF_CCD_DEFINITION=AAAAAAAAAAAAAAAA
16 | BEFTA_S2S_CLIENT_SECRET_OF_PAYMENT_APP=1OOOOOOOOOOOOOO1
17 | BEFTA_S2S_CLIENT_ID_OF_XUI_WEBAPP=xui_webapp
18 | BEFTA_S2S_CLIENT_SECRET_OF_XUI_WEBAPP=OOOOOOOOOOOOOOOO
19 | BEFTA_TEST_STUB_SERVICE_BASE_URL=http://localhost:5555
20 | CASE_DOCUMENT_AM_URL=http://localhost:4455
21 | CCD_API_GATEWAY_OAUTH2_CLIENT_ID=ccd_gateway
22 | CCD_API_GATEWAY_OAUTH2_CLIENT_SECRET=ccd_gateway_secret
23 | CCD_API_GATEWAY_OAUTH2_REDIRECT_URL=http://localhost:3451/oauth2redirect
24 | CCD_API_GATEWAY_S2S_ID=ccd_gw
25 | CCD_API_GATEWAY_S2S_KEY=AAAAAAAAAAAAAAAC
26 | CCD_BEFTA_CASEWORKER_1_NO_PROFILE_PWD=Pa55word11
27 | CCD_BEFTA_CASEWORKER_1_PWD=Pa55word11
28 | CCD_BEFTA_CASEWORKER_2_PWD=Pa55word11
29 | CCD_BEFTA_CASEWORKER_2_SOLICITOR_1_PWD=Pa55word11
30 | CCD_BEFTA_CASEWORKER_2_SOLICITOR_2_PWD=Pa55word11
31 | CCD_BEFTA_CASEWORKER_2_SOLICITOR_3_PWD=Pa55word11
32 | CCD_BEFTA_CASEWORKER_3_PWD=Pa55word11
33 | CCD_BEFTA_CASEWORKER_CAA_PWD=Pa55word11
34 | CCD_BEFTA_CITIZEN_2_PWD=Pa55word11
35 | CCD_BEFTA_CITIZEN_3_PWD=Pa55word11
36 | CCD_BEFTA_MASTER_CASEWORKER_PWD=Pa55word11
37 | CCD_BEFTA_MASTER_CASEWORKER_REGIONAL_STAFF_PWD=Pa55word11
38 | CCD_BEFTA_MASTER_CASEWORKER_ROLE1_BASIC_PWD=Pa55word11
39 | CCD_BEFTA_MASTER_CASEWORKER_ROLE1_STANDARD_PWD=Pa55word11
40 | CCD_BEFTA_MASTER_CASEWORKER_ROLE3_CHALLENGED_PWD=Pa55word11
41 | CCD_BEFTA_MASTER_CASEWORKER_STAFF_PWD=Pa55word11
42 | CCD_BEFTA_MASTER_SOLICITOR_1_PWD=Pa55word11
43 | CCD_BEFTA_MASTER_SOLICITOR_2_PWD=Pa55word11
44 | CCD_BEFTA_MASTER_SOLICITOR_3_PWD=Pa55word11
45 | CCD_BEFTA_MASTER_SOLICITOR_4_PWD=Pa55word11
46 | CCD_BEFTA_MASTER_SOLICITOR_5_PWD=Pa55word11
47 | CCD_BEFTA_MASTER_SOLICITOR_6_PWD=Pa55word11
48 | CCD_BEFTA_MASTER_SOLICITOR_MUTLU_PWD=Pa55word11
49 | CCD_BEFTA_MASTER_SOLICITOR_RICHARD_PWD=Pa55word11
50 | CCD_BEFTA_MASTER_SOLICITOR_TONY_PWD=Pa55word11
51 | CCD_BEFTA_JURISDICTION_3_SOLICITOR_1_PWD=Pa55word11
52 | CCD_BEFTA_SOLICITOR_3_PWD=Pa55word11
53 | CCD_CASEWORKER_AUTOTEST_EMAIL=auto.test.cnp@gmail.com
54 | CCD_CASEWORKER_AUTOTEST_FE_PASSWORD=Pa55word11
55 | CCD_CASEWORKER_AUTOTEST_PASSWORD=Pa55word11
56 | CCD_DATA_STORE_API_BASE_URL=http://localhost:4452
57 | CCD_DOCUMENT_URL_PATTERN=http://dm-store:8080/documents/[A-Za-z0-9-]+(?:/binary)?
58 | CCD_GW_SERVICE_NAME=ccd_gw
59 | CCD_GW_SERVICE_SECRET=AAAAAAAAAAAAAAAC
60 | CCD_IMPORT_AUTOTEST_EMAIL=auto.test.cnp@gmail.com
61 | CCD_IMPORT_AUTOTEST_PASSWORD=Pa55word11
62 | CCD_PRIVATE_CASEWORKER_AUTOTEST_1AND2_PASSWORD=Pa55word11
63 | CCD_PRIVATE_CASEWORKER_EMAIL=auto.test.cnp+private@gmail.com
64 | CCD_PRIVATE_CASEWORKER_PASSWORD=Pa55word11
65 | CCD_PRIVATE_CASEWORKER_SOLICITOR_EMAIL=auto.test.cnp+solc@gmail.com
66 | CCD_PRIVATE_CASEWORKER_SOLICITOR_PASSWORD=Pa55word11
67 | CCD_PRIVATE_CROSS_CASE_TYPE_CASEWORKER_EMAIL=auto.test12.cnp+private@gmail.com
68 | CCD_PRIVATE_CROSS_CASE_TYPE_CASEWORKER_PASSWORD=Pa55word11
69 | CCD_PRIVATE_CROSS_CASE_TYPE_SOLICITOR_EMAIL=auto.test12.cnp+solc@gmail.com
70 | CCD_PRIVATE_CROSS_CASE_TYPE_SOLICITOR_PASSWORD=Pa55word11
71 | CCD_RESTRICTED_CASEWORKER_EMAIL=auto.test.cnp+senior@gmail.com
72 | CCD_RESTRICTED_CASEWORKER_PASSWORD=Pa55word11
73 | CCD_RESTRICTED_CROSS_CASE_TYPE_CASEWORKER_EMAIL=auto.test12.cnp+senior@gmail.com
74 | CCD_RESTRICTED_CROSS_CASE_TYPE_CASEWORKER_PASSWORD=Pa55word11
75 | CCD_STUB_SERVICE_URI_BASE=ccd-test-stubs-service:5555
76 | DATA_STORE_IDAM_KEY=AAAAAAAAAAAAAAAB
77 | DATA_STORE_S2S_AUTHORISED_SERVICES=ccd_gw,ccd_gateway,fpl_case_service,ccd_data,ccd_ps,aac_manage_case_assignment,ccd_case_document_am_api
78 | DATA_STORE_TOKEN_SECRET=iuasbcuasdcbasdgcasdgcuysachjsacyasdgjcgasdj
79 | DB_EXTERNAL_PORT=5050
80 | DB_PASSWORD=Pa55word11
81 | DB_USERNAME=ccd
82 | DEFINITION_IMPORTER_USERNAME=auto.test.cnp@gmail.com
83 | DEFINITION_IMPORTER_PASSWORD=Pa55word11
84 | DEFINITION_STORE_DB_USE_SSL=false
85 | DEFINITION_STORE_HOST=http://localhost:4451
86 | DEFINITION_STORE_IDAM_KEY=AAAAAAAAAAAAAAAA
87 | DEFINITION_STORE_S2S_AUTHORISED_SERVICES=ccd_data,ccd_gw,ccd_admin,aac_manage_case_assignment,ccd_case_disposer
88 | DEFINITION_STORE_URL_BASE=http://localhost:4451
89 | DM_STORE_BASE_URL=http://dm-store:8080
90 | ELASTIC_SEARCH_ENABLED=true
91 | ELASTIC_SEARCH_HOST=localhost
92 | ELASTIC_SEARCH_HOSTS=http://localhost:9200
93 | ELASTIC_SEARCH_PORT=9200
94 | ELASTIC_SEARCH_SCHEME=http
95 | IDAM_API_URL_BASE=http://localhost:5000
96 | IDAM_API_BASE_URL=http://localhost:5000
97 | IDAM_KEY_BULK_SCAN_PROCESSOR=AAAAAAAAAAAAAAAA
98 | IDAM_KEY_BULK_SCAN_ORCHESTRATOR=AAAAAAAAAAAAAAAA
99 | IDAM_KEY_CASE_DOCUMENT=AABBCCDDEEFFGGHH
100 | IDAM_KEY_CCD_ADMIN=AAAAAAAAAAAAAAAD
101 | IDAM_KEY_CCD_DATA_STORE=AAAAAAAAAAAAAAAB
102 | IDAM_KEY_CCD_DEFINITION_DESIGNER=AAAAAAAAAAAAAAAE
103 | IDAM_KEY_CCD_DEFINITION_STORE=AAAAAAAAAAAAAAAA
104 | IDAM_KEY_CCD_GATEWAY=AAAAAAAAAAAAAAAC
105 | IDAM_KEY_DM_STORE=AAAAAAAAAAAAAAAA
106 | IDAM_KEY_FPL_CASE_SERVICE=AABBCCDDEEFFGGHH
107 | IDAM_KEY_TS_TRANSLATION_SERVICE=AAAAAAAAAAAAAAAA
108 | IDAM_KEY_XUI_WEBAPP=AAAAAAAAAAAAAAAA
109 | IDAM_KEY_AM_ROLE_ASSIGNMENT=AAAAAAAAAAAAAAAA
110 | IDAM_KEY_API_GW=AAAAAAAAAAAAAAAA
111 | IDAM_KEY_API_HMI_INBOUND_ADAPTER=AAAAAAAAAAAAAAAA
112 | IDAM_KEY_CCD_CASE_DISPOSER=AAAAAAAAAAAAAAAA
113 | IDAM_OAUTH2_CLIENT_ID=ccd_gateway
114 | IDAM_OAUTH2_CLIENT_SECRET=ccd_gateway_secret
115 | IDAM_S2S_URL=http://service-auth-provider-api:8080
116 | IDAM_URL=http://localhost:5000
117 | IDAM_USER_URL=http://localhost:5000
118 | MIGRATIONS_ENDPOINT_ENABLED=true
119 | OAUTH2_CLIENT_CCD_ADMIN=IIIIIIIIIIIIIIII
120 | OAUTH2_CLIENT_CCD_GATEWAY=ccd_gateway_secret
121 | OAUTH2_CLIENT_ID=ccd_gateway
122 | OAUTH2_CLIENT_SECRET=ccd_gateway_secret
123 | OAUTH2_REDIRECT_URI=http://localhost:3451/oauth2redirect
124 | RD_LOCATION_REF_API_BASE_URL=http://localhost:5555
125 | RD_PROFESSIONAL_API_BASE_URL=http://localhost:5555
126 | ROLE_ASSIGNMENT_USER_EMAIL=ccd.ac.solicitor1@gmail.com
127 | ROLE_ASSIGNMENT_USER_PASSWORD=Pa55word11
128 | ROLE_ASSIGNMENT_HOST=http://localhost:4096
129 | ROLE_ASSIGNMENT_API_GATEWAY_S2S_CLIENT_ID=ccd_data
130 | ROLE_ASSIGNMENT_API_GATEWAY_S2S_CLIENT_KEY=AAAAAAAAAAAAAAAB
131 | ROLE_ASSIGNMENT_SOLICITOR_USER=ccd.ac.solicitor1@gmail.com
132 | ROLE_ASSIGNMENT_SOLICITOR_USER_PWD=Pa55word11
133 | ROLE_ASSIGNMENT_STAFF1_USER=ccd.ac.staff1@gmail.com
134 | ROLE_ASSIGNMENT_STAFF1_USER_PWD=Pa55word11
135 | ROLE_ASSIGNMENT_STAFF2_USER=ccd.ac.staff2@gmail.com
136 | ROLE_ASSIGNMENT_STAFF2_USER_PWD=Pa55word11
137 | ROLE_ASSIGNMENT_SUPER_USER=ccd.ac.superuser@gmail.com
138 | ROLE_ASSIGNMENT_SUPER_USER_PWD=Pa55word11
139 | S2S_URL=http://localhost:4502
140 | S2S_URL_BASE=http://localhost:4502
141 | TEST_STUB_SERVICE_BASE_URL=http://host.docker.internal:5555
142 | TEST_URL=http://localhost:4452
143 | TESTING_SUPPORT_ENABLED=true
144 | TS_SERVICE_TRANSLATION_USERS_PWD=Pa55word11
145 | USER=someuser
146 | USER_PROFILE_HOST=http://ccd-user-profile-api:4453
147 | USER_PROFILE_S2S_AUTHORISED_SERVICES=ccd_data,ccd_definition,ccd_admin
148 | XUI_LAUNCH_DARKLY_CLIENT_ID=1
149 | DB_USE_SSL=false
150 | ES_ENABLED_DOCKER=false
151 | IDAM_KEY_CCD_PS=AAAAAAAAAAAAAAAA
152 | IDAM_KEY_NEXT_HEARING_UPDATER=AAAAAAAAAAAAAAAA
153 | CCD_NEXT_HEARING_DATE_PASSWORD=Pa55word11
154 | IDAM_KEY_CFT_HEARING_SERVICE=AAAAAAAAAAAAAAAA
155 | IDAM_KEY_API_HMI_INBOUND_ADAPTER=AAAAAAAAAAAAAAAA
156 | HMC_DB_USERNAME=hmc
157 | HMC_DB_PASSWORD=hmc
158 | HMC_HEARING_SERVICE_USERS_PWD=Pa55word11
159 |
--------------------------------------------------------------------------------
/bin/idam-delete-user.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | ## Usage: ./idam-delete-caseworker.sh email
3 | ##
4 | ## Options:
5 | ## - email: Email address
6 | ##
7 |
8 | email=$1
9 |
10 | # Build roles JSON array
11 |
12 | curl -XDELETE "http://localhost:5000/testing-support/accounts/${email}" -H "Content-Type: application/json"
13 |
--------------------------------------------------------------------------------
/bin/set-environment-variables.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | ## set the environment variables for CCD_Data_Store and
4 | ## CCD_definition_Store
5 |
6 | function set_env_variables() {
7 | set_env_variables_from_file "./env_variables_all.txt"
8 | }
9 |
10 | function set_env_variables_from_file() {
11 | file=$1
12 | if [ -f ${file} ]
13 | then
14 | osName="$(uname -s)"
15 | echo "Setting env variables from [$file] on [$osName]."
16 | while IFS="=" read -r key value
17 | do
18 | if [[ "Darwin" == "$osName" ]];then
19 | command="export $key=$value"
20 | $command
21 | else
22 | setx "$key" $(echo $value | sed -e 's/\r//g')
23 | fi
24 | done < "$file"
25 | else
26 | echo "Environment variable file : $file NOT found. Variables NOT set."
27 | fi
28 | }
29 |
30 | originDir=$PWD
31 | parent_path=$( cd "$(dirname "${BASH_SOURCE[0]}")" ; pwd -P )
32 | cd "$parent_path"
33 | set_env_variables
34 | cd "$originDir"
35 |
36 |
--------------------------------------------------------------------------------
/bin/users.json:
--------------------------------------------------------------------------------
1 | [
2 | {"email": "befta.pui.caa.1@gmail.com", "roles": "pui-caa", "lastName": "CAA", "firstName": "Pui"},
3 | {"email": "ccd.docker.default@hmcts.net", "roles": "ccd-import", "lastName": "Default CCD_Docker"},
4 |
5 | {"email": "auto.test.cnp@gmail.com", "roles": "caseworker,caseworker-autotest1,ccd-import", "lastName": "testsurname"},
6 | {"email": "auto.test.cnp+private@gmail.com", "roles": "caseworker,caseworker-autotest1,caseworker-autotest1-private"},
7 | {"email": "auto.test.cnp+senior@gmail.com", "roles": "caseworker,caseworker-autotest1,caseworker-autotest1-senior"},
8 | {"email": "auto.test.cnp+solc@gmail.com", "roles": "caseworker,caseworker-autotest1,caseworker-autotest1-solicitor"},
9 | {"email": "auto.test2.cnp@gmail.com", "roles": "caseworker,caseworker-autotest2"},
10 | {"email": "auto.test2.cnp+private@gmail.com", "roles": "caseworker,caseworker-autotest2,caseworker-autotest2-private"},
11 | {"email": "auto.test2.cnp+senior@gmail.com", "roles": "caseworker,caseworker-autotest2,caseworker-autotest2-senior"},
12 | {"email": "auto.test2.cnp+solc@gmail.com", "roles": "caseworker,caseworker-autotest2,caseworker-autotest2-solicitor"},
13 | {"email": "auto.test12.cnp@gmail.com", "roles": "caseworker,caseworker-autotest1,caseworker-autotest2"},
14 | {"email": "auto.test12.cnp+private@gmail.com", "roles": "caseworker,caseworker-autotest1,caseworker-autotest1-private,caseworker-autotest2,caseworker-autotest2-private"},
15 | {"email": "auto.test12.cnp+solc@gmail.com", "roles": "caseworker,caseworker-autotest1,caseworker-autotest1-solicitor,caseworker-autotest2,caseworker-autotest2-solicitor"},
16 | {"email": "auto.test12.cnp+senior@gmail.com", "roles": "caseworker,caseworker-autotest1,caseworker-autotest1-senior,caseworker-autotest2,caseworker-autotest2-senior"},
17 | {"email": "ccdimportdomain@gmail.com", "roles": "caseworker,caseworker-autotest1,caseworker-autotest1-senior"},
18 |
19 | {"email": "befta.citizen.2@gmail.com", "roles": "citizen"},
20 | {"email": "befta.citizen.3@gmail.com", "roles": "citizen"},
21 |
22 | {"email": "befta.caseworker.1@gmail.com", "roles": "caseworker,caseworker-befta_jurisdiction_1"},
23 | {"email": "befta.caseworker.1.noprofile@gmail.com", "roles": "caseworker,caseworker-befta_jurisdiction_1", "lastName": "testsurname", "firstName": "testfirstname"},
24 |
25 | {"email": "befta.caseworker.2@gmail.com", "roles": "caseworker,caseworker-befta_jurisdiction_2"},
26 | {"email": "befta.caseworker.2.solicitor.1@gmail.com", "roles": "caseworker,caseworker-befta_jurisdiction_2,caseworker-befta_jurisdiction_2-solicitor_1"},
27 | {"email": "befta.caseworker.2.solicitor.2@gmail.com", "roles": "caseworker,caseworker-befta_jurisdiction_2,caseworker-befta_jurisdiction_2-solicitor_2"},
28 | {"email": "befta.caseworker.2.solicitor.3@gmail.com", "roles": "caseworker,caseworker-befta_jurisdiction_2,caseworker-befta_jurisdiction_2-solicitor_3"},
29 |
30 | {"email": "befta.caseworker.3@gmail.com", "roles": "caseworker,caseworker-befta_jurisdiction_3"},
31 | {"email": "befta.solicitor.3@gmail.com", "roles": "caseworker,caseworker-befta_jurisdiction_3,caseworker-befta_jurisdiction_3-solicitor"},
32 | {"email": "befta.solicitor.4@gmail.com", "roles": "caseworker,caseworker-befta_jurisdiction_3,caseworker-befta_jurisdiction_3-solicitor"},
33 |
34 | {"email": "master.caseworker@gmail.com", "roles": "caseworker,caseworker-befta_master", "lastName": "befta", "firstName": "master"},
35 |
36 | {"email": "master.solicitor.1@gmail.com", "roles": "caseworker,caseworker-befta_master,caseworker-befta_master-solicitor_1", "lastName": "befta", "firstName": "solicitor1"},
37 | {"email": "master.solicitor.2@gmail.com","roles": "caseworker,caseworker-befta_master,caseworker-befta_master-solicitor_2", "lastName": "befta", "firstName": "solicitor2"},
38 | {"email": "master.solicitor.3@gmail.com", "roles": "caseworker,caseworker-befta_master,caseworker-befta_master-solicitor_3", "lastName": "befta", "firstName": "solicitor3"},
39 |
40 | {"email": "befta.master.solicitor.becky@gmail.com", "roles": "caseworker,caseworker-befta_master,caseworker-befta_master-solicitor", "lastName": "Solicington", "firstName": "Becky"},
41 | {"email": "befta.master.solicitor.benjamin@gmail.com", "roles": "caseworker,caseworker-befta_master,caseworker-befta_master-solicitor", "lastName": "Solicington", "firstName": "Benjamin"},
42 | {"email": "befta.master.solicitor.bill@gmail.com", "roles": "caseworker,caseworker-befta_master,caseworker-befta_master-solicitor", "lastName": "Solicington", "firstName": "Bill"},
43 | {"email": "befta.master.solicitor.emma@gmail.com", "roles": "caseworker,caseworker-befta_master,caseworker-befta_master-solicitor", "lastName": "Solicington", "firstName": "Emma"},
44 | {"email": "befta.master.solicitor.jane@gmail.com", "roles": "caseworker,caseworker-befta_master,caseworker-befta_master-solicitor,pui-caa", "lastName": "Solicington", "firstName": "Jane"},
45 | {"email": "befta.master.solicitor.david@gmail.com", "roles": "caseworker,caseworker-befta_master,caseworker-befta_master-solici", "lastName": "Solicington", "firstName": "David"},
46 |
47 | {"email": "befta.master.solicitor.mutlu@gmail.com", "roles": "caseworker,caseworker-befta_master,caseworker-befta_master-solicitor", "lastName": "Solicington", "firstName": "Mutlu"},
48 | {"email": "befta.master.solicitor.richard@gmail.com", "roles": "caseworker,caseworker-befta_master,caseworker-befta_master-solicitor", "lastName": "Solicington", "firstName": "Richard"},
49 | {"email": "befta.master.solicitor.tony@gmail.com", "roles": "caseworker,caseworker-befta_master,caseworker-befta_master-solicitor", "lastName": "Solicington", "firstName": "Tony"},
50 |
51 | {"email": "befta.jurisdiction.3.solicitor.alice@gmail.com", "roles": "caseworker,caseworker-befta_jurisdiction_3,caseworker-befta_jurisdiction_3-solicitor,pui-caa", "lastName": "Solicington", "firstName": "Alice"},
52 |
53 | {"email": "befta.caseworker.caa@gmail.com", "roles": "caseworker,caseworker-caa", "lastName": "CAA", "firstName": "Caseworker"},
54 |
55 | {"email": "role.assignment.admin@gmail.com", "roles": "caseworker", "lastName": "RA", "firstName": "Admin"},
56 | {"email": "data.store.idam.system.user@gmail.com", "roles": "", "lastName": "System User", "firstName": "Data Store"},
57 |
58 | {"email": "ccd.ac.superuser@gmail.com", "roles": "caseworker", "lastName": "AC System User", "firstName": "Data Store"},
59 | {"email": "ccd.ac.solicitor1@gmail.com", "roles": "caseworker", "lastName": "AC Solicitor1", "firstName": "Data Store"},
60 | {"email": "ccd.ac.solicitor2@gmail.com", "roles": "caseworker", "lastName": "AC Solicitor2", "firstName": "Data Store"},
61 | {"email": "ccd.ac.staff1@gmail.com", "roles": "caseworker", "lastName": "AC Staff1", "firstName": "Data Store"},
62 | {"email": "ccd.ac.staff2@gmail.com", "roles": "caseworker", "lastName": "AC Staff2", "firstName": "Data Store"},
63 | {"email": "ccd.ac.staff3@gmail.com", "roles": "caseworker", "lastName": "AC Staff3", "firstName": "Data Store"},
64 | {"email": "ccd.ac.staff5@gmail.com", "roles": "caseworker", "lastName": "AC Staff5", "firstName": "Data Store"},
65 | {"email": "ccd.ac.staff6@gmail.com", "roles": "caseworker", "lastName": "AC Staff6", "firstName": "Data Store"},
66 | {"email": "ccd.ac.staff7@gmail.com", "roles": "caseworker", "lastName": "AC Staff7", "firstName": "Data Store"},
67 | {"email": "ccd.ac.staff8@gmail.com", "roles": "caseworker", "lastName": "AC Staff8", "firstName": "Data Store"},
68 | {"email": "ccd.ac.other1@gmail.com", "roles": "caseworker", "lastName": "AC Other1", "firstName": "Data Store"},
69 |
70 | {"email": "ts.service.translation-manage@gmail.com", "roles": "ccd-import,manage-translations", "lastName": "Translations", "firstName": "Manage"},
71 | {"email": "ts.service.translation-load@gmail.com", "roles": "ccd-import,load-translations", "lastName":"Translations", "firstName": "Load"},
72 | {"email": "ts.service.translation-manage-load@gmail.com", "roles": "ccd-import,load-translations,manage-translations", "lastName": "Translations", "firstName": "Manage-Load"},
73 |
74 | {"email": "next.hearing.date.admin@gmail.com", "roles": "caseworker,next-hearing-date-admin", "lastName": "hearing", "firstName": "next-day"},
75 |
76 | {"email": "master.caa@gmail.com", "roles": "caseworker,caseworker-caa", "lastName": "caa", "firstName": "master"},
77 | {"email": "noc.approver@gmail.com", "roles": "caseworker-approver", "lastName": "noc", "firstName": "approver"},
78 |
79 | {"email": "hmc.hearing-manager@gmail.com", "roles": "caseworker,caseworker-befta_master", "lastName": "hearing-manager", "firstName": "hmc"},
80 | {"email": "hmc.hearing-viewer@gmail.com", "roles": "caseworker,caseworker-befta_master", "lastName": "hearing-viewer", "firstName": "hmc"},
81 | {"email": "hmc.listed-hearing-viewer@gmail.com", "roles": "caseworker,caseworker-befta_master", "lastName": "listed-hearing-viewer", "firstName": "hmc"},
82 | {"email": "hmc.superuser@gmail.com", "roles": "caseworker,caseworker-befta_master", "lastName": "superuser", "firstName": "hmc"},
83 |
84 | {"email": "master.caseworker.staff@gmail.com", "roles": "caseworker,caseworker-befta_master", "lastName": "master.caseworker", "firstName": "staff"},
85 | {"email": "master.caseworker.regional-staff@gmail.com", "roles": "caseworker,caseworker-befta_master", "lastName": "master.caseworker", "firstName": "regional-staff"},
86 |
87 | {"email": "master.caseworker.role1.basic@gmail.com", "roles": "caseworker,caseworker-befta_master", "lastName": "master.caseworker", "firstName": "role1-basic"},
88 | {"email": "master.caseworker.role1.standard@gmail.com", "roles": "caseworker,caseworker-befta_master", "lastName": "master.caseworker", "firstName": "role1-standard"},
89 | {"email": "master.caseworker.role3.challenged@gmail.com", "roles": "caseworker,caseworker-befta_master", "lastName": "master.caseworker", "firstName": "role3-challenged"}
90 | ]
91 |
--------------------------------------------------------------------------------
/bin/utils/am-add-role-assignment.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | set -eu
4 |
5 | userId=${1}
6 | type=${2}
7 | roleName=${3}
8 | classification=${4}
9 | grantType=${5}
10 | roleCategory=${6}
11 | readOnly=${7}
12 | startTime="now()"
13 | endTime="now() + interval '10 years'"
14 | attributes=${8}
15 | authorisations=${9}
16 |
17 | psql -h localhost -p ${DB_EXTERNAL_PORT} -d role_assignment -U ccd -c "INSERT INTO role_assignment (id, actor_id_type, actor_id, role_type, role_name, classification, grant_type, role_category, read_only, begin_time, end_time, attributes, created, authorisations) VALUES ('$(uuidgen)', 'IDAM', '${userId}', '${type}', '${roleName}', '${classification}', '${grantType}', '${roleCategory}', ${readOnly}, ${startTime}, ${endTime}, '${attributes}', 'now()', ${authorisations})" -q
18 |
19 | psql -h localhost -p ${DB_EXTERNAL_PORT} -d role_assignment -U ccd -c "INSERT INTO actor_cache_control (actor_id, etag, json_response) VALUES ('${userId}', 1, '{}') ON CONFLICT (actor_id) DO UPDATE SET etag = actor_cache_control.etag + 1" -q
20 |
--------------------------------------------------------------------------------
/bin/utils/idam-add-role.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | set -eu
4 |
5 | if [ "${ENVIRONMENT:-local}" != "local" ]; then
6 | exit 0;
7 | fi
8 |
9 | dir=$(dirname ${0})
10 |
11 | ID=${1}
12 |
13 | apiToken=$(${dir}/idam-authenticate.sh "${IDAM_ADMIN_USER}" "${IDAM_ADMIN_PASSWORD}")
14 |
15 | echo -e "\nCreating IDAM role: ${ID}"
16 |
17 | STATUS=$(curl --silent --output /dev/null --write-out '%{http_code}' -H 'Content-Type: application/json' -H "Authorization: AdminApiAuthToken ${apiToken}" \
18 | ${IDAM_API_BASE_URL:-http://localhost:5000}/roles -d '{
19 | "id": "'${ID}'",
20 | "name": "'${ID}'",
21 | "description": "'${ID}'",
22 | "assignableRoles": [ ],
23 | "conflictingRoles": [ ]
24 | }')
25 |
26 | if [ $STATUS -eq 201 ]; then
27 | echo "Role created successfully"
28 | elif [ $STATUS -eq 409 ]; then
29 | echo "Role already exists!"
30 | else
31 | echo "ERROR: HTTPCODE = $STATUS"
32 | exit 1
33 | fi
34 |
--------------------------------------------------------------------------------
/bin/utils/idam-authenticate.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | set -eu
4 |
5 | USERNAME=$1
6 | PASSWORD=$2
7 |
8 | curl --silent --show-error --header 'Content-Type: application/x-www-form-urlencoded' -H 'Accept: application/json' -d "username=${USERNAME}&password=${PASSWORD}" "${IDAM_API_BASE_URL:-http://localhost:5000}/loginUser" | docker run --rm --interactive ghcr.io/jqlang/jq -r .api_auth_token
9 |
--------------------------------------------------------------------------------
/bin/utils/idam-create-caseworker.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | ######################
4 | ## FUNCTIONS
5 | ######################
6 |
7 | get_user_roles() {
8 | docker run -e PGPASSWORD='openidm' --rm --network ccd-network postgres:15-alpine psql --host shared-db --username openidm --tuples-only --command "SELECT data.roles FROM managedObjects mo, LATERAL (SELECT regexp_replace(string_agg((element::json -> '_ref')::text, ','), '( *\\w*\\/)|(\")', '', 'g') AS roles FROM json_array_elements_text(mo.fullobject->'effectiveRoles') as data(element)) data WHERE mo.fullobject ->> 'userName'='${1}';" openidm
9 | }
10 |
11 | create_user_request() {
12 | response=$(
13 | curl --insecure --show-error --silent --output /dev/null --write-out "%{http_code}" -X POST \
14 | "${IDAM_API_BASE_URL:-http://localhost:5000}"/testing-support/accounts \
15 | -H "Content-Type: application/json" \
16 | -d '{
17 | "email":"'"${email}"'",
18 | "forename":"'"${firstName}"'",
19 | "surname":"'"${surname}"'",
20 | "password":"Pa55word11",
21 | "levelOfAccess":1,
22 | "roles": [
23 | '"${rolesJson}"'
24 | ],
25 | "userGroup": {"code": "caseworker"}}
26 | '
27 | )
28 |
29 | echo "$response"
30 | }
31 |
32 | delete_user_request() {
33 | response=$(curl --insecure --show-error --silent --output /dev/null --write-out "%{http_code}" -X DELETE \
34 | "${IDAM_API_BASE_URL:-http://localhost:5000}"/testing-support/accounts/"${email}")
35 | echo "$response"
36 | }
37 |
38 | # if user exists
39 | # check roles ✅
40 | # if roles are the same do nothing ✅
41 | # otherwise delete ✅
42 | # and create user ✅ with same id ❌ <-- Apparently having the same id doesn't matter on local
43 |
44 | recreate_user() {
45 | printf "%s%s\n" "Checking IDAM user: " "${email}"
46 | _roles=$(echo $(get_user_roles "${email}") | tr -d [:space:]) # Remove whitespace
47 | if [[ "$_roles" == "$rolesStr" ]]; then
48 | printf "%s%s\n" "Maintaining IDAM user: " "${email}"
49 | exit 0 # Nothing to delete and user already exists so just exit
50 | else
51 | printf "%s%s\n" "Deleting IDAM user: " "${email}"
52 | deleteResponse=$(delete_user_request)
53 | if [[ "$deleteResponse" -eq 404 ]]; then
54 | printf "%s%s%s\n" "User " "${email}" " doesn't exist"
55 | exit 1
56 | elif [[ "$deleteResponse" -ne 200 && "$deleteResponse" -ne 204 ]]; then
57 | printf "%s%s\n" "Unexpected HTTP status code from IDAM: " "${deleteResponse}"
58 | exit 1
59 | else
60 | printf "%s%s\n" "Recreating IDAM user: " "${email}"
61 | createResponse=$(create_user_request)
62 | if [[ "$createResponse" -eq 403 ]]; then
63 | printf "%s%s%s\n" "User " "${email}" " already exists"
64 | exit 1
65 | elif [[ "$createResponse" -ne 201 ]]; then
66 | printf "%s%s\n" "Unexpected HTTP status code from IDAM: " "${createResponse}"
67 | exit 1
68 | else
69 | printf "%s%s%s\n" "User " "${email}" " - updated in IDAM"
70 | fi
71 | fi
72 | fi
73 | }
74 |
75 | ######################
76 | ## MAIN
77 | ######################
78 |
79 | set -eu
80 |
81 | if [ "${ENVIRONMENT:-local}" != "local" ]; then
82 | exit 0;
83 | fi
84 |
85 | email=${1}
86 | rolesStr=${2}
87 | surname=${3:-"Tester"}
88 | firstName=${4:-${email}}
89 |
90 | IFS=',' read -ra roles <<<"${rolesStr}"
91 |
92 | rolesJson=''
93 | for role in "${roles[@]}"; do
94 | if [[ -n ${rolesJson} ]]; then
95 | rolesJson="${rolesJson},"
96 | fi
97 | rolesJson=${rolesJson}'{"code":"'${role}'"}'
98 | done
99 |
100 | printf "\n%s%s\n" "Creating IDAM user: " "${email}"
101 |
102 | userCreationResponse=$(create_user_request)
103 |
104 | # Unfortunately trying to create the same user throws 403, so we don't know what went wrong
105 | if [[ $userCreationResponse -eq 403 ]]; then
106 | printf "%s%s%s\n" "User " "${email}" " already exists"
107 | recreate_user
108 | elif [[ $userCreationResponse -ne 201 ]]; then
109 | printf "%s%s\n" "Unexpected HTTP status code from IDAM: " "${userCreationResponse}"
110 | exit 1
111 | else
112 | printf "%s%s%s\n" "User " "${email}" " - added to IDAM"
113 | fi
114 |
--------------------------------------------------------------------------------
/bin/utils/idam-create-service.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | set -eu
4 |
5 | dir=$(dirname ${0})
6 |
7 | LABEL=${1}
8 | CLIENT_ID=${2}
9 | CLIENT_SECRET=${3}
10 | REDIRECT_URL=${4}
11 | SELF_REGISTRATION=${5:-"false"}
12 | SCOPE=${6:-"openid profile roles"}
13 |
14 | apiToken=$(${dir}/idam-authenticate.sh "${IDAM_ADMIN_USER}" "${IDAM_ADMIN_PASSWORD}")
15 |
16 | echo -e "\nCreating service with:\nLabel: ${LABEL}\nClient ID: ${CLIENT_ID}\nClient Secret: ${CLIENT_SECRET}\nRedirect URL: ${REDIRECT_URL}\n"
17 |
18 | STATUS=$(curl --silent --output /dev/null --write-out '%{http_code}' -X POST -H 'Content-Type: application/json' -H "Authorization: AdminApiAuthToken ${apiToken}" \
19 | ${IDAM_API_BASE_URL:-http://localhost:5000}/services \
20 | -d '{
21 | "allowedRoles": [],
22 | "description": "'${LABEL}'",
23 | "label": "'${LABEL}'",
24 | "oauth2ClientId": "'${CLIENT_ID}'",
25 | "oauth2ClientSecret": "'${CLIENT_SECRET}'",
26 | "oauth2RedirectUris": ["'${REDIRECT_URL}'"],
27 | "oauth2Scope": "'"${SCOPE}"'",
28 | "selfRegistrationAllowed": "'${SELF_REGISTRATION}'"
29 | }')
30 |
31 | if [ $STATUS -eq 201 ]; then
32 | echo "Service created successfully"
33 | elif [ $STATUS -eq 409 ]; then
34 | echo "Service already exists!"
35 | else
36 | echo "ERROR: HTTPCODE = $STATUS"
37 | exit 1
38 | fi
39 |
--------------------------------------------------------------------------------
/bin/utils/idam-get-user.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | set -eu
4 |
5 | if [ "${ENVIRONMENT:-local}" != "local" ]; then
6 | exit 0;
7 | fi
8 |
9 | dir=$(dirname ${0})
10 |
11 | email=${1}
12 |
13 | apiToken=$(${dir}/idam-authenticate.sh "${IDAM_ADMIN_USER}" "${IDAM_ADMIN_PASSWORD}")
14 |
15 | curl --silent --show-error -H 'Content-Type: application/json' -H "Authorization: AdminApiAuthToken ${apiToken}" \
16 | ${IDAM_API_BASE_URL:-http://localhost:5000}/users?email=${email}
17 |
--------------------------------------------------------------------------------
/bin/utils/idam-remove-caseworker.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | ######################
4 | ## FUNCTIONS
5 | ######################
6 |
7 | remove_user_request() {
8 | response=$(curl --insecure --show-error --silent --output /dev/null --write-out "%{http_code}" -X DELETE \
9 | "${IDAM_API_BASE_URL:-http://localhost:5000}"/testing-support/accounts/"${email}")
10 | echo "$response"
11 | }
12 |
13 | set -eu
14 |
15 | if [ "${ENVIRONMENT:-local}" != "local" ]; then
16 | exit 0;
17 | fi
18 |
19 | email=${1}
20 |
21 | printf "\n%s%s\n" "Removing IDAM user: " "${email}"
22 |
23 | userRemovalResponse=$(remove_user_request)
24 |
25 | if [[ $userRemovalResponse -ne 204 ]]; then
26 | printf "%s%s\n" "Unexpected HTTP status code from IDAM: " "${userRemovalResponse}"
27 | exit 1
28 | else
29 | printf "%s%s%s\n" "User " "${email}" " - removed from IDAM"
30 | fi
31 |
--------------------------------------------------------------------------------
/bin/utils/idam-user-token.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | IMPORTER_USERNAME=${1:-ccd.docker.default@hmcts.net}
4 | IMPORTER_PASSWORD=${2:-Pa55word11}
5 | IDAM_URI=${IDAM_STUB_LOCALHOST:-http://localhost:5000}
6 | REDIRECT_URI="http://localhost:3451/oauth2redirect"
7 | CLIENT_ID="ccd_gateway"
8 | CLIENT_SECRET="ccd_gateway_secret"
9 | CURL_OPTS="$CURL_OPTS -S --silent"
10 | code=$(curl ${CURL_OPTS} -u "${IMPORTER_USERNAME}:${IMPORTER_PASSWORD}" -XPOST "${IDAM_URI}/oauth2/authorize?redirect_uri=${REDIRECT_URI}&response_type=code&client_id=${CLIENT_ID}" -d "" | jq -r .code)
11 |
12 | curl ${CURL_OPTS} -H "Content-Type: application/x-www-form-urlencoded" -u "${CLIENT_ID}:${CLIENT_SECRET}" -XPOST "${IDAM_URI}/oauth2/token?code=${code}&redirect_uri=${REDIRECT_URI}&grant_type=authorization_code" -d "" | jq -r .access_token
13 |
--------------------------------------------------------------------------------
/bin/utils/lease-service-token.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | set -eu
4 |
5 | microservice=${1:-ccd_gw}
6 |
7 | curl --insecure --fail --show-error --silent -X POST \
8 | ${SERVICE_AUTH_PROVIDER_API_BASE_URL:-http://localhost:4502}/testing-support/lease \
9 | -H "Content-Type: application/json" \
10 | -d '{
11 | "microservice": "'${microservice}'"
12 | }' \
13 | -w "\n"
14 |
15 |
--------------------------------------------------------------------------------
/bulk-user-setup/README.md:
--------------------------------------------------------------------------------
1 | # The bulk user creation script
2 |
3 | The script requires the following bash utilities. Please install them depending on your OS.
4 |
5 | 1. jq - [Json Processor](https://ghcr.io/jqlang/jq)
6 |
7 | 2. [csvkit](https://formulae.brew.sh/formula/csvkit) - collection of CSV tools
8 |
9 | ----
10 | The script will prompt for the following information dependent on what is passed to the prompt for 'environment to use':
11 |
12 | default environment is assumed to be 'local', for testing against the local docker environment no further prompts will be displayed
13 | as all the required information is contained within 'bulk-user-setup.config'
14 |
15 | 1. environment (default if nothing provided is 'local')
16 |
17 | If any other environment is passed i.e. 'prod' the following prompts will appear:
18 |
19 | 2. directory path containing csv input files (only enter the directory path)
20 | 3. ccd idam-admin username
21 | 4. ccd idam-admin password
22 | 5. idam oauth2 secret for ccd-bulk-user-register client -
23 |
24 |
25 | To get the oauth2 secret for idam client against the prod environment run the following:
26 |
27 | az login (if not already logged in to Azure)
28 | az keyvault secret show --vault-name ccd-prod --name ccd_bulk_user_management_secret
29 |
30 | Generated log file and output files will be placed in bulk-user-setup/test/outputs/{Date} folder.
31 |
32 | ----
33 |
34 | ## CSV file format
35 |
36 | The CSV input file must contain the following *mandatory* elements, including a header row.
37 |
38 | | Header | Mandatory | Description |
39 | |-------------------|--------------------------|---------------------------------------------------------------------|
40 | | operation | **Yes** | `add` or `delete` or `updateName` or `find` |
41 | | email | **Yes** | Email address of the user. |
42 | | firstName | **Depends on operation** | First name of the user. |
43 | | lastName | **Depends on operation** | Last name of the user. |
44 | | roles | **Depends on operation** | A pipe delimited list of roles for the user to be added or removed. |
45 | | isActive | (output) | active state of the user (TRUE/FALSE or blank) |
46 | | lastModified | (output) | datetime stamp user last updated or blank |
47 | | status | (output) | Status of operation, e.g. `SUCCESS`, `FAILED`, `SKIPPED` |
48 | | responseMessage | (output) | additional output message for operation |
49 |
50 | To enable overall testing we can supply the following headers in the test input files:
51 |
52 | operation,email,firstName,lastName,roles,userExists,result,prerequisite,comment
53 |
54 | where:
55 | userExists is a boolean value (TRUE/FALSE) which can later be used for verification
56 | result is a string value (SUCCESS/FAILED/SKIPPED). If this header is provided and populated the test will verify the actual
57 | result of the operation.
58 |
59 |
60 | > Note: The field headings are case-sensitive but the order of the columns is not important. Any additional columns
61 | will be ignored by the process.
62 |
63 | The import CSV file is renamed by the process to discourage its accidental re-use. However, at the end of the process
64 | a copy of the output file is copied to the original input file location. This new file will contain the additional
65 | output fields listed above.
66 |
67 | > Note: In the unlikely event the script terminates early; then manual intervention would be required to generate the
68 | ‘next’ input file: by combining the unprocessed input records with those already present in the latest output file.
69 | **Care should be taken to ensure the CSV data columns copied from the input file are in the same order as those in
70 | the output file.**
71 |
72 | ----
73 |
74 | ## Local docker testing setup
75 |
76 | Run the following scripts to create the client and required users and roles for local testing.
77 |
78 | ****************************************************************************************************************************************************************************
79 | ** Testing ssoID logic can only be currently performed in the Demo environment. This is due to a limitation on local
80 | as the idam_api for search user does not return the ssoId attributes when using local docker instance image
81 |
82 | To test in demo, ensure the required demo test accounts are created first using the steps below
83 | a. Connect to the VPN
84 | b. Open a browser tab to 'https://idam-api.demo.platform.hmcts.net/swagger-ui/index.html?urls.primaryName=Testing%20Support#/Testing%20Support/createTestAccount'
85 | c. click try-it out
86 | d. Enter body payload, example:
87 | {
88 | "email": "ccd.test.add.ssoid@eJudiciary.net",
89 | "forename": "test",
90 | "surname": "tester",
91 | "password": "Password123!",
92 | "ssoId": "72b606e0-dd56-4c49-9335-2b0bd8f56f86",
93 | "ssoProvider": "eJudiciary.net"
94 | }
95 | e. When executing the ./bulk-user-setup.sh, enter the following details for the demo environment 'ccd-bulk-user-register' service:
96 | environment: demo
97 | directory path:
98 | username: test1.demo.bulkscript@hmcts.net
99 | password: Password123!
100 | oauth2 secret:
101 | If an account does not exist in demo (i.e. if the above is not used within 90 days the password will expire and a new account may be required)
102 | create the account such that it has the following roles: ccd-admin, ccd-import, idam-user-dashboard--access
103 | ****************************************************************************************************************************************************************************
104 |
105 | 1. open terminal ensuring to change directory into root folder "bulk-user-setup"
106 | 2. execute ./test/utils/add-idam-clients.sh (this needs to be done the first time only)
107 | 3. execute ./test/utils/add-idam-roles.sh (this should be executed the first time and any time new roles need to be added)
108 | ** Roles to be added are defined in the file: roles.json
109 | 4. execute ./test/utils/add-users.sh (see below first)
110 |
111 | ** Users to be added are defined in the file: users.json. Please ensure roles are created before assigning to them to users
112 | ** To add a user without any roles, pass the roles as "''" as can be seen in the example file included in this repo
113 |
114 | ** Note: In 'bulk-user-setup.config' the variable CREATE_TEST_USERS=true implies test users will be created
115 | prior to processing any input file
116 |
117 | ** Since the search user api now uses the /api/v1 elastic search end-point, CREATE_TEST_USERS is set to false
118 | please wait some time between creating the test users and running the test cases (due to cache commits etc.)
119 |
120 | ** Before running the main script make sure the input csv file(s) are copied to bulk-user-setup/test/inputs folder.
121 |
122 | 5. execute ./bulk-user-setup.sh
123 | ** For testing in local, enter 'local' when prompted for environment
124 |
125 | After running the main script input files copied to bulk-user-setup/test/inputs will be processed in turn (only files with extension .csv will be considered)
126 | Generated output and backup of input files will be copied to ../outputs/{DateTime} (i.e. /bulk-user-setup/test/outputs/{DateTime}) folder.
127 | Any invalid input file will be skipped (i.e. due to missing or incorrect mandatory CSV header) and remain in the original bulk-user-setup/test/inputs folder.
128 |
129 | ## Verifying results when testing locally against the test input scenario files
130 |
131 | 1. After all the .csv test input files are processed you should find a output log file i.e. BULK-SCRIPT-OUTPUT2022-11-14.log
132 | 2. Open this file and locate lines beginning with "Start - processing input file ../bulk-user-setup/test/inputs/.csv"
133 | and "End - processing input file ../bulk-user-setup/test/inputs/.csv"
134 | 3. Assuming the file was not skipped over (due to invalid format or invalid header attributes), you should see one of
135 | the following just after each "End - processing input file..." statement
136 | "INFO **** ALL TESTS PASSED ****" or "INFO **** ALL TESTS FAILED ****" or "INFO **** NOT ALL TESTS PASSED ****"
137 | 4. If all tests did not pass in a particular input file, the log will display the line number of the failing test i.e.
138 | "DEBUG test failed at record number: 10"
139 |
140 | When running the script you will be prompted for which environment to use (default being 'local'). This translates to the idam api url to use i.e.:
141 |
142 | prod = https://idam-api.platform.hmcts.net
143 | local = http://localhost:5000
144 | other = https://idam-api.${other}.platform.hmcts.net
145 |
146 | ## Production setup / user guide
147 |
148 | To use this bulk script in any environment other than local the following should be changed (if required):
149 |
150 | 1. Open a terminal session at the root directory 'bulk-user-setup'
151 | 2. In 'bulk-user-setup.config' change CREATE_TEST_USERS=true to CREATE_TEST_USERS=false
152 | 3. Issue the command ./bulk-user-setup.sh
153 | 4. Provide inputs as required
154 | 5. Finally check output (results and logs to understand console output other than success, i.e. skipped, failed executions)
155 | 6. if ENABLE_CASEWORKER_CHECKS=true is set within 'bulk-user-setup.config', the script will (after processing the CSV input files)
156 | check the local master caseworker file (caseworker-roles-master.txt) against the remote caseworker roles fetched via a GET api call
157 | Comparison results will be outputted to the console and log file. There is no automated process for updating the local master file.
158 | Refer to the output and decide if the missing caseworker roles need to be added to the processing logic.
159 |
160 |
--------------------------------------------------------------------------------
/bulk-user-setup/bulk-user-setup.config:
--------------------------------------------------------------------------------
1 | #######################################
2 | # Logging Constants / global variables
3 | #######################################
4 | LOGFILE='' #Will be set based on input file
5 | LOGLEVEL='DEBUG'
6 | #whether to create log per input file, if false only one log file will be generated. If true each input file will have a corresponding log file.
7 | LOG_PER_INPUT_FILE=false
8 |
9 | #############################################
10 | # String Constants
11 | #############################################
12 | InvalidEmailDetected="Invalid email detected"
13 | NoRolesDefined="No roles defined"
14 | RolesDefinedContainInvalidCharacters="Roles defined contain invalid characters"
15 | userNotFound="user not found"
16 | BothFirstAndLastnameCannotBeEmpty="both firstName and lastName cannot be empty"
17 | UserExistsNotActive="User exists but not active"
18 |
19 | ######################################################
20 | # Global Constants / script mandatory variables
21 | ######################################################
22 | ADMIN_USER="idamOwner@hmcts.net"
23 | ADMIN_USER_PWD="Ref0rmIsFun"
24 | IDAM_CLIENT_SECRET="ccd-bulk-user-register-secret"
25 | REDIRECT_URI="https://create-bulk-user-test/oauth2redirect"
26 | CLIENT_ID="ccd-bulk-user-register"
27 | ENABLE_SCOPE_USER_SEARCH=true
28 |
29 | CSV_DIR_PATH="../bulk-user-setup/test/inputs"
30 | ENV="local"
31 | CSV_PROCESSED_DIR_NAME="../outputs/$(date -u +"%FT%H:%M:%SZ")"
32 |
33 | #Boolean to determine if test case users should be created
34 | CREATE_TEST_USERS=false
35 |
36 | #Boolean to determine if local caseworker to remote caseworker comparisons should be completed
37 | ENABLE_CASEWORKER_CHECKS=true
38 |
39 | #Boolean to process an operation on a user where state is inactive
40 | PROCESS_INACTIVE_USER=false
41 |
42 | #Boolean to set user active if inactive (for add operation mostly)
43 | SET_INACTIVE_USER_TO_ACTIVE=false
44 |
45 | #Boolean to allow user registrations with id
46 | #if set to true and input file does not contain column 'id' file will be skipped
47 | #if set to false and input file contains column 'id' file will be skipped
48 | ENABLE_USERID_REGISTRATIONS=false
49 |
50 | ##########################
51 | # console colours / fonts
52 | ##########################
53 | RED=$(tput setaf 1)
54 | YELLOW=$(tput setaf 3)
55 | GREEN=$(tput setaf 2)
56 | BOLD=$(tput bold)
57 | NORMAL=$(tput sgr0)
58 |
59 | ###########################################
60 | # Special case Constants / global variables
61 | ###########################################
62 |
63 | IGNORED_ROLES_FROM_USER_ADD_REQUEST="caseworker"
64 |
65 | IGNORED_ROLES_FROM_USER_DELETE_REQUEST="caseworker|payments|payments-refund|payments-refund-approver"
66 |
67 | #'|' delimited string of roles.
68 | #These roles will be added by default for all caseworkers when there are other caseworker related roles available for that user
69 | ADD_ROLES_BY_DEFAULT="caseworker"
70 |
71 | #'|' delimited string of roles.
72 | #These roles will be deleted by default for all caseworkers when there is no other caseworker related roles available for that user
73 | DELETE_ROLES_BY_DEFAULT="caseworker|payments|payments-refund|payments-refund-approver"
74 |
75 | #'|' delimited string of roles. These roles should not be processed by this script as they require a snow ticket
76 | MANUAL_ROLES="judiciary"
77 |
78 | # If Op is Delete and roles provided is ALL_ROLES, then remove all roles from the user and de-activate them
79 | ALL_ROLES="all-roles"
80 |
81 | #####################################
82 | # Operations supported by this script
83 | #####################################
84 | OPS=("add" "updatename" "delete" "find" "updateemail" "suspend")
85 |
86 | ##########################################################################
87 | # Predifined roles
88 | # the '|' role set will be applied if parent key is present in input file
89 | ##########################################################################
90 | DIVORCE_ROLES="caseworker-divorce|caseworker-divorce-bulkscan|caseworker-divorce-courtadmin|caseworker-divorce-courtadmin-la|caseworker-divorce-courtadmin_beta|caseworker-divorce-judge|caseworker-divorce-pcqextractor|caseworker-divorce-solicitor|caseworker-divorce-superuser"
91 | DIVORCE_FR_ROLES="caseworker-divorce|caseworker-divorce-bulkscan|caseworker-divorce-courtadmin|caseworker-divorce-courtadmin-la|caseworker-divorce-courtadmin_beta|caseworker-divorce-judge|caseworker-divorce-pcqextractor|caseworker-divorce-solicitor|caseworker-divorce-superuser|caseworker-divorce-financialremedy|caseworker-divorce-financialremedy-courtadmin|caseworker-divorce-financialremedy-solicitor|caseworker-divorce-financialremedy-judiciary|caseworker-divorce-financialremedy-superuser|caseworker-divorce-systemupdate|caseworker-approver"
92 | EMPLOYMENT_ROLES="caseworker-employment|caseworker-employment-api|caseworker-employment-bristol|caseworker-employment-englandwales|caseworker-employment-etjudge|caseworker-employment-etjudge-englandwales|caseworker-employment-etjudge-scotland|caseworker-employment-leeds|caseworker-employment-legalrep-solicitor|caseworker-employment-londoncentral|caseworker-employment-londoneast|caseworker-employment-londonsouth|caseworker-employment-manchester|caseworker-employment-midlandseast|caseworker-employment-midlandswest|caseworker-employment-newcastle|caseworker-employment-scotland|caseworker-employment-wales|caseworker-employment-watford|caseworker-et-pcqextractor|caseworker-employment-etjudge-bristol|caseworker-employment-etjudge-leeds|caseworker-employment-etjudge-londoncentral|caseworker-employment-etjudge-londoneast|caseworker-employment-etjudge-londonsouth|caseworker-employment-etjudge-manchester|caseworker-employment-etjudge-midlandseast|caseworker-employment-etjudge-midlandswest|caseworker-employment-etjudge-newcastle|caseworker-employment-etjudge-wales|caseworker-employment-etjudge-watford|et-acas-api"
93 | FR_ROLES="caseworker-divorce-financialremedy|caseworker-divorce-financialremedy-courtadmin|caseworker-divorce-financialremedy-solicitor|caseworker-divorce-financialremedy-judiciary|caseworker-divorce-financialremedy-superuser|caseworker-divorce-systemupdate|caseworker-divorce-bulkscan|caseworker-approver"
94 | IA_ROLES="caseworker-ia|caseworker-ia-admofficer|caseworker-ia-bails|caseworker-ia-caseofficer|caseworker-ia-homeofficeapc|caseworker-ia-homeofficebail|caseworker-ia-homeofficelart|caseworker-ia-homeofficepou|caseworker-ia-iacjudge|caseworker-ia-judiciary|caseworker-ia-legalrep-solicitor|caseworker-ia-readonly|caseworker-ia-respondentofficer|caseworker-ia-srcaseofficer|caseworker-ia-system|caseworker-ia-system-access|caseworker-iac-bulkscan|caseworker-iac-systemupdate"
95 | PRIVATELAW_ROLES="caseworker-privatelaw|caseworker-privatelaw-bulkscan|caseworker-privatelaw-bulkscansystemupdate|caseworker-privatelaw-courtadmin|caseworker-privatelaw-judge|caseworker-privatelaw-la|caseworker-privatelaw-solicitor|caseworker-privatelaw-superuser|caseworker-privatelaw-systemupdate|courtnav|caseworker-privatelaw-cafcass"
96 | PUBLICLAW_ROLES="caseworker-publiclaw|caseworker-publiclaw-bulkscan|caseworker-publiclaw-bulkscansystemupdate|caseworker-publiclaw-cafcass|caseworker-publiclaw-courtadmin|caseworker-publiclaw-gatekeeper|caseworker-publiclaw-judiciary|caseworker-publiclaw-localAuthority|caseworker-publiclaw-magistrate|caseworker-publiclaw-solicitor|caseworker-publiclaw-superuser|caseworker-publiclaw-systemupdate"
97 | SSCS_ROLES="caseworker-sscs|caseworker-sscs-anonymouscitizen|caseworker-sscs-bulkscan|caseworker-sscs-callagent|caseworker-sscs-clerk|caseworker-sscs-dwpresponsewriter|caseworker-sscs-judge|caseworker-sscs-panelmember|caseworker-sscs-pcqextractor|caseworker-sscs-registrar|caseworker-sscs-superuser|caseworker-sscs-systemupdate"
--------------------------------------------------------------------------------
/bulk-user-setup/bulk_processing/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hmcts/ccd-docker/e858b1742a993bf59efb0591c67d55ac659e2a18/bulk-user-setup/bulk_processing/.DS_Store
--------------------------------------------------------------------------------
/bulk-user-setup/bulk_processing/Templates/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hmcts/ccd-docker/e858b1742a993bf59efb0591c67d55ac659e2a18/bulk-user-setup/bulk_processing/Templates/.DS_Store
--------------------------------------------------------------------------------
/bulk-user-setup/caseworker-roles-local-testing.txt:
--------------------------------------------------------------------------------
1 | caseworker-role-five
2 | caseworker-role-four
3 | caseworker-role
4 | caseworker-befta_jurisdiction_1
5 | caseworker-befta_jurisdiction_2
6 | caseworker-befta_jurisdiction_2-solicitor_1
7 | caseworker-befta_jurisdiction_2-solicitor_2
8 | caseworker-befta_jurisdiction_2-solicitor_3
9 | caseworker-befta_jurisdiction_3
10 | caseworker-befta_jurisdiction_3-solicitor
11 | caseworker-befta_master
12 | caseworker-befta_master-solici
13 | caseworker-befta_master-solicitor
14 | caseworker-befta_master-solicitor_1
15 | caseworker-befta_master-solicitor_2
16 | caseworker-befta_master-solicitor_3
17 | caseworker_role_six
18 | caseworker-role-one
19 | caseworker-role-six
20 | caseworker-role-three
21 | caseworker-role-two
22 | caseworker-role-eight
23 | caseworker-role-seven
24 | caseworker_role_three
25 | caseworker
26 | caseworker-autotest1
27 | caseworker-autotest1-private
28 | caseworker-autotest1-senior
29 | caseworker-autotest1-solicitor
30 | caseworker-autotest2
31 | caseworker-autotest2-private
32 | caseworker-autotest2-senior
33 | caseworker-autotest2-solicitor
34 | caseworker-caa
35 | caseworker-ia
36 | caseworker-ia-admofficer
37 | caseworker-ia-bails
38 | caseworker-ia-caseofficer
39 | caseworker-ia-homeofficeapc
40 | caseworker-ia-homeofficebail
41 | caseworker-ia-homeofficelart
42 | caseworker-ia-homeofficepou
43 | caseworker-ia-iacjudge
44 | caseworker-ia-legalrep-solicitor
45 | caseworker-ia-respondentofficer
46 | caseworker-ia-judiciary
47 | caseworker-ia-readonly
48 | caseworker-ia-srcaseofficer
49 | caseworker-ia-system
50 | caseworker-ia-system-access
51 | caseworker-iac-systemupdate
--------------------------------------------------------------------------------
/bulk-user-setup/caseworker-roles-master.txt:
--------------------------------------------------------------------------------
1 | caseworker
2 | caseworker-adoption
3 | caseworker-adoption-caseworker
4 | caseworker-adoption-courtadmin
5 | caseworker-adoption-judge
6 | caseworker-adoption-la
7 | caseworker-adoption-solicitor
8 | caseworker-adoption-superuser
9 | caseworker-autotest1
10 | caseworker-autotest1-junior
11 | caseworker-autotest1-manager
12 | caseworker-autotest1-private
13 | caseworker-autotest1-protected
14 | caseworker-autotest1-public
15 | caseworker-autotest1-senior
16 | caseworker-autotest1-solicitor
17 | caseworker-autotest2
18 | caseworker-autotest2-junior
19 | caseworker-autotest2-manager
20 | caseworker-autotest2-private
21 | caseworker-autotest2-protected
22 | caseworker-autotest2-public
23 | caseworker-autotest2-senior
24 | caseworker-autotest2-solicitor
25 | caseworker-caa
26 | caseworker-civil
27 | caseworker-civil-admin
28 | caseworker-civil-judge
29 | caseworker-civil-solicitor
30 | caseworker-civil-staff
31 | caseworker-civil-systemupdate
32 | caseworker-cmc
33 | caseworker-cmc-anonymouscitizen
34 | caseworker-cmc-bulkscan
35 | caseworker-cmc-courtAdmin
36 | caseworker-cmc-judge
37 | caseworker-cmc-legaladvisor
38 | caseworker-cmc-pcqextractor
39 | caseworker-cmc-solicitor
40 | caseworker-cmc-systemupdate
41 | caseworker-da
42 | caseworker-da-barrister
43 | caseworker-da-casecreator
44 | caseworker-da-caseworker
45 | caseworker-da-courtadmin
46 | caseworker-da-judge
47 | caseworker-da-la
48 | caseworker-da-magistrate
49 | caseworker-da-solicitor
50 | caseworker-da-superuser
51 | caseworker-divorce
52 | caseworker-divorce-bulkscan
53 | caseworker-divorce-courtadmin
54 | caseworker-divorce-courtadmin-la
55 | caseworker-divorce-courtadmin_beta
56 | caseworker-divorce-financialremedy
57 | caseworker-divorce-financialremedy-courtadmin
58 | caseworker-divorce-financialremedy-judiciary
59 | caseworker-divorce-financialremedy-solicitor
60 | caseworker-divorce-judge
61 | caseworker-divorce-pcqextractor
62 | caseworker-divorce-solicitor
63 | caseworker-divorce-superuser
64 | caseworker-domesticabuse
65 | caseworker-domesticabuse-barrister
66 | caseworker-domesticabuse-casecreator
67 | caseworker-domesticabuse-caseworker
68 | caseworker-domesticabuse-courtadmin
69 | caseworker-domesticabuse-judge
70 | caseworker-domesticabuse-la
71 | caseworker-domesticabuse-magistrate
72 | caseworker-domesticabuse-solicitor
73 | caseworker-domesticabuse-superuser
74 | caseworker-employment
75 | caseworker-employment-api
76 | caseworker-employment-bristol
77 | caseworker-employment-englandwales
78 | caseworker-employment-etjudge
79 | caseworker-employment-etjudge-englandwales
80 | caseworker-employment-etjudge-scotland
81 | caseworker-employment-leeds
82 | caseworker-employment-legalrep-solicitor
83 | caseworker-employment-londoncentral
84 | caseworker-employment-londoneast
85 | caseworker-employment-londonsouth
86 | caseworker-employment-manchester
87 | caseworker-employment-midlandseast
88 | caseworker-employment-midlandswest
89 | caseworker-employment-newcastle
90 | caseworker-employment-scotland
91 | caseworker-employment-tribunal-api
92 | caseworker-employment-tribunal-glasgow
93 | caseworker-employment-tribunal-glasgow-api
94 | caseworker-employment-tribunal-glasgow-caseofficer
95 | caseworker-employment-tribunal-glasgow-casesupervisor
96 | caseworker-employment-tribunal-manchester
97 | caseworker-employment-tribunal-manchester-api
98 | caseworker-employment-tribunal-manchester-caseofficer
99 | caseworker-employment-tribunal-manchester-casesupervisor
100 | caseworker-employment-wales
101 | caseworker-employment-watford
102 | caseworker-et-pcqextractor
103 | caseworker-fpla-bulkscan
104 | caseworker-fpla-systemupdate
105 | caseworker-hrs
106 | caseworker-hrs-searcher
107 | caseworker-ia
108 | caseworker-ia-admofficer
109 | caseworker-ia-bails
110 | caseworker-ia-caseofficer
111 | caseworker-ia-homeofficeapc
112 | caseworker-ia-homeofficebail
113 | caseworker-ia-homeofficelart
114 | caseworker-ia-homeofficepou
115 | caseworker-ia-iacjudge
116 | caseworker-ia-judiciary
117 | caseworker-ia-legalrep-solicitor
118 | caseworker-ia-readonly
119 | caseworker-ia-respondentofficer
120 | caseworker-ia-srcaseofficer
121 | caseworker-ia-system
122 | caseworker-ia-system-access
123 | caseworker-iac-bulkscan
124 | caseworker-iac-systemupdate
125 | caseworker-privatelaw
126 | caseworker-privatelaw-bulkscan
127 | caseworker-privatelaw-bulkscansystemupdate
128 | caseworker-privatelaw-cafcass
129 | caseworker-privatelaw-casecreator
130 | caseworker-privatelaw-courtadmin
131 | caseworker-privatelaw-judge
132 | caseworker-privatelaw-la
133 | caseworker-privatelaw-solicitor
134 | caseworker-privatelaw-superuser
135 | caseworker-privatelaw-systemupdate
136 | caseworker-probate
137 | caseworker-probate-authoriser
138 | caseworker-probate-bulkscan
139 | caseworker-probate-caseadmin
140 | caseworker-probate-caseofficer
141 | caseworker-probate-charity
142 | caseworker-probate-examiner
143 | caseworker-probate-issuer
144 | caseworker-probate-judge
145 | caseworker-probate-pcqextractor
146 | caseworker-probate-registrar
147 | caseworker-probate-scheduler
148 | caseworker-probate-solicitor
149 | caseworker-probate-superuser
150 | caseworker-probate-systemupdate
151 | caseworker-publiclaw
152 | caseworker-publiclaw-bulkscan
153 | caseworker-publiclaw-bulkscansystemupdate
154 | caseworker-publiclaw-cafcass
155 | caseworker-publiclaw-courtadmin
156 | caseworker-publiclaw-gatekeeper
157 | caseworker-publiclaw-judiciary
158 | caseworker-publiclaw-localAuthority
159 | caseworker-publiclaw-magistrate
160 | caseworker-publiclaw-solicitor
161 | caseworker-publiclaw-superuser
162 | caseworker-publiclaw-systemupdate
163 | caseworker-ras-validation
164 | caseworker-reference-data
165 | caseworker-sscs
166 | caseworker-sscs-anonymouscitizen
167 | caseworker-sscs-bulkscan
168 | caseworker-sscs-callagent
169 | caseworker-sscs-clerk
170 | caseworker-sscs-dwpresponsewriter
171 | caseworker-sscs-judge
172 | caseworker-sscs-panelmember
173 | caseworker-sscs-pcqextractor
174 | caseworker-sscs-registrar
175 | caseworker-sscs-superuser
176 | caseworker-sscs-systemupdate
177 | caseworker-test
178 | caseworker-test-junior
179 | caseworker-test-manager
180 | caseworker-test-private
181 | caseworker-test-protected
182 | caseworker-test-public
183 | caseworker-test-senior
184 | caseworker-test-solicitor
185 | caseworker-wa-task-configuration
186 | caseworker-sscs-hmrcresponsewriter
187 | caseworker-approver
188 | caseworker-adoption-bulkscan
189 | caseworker-adoption-bulkscansystemupdate
190 | caseworker-adoption-systemupdate
191 | caseworker-bsp-systemupdate
192 | caseworker-divorce-systemupdate
193 | caseworker-employment-etjudge-bristol
194 | caseworker-employment-etjudge-leeds
195 | caseworker-employment-etjudge-londoncentral
196 | caseworker-employment-etjudge-londoneast
197 | caseworker-employment-etjudge-londonsouth
198 | caseworker-employment-etjudge-manchester
199 | caseworker-employment-etjudge-midlandseast
200 | caseworker-employment-etjudge-midlandswest
201 | caseworker-employment-etjudge-newcastle
202 | caseworker-employment-etjudge-wales
203 | caseworker-employment-etjudge-watford
204 | caseworker-finrem-systemupdate
205 | caseworker-ia-judge
206 | caseworker-ia-respondentlocalauthority
207 | caseworker-ia-respondentnaab
208 | caseworker-sscs-teamleader
209 | fpl-caseworker-publiclaw
210 | fpl-caseworker-publiclaw-cafcass
211 | fpl-caseworker-publiclaw-courtadmin
212 | fpl-caseworker-publiclaw-gatekeeper
213 | fpl-caseworker-publiclaw-judiciary
214 | fpl-caseworker-publiclaw-solicitor
215 | fpl-caseworker-publiclaw-systemupdate
216 |
--------------------------------------------------------------------------------
/bulk-user-setup/test/inputs/ADD-WITH-ID-SSOID.csv:
--------------------------------------------------------------------------------
1 | operation,email,firstName,lastName,roles,id,ssoId,userExists,result,prerequisite,comment
2 | add,ccd.test.add.user00@hmcts.gov.uk,,,caseworker|caseworker-role-one,,b2e98223-9ce6-4278-8707-d2e6ab8cc8c9,FALSE,FAILED,ENABLE_USERID_REGISTRATIONS=true,"id is unique, both first name and last name cannot be empty"
3 | add,ccd.test.add.user1@hmcts.gov.uk,fn1,ln1,,,b2e98223-9ce6-4278-8707-d2e6ab8cc8c9,TRUE,FAILED,"ENABLE_USERID_REGISTRATIONS=true, id already exists",Roles are mandatory
4 | add,ccd.test.add.user1@hmcts.gov.uk,fn1,ln1,caseworker|caseworker-role-one,,b2e98223-9ce6-4278-8707-d2e6ab8cc8c9,TRUE,FAILED,"ENABLE_USERID_REGISTRATIONS=true, id already exists",User with given email already exists
5 | add,ccd.test.add.user03@hmcts.gov.uk,fn03,ln03,caseworker|caseworker-role-one,,b2e98223-9ce6-4278-8707-d2e6ab8cc8c9,FALSE,SUCCESS,ENABLE_USERID_REGISTRATIONS=true,id is unique
6 | add,ccd.test.add.user04@hmcts.gov.uk,fn04,ln04,caseworker|caseworker-role-one,,b2e98223-9ce6-4278-8707-d2e6ab8cc8c9,FALSE,SKIPPED,ENABLE_USERID_REGISTRATIONS=true,id is MUST be provided
7 | add,ccd.test.add.user1@hmcts.gov.uk,fn1,ln1,caseworker|caseworker-role-one,,b2e98223-9ce6-4278-8707-d2e6ab8cc8c9,TRUE,FAILED,ENABLE_USERID_REGISTRATIONS=true,"id is unique, conflict active user already exists"
8 | add,ccd.test.add.userXYZ@hmcts.gov.uk,fn1,ln1,caseworker|caseworker-role-one,,b2e98223-9ce6-4278-8707-d2e6ab8cc8c9,TRUE,FAILED,"ENABLE_USERID_REGISTRATIONS=true, id already exists",User with given id already exists
--------------------------------------------------------------------------------
/bulk-user-setup/test/inputs/ADD-WITH-ID.csv:
--------------------------------------------------------------------------------
1 | operation,email,firstName,lastName,roles,id,userExists,result,prerequisite,comment
2 | add,ccd.test.add.user00@hmcts.gov.uk,,,caseworker|caseworker-role-one,b2e98223-9ce6-4278-8707-d2e6ab8cc8c9,FALSE,FAILED,ENABLE_USERID_REGISTRATIONS=true,"id is unique, both first name and last name cannot be empty"
3 | add,ccd.test.add.user1@hmcts.gov.uk,fn1,ln1,,use-existing-user-id,TRUE,FAILED,"ENABLE_USERID_REGISTRATIONS=true, id already exists",Roles are mandatory
4 | add,ccd.test.add.user1@hmcts.gov.uk,fn1,ln1,caseworker|caseworker-role-one,use-existing-user-id,TRUE,FAILED,"ENABLE_USERID_REGISTRATIONS=true, id already exists",User with given email already exists
5 | add,ccd.test.add.user03@hmcts.gov.uk,fn03,ln03,caseworker|caseworker-role-one,b2e98223-9ce6-4278-8707-d2e6ab8cc8c9,FALSE,SUCCESS,ENABLE_USERID_REGISTRATIONS=true,id is unique
6 | add,ccd.test.add.user04@hmcts.gov.uk,fn04,ln04,caseworker|caseworker-role-one,,FALSE,SKIPPED,ENABLE_USERID_REGISTRATIONS=true,id is MUST be provided
7 | add,ccd.test.add.user1@hmcts.gov.uk,fn1,ln1,caseworker|caseworker-role-one,b2e98223-9ce6-4278-8707-d2e6ab8cc8c9,TRUE,FAILED,ENABLE_USERID_REGISTRATIONS=true,"id is unique, conflict active user already exists"
8 | add,ccd.test.add.userXYZ@hmcts.gov.uk,fn1,ln1,caseworker|caseworker-role-one,f3e6eb49-f429-462c-9712-3fdf87f4b50c,TRUE,FAILED,"ENABLE_USERID_REGISTRATIONS=true, id already exists",User with given id already exists
--------------------------------------------------------------------------------
/bulk-user-setup/test/inputs/ADD.csv:
--------------------------------------------------------------------------------
1 | operation,email,firstName,lastName,roles,userExists,result,prerequisite,comment
2 | add,ccd.test.add.user0@hmcts.gov.uk,fn1,ln1,,FALSE,FAILED,,User not found. Roles are mandatory
3 | add,ccd.test.add.user0@hmcts.gov.uk,,,manage-translations|caseworker-role-one,FALSE,FAILED,,User not found. Both first name and last name cannot be empty
4 | add,ccd.test.add.user01@hmcts.gov.uk,fn01,ln01,caseworker-role-one|caseworker-role-two,FALSE,SUCCESS,,User not found. should add caseworker role if there are other caseworker related roles to be added
5 | add,ccd.test.add.user02@hmcts.gov.uk,fn02,ln02,manage-translations,FALSE,SUCCESS,,User not found. should NOT add caseworker role if there are no other caseworker related roles to be added
6 | add,ccd.test.add.user03@hmcts.gov.uk,fn03,ln03,manage-translations|caseworker-role-one|judiciary,FALSE,SUCCESS,,"add all roles except judiciary, warn about judiciary"
7 | add,ccd.test.add.user04@hmcts.gov.uk,fn04,ln04,caseworker-role-three|caseworker-role-four,FALSE,SUCCESS,,User not found. User 1 added with some roles
8 | add,ccd.test.add.user04@hmcts.gov.uk,fn04,ln04,caseworker-role-two,FALSE,SUCCESS,re-run of script where status = SUCCESS,User not found. User 1 added with different roles for the second time
9 | add,ccd.test.add.user05@hmcts.gov.uk,fn05,,caseworker-role-five|caseworker-role-six,FALSE,SUCCESS,,"User not found. If only first name present, keep space for last name"
10 | add,ccd.test.add.user06@hmcts.gov.uk,,ln06,caseworker-role-five|caseworker-role-six,FALSE,SUCCESS,,"User not found. If only last name present, keep space for first name"
11 | add,ccd.test.add.user1@hmcts.gov.uk,fn1,ln1,,TRUE,FAILED,User is inactive,roles are always mandatory for add /delete
12 | add,ccd.test.add.user2@hmcts.gov.uk,,,caseworker-role-two,TRUE,SUCCESS,user inactive and no roles or only caseworker,Both first name and last name ignored
13 | add,ccd.test.add.user3@hmcts.gov.uk,,,caseworker-role-three|caseworker-role-four,TRUE,SUCCESS,user inactive no roles,Should activate the user and add all the roles including caseworker role
14 | add,ccd.test.add.user4@hmcts.gov.uk,,,manage-translations,TRUE,SUCCESS,user inactive no roles,Should activate the user and add all the roles and no caseworker role
15 | add,ccd.test.add.user5@hmcts.gov.uk,,,caseworker-role-five|judiciary,TRUE,SUCCESS,user inactive with or without roles,"add all roles except judiciary, warn about judiciary"
16 | add,ccd.test.add.user6@hmcts.gov.uk,,,,TRUE,FAILED,user exists,User found. Roles are mandatory
17 | add,ccd.test.add.user7@hmcts.gov.uk,,,caseworker-role-five|caseworker-role-six,TRUE,SUCCESS,user exists,User found. Both first name and last name ignored
18 | add,ccd.test.add.user8@hmcts.gov.uk,,,caseworker-role-two|caseworker-role-three,TRUE,SUCCESS,user exists with no roles,User found. should add caseworker role if there are other caseworker related roles to be added
19 | add,ccd.test.add.user9@hmcts.gov.uk,,,manage-translations,TRUE,SUCCESS,,User found. should NOT add caseworker role if there are no other caseworker related roles to be added
20 | add,ccd.test.add.user10@hmcts.gov.uk,,,caseworker-role-six|judiciary,TRUE,SUCCESS,,"add all roles except judiciary, warn about judiciary"
21 | add,ccd.test.add.user07@hmcts.gov.uk,fn07,ln07,caseworker|caseworker-role-six,FALSE,SUCCESS,user exists with no roles,User not found. Caseworker role mentioned in the roles
22 | add,ccd.test.add.user11@hmcts.gov.uk,,,caseworker|caseworker-role-six,TRUE,SUCCESS,user inactive no roles,User is inactive. Caseworker role mentioned in the roles
23 | add,ccd.test.add.user12@hmcts.gov.uk,,,caseworker|caseworker-role-six,TRUE,SUCCESS,"user exists, active no roles",User found. Caseworker role mentioned in the roles
24 | add,ccd.test.add.user13@hmcts.gov.uk,,,caseworker|caseworker-role-six,TRUE,SKIPPED,"user exists, active all roles already assigned",nothing to change
25 | add,ccd.test.add.user07@hmcts.gov.uk,fn07,ln07,caseworker-role-two|ia-roles,FALSE,FAILED,user does not exist,User does not exist. Should fail as ia-roles does not exist
26 | add,ccd.test.add.user08@hmcts.gov.uk,fn08,ln08,judiciary,FALSE,FAILED,user does not exist,"skip judicary, fail cannot create user with no roles to apply"
27 | add,ccd.test.add.user13@hmcts.gov.uk,,,judiciary,TRUE,SKIPPED,user exists with or without roles,"skip judicary, Skip as no roles to apply"
--------------------------------------------------------------------------------
/bulk-user-setup/test/inputs/CFTS-4217.csv:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hmcts/ccd-docker/e858b1742a993bf59efb0591c67d55ac659e2a18/bulk-user-setup/test/inputs/CFTS-4217.csv
--------------------------------------------------------------------------------
/bulk-user-setup/test/inputs/COMMON.csv:
--------------------------------------------------------------------------------
1 | operation,email,firstName,lastName,roles,userExists,result,prerequisite,comment
2 | add, ccd.test.common.user0@hmcts.gov.uk ,fn0 ,ln0,caseworker-role-one,FALSE,SUCCESS,user does not exist,Spaces (front and back) in email
3 | add,ccd.test.common.user1hmcts.gov.uk,,,,NA,FAILED,,Invalid Email address format
4 | add,ccd.test.common.user1@hmcts.gov.uk,,,caseworker|caseworker+test,TRUE,FAILED,,Invalid Role format
5 | add,ccd.test.common.user1@hmcts.gov.uk,,,"caseworker,caseworker-role-one",TRUE,FAILED,,Invalid Role separator
6 | add ,ccd.test.common.user2@hmcts.gov.uk,,,caseworker-role-one,TRUE,SUCCESS,"user exists, no roles",Spaces (front and back) in operation
7 | add, ccd.test.common.user3@hmcts.gov.uk ,,,caseworker-role-one,TRUE,SUCCESS,"user exists, no roles",Spaces (front and back) in email
8 | add,ccd.test.common.user0@hmcts.gov.uk, fn0 ,ln0,caseworker-role-one,FALSE,SUCCESS,,Spaces (front and back) in first name
9 | add,ccd.test.common.user01@hmcts.gov.uk,fn01, ln01 ,caseworker-role-one|caseworker-role-two,FALSE,SUCCESS,,Spaces (front and back) in last name
10 | add,ccd.test.common.user4@hmcts.gov.uk,,,caseworker-role-one | caseworker-role-two,TRUE,SUCCESS,user exists no roles,Spaces in between roles
11 | add,ccd.test.common.user5@hmcts.gov.uk,,,caseworker-role -one|caseworker-ro le-two,TRUE,SUCCESS,user exists no roles,Spaces inside roles (DO WE NEED TO FIX THESE?)
12 | add,ccd.test.common.user6@hmcts.gov.uk,,,caseworker-role-ONE|caseWorkEr-role-two,TRUE,SUCCESS,user exists no roles,Roles in upper case - should be converted to lower case
13 | ADD,ccd.test.common.user06@hmcts.gov.uk,fn06,ln06,caseworker-role-five|caseworker-role-six,FALSE,SUCCESS,,Operation in upper case - should be working
14 | add,ccd.test.common.user07@hmcts.gov.uk,fn7,ln7,caseworker-role-six|caseworker_role_six,FALSE,SUCCESS,"user does not exist, roles do exist",Roles with - and _ should be allowed
15 | add, ,,,,NA,FAILED,,Empty email id
16 | find,ccd.test.common.user1@,,,,NA,FAILED,,Invalid Email address format
17 | find ,ccd.test.common.user1@hmcts.gov.uk,,,,TRUE,SUCCESS,,Spaces (front and back) in operation
18 | find, ccd.test.common.user1@hmcts.gov.uk ,,,,TRUE,SUCCESS,,Spaces (front and back) in email
19 | FIND,ccd.test.common.user1@hmcts.gov.uk,fn6,ln6,caseworker-role-five|caseworker-role-six,TRUE,SUCCESS,user exists,Operation in upper case - should be working
20 | find,,,,,NA,FAILED,,Empty email id
21 | find,ccd.test.common.user1@hmcts.gov.uk,sometext,sometext,sometext,TRUE,SUCCESS,user exists,WARN firstName/lastName/roles given but not required
22 | find,ccd.test.common.user1@hmcts.gov.uk,sometext,sometext,,TRUE,SUCCESS,user exists,WARN firstName/lastName given but not required
23 | find,ccd.test.common.user1@hmcts.gov.uk,sometext,,sometext,TRUE,SUCCESS,user exists,WARN firstName/roles given but not required
24 | find,Ccd.Test.Common.user1@hmcts.gov.uk,sometext,,sometext,TRUE,SUCCESS,user exists,WARN firstName/roles given but not required
25 | updatename,ccd.test.common.user1@%^&hmcts.gov.uk,,,,NA,FAILED,,Invalid Email address format
26 | updatename ,ccd.test.common.user1@hmcts.gov.uk,fn1,ln1,,TRUE,SUCCESS,user exists,Spaces (front and back) in operation
27 | updatename, ccd.test.common.user1@hmcts.gov.uk ,fn2,ln2,,TRUE,SUCCESS,user exists,Spaces (front and back) in email
28 | updatename,ccd.test.common.user1@hmcts.gov.uk, fn0 ,ln0,,TRUE,SUCCESS,user exists,Spaces (front and back) in first name
29 | updatename,ccd.test.common.user1@hmcts.gov.uk,fn02, ln02 ,,TRUE,SUCCESS,user exists,Spaces (front and back) in last name
30 | UPDATENAME,ccd.test.common.user1@hmcts.gov.uk,fn1,ln1,,TRUE,SUCCESS,user exists,Operation in upper case - should be working
31 | updatename,,,,,NA,FAILED,,Empty email id
32 | updatename,ccd.test.common.user1@hmcts.gov.uk,fn03,ln03,sometext,TRUE,SUCCESS,user exists,WARN roles given but not required
33 | delete,ccd.test.common.user1@ hmcts.gov.uk,,,,NA,FAILED,,Invalid Email address format
34 | delete,ccd.test.common.user1@hmcts.gov.uk,,,caseworker|caseworker=test,TRUE,FAILED,,Invalid Role format
35 | delete,ccd.test.common.user1@hmcts.gov.uk,,,caseworker&caseworker-role-one,TRUE,FAILED,,Invalid Role separator
36 | delete ,ccd.test.common.user2@hmcts.gov.uk,,,caseworker-role-one,TRUE,SUCCESS,,Spaces (front and back) in operation
37 | delete, ccd.test.common.user3@hmcts.gov.uk ,,,caseworker-role-one,TRUE,SUCCESS,,Spaces (front and back) in email
38 | delete,ccd.test.common.user4@hmcts.gov.uk,,,caseworker-role-one | caseworker-role-two,TRUE,SUCCESS,user exists with roles,Spaces in between roles
39 | delete,ccd.test.common.user5@hmcts.gov.uk,,,caseworker-role -one|caseworker-ro le-two,TRUE,SUCCESS,user exists no roles,Spaces inside roles
40 | delete,ccd.test.common.user6@hmcts.gov.uk,,,caseworker-role-ONE|caseWorkEr-role-two,TRUE,SUCCESS,user exists with roles,Roles in upper case - should be converted to lower case
41 | DELETE,ccd.test.common.user8@hmcts.gov.uk,fn06,ln06,caseworker-role-five|caseworker-role-six,FALSE,SUCCESS,user exists with roles,Operation in upper case - should be working
42 | delete,ccd.test.common.user07@hmcts.gov.uk,fn7,ln7,caseworker-role-six|caseworker_role_six,FALSE,SKIPPED,"user does not exist, roles do exist",Roles with - and _ should be allowed
43 | delete,,,,,NA,FAILED,,Empty email id
44 | delete,ccd.test.common.user1@hmcts.gov.uk,fn1,ln1,caseworker-role-six|caseworker_role_six,TRUE,SUCCESS,user exists,WARN first and last name given but not required
45 | Update,ccd.test.common.user1@hmcts.gov.uk,fn1,ln1,caseworker-role-six|caseworker_role_six,,FAILED,,Invalid Operation name
46 | ,ccd.test.common.user1@hmcts.gov.uk,fn1,ln1,caseworker-role-six|caseworker_role_six,,FAILED,,Empty Operation name
47 | add, ccd.test.common.user0@hmcts.gov.uk ,fn0 ,ln0,caseworker-role-one||caseworker-role-two | |caseworker-role-three|,FALSE,SUCCESS,user does not exist,Roles with empty delimeter or ending in delimiter should work
--------------------------------------------------------------------------------
/bulk-user-setup/test/inputs/DELETE.csv:
--------------------------------------------------------------------------------
1 | operation,email,firstName,lastName,roles,userExists,result,prerequisite,comment
2 | delete,ccd.test.delete.user0@hmcts.gov.uk,,,caseworker|caseworker-role-one,FALSE,SKIPPED,user does not exist,user does not exist
3 | delete,ccd.test.delete.user1@hmcts.gov.uk,,,caseworker-role-two|caseworker-role-three,TRUE,SKIPPED,user has none of the roles in request,None of the roles found with the user
4 | delete,ccd.test.delete.user2@hmcts.gov.uk,,,caseworker-role-two,TRUE,SUCCESS,user has caseworker and caseworker-role-two already,Caseworker role not mentioned in the list but it is the last role with the user - deactivate user
5 | delete,ccd.test.delete.user3@hmcts.gov.uk,,,caseworker-role-three,TRUE,SUCCESS,"user has caseworker, caseworker-role-three and caseworker-role-four already",Caseworker role not mentioned in the list but it is NOT the last role with the user and some caseworker related role present - do not deactivate user
6 | delete,ccd.test.delete.user4@hmcts.gov.uk,,,caseworker-role-four,TRUE,SUCCESS,user has caseworker-role-four and some-other-role,"Caseworker role not mentioned in the list but it is NOT the last role with the user, but only non-caseworker roles present - do not deactivate user"
7 | delete,ccd.test.delete.user05@hmcts.gov.uk,fn0,ln1,caseworker|caseworker-role-one,FALSE,SKIPPED,user does not exist,First/last name mentioned - ignore and log warning
8 | delete,ccd.test.delete.user6@hmcts.gov.uk,,,caseworker|caseworker-role-five|judiciary,TRUE,FAILED,user exists with or without roles,Roles contains judiciary (or other restricted roles?)
9 | delete,ccd.test.delete.user7@hmcts.gov.uk,,,caseworker-role-five|caseworker-role-six|some-other-role,TRUE,SUCCESS,"user exists with roles caseworker-five,caseworker-role-six",Role deletion partially failed for any reason while deleting role by role
10 | delete,ccd.test.delete.user8@hmcts.gov.uk,,,caseworker-role-five|caseworker-role-six|some-other-role,TRUE,SUCCESS,Few roles removed and remaining are not found with the user,Few roles removed and remaining are not found with the user
11 | delete,ccd.test.delete.user9@hmcts.gov.uk,,,caseworker,TRUE,SUCCESS,should user have no role or only caseworker?,Caseworker role mentioned in the list and no role present with the user - deactivate user
12 | delete,ccd.test.delete.user10@hmcts.gov.uk,,,caseworker|caseworker-role-one,TRUE,SKIPPED,User inactive - ignore and log warning,User inactive - ignore and log warning
13 | delete,ccd.test.delete.user11@hmcts.gov.uk,fn07,ln07,caseworker-role-two|ia-roles,TRUE,SUCCESS,"user exists with caseworker-role-two, caseworker and all the ia_roles. Should remove all roles and de-activate user","User exists, should remove all roles and de-activate the user"
14 | delete,ccd.test.delete.user12@hmcts.gov.uk,fn07,ln07,ia-roles,TRUE,SUCCESS,"user exists with caseworker-role-two, caseworker and all the ia_roles. Should remove all ia roles","User exists, should remove all ia roles - do not remove caseworker role and do not deactivate the user"
15 | delete,ccd.test.delete.user13@hmcts.gov.uk,,,caseworker-role-two,TRUE,SUCCESS,"user exists with caseworker-role-two, caseworker only",should remove caseworker-role-two and caseworker and deactivate the user
16 | delete,ccd.test.delete.user14@hmcts.gov.uk,,,caseworker-role-two,TRUE,SUCCESS,"user exists with caseworker-role-one, caseworker-role-two, caseworker and payment",should remove only caseworker-role-two user should remain active
17 | delete,ccd.test.delete.user15@hmcts.gov.uk,,,caseworker-role-one|caseworker-role-two,TRUE,SUCCESS,"user exists with caseworker-role-one, caseworker-role-two, caseworker and payment",should remove all caseworker roles leave payment user should remain active
18 | delete,ccd.test.delete.user16@hmcts.gov.uk,,,caseworker|caseworker-role-one|caseworker-role-two,TRUE,SUCCESS,"user exists with caseworker-role-one, caseworker-role-two, caseworker and payment",should remove all caseworker roles leave payment user should remain active
19 | delete,ccd.test.delete.user17@hmcts.gov.uk,,,caseworker,TRUE,SUCCESS,user exists with caseworker,should remove caseworker role and deactivate the user
20 | delete,ccd.test.delete.user18@hmcts.gov.uk,,,caseworker,TRUE,SUCCESS,user exists with caseworker and payment,should remove caseworker role leave payment user should remain active
21 | delete,ccd.test.delete.user19@hmcts.gov.uk,,,all-roles,TRUE,SUCCESS,user exists with or without roles,should remove ALL roles user should be de-actived
22 | delete,ccd.test.delete.user20@hmcts.gov.uk,,,ia-roles,TRUE,SUCCESS,user exists with all ia-roles and all sscs roles,should remove all ia-roles but none of the sscs roles or caseworker default role
23 | delete,ccd.test.delete.user21@hmcts.gov.uk,,,employment-roles,TRUE,SUCCESS,"user exists and active with some employment roles, other caseworker roles and caseworker role",should leave caseworker role and remain active
24 | delete,ccd.test.delete.user22@hmcts.gov.uk,,,employment-roles|ia-roles|cwd-user|payments,TRUE,SUCCESS,"user exists with some employment roles, some ia-roles, cwd-user, payment and caseworker role",should remove all roles and deactive the user
25 | delete,ccd.test.delete.user23@hmcts.gov.uk,,,employment-roles|ia-roles|cwd-user|payments,TRUE,SUCCESS,user exists with NO roles assigned,should deactivate the user
26 | delete,ccd.test.delete.user24@hmcts.gov.uk,,,caseworker-role-two,TRUE,SUCCESS,user exists with only caseworker role,should remove caseworker and deactivate the user
27 | delete,ccd.test.delete.user25@hmcts.gov.uk,,,caseworker-role-one,TRUE,SUCCESS,user exists with payments|payments-refund|payments-refund-approver|caseworker|caseworker-role-one,should remove caseworker and other default delete roles and deactivate the user
28 | delete,ccd.test.delete.user26@hmcts.gov.uk,,,payments|payments-refund|payments-refund-approver|caseworker-role-one,TRUE,SUCCESS,user exists with payments|payments-refund|payments-refund-approver|caseworker|caseworker-role-one,"should remove caseworker and other default delete roles and deactivate the user, should log ignoring default delete roles initially"
--------------------------------------------------------------------------------
/bulk-user-setup/test/inputs/DEMO-ENV-TEST-NOSSOID.csv:
--------------------------------------------------------------------------------
1 | operation,email,firstName,lastName,roles,userExists,result,prerequisite,comment
2 | add,ccd.test.add.ssoid@eJudiciary.net,,,caseworker-test-public|caseworker-test-senior,TRUE,SUCCESS,,"user exists, sso id not provided"
3 | add,ccd.test.add.ssoid@eJudiciary.net,fn1,ln1,caseworker-test-public|caseworker-test-senior,TRUE,SUCCESS,,"user exists, sso id not provided"
4 | updatename,ccd.test.add.ssoid@eJudiciary.net,updatedfn,updatedln,caseworker-test-public|caseworker-test-senior,TRUE,SUCCESS,,"user exists, sso id not provided"
5 | updatename,ccd.test.add.ssoid@eJudiciary.net,updatedfn,updatedln,caseworker-test-public|caseworker-test-senior,TRUE,SUCCESS,,"user exists, sso id not provided"
6 | find,ccd.test.add.ssoid@eJudiciary.net,,,caseworker-test-public|caseworker-test-senior,TRUE,SUCCESS,,"user exists, sso id not provided"
7 | find,ccd.test.add.ssoid@eJudiciary.net,,,caseworker-test-public|caseworker-test-senior,TRUE,SUCCESS,,"user exists, sso id not provided"
8 | find,ccd.test.add.ssoid@eJudiciary.net,,,caseworker-test-public|caseworker-test-senior,TRUE,SUCCESS,,"user exists, sso id not provided"
--------------------------------------------------------------------------------
/bulk-user-setup/test/inputs/DEMO-ENV-TEST-SSOID.csv:
--------------------------------------------------------------------------------
1 | operation,email,firstName,lastName,roles,ssoId,userExists,result,prerequisite,comment
2 | add,ccd.test.add.ssoid@eJudiciary.net,,,caseworker-test-public|caseworker-test-senior,72b606e0-dd56-4c49-9335-2b0bd8f56f86,TRUE,SUCCESS,,"user exists, sso id is correct, no roles assigned"
3 | add,ccd.test.add.ssoid@eJudiciary.net,fn1,ln1,caseworker-test-public|caseworker-test-senior,82b606e0-dd56-4c49-9335-2b0bd8f56f87,TRUE,FAILED,,"user exists, sso id is incorrect"
4 | updatename,ccd.test.add.ssoid@eJudiciary.net,updatedfn,updatedln,caseworker-test-public|caseworker-test-senior,72b606e0-dd56-4c49-9335-2b0bd8f56f86,TRUE,SUCCESS,,"user exists, sso id is correct"
5 | updatename,ccd.test.add.ssoid@eJudiciary.net,updatedfn,updatedln,caseworker-test-public|caseworker-test-senior,82b606e0-dd56-4c49-9335-2b0bd8f56f87,TRUE,FAILED,,"user exists, sso id is incorrect"
6 | find,ccd.test.add.ssoid@eJudiciary.net,,,caseworker-test-public|caseworker-test-senior,72b606e0-dd56-4c49-9335-2b0bd8f56f86,TRUE,SUCCESS,,"user exists, sso id is correct"
7 | find,ccd.test.add.ssoid@eJudiciary.net,,,caseworker-test-public|caseworker-test-senior,82b606e0-dd56-4c49-9335-2b0bd8f56f87,TRUE,FAILED,,"user exists, sso id is incorrect"
8 | find,ccd.test.add.ssoid@eJudiciary.net,,,caseworker-test-public|caseworker-test-senior,,TRUE,SUCCESS,,"user exists, sso id not provided"
--------------------------------------------------------------------------------
/bulk-user-setup/test/inputs/DEMO-ENV-TEST-UPDATEEMAIL-SSOID.csv:
--------------------------------------------------------------------------------
1 | operation,email,firstName,lastName,roles,ssoId,userExists,result,prerequisite,comment
2 | updateemail,ccd.test.ssoid@eJudiciary.net,,,rolenotrequired,72b606e0-dd56-4c49-9335-2b0bd8f56f86,TRUE,SKIPPED,,"user exists, sso id is correct, email is correct, skip nothing to change"
3 | updateemail,ccd.test.ssoid@eJudiciary.net,fn1,ln1,caseworker-test-public|caseworker-test-senior,a6c25c74-e590-4a9c-b429-04759b1639ab,TRUE,FAILED,,"user exists, sso id is incorrect"
4 | updateemail,ccd.test.ssoid-patched@eJudiciary.net,,,caseworker-test-public|caseworker-test-senior,72b606e0-dd56-4c49-9335-2b0bd8f56f86,TRUE,SUCCESS,,"user exists, sso id is correct email is incorrect, change email"
5 | updateemail,ccd.test.ssoid-patched@eJudiciary.net,,,caseworker-test-public|caseworker-test-senior,,TRUE,SKIPPED,,"user exists, sso id not provided email is correct, skip nothing to change"
--------------------------------------------------------------------------------
/bulk-user-setup/test/inputs/FIND.csv:
--------------------------------------------------------------------------------
1 | operation,email,firstName,lastName,roles,userExists,result,prerequisite,comment
2 | find,ccd.test.user0@hmcts.gov.uk,,,,FALSE,FAILED,user does not exist,
3 | find,ccd.test.add.user1@hmcts.gov.uk,,,,TRUE,SUCCESS,"output file will populate firstname/lastname, roles, active status, last modified etc",
4 | find,ccd.test.add.user2@hmcts.gov.uk,fn1,Ln1,caseworker,TRUE,SUCCESS,"populate cells from api, warn log as firstname/lastname/roles provided but not needed",
5 | find,ccd.test.add.user3@hmcts.gov.uk,,,,TRUE,SUCCESS,user is inactive,
--------------------------------------------------------------------------------
/bulk-user-setup/test/inputs/SKIP.csv:
--------------------------------------------------------------------------------
1 | operation,email,firstName,LastName,roles,userExists,result,prerequisite,comment
2 | add,ccd.test.user0@hmcts.gov.uk,fn1,ln1,,FALSE,FAILED,,User not found. Roles are mandatory
--------------------------------------------------------------------------------
/bulk-user-setup/test/inputs/UPDATENAME.csv:
--------------------------------------------------------------------------------
1 | operation,email,firstName,lastName,roles,userExists,result,prerequisite,comment
2 | updatename,ccd.test.updatename.user0@hmcts.gov.uk,fn0,ln0,,FALSE,SKIPPED,user does not exist,user does not exist
3 | updatename,ccd.test.updatename.user1@hmcts.gov.uk,fn1-1,ln1-1,manage-translations|caseworker|somerole,TRUE,SUCCESS,user exists with fn1 and ln1,ignore the roles if specified - put a warning log
4 | updatename,ccd.test.updatename.user2@hmcts.gov.uk,fn2,ln2,,TRUE,SKIPPED,user exists with fn2 and ln2,nothing to change
5 | updatename,ccd.test.updatename.user3@hmcts.gov.uk,fn3-3,,,TRUE,SUCCESS,user exists,change first name
6 | updatename,ccd.test.updatename.user4@hmcts.gov.uk,,ln4-4,,TRUE,SUCCESS,user exists,change last name
7 | updatename,ccd.test.updatename.user5@hmcts.gov.uk,fn5-5,ln5-5,,TRUE,SUCCESS,user exists,change first and last names
8 | updatename,ccd.test.updatename.user1@hmcts.gov.uk,,,,TRUE,FAILED,,no first and last names
9 | updatename,ccd.test.updatename.user1@hmcts.gov.uk, ,,,TRUE,FAILED,,first name is given as (space)
10 | updatename,ccd.test.updatename.user1@hmcts.gov.uk, , ,,TRUE,FAILED,,last name is given as (space)
11 | updatename,ccd.test.updatename.user1@hmcts.gov.uk, , ,,TRUE,FAILED,,both first and last name are given as (space)
12 | updatename,ccd.test.updatename.user6@hmcts.gov.uk, ,ln6-6,,TRUE,SUCCESS,,first name is given as (space) and last name has valid value
13 | updatename,ccd.test.updatename.user7@hmcts.gov.uk,fn7-7, ,,TRUE,SUCCESS,,last name is given as (space) and first name has valid value
14 | updatename,ccd.test.updatename.user8@hmcts.gov.uk,fn8-8,ln8-8,,TRUE,SKIPPED,,user inactive - put a warning log
--------------------------------------------------------------------------------
/bulk-user-setup/test/utils/add-idam-clients.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | set -eu
4 |
5 | dir=$(dirname ${0})
6 |
7 | ${dir}/idam-create-service.sh "ccd-bulk-user-register" "ccd-bulk-user-register" "ccd-bulk-user-register-secret" "https://create-bulk-user-test/oauth2redirect" "false" "openid roles create-user manage-user search-user"
--------------------------------------------------------------------------------
/bulk-user-setup/test/utils/add-idam-roles.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | set -eu
4 | dir=$(dirname ${0})
5 | jq -r '[(.[] | .roles | split(",")) | .[] ] | unique[]' ${dir}/roles.json | while read args; do
6 | ${dir}/../../../bin/utils/idam-add-role.sh "$args"
7 | done
8 |
--------------------------------------------------------------------------------
/bulk-user-setup/test/utils/add-users.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | set -eu
4 |
5 | dir=$(dirname ${0})
6 |
7 | jq -r '.[] | .email + " " + .roles + " " + .lastName + " " + .firstName + " " + .active' ${dir}/users.json | while read args; do
8 | ${dir}/idam-create-users.sh $args
9 | done
10 |
--------------------------------------------------------------------------------
/bulk-user-setup/test/utils/idam-create-service.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | set -eu
4 |
5 | dir=$(dirname ${0})
6 |
7 | LABEL=${1}
8 | CLIENT_ID=${2}
9 | CLIENT_SECRET=${3}
10 | REDIRECT_URL=${4}
11 | SELF_REGISTRATION=${5:-"false"}
12 | SCOPE=${6:-"openid roles create-user manage-user search-user"}
13 |
14 | apiToken=$(${dir}/../../../bin/utils/idam-authenticate.sh "${IDAM_ADMIN_USER}" "${IDAM_ADMIN_PASSWORD}")
15 |
16 | echo -e "\nCreating service with:\nLabel: ${LABEL}\nClient ID: ${CLIENT_ID}\nClient Secret: ${CLIENT_SECRET}\nRedirect URL: ${REDIRECT_URL}\n"
17 |
18 | STATUS=$(curl --silent --output /dev/null --write-out '%{http_code}' -X POST -H 'Content-Type: application/json' -H "Authorization: AdminApiAuthToken ${apiToken}" \
19 | ${IDAM_API_BASE_URL:-http://localhost:5000}/services \
20 | -d '{
21 | "allowedRoles": [],
22 | "description": "'${LABEL}'",
23 | "label": "'${LABEL}'",
24 | "oauth2ClientId": "'${CLIENT_ID}'",
25 | "oauth2ClientSecret": "'${CLIENT_SECRET}'",
26 | "oauth2RedirectUris": ["'${REDIRECT_URL}'"],
27 | "oauth2Scope": "'"${SCOPE}"'",
28 | "selfRegistrationAllowed": "'${SELF_REGISTRATION}'"
29 | }')
30 |
31 | if [ $STATUS -eq 201 ]; then
32 | echo "Service created sucessfully"
33 | elif [ $STATUS -eq 409 ]; then
34 | echo "Service already exists!"
35 | else
36 | echo "ERROR: HTTPCODE = $STATUS"
37 | exit 1
38 | fi
--------------------------------------------------------------------------------
/bulk-user-setup/test/utils/idam-create-users.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | ######################
4 | ## FUNCTIONS
5 | ######################
6 |
7 | get_user_roles() {
8 | docker run -e PGPASSWORD='openidm' --rm --network ccd-network postgres:11-alpine psql --host shared-db --username openidm --tuples-only --command "SELECT data.roles FROM managedObjects mo, LATERAL (SELECT regexp_replace(string_agg((element::json -> '_ref')::text, ','), '( *\\w*\\/)|(\")', '', 'g') AS roles FROM json_array_elements_text(mo.fullobject->'effectiveRoles') as data(element)) data WHERE mo.fullobject ->> 'userName'='${1}';" openidm
9 | }
10 |
11 | function get_idam_token() {
12 |
13 | curl_result=$(
14 | curl -w $"\n%{http_code}" --silent --show-error -X POST "${IDAM_URL}/o/token" \
15 | -H "accept: application/json" \
16 | -H "Content-Type: application/x-www-form-urlencoded" \
17 | --data-urlencode "client_id=${CLIENT_ID}" \
18 | --data-urlencode "client_secret=${IDAM_CLIENT_SECRET}" \
19 | --data-urlencode "grant_type=password" \
20 | --data-urlencode "username=${ADMIN_USER}" \
21 | --data-urlencode "password=${ADMIN_USER_PWD}" \
22 | --data-urlencode "scope=openid roles create-user manage-user"
23 | )
24 |
25 | exit_code=$?
26 | if ! [ $exit_code -eq 0 ]; then
27 | # error so echo response and abort
28 | echo "${RED}ERROR: Token request has failed with curl exit code: $exit_code${NORMAL}"
29 | exit $exit_code
30 | fi
31 |
32 | # seperate body and status into an array
33 | IFS=$'\n' arr=($curl_result)
34 |
35 | array_length=${#arr[@]}
36 | http_body=${arr[0]}
37 | http_status=${arr[${array_length}-1]}
38 |
39 | if [ $(( http_status )) -lt 300 ]; then
40 | # success so return access token
41 | idam_token=$(echo "$http_body" | jq -r '.access_token')
42 | echo "$idam_token"
43 | else
44 | # else show error
45 | if [ $array_length -eq 2 ]; then
46 | echo "${RED}ERROR: Token request has failed with status: ${http_status}, response:${NORMAL} ${http_body}"
47 | else
48 | echo "${RED}ERROR: Token request has failed with status: ${http_status}${NORMAL}"
49 | fi
50 | # then quit with non-zero exit code
51 | exit $(( http_status ))
52 | fi
53 | }
54 |
55 | function check_exit_code_for_error() {
56 | local PREVIOUS_EXIT_CODE=$1;
57 | local PREVIOUS_RESPONSE=$2;
58 |
59 | if ! [ $PREVIOUS_EXIT_CODE -eq 0 ]; then
60 | # error so echo response and abort
61 | echo $PREVIOUS_RESPONSE
62 | exit $PREVIOUS_EXIT_CODE
63 | fi
64 | }
65 |
66 | create_user_request() {
67 | response=$(
68 | curl --insecure --show-error --silent --output /dev/null --write-out "%{http_code}" -X POST \
69 | "${IDAM_API_BASE_URL:-http://localhost:5000}"/testing-support/accounts \
70 | -H "Content-Type: application/json" \
71 | -d '{
72 | "email":"'"${email}"'",
73 | "forename":"'"${firstName}"'",
74 | "surname":"'"${surname}"'",
75 | "password":"Pa55word11",
76 | "levelOfAccess":1,
77 | "roles": [
78 | '"${rolesJson}"'
79 | ]
80 | }
81 | '
82 | )
83 |
84 | echo "$response"
85 | }
86 |
87 | function get_user() {
88 | local EMAIL=$1
89 |
90 | curl_result=$(
91 | curl -w $"\n%{http_code}" --silent -X GET "${IDAM_URL}/users?email=${EMAIL}" -H "accept: */*" -H "authorization:Bearer ${IDAM_ACCESS_TOKEN}"
92 | )
93 |
94 | exit_code=$?
95 | if [ $exit_code -eq 0 ]; then
96 | # seperate body and status into an array
97 | IFS=$'\n' response_array=($curl_result)
98 |
99 | array_length=${#response_array[@]}
100 | if [ $array_length -eq 1 ]; then
101 | response_body='' # clear body
102 | response_status=${response_array[0]}
103 | else
104 | response_body=${response_array[0]}
105 | response_status=${response_array[${array_length}-1]}
106 | fi
107 |
108 | if [ $(( response_status )) -gt 199 ] && [ $(( response_status )) -lt 300 ]; then
109 | # SUCCESS:
110 | response=${response_body}
111 | else
112 | # FAIL:
113 | response="HTTP-${response_status}
114 | ${response_body}"
115 | echo "HTTP-${response_status}
116 | ERROR: Request for UserID with email address ${EMAIL} failed with http response: HTTP-${response_status}"
117 | fi
118 | else
119 | # format a response for low level curl error (e.g. exit code 7 = 'Failed to connect() to host or proxy.')
120 | response="CURL-${exit_code}
121 | ERROR: Request for UserID with email address ${EMAIL} failed with curl exit code: ${exit_code}"
122 | fi
123 | echo "$response"
124 |
125 | }
126 |
127 | function update_user() {
128 | local USERID=$1
129 | local USERBODY=$2
130 |
131 | curl_result=$(
132 | curl -w $"\n%{http_code}" --silent -X PATCH "${IDAM_URL}/api/v1/users/${USERID}" -H "accept: application/json" -H "Content-Type: application/json" \
133 | -H "authorization:Bearer ${IDAM_ACCESS_TOKEN}" \
134 | -d "${USERBODY}"
135 | )
136 |
137 | exit_code=$?
138 | if [ $exit_code -eq 0 ]; then
139 |
140 | # seperate body and status into an array
141 | IFS=$'\n' response_array=($curl_result)
142 |
143 | array_length=${#response_array[@]}
144 | if [ $array_length -eq 1 ]; then
145 | response_body='' # clear body
146 | response_status=${response_array[0]}
147 | else
148 | response_body=${response_array[0]}
149 | response_status=${response_array[${array_length}-1]}
150 | fi
151 |
152 | if [ $(( response_status )) -gt 199 ] && [ $(( response_status )) -lt 300 ]; then
153 | # SUCCESS:
154 | response=${response_body}
155 | else
156 | # FAIL:
157 | response="HTTP-${response_status}
158 | ${response_body}"
159 | echo "HTTP-${response_status}
160 | ERROR: Request for update_user of user UserID ${USERID} failed with http response: HTTP-${response_status}"
161 | fi
162 | else
163 | # format a response for low level curl error (e.g. exit code 7 = 'Failed to connect() to host or proxy.')
164 | response="CURL-${exit_code}
165 | ERROR: Request for update_user of user UserID ${USERID} failed with curl exit code: ${exit_code}"
166 | fi
167 | echo "$response"
168 |
169 | }
170 |
171 | function put_user_roles() {
172 | #Replaces the entire set of role grants to the user
173 |
174 | local USER=$1
175 | local ROLES=$2
176 |
177 | curl_result=$(
178 | curl -w $"\n%{http_code}" --silent -X PUT "${IDAM_URL}/api/v1/users/${USER}/roles" -H "accept: application/json" -H "Content-Type: application/json" \
179 | -H "authorization:Bearer ${IDAM_ACCESS_TOKEN}" \
180 | -d "${ROLES}"
181 | )
182 |
183 | exit_code=$?
184 | if [ $exit_code -eq 0 ]; then
185 | # seperate body and status into an array
186 | IFS=$'\n' response_array=($curl_result)
187 |
188 | array_length=${#response_array[@]}
189 | if [ $array_length -eq 1 ]; then
190 | response_body='' # clear body
191 | response_status=${response_array[0]}
192 | else
193 | response_body=${response_array[0]}
194 | response_status=${response_array[${array_length}-1]}
195 | fi
196 |
197 | if [ $(( response_status )) -gt 199 ] && [ $(( response_status )) -lt 300 ]; then
198 | # SUCCESS:
199 | response="SUCCESS
200 | ${response_body}"
201 | else
202 | # FAIL:
203 | response="HTTP-${response_status}
204 | ${response_body}"
205 | fi
206 | else
207 | # format a response for low level curl error (e.g. exit code 7 = 'Failed to connect() to host or proxy.')
208 | response="CURL-${exit_code}
209 | ERROR: User ${USER} role update request has failed with curl exit code: ${exit_code}"
210 | fi
211 | echo "$response"
212 | }
213 |
214 | ######################
215 | ## MAIN
216 | ######################
217 | current_dir=$(pwd)
218 | source ${current_dir}/./bulk-user-setup.config 2> /dev/null
219 |
220 | set -eu
221 |
222 | if [ "${ENVIRONMENT:-local}" != "local" ]; then
223 | exit 0;
224 | fi
225 |
226 | IDAM_URL="http://localhost:5000"
227 | IDAM_ACCESS_TOKEN=$(get_idam_token)
228 | check_exit_code_for_error $? "$IDAM_ACCESS_TOKEN"
229 |
230 | if [ -z "$IDAM_ACCESS_TOKEN" ]
231 | then
232 | echo "${RED}ERROR: Problem getting idam token for admin user:${NORMAL} $ADMIN_USER"
233 | exit 1
234 | fi
235 |
236 | email=${1}
237 | rolesStr=${2}
238 | surname=${3:-"Tester"}
239 | firstName=${4:-${email}}
240 | active=${5:-"true"}
241 |
242 | IFS=',' read -ra roles <<<"${rolesStr}"
243 |
244 | getUserResponse=$(get_user "$email")
245 |
246 | if [[ ${getUserResponse} != *"HTTP-"* ]] && [[ ${getUserResponse} != *"ERROR"* ]]; then
247 | #user found
248 | echo "User with email ${email} successfully found"
249 |
250 | userId=$(echo $getUserResponse | jq --raw-output '.id')
251 |
252 | #remove the roles attribute from teh existing user as patch does not allow role update
253 | body=$(echo $getUserResponse | jq 'del(.roles)')
254 |
255 | #update all attributes to match test case
256 | body=$(echo $body | jq --arg email "${email}" '.email = ($email)')
257 | body=$(echo $body | jq --arg surname "${surname}" '.surname = ($surname)')
258 | body=$(echo $body | jq --arg firstName "${firstName}" '.forename = ($firstName)')
259 | body=$(echo $body | jq --argjson active "${active}" '.active = ($active)' )
260 |
261 | update_user_response=$(update_user "${userId}" "${body}")
262 | if [[ ${update_user_response} != *"HTTP-"* ]] && [[ ${update_user_response} != *"ERROR"* ]]; then
263 | echo "User details for ${email} successfully updated"
264 |
265 | #update the roles to match test case using PUT
266 |
267 | isRoleStringEmpty=true
268 |
269 | rolesJson=''
270 | for role in "${roles[@]}"; do
271 | if [[ -n ${rolesJson} ]]; then
272 | isRoleStringEmpty=false
273 | rolesJson="${rolesJson},"
274 | fi
275 | rolesJson=${rolesJson}'{"name":"'${role}'"}'
276 | done
277 |
278 | if [[ "$isRoleStringEmpty" = true ]]; then
279 | rolesJson="[]"
280 | else
281 | rolesJson="[${rolesJson}]"
282 | fi
283 |
284 | put_user_roles_response=$(put_user_roles "${userId}" "${rolesJson}")
285 | if [[ ${put_user_roles_response} != *"HTTP-"* ]] && [[ ${put_user_roles_response} != *"ERROR"* ]]; then
286 | echo "User roles for ${email} successfully updated"
287 | else
288 | echo "Failed updating roles for ${email}, roles ${rolesJson}"
289 | fi
290 | else
291 | echo "Failed updating user ${email}"
292 | fi
293 | else
294 | #create user
295 |
296 | rolesJson=''
297 | for role in "${roles[@]}"; do
298 | if [[ -n ${rolesJson} ]]; then
299 | rolesJson="${rolesJson},"
300 | fi
301 | rolesJson=${rolesJson}'{"code":"'${role}'"}'
302 | done
303 |
304 | create_user_request_response=$(create_user_request)
305 |
306 | IFS=$'\n' arr=($create_user_request_response)
307 | array_length=${#arr[@]}
308 | http_body=${arr[0]}
309 | http_status=${arr[${array_length}-1]}
310 |
311 | if [ ${http_status} -ne 201 ]; then
312 | echo "Failed creating user ${email}"
313 | else
314 | echo "Successfully created user ${email}"
315 | if [ "${active}" == "false" ]; then
316 | getUserResponse=$(get_user "$email")
317 | if [[ ${getUserResponse} != *"HTTP-"* ]] && [[ ${getUserResponse} != *"ERROR"* ]]; then
318 | userId=$(echo $getUserResponse | jq --raw-output '.id')
319 | echo "Setting active state to false for user ${email}"
320 | body='{"active":false}'
321 | submit_response=$(update_user "${userId}" "${body}")
322 | fi
323 | fi
324 | fi
325 | fi
326 |
--------------------------------------------------------------------------------
/bulk-user-setup/test/utils/idam-create-users.sh.bk:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | ######################
4 | ## FUNCTIONS
5 | ######################
6 |
7 | get_user_roles() {
8 | docker run -e PGPASSWORD='openidm' --rm --network ccd-network postgres:11-alpine psql --host shared-db --username openidm --tuples-only --command "SELECT data.roles FROM managedObjects mo, LATERAL (SELECT regexp_replace(string_agg((element::json -> '_ref')::text, ','), '( *\\w*\\/)|(\")', '', 'g') AS roles FROM json_array_elements_text(mo.fullobject->'effectiveRoles') as data(element)) data WHERE mo.fullobject ->> 'userName'='${1}';" openidm
9 | }
10 |
11 | function get_idam_token() {
12 |
13 | curl_result=$(
14 | curl -w $"\n%{http_code}" --silent --show-error -X POST "${IDAM_URL}/o/token" \
15 | -H "accept: application/json" \
16 | -H "Content-Type: application/x-www-form-urlencoded" \
17 | --data-urlencode "client_id=${CLIENT_ID}" \
18 | --data-urlencode "client_secret=${IDAM_CLIENT_SECRET}" \
19 | --data-urlencode "grant_type=password" \
20 | --data-urlencode "username=${ADMIN_USER}" \
21 | --data-urlencode "password=${ADMIN_USER_PWD}" \
22 | --data-urlencode "scope=openid roles create-user manage-user"
23 | )
24 |
25 | exit_code=$?
26 | if ! [ $exit_code -eq 0 ]; then
27 | # error so echo response and abort
28 | echo "${RED}ERROR: Token request has failed with curl exit code: $exit_code${NORMAL}"
29 | exit $exit_code
30 | fi
31 |
32 | # seperate body and status into an array
33 | IFS=$'\n' arr=($curl_result)
34 |
35 | array_length=${#arr[@]}
36 | http_body=${arr[0]}
37 | http_status=${arr[${array_length}-1]}
38 |
39 | if [ $(( http_status )) -lt 300 ]; then
40 | # success so return access token
41 | idam_token=$(echo "$http_body" | jq -r '.access_token')
42 | echo "$idam_token"
43 | else
44 | # else show error
45 | if [ $array_length -eq 2 ]; then
46 | echo "${RED}ERROR: Token request has failed with status: ${http_status}, response:${NORMAL} ${http_body}"
47 | else
48 | echo "${RED}ERROR: Token request has failed with status: ${http_status}${NORMAL}"
49 | fi
50 | # then quit with non-zero exit code
51 | exit $(( http_status ))
52 | fi
53 | }
54 |
55 | function check_exit_code_for_error() {
56 | local PREVIOUS_EXIT_CODE=$1;
57 | local PREVIOUS_RESPONSE=$2;
58 |
59 | if ! [ $PREVIOUS_EXIT_CODE -eq 0 ]; then
60 | # error so echo response and abort
61 | echo $PREVIOUS_RESPONSE
62 | exit $PREVIOUS_EXIT_CODE
63 | fi
64 | }
65 |
66 | create_user_request() {
67 | response=$(
68 | curl --insecure --show-error --silent --output /dev/null --write-out "%{http_code}" -X POST \
69 | "${IDAM_API_BASE_URL:-http://localhost:5000}"/testing-support/accounts \
70 | -H "Content-Type: application/json" \
71 | -d '{
72 | "email":"'"${email}"'",
73 | "forename":"'"${firstName}"'",
74 | "surname":"'"${surname}"'",
75 | "password":"Pa55word11",
76 | "levelOfAccess":1,
77 | "roles": [
78 | '"${rolesJson}"'
79 | ]
80 | }
81 | '
82 | )
83 |
84 | echo "$response"
85 | }
86 |
87 | delete_user_request() {
88 | response=$(curl --insecure --show-error --silent --output /dev/null --write-out "%{http_code}" -X DELETE \
89 | "${IDAM_API_BASE_URL:-http://localhost:5000}"/testing-support/accounts/"${email}")
90 | echo "$response"
91 | }
92 |
93 | # if user exists
94 | # check roles ✅
95 | # if roles are the same do nothing ✅
96 | # otherwise delete ✅
97 | # and create user ✅ with same id ❌ <-- Apparently having the same id doesn't matter on local
98 |
99 | recreate_user() {
100 | printf "%s%s\n" "Deleting IDAM user: " "${email}"
101 | deleteResponse=$(delete_user_request)
102 | if [[ "$deleteResponse" -ne 200 && "$deleteResponse" -ne 204 ]]; then
103 | printf "%s%s\n" "Unexpected HTTP status code from IDAM: " "${deleteResponse}"
104 | #exit 1
105 | elif [[ "$deleteResponse" -eq 404 ]]; then
106 | printf "%s%s%s\n" "User " "${email}" " doesn't exist"
107 | elif [[ "$deleteResponse" -eq 200 ]]; then
108 | printf "%s%s%s\n" "User " "${email}" " deleted"
109 | fi
110 |
111 | printf "%s%s\n" "Creating/Re-Creating IDAM user: " "${email}"
112 | createResponse=$(create_user_request)
113 | echo $createResponse
114 | }
115 |
116 | function get_user() {
117 | local EMAIL=$1
118 |
119 | curl_result=$(
120 | curl -w $"\n%{http_code}" --silent -X GET "${IDAM_URL}/users?email=${EMAIL}" -H "accept: */*" -H "authorization:Bearer ${IDAM_ACCESS_TOKEN}"
121 | )
122 |
123 | exit_code=$?
124 | if [ $exit_code -eq 0 ]; then
125 | # seperate body and status into an array
126 | IFS=$'\n' response_array=($curl_result)
127 |
128 | array_length=${#response_array[@]}
129 | if [ $array_length -eq 1 ]; then
130 | response_body='' # clear body
131 | response_status=${response_array[0]}
132 | else
133 | response_body=${response_array[0]}
134 | response_status=${response_array[${array_length}-1]}
135 | fi
136 |
137 | if [ $(( response_status )) -gt 199 ] && [ $(( response_status )) -lt 300 ]; then
138 | # SUCCESS:
139 | response=${response_body}
140 | else
141 | # FAIL:
142 | response="HTTP-${response_status}
143 | ${response_body}"
144 | echo "HTTP-${response_status}
145 | ERROR: Request for UserID with email address ${EMAIL} failed with http response: HTTP-${response_status}"
146 | fi
147 | else
148 | # format a response for low level curl error (e.g. exit code 7 = 'Failed to connect() to host or proxy.')
149 | response="CURL-${exit_code}
150 | ERROR: Request for UserID with email address ${EMAIL} failed with curl exit code: ${exit_code}"
151 | fi
152 | echo "$response"
153 |
154 | }
155 |
156 | function update_user() {
157 | local USERID=$1
158 | local USERBODY=$2
159 |
160 | curl_result=$(
161 | curl -w $"\n%{http_code}" --silent -X PATCH "${IDAM_URL}/api/v1/users/${USERID}" -H "accept: application/json" -H "Content-Type: application/json" \
162 | -H "authorization:Bearer ${IDAM_ACCESS_TOKEN}" \
163 | -d "${USERBODY}"
164 | )
165 |
166 | exit_code=$?
167 | if [ $exit_code -eq 0 ]; then
168 |
169 | # separate body and status into an array
170 | IFS=$'\n' response_array=($curl_result)
171 |
172 | array_length=${#response_array[@]}
173 | if [ $array_length -eq 1 ]; then
174 | response_body='' # clear body
175 | response_status=${response_array[0]}
176 | else
177 | response_body=${response_array[0]}
178 | response_status=${response_array[${array_length}-1]}
179 | fi
180 |
181 | if [ $(( response_status )) -gt 199 ] && [ $(( response_status )) -lt 300 ]; then
182 | # SUCCESS:
183 | response=${response_body}
184 | else
185 | # FAIL:
186 | response="HTTP-${response_status}
187 | ${response_body}"
188 | echo "HTTP-${response_status}
189 | ERROR: Request for update_user of user UserID ${USERID} failed with http response: HTTP-${response_status}"
190 | fi
191 | else
192 | # format a response for low level curl error (e.g. exit code 7 = 'Failed to connect() to host or proxy.')
193 | response="CURL-${exit_code}
194 | ERROR: Request for update_user of user UserID ${USERID} failed with curl exit code: ${exit_code}"
195 | fi
196 | echo "$response"
197 |
198 | }
199 |
200 | ######################
201 | ## MAIN
202 | ######################
203 | current_dir=$(pwd)
204 | source ${current_dir}/./bulk-user-setup.config 2> /dev/null
205 |
206 | set -eu
207 |
208 | if [ "${ENVIRONMENT:-local}" != "local" ]; then
209 | exit 0;
210 | fi
211 |
212 | IDAM_URL="http://localhost:5000"
213 | IDAM_ACCESS_TOKEN=$(get_idam_token)
214 | check_exit_code_for_error $? "$IDAM_ACCESS_TOKEN"
215 |
216 | if [ -z "$IDAM_ACCESS_TOKEN" ]
217 | then
218 | echo "${RED}ERROR: Problem getting idam token for admin user:${NORMAL} $ADMIN_USER"
219 | exit 1
220 | fi
221 |
222 | email=${1}
223 | rolesStr=${2}
224 | surname=${3:-"Tester"}
225 | firstName=${4:-${email}}
226 | active=${5:-"true"}
227 |
228 |
229 | IFS=',' read -ra roles <<<"${rolesStr}"
230 |
231 | rolesJson=''
232 | for role in "${roles[@]}"; do
233 | if [[ -n ${rolesJson} ]]; then
234 | rolesJson="${rolesJson},"
235 | fi
236 | rolesJson=${rolesJson}'{"code":"'${role}'"}'
237 | done
238 |
239 | recreateResponse=$(recreate_user)
240 | IFS=$'\n' arr=($recreateResponse)
241 | array_length=${#arr[@]}
242 | http_body=${arr[0]}
243 | http_status=${arr[${array_length}-1]}
244 |
245 | # Unfortunately trying to create the same user throws 403, so we don't know what went wrong
246 |
247 | if [ ${http_status} -ne 201 ]; then
248 | printf "%s%s\n" "Unexpected HTTP status code from IDAM: " "${recreateResponse}"
249 | exit 1
250 | else
251 | printf "%s%s%s\n" "User " "${email}" " - added to IDAM"
252 |
253 | if [ "${active}" == "false" ]; then
254 | rawReturnedValue=$(get_user "$email")
255 | if [[ $rawReturnedValue != *"HTTP-"* ]]; then
256 | userId=$(echo $rawReturnedValue | jq --raw-output '.id')
257 | printf "%s%s%s\n" "Setting active state to false for user " "${email}" ""
258 | body='{"active":false}'
259 | submit_response=$(update_user "${userId}" "${body}")
260 | fi
261 | fi
262 | fi
263 |
--------------------------------------------------------------------------------
/bulk-user-setup/test/utils/roles.json:
--------------------------------------------------------------------------------
1 | [
2 | {"roles": "caseworker,caseworker-role-one,caseworker-role-two,caseworker-role-three"},
3 | {"roles": "caseworker-role-four,caseworker-role-five,caseworker-role-six"},
4 | {"roles": "caseworker_role_three,caseworker_role_six"},
5 | {"roles": "caseworker-ia,caseworker-ia-admofficer,caseworker-ia-bails,caseworker-ia-caseofficer,caseworker-ia-homeofficeapc,caseworker-ia-homeofficebail,caseworker-ia-homeofficelart,caseworker-ia-homeofficepou,caseworker-ia-iacjudge,caseworker-ia-judiciary,caseworker-ia-legalrep-solicitor,caseworker-ia-readonly,caseworker-ia-respondentofficer,caseworker-ia-srcaseofficer,caseworker-ia-system,caseworker-ia-system-access,caseworker-iac-bulkscan,caseworker-iac-systemupdate"},
6 | {"roles": "caseworker-sscs,caseworker-sscs-anonymouscitizencaseworker-sscs-bulkscan,caseworker-sscs-callagent,caseworker-sscs-clerk,caseworker-sscs-dwpresponsewriter,caseworker-sscs-judge,caseworker-sscs-panelmember,caseworker-sscs-pcqextractor,caseworker-sscs-registrar,caseworker-sscs-superuser,caseworker-sscs-systemupdate"},
7 | {"roles": "caseworker-employment,caseworker-employment-api,caseworker-employment-bristol,caseworker-employment-englandwales,caseworker-employment-etjudge,caseworker-employment-etjudge-englandwales,caseworker-employment-etjudge-scotland,caseworker-employment-leeds,caseworker-employment-legalrep-solicitor,caseworker-employment-londoncentral,caseworker-employment-londoneast,caseworker-employment-londonsouth,caseworker-employment-manchester,caseworker-employment-midlandseast,caseworker-employment-midlandswest,caseworker-employment-newcastle,caseworker-employment-scotland,caseworker-employment-wales,caseworker-employment-watford,caseworker-et-pcqextractor,caseworker-employment-etjudge-bristol,caseworker-employment-etjudge-leeds,caseworker-employment-etjudge-londoncentral,caseworker-employment-etjudge-londoneast,caseworker-employment-etjudge-londonsouth,caseworker-employment-etjudge-manchester,caseworker-employment-etjudge-midlandseast,caseworker-employment-etjudge-midlandswest,caseworker-employment-etjudge-newcastle,caseworker-employment-etjudge-wales,caseworker-employment-etjudge-watford,et-acas-api"},
8 | {"roles": "cwd-user"},
9 | {"roles": "caseworker-civil,caseworker-civil-staff"},
10 | {"roles": "payments,payments-refund,payments-refund-approver"},
11 | {"roles": "manage-translations"},
12 | {"roles": "caseworker-probate,caseworker-probate-pcqextractor,caseworker-probate-issuer,caseworker-probate-solicitor,caseworker-probate-systemupdate,caseworker-probate-charity,caseworker-probate-superuser,caseworker-probate-scheduler,caseworker-probate-caseofficer,caseworker-probate-registrar,caseworker-probate-caseadmin"},
13 | {"roles": "caseworker-divorce,caseworker-divorce-bulkscan,caseworker-divorce-courtadmin,caseworker-divorce-courtadmin-la,caseworker-divorce-courtadmin_beta,caseworker-divorce-judge,caseworker-divorce-pcqextractor,caseworker-divorce-solicitor,caseworker-divorce-superuser"}
14 | ]
--------------------------------------------------------------------------------
/bulk-user-setup/test/utils/users.json:
--------------------------------------------------------------------------------
1 | [
2 | {"email": "ccd.test.add.user1@hmcts.gov.uk", "roles": "caseworker,caseworker_role_six", "lastName": "addln1", "firstName": "addfn1", "active": "false"},
3 | {"email": "ccd.test.add.user2@hmcts.gov.uk", "roles": "''", "lastName": "addln2", "firstName": "addfn2", "active": "false"},
4 | {"email": "ccd.test.add.user3@hmcts.gov.uk", "roles": "''", "lastName": "addln3", "firstName": "addfn3", "active": "false"},
5 | {"email": "ccd.test.add.user4@hmcts.gov.uk", "roles": "''", "lastName": "addln4", "firstName": "addfn4", "active": "false"},
6 | {"email": "ccd.test.add.user5@hmcts.gov.uk", "roles": "caseworker", "lastName": "addln5", "firstName": "addfn5", "active": "false"},
7 | {"email": "ccd.test.add.user6@hmcts.gov.uk", "roles": "caseworker", "lastName": "addln6", "firstName": "addfn6"},
8 | {"email": "ccd.test.add.user7@hmcts.gov.uk", "roles": "caseworker", "lastName": "addln7", "firstName": "addfn7"},
9 | {"email": "ccd.test.add.user8@hmcts.gov.uk", "roles": "''", "lastName": "addln8", "firstName": "addfn8"},
10 | {"email": "ccd.test.add.user9@hmcts.gov.uk", "roles": "''", "lastName": "addln9", "firstName": "addfn9"},
11 | {"email": "ccd.test.add.user10@hmcts.gov.uk", "roles": "caseworker-role-two,caseworker,caseworker-ia,caseworker-ia-admofficer,caseworker-ia-bails,caseworker-ia-caseofficer,caseworker-ia-homeofficeapc,caseworker-ia-homeofficebail,caseworker-ia-homeofficelart,caseworker-ia-homeofficepou,caseworker-ia-iacjudge,caseworker-ia-judiciary,caseworker-ia-legalrep-solicitor,caseworker-ia-readonly,caseworker-ia-respondentofficer,caseworker-ia-srcaseofficer,caseworker-ia-system,caseworker-ia-system-access,caseworker-iac-bulkscan,caseworker-iac-systemupdate", "lastName": "addln10", "firstName": "addfn10"},
12 | {"email": "ccd.test.add.user11@hmcts.gov.uk", "roles": "''", "lastName": "addln11", "firstName": "addfn11", "active": "false"},
13 | {"email": "ccd.test.add.user12@hmcts.gov.uk", "roles": "''", "lastName": "addln12", "firstName": "addfn12"},
14 | {"email": "ccd.test.add.user13@hmcts.gov.uk", "roles": "caseworker,caseworker-role-six", "lastName": "addln13", "firstName": "addfn13"},
15 | {"email": "ccd.test.delete.user1@hmcts.gov.uk", "roles": "caseworker,caseworker-role-four", "lastName": "deleteln1", "firstName": "deletefn1"},
16 | {"email": "ccd.test.delete.user2@hmcts.gov.uk", "roles": "caseworker,caseworker-role-two", "lastName": "deleteln2", "firstName": "deletefn2"},
17 | {"email": "ccd.test.delete.user3@hmcts.gov.uk", "roles": " caseworker,caseworker-role-three,caseworker-role-four", "lastName": "deleteln3", "firstName": "deletefn3"},
18 | {"email": "ccd.test.delete.user4@hmcts.gov.uk", "roles": "caseworker,caseworker-role-four,payments", "lastName": "deleteln4", "firstName": "deletefn4"},
19 | {"email": "ccd.test.delete.user6@hmcts.gov.uk", "roles": "caseworker,caseworker-role-one,caseworker-role-two", "lastName": "deleteln6", "firstName": "deletefn6"},
20 | {"email": "ccd.test.delete.user7@hmcts.gov.uk", "roles": "caseworker,caseworker-role-five,caseworker-role-six", "lastName": "deleteln7", "firstName": "deletefn7"},
21 | {"email": "ccd.test.delete.user8@hmcts.gov.uk", "roles": "caseworker,caseworker-role-five,caseworker-role-six", "lastName": "deleteln8", "firstName": "deletefn8"},
22 | {"email": "ccd.test.delete.user9@hmcts.gov.uk", "roles": "caseworker", "lastName": "deleteln9", "firstName": "deletefn9"},
23 | {"email": "ccd.test.delete.user10@hmcts.gov.uk", "roles": "caseworker", "lastName": "deleteln10", "firstName": "deletefn10", "active": "false"},
24 | {"email": "ccd.test.delete.user11@hmcts.gov.uk", "roles": "caseworker,caseworker-role-two,caseworker-ia,caseworker-ia-admofficer,caseworker-ia-bails,caseworker-ia-caseofficer,caseworker-ia-homeofficeapc,caseworker-ia-homeofficebail,caseworker-ia-homeofficelart,caseworker-ia-homeofficepou,caseworker-ia-iacjudge,caseworker-ia-judiciary,caseworker-ia-legalrep-solicitor,caseworker-ia-readonly,caseworker-ia-respondentofficer,caseworker-ia-srcaseofficer,caseworker-ia-system,caseworker-ia-system-access,caseworker-iac-bulkscan,caseworker-iac-systemupdate", "lastName": "deleteln11", "firstName": "deletefn11"},
25 | {"email": "ccd.test.delete.user12@hmcts.gov.uk", "roles": "caseworker,caseworker-role-two,caseworker-ia,caseworker-ia-admofficer,caseworker-ia-bails,caseworker-ia-caseofficer,caseworker-ia-homeofficeapc,caseworker-ia-homeofficebail,caseworker-ia-homeofficelart,caseworker-ia-homeofficepou,caseworker-ia-iacjudge,caseworker-ia-judiciary,caseworker-ia-legalrep-solicitor,caseworker-ia-readonly,caseworker-ia-respondentofficer,caseworker-ia-srcaseofficer,caseworker-ia-system,caseworker-ia-system-access,caseworker-iac-bulkscan,caseworker-iac-systemupdate", "lastName": "deleteln12", "firstName": "deletefn12"},
26 | {"email": "ccd.test.delete.user13@hmcts.gov.uk", "roles": "caseworker,caseworker-role-two", "lastName": "deleteln13", "firstName": "deletefn13"},
27 | {"email": "ccd.test.delete.user14@hmcts.gov.uk", "roles": "caseworker,caseworker-role-one,caseworker-role-two,payments", "lastName": "deleteln14", "firstName": "deletefn14"},
28 | {"email": "ccd.test.delete.user15@hmcts.gov.uk", "roles": "caseworker,caseworker-role-one,caseworker-role-two,payments", "lastName": "deleteln15", "firstName": "deletefn15"},
29 | {"email": "ccd.test.delete.user16@hmcts.gov.uk", "roles": "caseworker,caseworker-role-one,caseworker-role-two,payments", "lastName": "deleteln16", "firstName": "deletefn16"},
30 | {"email": "ccd.test.delete.user17@hmcts.gov.uk", "roles": "caseworker", "lastName": "deleteln17", "firstName": "deletefn17"},
31 | {"email": "ccd.test.delete.user18@hmcts.gov.uk", "roles": "caseworker,payments", "lastName": "deleteln18", "firstName": "deletefn18"},
32 | {"email": "ccd.test.delete.user19@hmcts.gov.uk", "roles": "caseworker,caseworker-role-one", "lastName": "deleteln19", "firstName": "deletefn19"},
33 | {"email": "ccd.test.delete.user20@hmcts.gov.uk", "roles": "caseworker,caseworker-ia,caseworker-ia-admofficer,caseworker-ia-bails,caseworker-ia-caseofficer,caseworker-ia-homeofficeapc,caseworker-ia-homeofficebail,caseworker-ia-homeofficelart,caseworker-ia-homeofficepou,caseworker-ia-iacjudge,caseworker-ia-judiciary,caseworker-ia-legalrep-solicitor,caseworker-ia-readonly,caseworker-ia-respondentofficer,caseworker-ia-srcaseofficer,caseworker-ia-system,caseworker-ia-system-access,caseworker-iac-bulkscan,caseworker-iac-systemupdate,caseworker-sscs,caseworker-sscs-anonymouscitizencaseworker-sscs-bulkscan,caseworker-sscs-callagent,caseworker-sscs-clerk,caseworker-sscs-dwpresponsewriter,caseworker-sscs-judge,caseworker-sscs-panelmember,caseworker-sscs-pcqextractor,caseworker-sscs-registrar,caseworker-sscs-superuser,caseworker-sscs-systemupdate", "lastName": "deleteln20", "firstName": "deletefn20"},
34 | {"email": "ccd.test.delete.user21@hmcts.gov.uk", "roles": "caseworker,cwd-user,payments,caseworker-employment,caseworker-employment-londonsouth", "lastName": "deleteln21", "firstName": "deletefn21"},
35 | {"email": "ccd.test.delete.user22@hmcts.gov.uk", "roles": "caseworker,caseworker-ia,caseworker-ia-caseofficer,cwd-user,payments,caseworker-employment,caseworker-employment-londonsouth", "lastName": "deleteln22", "firstName": "deletefn22"},
36 | {"email": "ccd.test.delete.user23@hmcts.gov.uk", "roles": "''", "lastName": "deleteln23", "firstName": "deletefn23"},
37 | {"email": "ccd.test.delete.user24@hmcts.gov.uk", "roles": "caseworker", "lastName": "deleteln24", "firstName": "deletefn24"},
38 | {"email": "ccd.test.delete.user25@hmcts.gov.uk", "roles": "payments,payments-refund,payments-refund-approver,caseworker,caseworker-role-one", "lastName": "deleteln25", "firstName": "deletefn25"},
39 | {"email": "ccd.test.delete.user26@hmcts.gov.uk", "roles": "payments,payments-refund,payments-refund-approver,caseworker,caseworker-role-one", "lastName": "deleteln26", "firstName": "deletefn26"},
40 | {"email": "ccd.test.common.user1@hmcts.gov.uk", "roles": "''", "lastName": "commonln1", "firstName": "commonfn1"},
41 | {"email": "ccd.test.common.user2@hmcts.gov.uk", "roles": "''", "lastName": "commonln2", "firstName": "commonfn2"},
42 | {"email": "ccd.test.common.user3@hmcts.gov.uk", "roles": "''", "lastName": "commonln3", "firstName": "commonfn3"},
43 | {"email": "ccd.test.common.user4@hmcts.gov.uk", "roles": "''", "lastName": "commonln4", "firstName": "commonfn4"},
44 | {"email": "ccd.test.common.user5@hmcts.gov.uk", "roles": "''", "lastName": "commonln5", "firstName": "commonfn5"},
45 | {"email": "ccd.test.common.user6@hmcts.gov.uk", "roles": "''", "lastName": "commonln6", "firstName": "commonfn6"},
46 | {"email": "ccd.test.common.user7@hmcts.gov.uk", "roles": "''", "lastName": "commonln7", "firstName": "commonfn7"},
47 | {"email": "ccd.test.common.user8@hmcts.gov.uk", "roles": "caseworker-role-five,caseworker-role-six", "lastName": "commonln8", "firstName": "commonfn8"},
48 | {"email": "ccd.test.updatename.user1@hmcts.gov.uk", "roles": "caseworker,caseworker-role-two", "lastName": "ln1", "firstName": "fn1"},
49 | {"email": "ccd.test.updatename.user2@hmcts.gov.uk", "roles": "caseworker,caseworker-role-two", "lastName": "ln2", "firstName": "fn2"},
50 | {"email": "ccd.test.updatename.user3@hmcts.gov.uk", "roles": "caseworker,caseworker-role-two", "lastName": "ln3", "firstName": "fn3"},
51 | {"email": "ccd.test.updatename.user4@hmcts.gov.uk", "roles": "caseworker,caseworker-role-two", "lastName": "ln4", "firstName": "fn4"},
52 | {"email": "ccd.test.updatename.user5@hmcts.gov.uk", "roles": "caseworker,caseworker-role-two", "lastName": "ln5", "firstName": "fn5"},
53 | {"email": "ccd.test.updatename.user6@hmcts.gov.uk", "roles": "caseworker,caseworker-role-two", "lastName": "ln6", "firstName": "fn6"},
54 | {"email": "ccd.test.updatename.user7@hmcts.gov.uk", "roles": "caseworker,caseworker-role-two", "lastName": "ln7", "firstName": "fn7"},
55 | {"email": "ccd.test.updatename.user8@hmcts.gov.uk", "roles": "caseworker,caseworker-role-two", "lastName": "ln8", "firstName": "fn8", "active": "false"}
56 | ]
--------------------------------------------------------------------------------
/compose/case-disposer.yml:
--------------------------------------------------------------------------------
1 | ---
2 | version: '2.4'
3 |
4 | services:
5 | ccd-case-disposer:
6 | image: "${CCD_CASE_DISPOSER_USE_LOCAL-hmctspublic.azurecr.io/}ccd/case-disposer:${CCD_CASE_DISPOSER_TAG:-latest}"
7 | environment:
8 | DATA_STORE_DB_HOST: ccd-shared-database
9 | DATA_STORE_DB_PORT: 5432
10 | DATA_STORE_DB_USERNAME: "${DB_USERNAME}"
11 | DATA_STORE_DB_PASSWORD: "${DB_PASSWORD}"
12 | # Uncomment this line to enable JVM debugging and uncomment the port mapping below
13 | # JAVA_TOOL_OPTIONS: -XX:InitialRAMPercentage=30.0 -XX:MaxRAMPercentage=65.0 -XX:MinRAMPercentage=30.0 -XX:+UseConcMarkSweepGC -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005
14 | #ports:
15 | # Uncomment this and the JAVA_TOOL_OPTIONS flag for JVM debugging
16 | # - 5005:5005
17 | depends_on:
18 | ccd-data-store-api:
19 | condition: service_started
20 | networks:
21 | - ccd-network
22 |
23 | networks:
24 | ccd-network:
25 | external: true
26 |
--------------------------------------------------------------------------------
/compose/case-document-am.yml:
--------------------------------------------------------------------------------
1 | ---
2 | version: '2.4'
3 |
4 | services:
5 | ccd-case-document-am-api:
6 | image: "${CCD_CASE_DOCUMENT_AM_API_USE_LOCAL-hmctspublic.azurecr.io/}ccd/case-document-am-api:${CCD_CASE_DOCUMENT_AM_API_TAG:-latest}"
7 | environment:
8 | CASE_DOCUMENT_AM_API_S2S_SECRET: "${IDAM_KEY_CASE_DOCUMENT}"
9 | CASE_DOCUMENT_S2S_AUTHORISED_SERVICES: ccd_case_document_am_api,ccd_gw,xui_webapp,ccd_data,bulk_scan_processor,bulk_scan_orchestrator
10 | IDAM_API_URL: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}"
11 | IDAM_OIDC_URL: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}"
12 | S2S_URL: http://service-auth-provider-api:8080
13 | DM_STORE_BASE_URL: http://dm-store:8080
14 | CCD_DATA_STORE_API_BASE_URL: http://ccd-data-store-api:4452
15 | REFORM_SERVICE_NAME: ccd-case-document-am-api
16 | REFORM_TEAM: ccd
17 | REFORM_ENVIRONMENT: local
18 | APPINSIGHTS_INSTRUMENTATIONKEY: key
19 | DOCUMENT_TTL: 3600000
20 | # Uncomment this line to enable JVM debugging and uncomment the port mapping below
21 | # JAVA_TOOL_OPTIONS: '-XX:InitialRAMPercentage=30.0 -XX:MaxRAMPercentage=65.0 -XX:MinRAMPercentage=30.0 -XX:+UseConcMarkSweepGC -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005'
22 | ports:
23 | - 4455:4455
24 | # Uncomment this and the JAVA_TOOL_OPTIONS flag for JVM debugging
25 | # 5005:5005
26 | depends_on:
27 | - ccd-data-store-api
28 | - dm-store
29 | - service-auth-provider-api
30 | networks:
31 | - ccd-network
32 |
--------------------------------------------------------------------------------
/compose/ccd-next-hearing-date-updater.yml:
--------------------------------------------------------------------------------
1 | ---
2 | version: '2.4'
3 |
4 | services:
5 | ccd-next-hearing-date-updater:
6 | image: "${CCD_NEXT_HEARING_DATE_UPDATER_USE_LOCAL-hmctspublic.azurecr.io/}ccd/next-hearing-date-updater:${CCD_NEXT_HEARING_DATE_UPDATER_TAG:-latest}"
7 | environment:
8 | IDAM_API_URL: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}"
9 | CCD_NEXT_HEARING_DATE_UPDATER_SERVICE_IDAM_CLIENT_SECRET: AAAAAAAAAAAAAAAA
10 | IDAM_NEXT_HEARING_DATE_SYSTEM_USER: "${CCD_NEXT_HEARING_DATE_USERNAME:-next.hearing.date.admin@gmail.com}"
11 | IDAM_NEXT_HEARING_DATE_SYSTEM_PASSWORD: "${CCD_NEXT_HEARING_DATE_PASSWORD}"
12 | IDAM_S2S_URL: "${IDAM_S2S_URL:-http://service-auth-provider-api:8080}"
13 | IDAM_KEY_NEXT_HEARING_UPDATER: AAAAAAAAAAAAAAAA
14 | HEARING_NEXT_DAY_CRON_JOB_PROCESSING_ENABLED: "true"
15 | CCD_DATA_STORE_API_BASE_URL: http://ccd-data-store-api:4452
16 | ES_QUERY_SIZE: 100
17 | MAX_CSV_RECORDS: 10000
18 | CASE_TYPES: FT_NextHearingDate
19 | # Uncomment this line to enable JVM debugging and uncomment the port mapping below
20 | # JAVA_TOOL_OPTIONS: -XX:InitialRAMPercentage=30.0 -XX:MaxRAMPercentage=65.0 -XX:MinRAMPercentage=30.0 -XX:+UseConcMarkSweepGC -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005
21 | #ports:
22 | # Uncomment this and the JAVA_TOOL_OPTIONS flag for JVM debugging
23 | # - 5005:5005
24 | depends_on:
25 | ccd-data-store-api:
26 | condition: service_started
27 | networks:
28 | - ccd-network
29 |
30 | networks:
31 | ccd-network:
32 | external: true
33 |
--------------------------------------------------------------------------------
/compose/def-designer.yml:
--------------------------------------------------------------------------------
1 | ---
2 | version: '2.4'
3 |
4 | services:
5 |
6 | ccd-api-gateway:
7 | environment:
8 | PROXY_DEFINITION_DESIGNER: http://ccd-definition-designer-api:4544
9 | depends_on:
10 | - ccd-definition-designer-api
11 |
12 | service-auth-provider-api:
13 | environment:
14 | MICROSERVICE_KEYS_DEFINITION_DESIGNER: "${IDAM_KEY_CCD_DEFINITION_DESIGNER}"
15 |
16 | ccd-definition-designer-api:
17 | image: "${CCD_DEFINITION_DESIGNER_API_USE_LOCAL-hmctspublic.azurecr.io/}ccd/definition-designer-api:${CCD_DEFINITION_DESIGNER_API_TAG:-latest}"
18 | command: --wait-for-database 30
19 | healthcheck:
20 | disable: true
21 | environment:
22 | DEFINITION_DESIGNER_DB_HOST: "${DB_HOST_COMMON}"
23 | DEFINITION_DESIGNER_DB_PORT: "${DB_PORT_COMMON}"
24 | DEFINITION_DESIGNER_DB_USERNAME: "${DB_USERNAME}"
25 | DEFINITION_DESIGNER_DB_PASSWORD: "${DB_PASSWORD}"
26 | DEFINITION_DESIGNER_DB_USE_SSL: "${DB_USE_SSL}"
27 | DEFINITION_DESIGNER_IDAM_KEY: "${IDAM_KEY_CCD_DEFINITION_DESIGNER}"
28 | DEFINITION_DESIGNER_S2S_AUTHORISED_SERVICES: ccd_gw,ccd_admin
29 | USER_PROFILE_HOST: http://ccd-user-profile-api:4453
30 | IDAM_USER_URL: http://sidam-api:5000
31 | IDAM_S2S_URL: "${IDAM_S2S_URL:-http://service-auth-provider-api:8080}"
32 | REFORM_TEAM: ccd
33 | REFORM_ENVIRONMENT: local
34 | APPINSIGHTS_INSTRUMENTATIONKEY: key
35 | ELASTIC_SEARCH_ENABLED: "false"
36 | ELASTIC_SEARCH_HOST: "ccd-elasticsearch"
37 | ELASTIC_SEARCH_FAIL_ON_IMPORT: "false"
38 | ports:
39 | - 4544:4544
40 | depends_on:
41 | - ccd-shared-database
42 | - ccd-user-profile-api
43 | networks:
44 | - ccd-network
45 |
46 | networks:
47 | ccd-network:
48 | external: true
49 |
--------------------------------------------------------------------------------
/compose/defaults.conf:
--------------------------------------------------------------------------------
1 | backend
2 | frontend
3 | sidam
4 | sidam-local
5 | sidam-local-ccd
6 |
--------------------------------------------------------------------------------
/compose/dm-store.yml:
--------------------------------------------------------------------------------
1 | ---
2 | version: '2.4'
3 |
4 | services:
5 | ccd-api-gateway:
6 | environment:
7 | PROXY_DOCUMENT_MANAGEMENT: http://dm-store:8080
8 | depends_on:
9 | - dm-store
10 |
11 | ccd-data-store-api:
12 | environment:
13 | CCD_DM_DOMAIN: http://dm-store:8080
14 |
15 | service-auth-provider-api:
16 | environment:
17 | MICROSERVICE_KEYS_EM_GW: "${IDAM_KEY_DM_STORE}"
18 |
19 | dm-store:
20 | image: "${DM_STORE_USE_LOCAL-hmctspublic.azurecr.io/}dm/store:${DM_STORE_TAG:-latest}"
21 | healthcheck:
22 | disable: true
23 | environment:
24 | SERVER_PORT: 8080
25 | IDAM_SUPERUSER_EMAIL:
26 | IDAM_SECRET_KEY: "${IDAM_KEY_DM_STORE}"
27 | GOV_NOTIFY_API_KEY:
28 | SPRING_DATASOURCE_URL: jdbc:postgresql://ccd-shared-database:5432/evidence
29 | SPRING_DATASOURCE_USERNAME: "${DB_USERNAME}"
30 | SPRING_DATASOURCE_PASSWORD: "${DB_PASSWORD}"
31 | ENABLE_AZURE_STORAGE_CONTAINER: "true"
32 | ENABLE_POSTGRES_BLOB_STORAGE: "false"
33 | STORAGEACCOUNT_PRIMARY_CONNECTION_STRING: "${STORAGEACCOUNT_PRIMARY_CONNECTION_STRING:-DefaultEndpointsProtocol=http;AccountName=devstoreaccount1;AccountKey=Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw==;BlobEndpoint=http://azure-storage-emulator-azurite:10000/devstoreaccount1}"
34 | STORAGE_CONTAINER_DOCUMENT_CONTAINER_NAME: "${STORAGE_CONTAINER_DOCUMENT_CONTAINER_NAME:-hmctstestcontainer}"
35 | BLOBSTORE_MIGRATE_CCD_PUBLIC_KEY_REQUIRED: "${BLOBSTORE_MIGRATE_CCD_PUBLIC_KEY_REQUIRED:-false}"
36 | BLOBSTORE_MIGRATE_CCD_PUBLIC_KEY: "${BLOBSTORE_MIGRATE_CCD_PUBLIC_KEY:-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDiQ//gc/G53d9dLCtf123fIYo49gUySuJuxOcw2GtieWTMSy+O7RNtsAIjVf3mCOdDNuN69tZNPEWMdaW8n11s9MwYFahtxDecyn0KIP9MvPsfSMSbxhp/f7kfbdB/H/S5eYea66JTyeJS6uNd76RdHttx0mLO30ZkRcXB25c2SIXhRYsdoeKS5GXHDdNejkQM0S/Ev94x2UunApmYHjWN1XcDhsEsAeF4WHnvYh2XiMn9vHY44AqvbWLlAmCgzaXpz8Xhl0fO7jDKSeReDyuM3UTMaiFFaxuvliGol7aIXq/aVe/miiD2SLxHZ6RxAPW80bhXrzJMTLTCqhCEhzfv someone@somewhere.sometime}"
37 | SPRING_PROFILES_ACTIVE: dev
38 | IDAM_TESTING_SUPPORT_ENABLED: "true"
39 | LOGGING_LEVEL_UK_GOV_HMCTS_IDAM: DEBUG
40 | IDAM_USER_BASE_URI: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}"
41 | IDAM_S2S_BASE_URI: http://service-auth-provider-api:8080
42 | S2S_NAMES_WHITELIST: sscs,divorce,ccd,em_gw,document-management-store,ccd_gw,idam-api,fpl_case_service,xui_webapp,ccd_case_document_am_api,ccd_data,ccd_case_disposer
43 | http_proxy:
44 | https_proxy:
45 | no_proxy:
46 | REFORM_SERVICE_TYPE: java
47 | REFORM_SERVICE_NAME: document-management-store
48 | REFORM_TEAM: cc
49 | REFORM_ENVIRONMENT: docker
50 | # healthcheck env vars
51 | PACKAGES_ENVIRONMENT: docker
52 | PACKAGES_PROJECT: evidence
53 | PACKAGES_NAME: document-management-store
54 | PACKAGES_VERSION: unknown
55 | ENABLE_DB_MIGRATE: "true"
56 | ENABLE_TTL: "true"
57 | # debug mode
58 | # JAVA_OPTS: -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=*:5005
59 | depends_on:
60 | - ccd-shared-database
61 | - service-auth-provider-api
62 | - azure-storage-emulator-azurite
63 | ports:
64 | - 4506:8080
65 | # debug port exposed
66 | # - 5006:5005
67 | networks:
68 | - ccd-network
69 |
70 | azure-storage-emulator-azurite:
71 | image: arafato/azurite
72 | ports:
73 | - 10000:10000
74 | environment:
75 | executable: "blob"
76 | volumes:
77 | - ccd-docker-azure-blob-data:/opt/azurite/folder
78 | networks:
79 | - ccd-network
80 |
81 | volumes:
82 | ccd-docker-azure-blob-data:
83 |
84 | networks:
85 | ccd-network:
86 | external: true
87 |
--------------------------------------------------------------------------------
/compose/elasticsearch.yml:
--------------------------------------------------------------------------------
1 | version: '2.4'
2 | services:
3 | ccd-elasticsearch:
4 | image: docker.elastic.co/elasticsearch/elasticsearch:7.17.0
5 | container_name: ccd-elasticsearch
6 | depends_on:
7 | - "ccd-data-store-api"
8 | environment:
9 | - cluster.name=ccd-docker-es-cluster
10 | - discovery.type=single-node
11 | - bootstrap.memory_lock=true
12 | - action.auto_create_index=.security*,.watches,.triggered_watches,.watcher-history-*,.logstash_dead_letter,.ml*
13 | - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
14 | ulimits:
15 | memlock:
16 | soft: -1
17 | hard: -1
18 | volumes:
19 | - esdata1:/usr/share/elasticsearch/data
20 | ports:
21 | - 9200:9200
22 | networks:
23 | - ccd-network
24 |
25 | volumes:
26 | esdata1:
27 | driver: local
28 |
29 | networks:
30 | ccd-network:
31 | external: true
32 |
33 |
--------------------------------------------------------------------------------
/compose/frontend.yml:
--------------------------------------------------------------------------------
1 | ---
2 | version: '2.4'
3 |
4 | services:
5 | ccd-admin-web:
6 | image: "${CCD_ADMIN_WEB_USE_LOCAL-hmctspublic.azurecr.io/}ccd/admin-web:${CCD_ADMIN_WEB_TAG:-latest}"
7 | container_name: ccd-admin-web
8 | environment:
9 | SECURE_AUTH_COOKIE_ENABLED : "false"
10 | USE_CSRF_PROTECTION : "false"
11 | SECURITY_REFERRER_POLICY : origin
12 | IDAM_BASE_URL: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}"
13 | IDAM_S2S_URL: http://service-auth-provider-api:8080
14 | IDAM_ADMIN_WEB_SERVICE_KEY: AAAAAAAAAAAAAAAD
15 | IDAM_LOGOUT_URL: "${IDAM_STUB_LOCALHOST:-http://localhost:3501}/login"
16 | IDAM_OAUTH2_TOKEN_ENDPOINT: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}/oauth2/token"
17 | IDAM_OAUTH2_LOGOUT_ENDPOINT: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}/session/:token"
18 | IDAM_OAUTH2_AW_CLIENT_SECRET: ccd_admin_secret
19 | IDAM_SERVICE_NAME: ccd_admin
20 | IDAM_OAUTH2_CLIENT_ID : ccd_admin
21 | ADMINWEB_LOGIN_URL: "${IDAM_STUB_LOCALHOST:-http://localhost:3501}/login"
22 | ADMINWEB_IMPORT_URL: http://ccd-definition-store-api:4451/import
23 | ADMINWEB_JURISDICTIONS_URL : http://ccd-definition-store-api:4451/api/data/jurisdictions
24 | ADMINWEB_USER_PROFILE_URL : http://ccd-user-profile-api:4453/users
25 | ADMINWEB_SAVE_USER_PROFILE_URL : http://ccd-user-profile-api:4453/users/save
26 | ADMINWEB_USER_ROLE_URL : http://ccd-definition-store-api:4451/api/user-role
27 | ADMIN_ALL_USER_ROLES_URL : http://ccd-definition-store-api:4451/api/user-roles
28 | ADMINWEB_CREATE_DEFINITION_URL : http://ccd-definition-store-api:4451/api/draft
29 | ADMINWEB_UPDATE_DEFINITION_URL : http://ccd-definition-store-api:4451/api/draft/save
30 | ADMINWEB_DELETE_DEFINITION_URL : http://ccd-definition-store-api:4451/api/draft
31 | ADMINWEB_DEFINITIONS_URL : http://ccd-definition-store-api:4451/api/drafts
32 | ADMINWEB_WHOAMI_URL : http://ccd-definition-store-api:4451/api/idam/profile
33 | ADMINWEB_AUTHORIZATION_URL : http://ccd-definition-store-api:4451/api/idam/adminweb/authorization
34 | ADMINWEB_IMPORT_AUDITS_URL : http://ccd-definition-store-api:4451/api/import-audits
35 | ADMINWEB_ELASTIC_INDEX_URL : http://ccd-definition-store-api:4451/elastic-support/index
36 | ADMINWEB_GET_DICTIONARY_URL: http://ts-translation-service:4650/dictionary
37 | ADMINWEB_ROLES_WHITELIST : "ccd-import,ccd-import-validate"
38 | APPINSIGHTS_INSTRUMENTATIONKEY: key
39 | ports:
40 | - 3100:3100
41 | depends_on:
42 | - service-auth-provider-api
43 | - ccd-definition-store-api
44 | - ccd-user-profile-api
45 | networks:
46 | - ccd-network
47 |
48 | ccd-api-gateway:
49 | image: "${CCD_API_GATEWAY_USE_LOCAL-hmctspublic.azurecr.io/}ccd/api-gateway-web:${CCD_API_GATEWAY_TAG:-latest}"
50 | container_name: ccd-api-gateway-web
51 | environment:
52 | IDAM_BASE_URL: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}"
53 | IDAM_USER_URL: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}"
54 | IDAM_S2S_URL: http://service-auth-provider-api:8080
55 | IDAM_SERVICE_KEY: "${IDAM_KEY_CCD_GATEWAY}"
56 | IDAM_OAUTH2_LOGOUT_ENDPOINT: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}/session/:token"
57 | IDAM_OAUTH2_CLIENT_ID: ccd_gateway
58 | IDAM_OAUTH2_CLIENT_SECRET: ccd_gateway_secret
59 | IDAM_OAUTH2_TOKEN_ENDPOINT: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}/oauth2/token"
60 | ADDRESS_LOOKUP_TOKEN:
61 | PROXY_AGGREGATED: http://ccd-data-store-api:4452
62 | PROXY_DATA: http://ccd-data-store-api:4452
63 | PROXY_CASE_ACTIVITY: http://host.docker.internal:3460
64 | PROXY_PRINT_SERVICE: http://host.docker.internal:3200
65 | PROXY_PAYMENTS: "${PROXY_PAYMENTS_STUB:-http://localhost:9999/payments}"
66 | PROXY_DEFINITION_IMPORT: http://ccd-definition-store-api:4451
67 | PROXY_DEFINITION_DATA: http://ccd-definition-store-api:4451/api/data
68 | PROXY_DEFINITION_DISPLAY: http://ccd-definition-store-api:4451/api/display
69 | APPINSIGHTS_INSTRUMENTATIONKEY: key
70 | ports:
71 | - 3453:3453
72 | depends_on:
73 | - ccd-user-profile-api
74 | - ccd-definition-store-api
75 | - ccd-data-store-api
76 | networks:
77 | - ccd-network
78 |
79 | networks:
80 | ccd-network:
81 | external: true
82 |
--------------------------------------------------------------------------------
/compose/hearings.yml:
--------------------------------------------------------------------------------
1 | ---
2 | version: '2.4'
3 |
4 | services:
5 | hmc-hmi-outbound-adapter:
6 | image: "${HMC_OUTBOUND_ADAPTER_USE_LOCAL-hmctspublic.azurecr.io/}hmc/hmi-outbound-adapter:${HMC_OUTBOUND_ADAPTER_TAG:-latest}"
7 | container_name: hmi-outbound-adapter
8 | environment:
9 | SERVER_PORT: 4558
10 | APPINSIGHTS_INSTRUMENTATION_KEY: key
11 | CFT_HEARING_SERVICE_DB_HOST: "${CFT_HEARING_SERVICE_DB_HOST:-ccd-shared-database}"
12 | CFT_HEARING_SERVICE_DB_PORT: "${CFT_HEARING_SERVICE_DB_PORT:-5432}"
13 | CFT_HEARING_SERVICE_DB_NAME: "${CFT_HEARING_SERVICE_DB_NAME:-hmc-cft-hearing-service}"
14 | #HMI/LA connection details
15 | CLIENT_ID: "${CLIENT_ID}"
16 | CLIENT_SECRET: "${CLIENT_SECRET}"
17 | FH_BASE_URL: "${FH_BASE_URL}"
18 | FH_GET_TOKEN_URL: "${FH_GET_TOKEN_URL}"
19 | GRANT_TYPE: "client_credentials"
20 | HMC_SERVICE_BUS_OUTBOUND_QUEUE: "${HMC_SERVICE_BUS_OUTBOUND_QUEUE}"
21 | HMC_SERVICE_BUS_INBOUND_QUEUE: "${HMC_SERVICE_BUS_INBOUND_QUEUE}"
22 | HMC_SERVICE_BUS_INBOUND_CONNECTION_STRING: "${HMC_SERVICE_BUS_INBOUND_CONNECTION_STRING}"
23 | HMC_SERVICE_BUS_OUTBOUND_CONNECTION_STRING: "${HMC_SERVICE_BUS_OUTBOUND_CONNECTION_STRING}"
24 | HMI_BASE_URL: "${HMI_BASE_URL}"
25 | HMI_SOURCE_SYSTEM: "CFT"
26 | HMI_DESTINATION_SYSTEM: "MOCK"
27 | REFORM_SERVICE_NAME: hmc-hmi-outbound-adapter
28 | REFORM_ENVIRONMENT: local
29 | SCOPE: "${SCOPE}"
30 | WIREMOCK_URL: "${WIREMOCK_STUB_SERVICE_NAME:-http://hmc-wiremock:4459}"
31 | # Uncomment this line to enable JVM debugging and uncomment the port mapping below
32 | # JAVA_TOOL_OPTIONS: '-XX:InitialRAMPercentage=30.0 -XX:MaxRAMPercentage=65.0 -XX:MinRAMPercentage=30.0 -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005'
33 | ports:
34 | - 4558:4558
35 | # Uncomment this and the JAVA_TOOL_OPTIONS flag for JVM debugging
36 | # - 5005:5005
37 | depends_on:
38 | - hmc-wiremock
39 | networks:
40 | - ccd-network
41 |
42 | hmc-hmi-inbound-adapter:
43 | image: "${HMC_INBOUND_ADAPTER_USE_LOCAL-hmctspublic.azurecr.io/}hmc/hmi-inbound-adapter:${HMC_INBOUND_ADAPTER_TAG:-latest}"
44 | container_name: hmi-inbound-adapter
45 | environment:
46 | SERVER_PORT: 4559
47 | APPINSIGHTS_INSTRUMENTATION_KEY: key
48 | CFT_HEARING_SERVICE_URL: "${CFT_HEARING_SERVICE_URL:-http://hmc-cft-hearing-service:4561}"
49 | HMC_SERVICE_BUS_QUEUE: "${HMC_SERVICE_BUS_INBOUND_QUEUE}"
50 | HMC_SERVICE_BUS_CONNECTION_STRING: "${HMC_SERVICE_BUS_INBOUND_CONNECTION_STRING}"
51 | IDAM_API_URL: "${IDAM_STUB_SERVICE_NAME:-http://docker.for.mac.localhost:5000}"
52 | REFORM_SERVICE_NAME: hmc-hmi-inbound-adapter
53 | REFORM_ENVIRONMENT: local
54 | S2S_URL: "${S2S_URL:-http://service-auth-provider-api:8080}"
55 | # Uncomment this line to enable JVM debugging and uncomment the port mapping below
56 | # JAVA_TOOL_OPTIONS: '-XX:InitialRAMPercentage=30.0 -X
57 | ports:
58 | - 4559:4559
59 | # Uncomment this and the JAVA_TOOL_OPTIONS flag for JVM debugging
60 | # - 5005:5005
61 | depends_on:
62 | - hmc-wiremock
63 | networks:
64 | - ccd-network
65 |
66 | hmc-wiremock:
67 | image: rodolpheche/wiremock
68 | container_name: hmc-wiremock
69 | volumes:
70 | - ./../resources/wiremock:/home/wiremock:rw
71 | ports:
72 | - 4458:8080
73 | networks:
74 | - ccd-network
75 |
76 | hmc-cft-hearing-service:
77 | image: "${HMC_HEARING_SERVICE_USE_LOCAL-hmctspublic.azurecr.io/}hmc/cft-hearing-service:${HMC_HEARING_SERVICE_TAG:-latest}"
78 | container_name: cft-hearing-service
79 | environment:
80 | SERVER_PORT: 4561
81 | APPINSIGHTS_INSTRUMENTATION_KEY: key
82 | CFT_HEARING_SERVICE_DB_PASSWORD: "${CFT_HEARING_SERVICE_DB_PASSWORD:-hmc}"
83 | CFT_HEARING_SERVICE_DB_USERNAME: "${CFT_HEARING_SERVICE_DB_USERNAME:-hmc}"
84 | CFT_HEARING_SERVICE_DB_HOST: "${CFT_HEARING_SERVICE_DB_HOST:-ccd-shared-database}"
85 | CFT_HEARING_SERVICE_DB_PORT: "${CFT_HEARING_SERVICE_DB_PORT:-5432}"
86 | CFT_HEARING_SERVICE_DB_NAME: "${CFT_HEARING_SERVICE_DB_NAME:-hmc_cft_hearing_service}"
87 | CFT_HEARING_SERVICE_S2S_AUTHORISED_SERVICES: xui_webapp,hmc_hmi_inbound_adapter,sscs,fis_hmc_api
88 | CLIENT_ID: "${CLIENT_ID}"
89 | CLIENT_SECRET: "${CLIENT_SECRET}"
90 | FH_BASE_URL: "${FH_BASE_URL:-https://login.microsoftonline.com}"
91 | FH_GET_TOKEN_URL: "${FH_GET_TOKEN_URL}"
92 | GRANT_TYPE: client_credentials
93 | # temporarily switch off role access check while testing
94 | HMC_ACCESS_CONTROL_ENABLED: false
95 | #inbound queue
96 | HMC_QUEUE_CONNECTION_STRING: "${HMC_SERVICE_BUS_INBOUND_CONNECTION_STRING}"
97 | HMC_SERVICE_BUS_QUEUE: "${HMC_SERVICE_BUS_INBOUND_QUEUE}"
98 | #outbound queue
99 | HMC_OUTBOUND_QUEUE_CONNECTION_STRING: "${HMC_SERVICE_BUS_OUTBOUND_CONNECTION_STRING}"
100 | HMC_OUTBOUND_SERVICE_BUS_QUEUE: "${HMC_SERVICE_BUS_OUTBOUND_QUEUE}"
101 | #topic connection
102 | HMC_SERVICE_BUS_CONNECTION_STRING: "${HMC_SERVICE_BUS_CONNECTION_STRING}"
103 | HMC_SERVICE_BUS_TOPIC: "${HMC_SERVICE_BUS_TOPIC}"
104 | HMC_SERVICE_BUS_SUBSCRIPTION: "${HMC_SERVICE_BUS_SUBSCRIPTION}"
105 | IDAM_API_URL: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}"
106 | IDAM_API_BASE_URL: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}"
107 | IDAM_OAUTH2_DATA_STORE_CLIENT_SECRET: idam_data_store_client_secret
108 | IDAM_OIDC_URL: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}"
109 | IDAM_S2S_URL: "${IDAM_S2S_URL:-http://service-auth-provider-api:8080}"
110 | SCOPE: "${SCOPE}"
111 | S2S_URL: "${SERVICE_AUTH_PROVIDER_API_BASE_URL:-http://service-auth-provider-api:8080}"
112 | SERVICE_AUTH_PROVIDER_API_BASE_URL: "${SERVICE_AUTH_PROVIDER_API_BASE_URL:-http://service-auth-provider-api:8080}"
113 |
114 | # Uncomment this line to enable JVM debugging and uncomment the port mapping below
115 | # JAVA_TOOL_OPTIONS: -XX:InitialRAMPercentage=30.0 -XX:MaxRAMPercentage=65.0 -XX:MinRAMPercentage=30.0 -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005
116 | ports:
117 | - 4561:4561
118 | # Uncomment this and the JAVA_TOOL_OPTIONS flag for JVM debugging
119 | # - 5005:5005
120 | depends_on:
121 | - ccd-data-store-api
122 | networks:
123 | - ccd-network
124 |
125 | networks:
126 | ccd-network:
127 | external: true
128 |
--------------------------------------------------------------------------------
/compose/logstash.yml:
--------------------------------------------------------------------------------
1 | version: '2.4'
2 | services:
3 |
4 | ccd-logstash:
5 | image: "logstash:7.16.3"
6 | container_name: ccd-logstash
7 | environment:
8 | - XPACK_MONITORING_ENABLED=false
9 | - DATA_STORE_URL=jdbc:postgresql://ccd-shared-database:5432/ccd_data?stringtype=unspecified&ssl=false
10 | - DATA_STORE_USER=ccd
11 | - DATA_STORE_PASS=ccd
12 | - ES_HOSTS=http://ccd-elasticsearch:9200
13 | networks:
14 | - ccd-network
15 | volumes:
16 | - ${PWD}/logstash/config/logstash.yml:/usr/share/logstash/config/logstash.yml
17 | - ${PWD}/logstash/config/pipelines.yml:/usr/share/logstash/config/pipelines.yml
18 | - ${PWD}/logstash/pipeline/01_input.conf:/usr/share/logstash/pipeline/01_input.conf
19 | - ${PWD}/logstash/pipeline/02_filter.conf:/usr/share/logstash/pipeline/02_filter.conf
20 | - ${PWD}/logstash/pipeline/03_output.conf:/usr/share/logstash/pipeline/03_output.conf
21 | - ${PWD}/logstash/pipeline/dead_letter_indexing_pipeline.conf:/usr/share/logstash/pipeline/dead_letter_indexing_pipeline.conf
22 | - ${PWD}/logstash/lib/postgresql-42.2.18.jar:/usr/share/logstash/ccd/postgresql.jar
23 |
24 | networks:
25 | ccd-network:
26 | external: true
27 |
28 |
--------------------------------------------------------------------------------
/compose/message-publisher.yml:
--------------------------------------------------------------------------------
1 | ---
2 | version: '2.4'
3 |
4 | services:
5 | ccd-message-publisher:
6 | image: "${CCD_MESSAGE_PUBLISHER_USE_LOCAL-hmctspublic.azurecr.io/}ccd/message-publisher:${CCD_MESSAGE_PUBLISHER_TAG:-latest}"
7 | environment:
8 | DATA_STORE_DB_HOST: ccd-shared-database
9 | DATA_STORE_DB_PORT: 5432
10 | DATA_STORE_DB_USERNAME: "${DB_USERNAME}"
11 | DATA_STORE_DB_PASSWORD: "${DB_PASSWORD}"
12 | CCD_CASE_EVENTS_DESTINATION: ccd-case-events
13 | SERVICE_BUS_CONNECTION_STRING: # Update this value if using Azure Service Bus (see line below)
14 | SPRING_PROFILES_ACTIVE: dev # Comment this line to enable Azure Service Bus
15 | # Uncomment this line to enable JVM debugging and uncomment the port mapping below
16 | # JAVA_TOOL_OPTIONS: '-XX:InitialRAMPercentage=30.0 -XX:MaxRAMPercentage=65.0 -XX:MinRAMPercentage=30.0 -XX:+UseConcMarkSweepGC -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005'
17 | ports:
18 | - 4456:4456
19 | # Uncomment this and the JAVA_TOOL_OPTIONS flag for JVM debugging
20 | # - 5005:5005
21 | depends_on:
22 | ccd-shared-database:
23 | condition: service_started
24 | networks:
25 | - ccd-network
26 |
27 | networks:
28 | ccd-network:
29 | external: true
30 |
--------------------------------------------------------------------------------
/compose/operational.yml:
--------------------------------------------------------------------------------
1 | version: '2.4'
2 |
3 | services:
4 | hmc-operational-reports-runner:
5 | image: "${HMC_OPERATIONAL_REPORTS_USE_LOCAL-hmctspublic.azurecr.io/}hmc/operational-reports-runner:${HMC_OPERATIONAL_REPORTS_TAG:-latest}"
6 | container_name: operational-reports-runner
7 | environment:
8 | SERVER_PORT: 4459
9 | APPINSIGHTS_INSTRUMENTATIONKEY: "SomeRandomStringForLocalDocker"
10 | NOTIFY_HMC_API_KEY: team_and_guest_list-339063cc-26db-4374-bfad-40edc9033d83-dd0f01c6-6d7b-4e76-869c-d823f3ab780b
11 | NOTIFY_ERROR_TEMPLATE_ID: 952167ce-a823-432f-9a2c-f5a2a28076d9
12 | NOTIFY_ERROR_EMAIL_ADDRESS: rebecca.baker@hmcts.net
13 | NOTIFY_ERROR_REPLY_TO_EMAIL_ADDRESS: 8276915e-dfbc-4791-adbc-5e553607b2bd
14 | NOTIFY_AWAITING_ACTUALS_TEMPLATE_ID: 952167ce-a823-432f-9a2c-f5a2a28076d9
15 | NOTIFY_AWAITING_ACTUALS_EMAIL_ADDRESS: mark.dathorne@hmcts.net
16 | NOTIFY_AWAITING_ACTUALS_REPLY_TO_EMAIL_ADDRESS: 276915e-dfbc-4791-adbc-5e553607b2bd
17 | CFT_HEARING_SERVICE_DB_USERNAME: hmc
18 | CFT_HEARING_SERVICE_DB_PASSWORD: hmc
19 | CFT_HEARING_SERVICE_DB_HOST: "ccd-shared-database"
20 | CFT_HEARING_SERVICE_DB_PORT: 5432
21 | CFT_HEARING_SERVICE_DB_NAME: hmc_cft_hearing_service
22 | # these environment variables are used by java-logging library
23 | ROOT_APPENDER:
24 | JSON_CONSOLE_PRETTY_PRINT:
25 | ROOT_LOGGING_LEVEL:
26 | REFORM_SERVICE_TYPE:
27 | REFORM_SERVICE_NAME:
28 | REFORM_TEAM:
29 | REFORM_ENVIRONMENT:
30 | LOGBACK_DATE_FORMAT:
31 | LOGBACK_REQUIRE_THREAD:
32 | LOGBACK_REQUIRE_ALERT_LEVEL: false
33 | LOGBACK_REQUIRE_ERROR_CODE: false
34 | ports:
35 | - 4459:4459
36 | networks:
37 | - ccd-network
38 |
--------------------------------------------------------------------------------
/compose/others.yml:
--------------------------------------------------------------------------------
1 | ---
2 | version: '2.4'
3 | #add non core CCD services here
4 |
5 | services:
6 | am-database:
7 | image: hmctspublic.azurecr.io/am/db:latest
8 | container_name: access_management_db
9 | environment:
10 | AM_DB: "${AM_DB}"
11 | AM_DB_USERNAME: "${AM_DB_USERNAME}"
12 | AM_DB_PASSWORD: "${AM_DB_PASSWORD}"
13 | healthcheck:
14 | interval: 10s
15 | timeout: 10s
16 | retries: 10
17 | ports:
18 | - 5600:5432
19 | volumes:
20 | - am-database-data:/var/lib/postgresql/data
21 | networks:
22 | - ccd-network
23 |
24 | networks:
25 | ccd-network:
26 | external: true
27 |
28 | volumes:
29 | am-database-data:
--------------------------------------------------------------------------------
/compose/sidam-local-ccd.yml:
--------------------------------------------------------------------------------
1 | ---
2 | version: '2.4'
3 |
4 | services:
5 | fr-am:
6 | environment:
7 | JAVA_OPTS: -Xms128m -Xmx512m
8 | networks:
9 | - ccd-network
10 | fr-idm:
11 | environment:
12 | JAVA_TOOL_OPTIONS: -Dcom.sun.management.jmxremote.port=9010 -Dcom.sun.management.jmxremote.local.only=false -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Djava.rmi.server.hostname=vm-ubuntu16 -Dcom.sun.management.jmxremote.rmi.port=9010
13 | JAVA_OPTS: -Xms128m -Xmx512m
14 | networks:
15 | - ccd-network
16 | shared-db:
17 | ports:
18 | - 5051:5432
19 | networks:
20 | - ccd-network
21 | idam-api:
22 | environment:
23 | JAVA_OPTS: -Xms128m -Xmx512m
24 | TESTING_SUPPORT_ENABLED: "true"
25 | networks:
26 | - ccd-network
27 | idam-web-public:
28 | ports:
29 | - 3501:8080
30 | environment:
31 | - JAVA_OPTS=-Xms128m -Xms512m
32 | networks:
33 | - ccd-network
34 | idam-web-admin:
35 | environment:
36 | - JAVA_OPTS=-Xms128m -Xms512m
37 | networks:
38 | - ccd-network
39 |
40 | networks:
41 | ccd-network:
42 | external: true
43 |
--------------------------------------------------------------------------------
/compose/sidam-local.yml:
--------------------------------------------------------------------------------
1 | # just a copy of 'docker-compose-local.yml' in https://tools.hmcts.net/confluence/display/SISM/Local+Docker+Setup
2 | # avoid modifying this file directly. Add any customisations to CCD Idam to `sidam-local-ccd.yml` instead
3 | ---
4 | version: '2.4'
5 |
6 | services:
7 | fr-am:
8 | ports:
9 | - 8080:8080
10 | - 1389:1389
11 | environment:
12 | JAVA_OPTS: -Xms128m -Xmx512m
13 |
14 | fr-idm:
15 | ports:
16 | - 18080:18080
17 | - 9010:9010
18 | shared-db:
19 | ports:
20 | - 5432:5432
21 | smtp-server:
22 | ports:
23 | - 1025:1025
24 | - 8025:8025
25 | idam-api:
26 | ports:
27 | - 5000:5000
28 | tmpfs: /opt/app/es
29 | environment:
30 | - JAVA_OPTS=-Xms128m -Xms512m
31 | - IDAMHEALTHCHECK_AM_ENABLED=false
32 | - IDAMHEALTHCHECK_IDM_ENABLED=false
33 | - STRATEGIC_ADMIN_URL=http://idam-web-admin:8082
34 | - STRATEGIC_WEBPUBLIC_URL=http://idam-web-public:9002
35 | - SPRING_PROFILES_ACTIVE=local
36 | - SPRING_DATASOURCE_URL=jdbc:postgresql://shared-db:5432/openidm?currentSchema=fridam
37 | - SPRING_DATASOURCE_USERNAME=openidm
38 | - SPRING_DATASOURCE_PASSWORD=openidm
39 | - SECURITY_OAUTH2_CLIENT_CLIENTSECRET=password
40 | - SECURITY_OAUTH2_CLIENT_PRE_ESTABLISHED_REDIRECT_URI=http://idam-web-public:9002/login
41 | - SECURITY_OAUTH2_CLIENT_REGISTERED_REDIRECT_URI=http://idam-web-public:9002/login
42 | - IDAM_SPI_FORGEROCK_AM_ROOT=http://fr-am:8080/openam
43 | - IDAM_SPI_FORGEROCK_AM_TOPLEVELHOST=fr-am
44 | - IDAM_SPI_FORGEROCK_AM_USERNAME=amadmin
45 | - IDAM_SPI_FORGEROCK_AM_PASSWORD=Pa55word11
46 | - IDAM_SPI_FORGEROCK_AM_JWKSURIFOROAUTH2CLIENTS=http://fr-am:8080/openam/oauth2/hmcts/connect/jwk_uri
47 | - IDAM_SPI_FORGEROCK_IDM_ROOT=http://fr-idm:18080/openidm
48 | - IDAM_SPI_FORGEROCK_IDM_USERNAME=openidm-admin
49 | - IDAM_SPI_FORGEROCK_IDM_PASSWORD=openidm-admin
50 | - IDAM_SPI_FORGEROCK_IDM_PIN_DEFAULTPASSWORD=BlaBlaBlackSh33p
51 | - APPSETTING_NODE_PATH=/opt/app
52 | idam-web-public:
53 | ports:
54 | - 9002:8080
55 | environment:
56 | - JAVA_OPTS=-Xms128m -Xms512m
57 | - STRATEGIC_SERVICE_URL=http://idam-api:5000
58 | idam-web-admin:
59 | ports:
60 | - 8082:8080
61 | environment:
62 | - JAVA_OPTS=-Xms128m -Xms512m
63 | - STRATEGIC_SERVICE_URL=http://idam-api:5000
64 | - STRATEGIC_PUBLIC_URL=http://idam-web-public:9002
65 |
--------------------------------------------------------------------------------
/compose/sidam.yml:
--------------------------------------------------------------------------------
1 | # just a copy of 'docker-compose.yml' in https://tools.hmcts.net/confluence/display/SISM/Local+Docker+Setup
2 | # avoid modifying this file directly. Add any customisations to CCD Idam to `sidam-local-ccd.yml` instead
3 | ---
4 | version: '2.4'
5 |
6 | services:
7 | fr-am:
8 | image: hmctsprivate.azurecr.io/idam/idam-fr-am:latest
9 | hostname: localam
10 | depends_on:
11 | shared-db:
12 | condition: service_started
13 | fr-idm:
14 | image: hmctsprivate.azurecr.io/idam/idam-fr-idm:latest
15 | hostname: localidm
16 | depends_on:
17 | fr-am:
18 | condition: service_started
19 | shared-db:
20 | condition: service_started
21 | shared-db:
22 | image: hmctsprivate.azurecr.io/idam/shared-db:latest
23 | smtp-server:
24 | image: mailhog/mailhog
25 | idam-api:
26 | image: hmctspublic.azurecr.io/idam/api:stable
27 | depends_on:
28 | fr-am:
29 | condition: service_started
30 | shared-db:
31 | condition: service_started
32 | idam-web-public:
33 | image: hmctspublic.azurecr.io/idam/web-public:stable
34 | depends_on:
35 | idam-api:
36 | condition: service_started
37 | idam-web-admin:
38 | image: hmctspublic.azurecr.io/idam/web-admin:stable
39 | depends_on:
40 | idam-api:
41 | condition: service_started
42 |
--------------------------------------------------------------------------------
/compose/ts-translation-service.yml:
--------------------------------------------------------------------------------
1 | version: '2.4'
2 |
3 | services:
4 | ts-translation-service:
5 | build:
6 | context: .
7 | args:
8 | - http_proxy
9 | - https_proxy
10 | - no_proxy
11 | image: "${TS_TRANSLATION_SERVICE_USE_LOCAL-hmctspublic.azurecr.io/}ts/translation-service:${TS_TRANSLATION_SERVICE_TAG:-latest}"
12 | container_name: translation-service
13 | environment:
14 | TS_TRANSLATION_SERVICE_DB_HOST: ccd-shared-database
15 | TS_TRANSLATION_SERVICE_DB_PORT: 5432
16 | TS_TRANSLATION_SERVICE_DB_NAME: ts_translation_service
17 | TS_TRANSLATION_SERVICE_DB_USERNAME: ${DB_USERNAME}
18 | TS_TRANSLATION_SERVICE_DB_PASSWORD: ${DB_PASSWORD}
19 | IDAM_API_URL: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}"
20 | IDAM_OIDC_URL: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}"
21 | TS_TRANSLATION_SERVICE_S2S_AUTHORISED_SERVICES: xui_webapp,ccd_admin,ccd_definition
22 | S2S_URL: http://service-auth-provider-api:8080
23 | REFORM_SERVICE_NAME: ts-translation-service
24 | REFORM_TEAM: ts
25 | REFORM_ENVIRONMENT: local
26 | TESTING_SUPPORT_ENABLED: "${TESTING_SUPPORT_ENABLED:-true}"
27 | APPINSIGHTS_INSTRUMENTATIONKEY: key
28 | ports:
29 | - "4650:4650"
30 | depends_on:
31 | ccd-shared-database:
32 | condition: service_started
33 | service-auth-provider-api:
34 | condition: service_started
35 | idam-api:
36 | condition: service_started
37 | networks:
38 | - ccd-network
39 |
--------------------------------------------------------------------------------
/compose/xui-frontend.yml:
--------------------------------------------------------------------------------
1 | ---
2 | version: '2.4'
3 |
4 | services:
5 | xui-manage-cases:
6 | image: "${XUI_MANAGE_CASES_USE_LOCAL-hmctspublic.azurecr.io/}xui/webapp:${XUI_MANAGE_CASES_TAG:-latest}"
7 | container_name: xui-manage-cases
8 | environment:
9 | FEATURE_APP_INSIGHTS_ENABLED: "true"
10 | FEATURE_SECURE_COOKIE_ENABLED: "false"
11 | FEATURE_REDIS_ENABLED: "false"
12 | JURISDICTIONS: AUTOTEST1,DIVORCE,PROBATE,BEFTA_JURISDICTION_3,BEFTA_JURISDICTION_2,BEFTA_JURISDICTION_1,IA,SSCS,BEFTA_MASTER
13 |
14 | MICROSERVICE: "${BEFTA_S2S_CLIENT_ID_OF_XUI_WEBAPP:-xui_webapp}"
15 | PROTOCOL: http
16 | XUI_ENV: local
17 |
18 | SERVICES_DOCUMENTS_API: http://dm-store:8080
19 | SERVICES_PAYMENTS_URL: http://wiremock:8080
20 | SERVICES_EM_ANNO_API: http://ccd-api-gateway:3453
21 | SERVICES_CCD_COMPONENT_API: http://ccd-api-gateway:3453
22 | SERVICES_CCD_DATA_STORE_API: http://ccd-data-store-api:4452
23 | SERVICES_IDAM_API_URL: "${IDAM_STUB_SERVICE_NAME:-http://idam-api:5000}"
24 | SERVICES_IDAM_CLIENT_ID: "${BEFTA_OAUTH2_CLIENT_ID_OF_XUIWEBAPP:-xuiwebapp}"
25 | SERVICES_IDAM_LOGIN_URL: "${IDAM_STUB_LOCALHOST:-http://localhost:3501}"
26 | SERVICES_IDAM_INDEX_URL: /
27 | SERVICES_IDAM_OAUTH_CALLBACK_URL: /oauth2/callback
28 | SERVICES_S2S: http://service-auth-provider-api:8080
29 | REDISCLOUD_URL: http://localhost:6780
30 | SYSTEM_USER_NAME: "dummy"
31 | SYSTEM_USER_PASSWORD: "dummy"
32 |
33 | HEALTH_CCD_COMPONENT_API: http://ccd-api-gateway:3453/health
34 | HEALTH_CCD_DATA_API: http://ccd-data-store-api:4452/health
35 |
36 | APPINSIGHTS_INSTRUMENTATIONKEY: TESTVAR
37 | IDAM_SECRET: "${BEFTA_OAUTH2_CLIENT_SECRET_OF_XUIWEBAPP:-OOOOOOOOOOOOOOOO}"
38 | S2S_SECRET: "${BEFTA_S2S_CLIENT_SECRET_OF_XUI_WEBAPP:-OOOOOOOOOOOOOOOO}"
39 | LAUNCH_DARKLY_CLIENT_ID: "${XUI_LAUNCH_DARKLY_CLIENT_ID:-1}"
40 |
41 | ports:
42 | - 3455:3000
43 | depends_on:
44 | - ccd-api-gateway
45 | - ccd-data-store-api
46 | networks:
47 | - ccd-network
48 |
49 | networks:
50 | ccd-network:
51 | external: true
52 |
--------------------------------------------------------------------------------
/database/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM postgres:11.5
2 |
3 | COPY init-db.sh /docker-entrypoint-initdb.d
4 |
5 | HEALTHCHECK --interval=10s --timeout=10s --retries=10 CMD psql -c 'select 1' -d ccd_data -U ${DB_USERNAME}
6 |
7 | EXPOSE 5432
--------------------------------------------------------------------------------
/database/init-db.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | set -e
4 |
5 | if [ -z "$DB_USERNAME" ] || [ -z "$DB_PASSWORD" ]; then
6 | echo "ERROR: Missing environment variable. Set value for both 'DB_USERNAME' and 'DB_PASSWORD'."
7 | exit 1
8 | fi
9 |
10 | # Create roles and databases
11 | psql -v ON_ERROR_STOP=1 --username postgres --set USERNAME=$DB_USERNAME --set PASSWORD=$DB_PASSWORD <<-EOSQL
12 | CREATE USER :USERNAME WITH PASSWORD ':PASSWORD';
13 | EOSQL
14 |
15 | for service in idam ccd_user_profile ccd_definition ccd_data evidence ccd_definition_designer role_assignment ts_translation_service; do
16 | echo "Database $service: Creating..."
17 | psql -v ON_ERROR_STOP=1 --username postgres --set USERNAME=$DB_USERNAME --set PASSWORD=$DB_PASSWORD --set DATABASE=$service <<-EOSQL
18 | CREATE DATABASE :DATABASE
19 | WITH OWNER = :USERNAME
20 | ENCODING = 'UTF8'
21 | CONNECTION LIMIT = -1;
22 | EOSQL
23 | echo "Database $service: Created"
24 | done
25 |
--------------------------------------------------------------------------------
/logstash/config/logstash.yml:
--------------------------------------------------------------------------------
1 | dead_letter_queue.enable: true
2 | http.host: 0.0.0.0
3 | queue.type: persisted
4 | xpack.monitoring.elasticsearch.hosts: ["${ES_HOSTS}"]
5 | xpack.monitoring.enabled: false
6 |
--------------------------------------------------------------------------------
/logstash/config/pipelines.yml:
--------------------------------------------------------------------------------
1 | - pipeline.id: main
2 | path.config: "/usr/share/logstash/pipeline/{01_input,02_filter,03_output}.conf"
3 | pipeline.workers: 4
4 | pipeline.batch.size: 500
5 | queue.type: persisted
6 | - pipeline.id: index-dead-letter-to-es
7 | path.config: "/usr/share/logstash/pipeline/dead_letter_indexing_pipeline.conf"
8 | pipeline.workers: 1
9 | dead_letter_queue.enable: false
10 |
--------------------------------------------------------------------------------
/logstash/lib/postgresql-42.2.18.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hmcts/ccd-docker/e858b1742a993bf59efb0591c67d55ac659e2a18/logstash/lib/postgresql-42.2.18.jar
--------------------------------------------------------------------------------
/logstash/pipeline/01_input.conf:
--------------------------------------------------------------------------------
1 | input {
2 | jdbc {
3 | jdbc_connection_string => "${DATA_STORE_URL}"
4 | jdbc_user => "${DATA_STORE_USER}"
5 | jdbc_password => "${DATA_STORE_PASS}"
6 | jdbc_validate_connection => true
7 | jdbc_driver_library => "/usr/share/logstash/ccd/postgresql.jar"
8 | jdbc_driver_class => "org.postgresql.Driver"
9 | jdbc_default_timezone => "UTC"
10 | statement => "UPDATE case_data SET marked_by_logstash = true WHERE marked_by_logstash = false RETURNING id, created_date, last_modified, jurisdiction, case_type_id, state, last_state_modified_date, data::TEXT as json_data, data_classification::TEXT as json_data_classification, reference, security_classification, supplementary_data::TEXT as json_supplementary_data"
11 | clean_run => false
12 | schedule => "* * * * * *"
13 | }
14 | }
15 |
--------------------------------------------------------------------------------
/logstash/pipeline/02_filter.conf:
--------------------------------------------------------------------------------
1 | filter {
2 | json {
3 | source => "json_data"
4 | target => "data"
5 | remove_field => ["json_data"]
6 | }
7 | json {
8 | source => "json_supplementary_data"
9 | target => "supplementary_data"
10 | remove_field => ["json_supplementary_data"]
11 | }
12 | json {
13 | source => "json_data_classification"
14 | target => "data_classification"
15 | remove_field => ["json_data_classification"]
16 | }
17 | if [data][SearchCriteria] {
18 | clone {
19 | clones => ["SearchCriteria"]
20 | }
21 | }
22 | if [type] == "SearchCriteria" {
23 | if [data][SearchCriteria] {
24 | mutate {
25 | rename => {
26 | "[data][SearchCriteria]" => "[data_new][SearchCriteria]"
27 | }
28 | }
29 | }
30 | if [data][caseManagementLocation] {
31 | mutate {
32 | rename => {
33 | "[data][caseManagementLocation]" => "[data_new][caseManagementLocation]"
34 | }
35 | }
36 | }
37 | if [data][CaseAccessCategory] {
38 | mutate {
39 | rename => {
40 | "[data][CaseAccessCategory]" => "[data_new][CaseAccessCategory]"
41 | }
42 | }
43 | }
44 | if [data][caseNameHmctsInternal] {
45 | mutate {
46 | rename => {
47 | "[data][caseNameHmctsInternal]" => "[data_new][caseNameHmctsInternal]"
48 | }
49 | }
50 | }
51 | if [data][caseManagementCategory] {
52 | mutate {
53 | rename => {
54 | "[data][caseManagementCategory]" => "[data_new][caseManagementCategory]"
55 | }
56 | }
57 | }
58 | if [supplementary_data][HMCTSServiceId] {
59 | mutate {
60 | rename => {
61 | "[supplementary_data][HMCTSServiceId]" => "[supplementary_data_new][HMCTSServiceId]"
62 | }
63 | }
64 | }
65 | if [data_classification][SearchCriteria] {
66 | mutate {
67 | rename => {
68 | "[data_classification][SearchCriteria]" => "[data_classification_new][SearchCriteria]"
69 | }
70 | }
71 | }
72 | if [data_classification][CaseAccessCategory] {
73 | mutate {
74 | rename => {
75 | "[data_classification][CaseAccessCategory]" => "[data_classification_new][CaseAccessCategory]"
76 | }
77 | }
78 | }
79 | if [data_classification][caseManagementLocation] {
80 | mutate {
81 | rename => {
82 | "[data_classification][caseManagementLocation]" => "[data_classification_new][caseManagementLocation]"
83 | }
84 | }
85 | }
86 | if [data_classification][caseNameHmctsInternal] {
87 | mutate {
88 | rename => {
89 | "[data_classification][caseNameHmctsInternal]" => "[data_classification_new][caseNameHmctsInternal]"
90 | }
91 | }
92 | }
93 | if [data_classification][caseManagementCategory] {
94 | mutate {
95 | rename => {
96 | "[data_classification][caseManagementCategory]" => "[data_classification_new][caseManagementCategory]"
97 | }
98 | }
99 | }
100 | mutate {
101 | remove_field => ["data", "supplementary_data", "data_classification", "last_state_modified_date", "type", "last_modified", "created_date"]
102 | }
103 | mutate {
104 | rename => {
105 | "[data_new]" => "data"
106 | }
107 | rename => {
108 | "[supplementary_data_new]" => "supplementary_data"
109 | }
110 | rename => {
111 | "[data_classification_new]" => "data_classification"
112 | }
113 | }
114 | mutate {
115 | add_field => {
116 | "index_id" => "global_search"
117 | }
118 | }
119 | mutate {
120 | lowercase => ["index_id"]
121 | }
122 | } else {
123 | mutate {
124 | add_field => {
125 | "index_id" => "%{case_type_id}_cases"
126 | }
127 | }
128 | mutate {
129 | lowercase => ["index_id"]
130 | }
131 | }
132 | }
133 |
--------------------------------------------------------------------------------
/logstash/pipeline/03_output.conf:
--------------------------------------------------------------------------------
1 | output {
2 | elasticsearch {
3 | hosts => ["${ES_HOSTS}"]
4 | sniffing => false
5 | index => "%{[index_id]}"
6 | document_type => "_doc"
7 | document_id => "%{id}"
8 | timeout => 60
9 | }
10 | }
11 |
--------------------------------------------------------------------------------
/logstash/pipeline/dead_letter_indexing_pipeline.conf:
--------------------------------------------------------------------------------
1 | input {
2 | dead_letter_queue {
3 | path => "${LOGSTASH_HOME}/data/dead_letter_queue"
4 | commit_offsets => true
5 | pipeline_id => "main"
6 | }
7 | }
8 | filter {
9 | # capture the entire event, and write it to a new field; we 'll call that field `failed_case`
10 | ruby {
11 | code => "event.set('failed_case', event.to_json())"
12 | }
13 | # prune every field off the event except for the one we 've just created. Note that this does not prune event metadata.
14 | prune {
15 | whitelist_names => ["^failed_case$"]
16 | }
17 | ruby {
18 | code => "event.set('timestamp', event.get('[@metadata][dead_letter_queue][entry_time]'))"
19 | }
20 | # pull useful information out of the event metadata provided by the dead letter queue, and add it to the new event.
21 | mutate {
22 | add_field => {
23 | "reason" => "%{[@metadata][dead_letter_queue][reason]}"
24 | }
25 | }
26 | }
27 | output {
28 | elasticsearch {
29 | hosts => ["${ES_HOSTS}"]
30 | sniffing => false
31 | index => ".logstash_dead_letter"
32 | }
33 | }
34 |
--------------------------------------------------------------------------------
/resources/idam_stub_get_details_custom.json:
--------------------------------------------------------------------------------
1 | {
2 | "request": {
3 | "method": "GET",
4 | "urlPath": "/o/userinfo"
5 | },
6 | "response": {
7 | "status": 200,
8 | "headers": {
9 | "Content-Type": "application/json"
10 | },
11 | "jsonBody": {
12 | "sub": "auto.test.cnp@gmail.com",
13 | "uid": "123456",
14 | "roles": [
15 | "caseworker-autotest1",
16 | "caseworker-autotest2",
17 | "caseworker",
18 | "ccd-import",
19 | "caseworker-divorce"
20 | ],
21 | "name": "CCD",
22 | "given_name": "CCD",
23 | "family_name": "Auto Test (Stub)"
24 | }
25 |
26 | }
27 | }
28 |
--------------------------------------------------------------------------------
/resources/improved-ccd-test-automation-users.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "forename": "Becky",
4 | "surname": "Solicington",
5 | "email": "befta.master.solicitor.becky@gmail.com",
6 | "password": "***",
7 | "active": true,
8 | "roles": [
9 | {
10 | "code": "caseworker"
11 | },
12 | {
13 | "code": "pui-case-manager"
14 | },
15 | {
16 | "code": "caseworker-befta_master"
17 | },
18 | {
19 | "code": "caseworker-befta_master-solicitor"
20 | }
21 | ]
22 | },
23 | {
24 | "forename": "Benjamin",
25 | "surname": "Solicington",
26 | "email": "befta.master.solicitor.benjamin@gmail.com",
27 | "password": "***",
28 | "active": true,
29 | "roles": [
30 | {
31 | "code": "caseworker"
32 | },
33 | {
34 | "code": "pui-case-manager"
35 | },
36 | {
37 | "code": "caseworker-befta_master"
38 | },
39 | {
40 | "code": "caseworker-befta_master-solicitor"
41 | }
42 | ]
43 | },
44 | {
45 | "forename": "CCD Solicitor",
46 | "surname": "Jurisdiction3",
47 | "email": "befta.solicitor.3@gmail.com",
48 | "password": "***",
49 | "active": true,
50 | "roles": [
51 | {
52 | "code": "caseworker"
53 | },
54 | {
55 | "code": "caseworker-befta_jurisdiction_3"
56 | },
57 | {
58 | "code": "caseworker-befta_jurisdiction_3-solicitor"
59 | }
60 | ]
61 | },
62 | {
63 | "forename": "CCD Solicitor 4",
64 | "surname": "Jurisdiction3",
65 | "email": "befta.solicitor.4@gmail.com",
66 | "password": "***",
67 | "active": true,
68 | "roles": [
69 | {
70 | "code": "caseworker"
71 | },
72 | {
73 | "code": "caseworker-befta_jurisdiction_3"
74 | },
75 | {
76 | "code": "caseworker-befta_jurisdiction_3-solicitor"
77 | }
78 | ]
79 | },
80 | {
81 | "forename": "CCD PUI",
82 | "surname": "CAA 1",
83 | "email": "befta.pui.caa.1@gmail.com",
84 | "password": "***",
85 | "active": true,
86 | "roles": [
87 | {
88 | "code": "pui-caa"
89 | }
90 | ]
91 | },
92 | {
93 | "forename": "AutoTest12 CNP",
94 | "surname": "Private",
95 | "email": "auto.test12.cnp+private@gmail.com",
96 | "password": "***",
97 | "active": true,
98 | "roles": [
99 | {
100 | "code": "caseworker"
101 | },
102 | {
103 | "code": "caseworker-autotest1"
104 | },
105 | {
106 | "code": "caseworker-autotest1-private"
107 | },
108 | {
109 | "code": "caseworker-autotest2"
110 | },
111 | {
112 | "code": "caseworker-autotest2-private"
113 | }
114 | ]
115 | },
116 | {
117 | "forename": "Befta",
118 | "surname": "Caseworker",
119 | "email": "befta.caseworker.2@gmail.com",
120 | "password": "***",
121 | "active": true,
122 | "roles": [
123 | {
124 | "code": "caseworker"
125 | },
126 | {
127 | "code": "caseworker-befta_jurisdiction_2"
128 | }
129 | ]
130 | },
131 | {
132 | "forename": "Autotest",
133 | "surname": "CNP Senior",
134 | "email": "auto.test.cnp+senior@gmail.com",
135 | "password": "***",
136 | "active": true,
137 | "roles": [
138 | {
139 | "code": "caseworker"
140 | },
141 | {
142 | "code": "caseworker-autotest1"
143 | },
144 | {
145 | "code": "caseworker-autotest1-senior"
146 | }
147 | ]
148 | },
149 | {
150 | "forename": "Caseworker",
151 | "surname": "CAA",
152 | "email": "befta.caseworker.caa@gmail.com",
153 | "password": "***",
154 | "active": true,
155 | "roles": [
156 | {
157 | "code": "caseworker"
158 | },
159 | {
160 | "code": "caseworker-caa"
161 | }
162 | ]
163 | }
164 | ]
165 |
166 |
--------------------------------------------------------------------------------
/resources/original-ccd-test-automation-users.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "forename": "Caseworker 2",
4 | "surname": "Befta",
5 | "email": "befta.caseworker.2.solicitor.1@gmail.com",
6 | "password": "***",
7 | "active": true,
8 | "roles": [
9 | {
10 | "code": "caseworker-befta_jurisdiction_2-solicitor_1"
11 | },
12 | {
13 | "code": "caseworker-befta_jurisdiction_2"
14 | },
15 | {
16 | "code": "caseworker"
17 | }
18 | ]
19 | }
20 | ]
21 |
--------------------------------------------------------------------------------
/resources/role_assignments/get_role_assignments.json:
--------------------------------------------------------------------------------
1 | {
2 | "request": {
3 | "method": "GET",
4 | "urlPattern": "/am/role-assignments/actors/0359819a-aab6-477e-9d9c-24afdf4573b7"
5 | },
6 | "response": {
7 | "status": 200,
8 | "headers": {
9 | "Content-Type": "application/json"
10 | },
11 | "jsonBody": {
12 | "roleAssignmentResponse": [
13 | {
14 | "id": "4d96923f-891a-4cb1-863e-9bec44d1689d",
15 | "actorIdType": "IDAM",
16 | "actorId": "{{userId}}",
17 | "roleType": "CASE",
18 | "roleName": "judge",
19 | "classification": "PUBLIC",
20 | "grantType": "STANDARD",
21 | "roleCategory": "JUDICIAL",
22 | "readOnly": false,
23 | "beginTime": "2021-01-01T00:00:00Z",
24 | "endTime": "2022-01-01T00:00:00Z",
25 | "created": "2020-12-23T06:37:58.096065Z",
26 | "attributes": {
27 | "contractType": "SALARIED",
28 | "jurisdiction": "divorce",
29 | "caseId": "1596104940595122",
30 | "region": "south-east"
31 | },
32 | "authorisations": []
33 | },
34 | {
35 | "id": "e6fc5ebb-63e3-4613-9cfc-b3f9b1559571",
36 | "actorIdType": "IDAM",
37 | "actorId": "{{userId}}",
38 | "roleType": "CASE",
39 | "roleName": "judge",
40 | "classification": "PUBLIC",
41 | "grantType": "STANDARD",
42 | "roleCategory": "JUDICIAL",
43 | "readOnly": false,
44 | "beginTime": "2021-02-01T00:00:00Z",
45 | "endTime": "2022-01-01T00:00:00Z",
46 | "created": "2020-12-23T06:37:58.096065Z",
47 | "attributes": {
48 | "contractType": "SALARIED",
49 | "jurisdiction": "divorce",
50 | "caseId": "1596104840593121",
51 | "region": "south-east"
52 | },
53 | "authorisations": []
54 | },
55 | {
56 | "id": "6d7d10af-b4a4-425b-a0cc-315bbb828361",
57 | "actorIdType": "IDAM",
58 | "actorId": "{{userId}}",
59 | "roleType": "ORGANISATION",
60 | "roleName": "judge",
61 | "classification": "PUBLIC",
62 | "grantType": "STANDARD",
63 | "roleCategory": "JUDICIAL",
64 | "readOnly": false,
65 | "beginTime": "2021-02-01T00:00:00Z",
66 | "endTime": "2022-01-01T00:00:00Z",
67 | "created": "2020-12-23T06:37:58.096065Z",
68 | "attributes": {
69 | "contractType": "SALARIED",
70 | "jurisdiction": "divorce",
71 | "caseId": "1596104840593121",
72 | "region": "south-east"
73 | },
74 | "authorisations": []
75 | },
76 | {
77 | "id": "5d96923f-891a-4cb1-863e-9bec54d1689c",
78 | "actorIdType": "IDAM",
79 | "actorId": "{{userId}}",
80 | "roleType": "CASE",
81 | "roleName": "judge",
82 | "classification": "PUBLIC",
83 | "grantType": "STANDARD",
84 | "roleCategory": "JUDICIAL",
85 | "readOnly": false,
86 | "beginTime": "2019-01-01T00:00:00Z",
87 | "endTime": "2020-01-01T00:00:00Z",
88 | "created": "2020-12-23T06:37:58.096065Z",
89 | "attributes": {
90 | "contractType": "SALARIED",
91 | "jurisdiction": "divorce",
92 | "caseId": "1596109944711818",
93 | "region": "south-east"
94 | },
95 | "authorisations": []
96 | },
97 | {
98 | "id": "6d96923f-991a-4cb1-863e-9bec44d1689a",
99 | "actorIdType": "IDAM",
100 | "actorId": "{{userId}}",
101 | "roleType": "CASE",
102 | "roleName": "judge",
103 | "classification": "PUBLIC",
104 | "grantType": "STANDARD",
105 | "roleCategory": "JUDICIAL",
106 | "readOnly": false,
107 | "beginTime": "2022-01-01T00:00:00Z",
108 | "endTime": "2023-01-01T00:00:00Z",
109 | "created": "2020-12-23T06:37:58.096065Z",
110 | "attributes": {
111 | "contractType": "SALARIED",
112 | "jurisdiction": "divorce",
113 | "caseId": "1596109944711818",
114 | "region": "south-east"
115 | },
116 | "authorisations": []
117 | }
118 | ]
119 | },
120 | "transformers": [
121 | "dynamic-role-assignments-response-transformer"
122 | ]
123 | }
124 | }
125 |
--------------------------------------------------------------------------------
/resources/role_assignments/get_role_assignments_not_found.json:
--------------------------------------------------------------------------------
1 | {
2 | "request": {
3 | "method": "GET",
4 | "urlPattern": "/am/role-assignments/actors/4d11e562-c043-4237-8b04-d6e761003171"
5 | },
6 | "response": {
7 | "status": 404,
8 | "headers": {
9 | "Content-Type": "application/json"
10 | }
11 | }
12 | }
13 |
--------------------------------------------------------------------------------
/resources/role_assignments/get_role_assignments_with_expired_results.json:
--------------------------------------------------------------------------------
1 | {
2 | "request": {
3 | "method": "GET",
4 | "urlPattern": "/am/role-assignments/actors/af3c8e11-bb5c-495f-8baf-4bf64c6ca047"
5 | },
6 | "response": {
7 | "status": 200,
8 | "headers": {
9 | "Content-Type": "application/json"
10 | },
11 | "jsonBody": {
12 | "roleAssignmentResponse": [
13 | {
14 | "id": "4d96923f-891a-4cb1-863e-9bec44d1689d",
15 | "actorIdType": "IDAM",
16 | "actorId": "{{userId}}",
17 | "roleType": "CASE",
18 | "roleName": "judge",
19 | "classification": "PUBLIC",
20 | "grantType": "STANDARD",
21 | "roleCategory": "JUDICIAL",
22 | "readOnly": false,
23 | "beginTime": "2019-01-01T00:00:00Z",
24 | "endTime": "2020-01-01T00:00:00Z",
25 | "created": "2020-12-23T06:37:58.096065Z",
26 | "attributes": {
27 | "contractType": "SALARIED",
28 | "jurisdiction": "divorce",
29 | "caseId": "1596104940595122",
30 | "region": "south-east"
31 | },
32 | "authorisations": []
33 | },
34 | {
35 | "id": "e6fc5ebb-63e3-4613-9cfc-b3f9b1559571",
36 | "actorIdType": "IDAM",
37 | "actorId": "{{userId}}",
38 | "roleType": "CASE",
39 | "roleName": "judge",
40 | "classification": "PUBLIC",
41 | "grantType": "STANDARD",
42 | "roleCategory": "JUDICIAL",
43 | "readOnly": false,
44 | "beginTime": "2019-02-01T00:00:00Z",
45 | "endTime": "2020-01-01T00:00:00Z",
46 | "created": "2020-12-23T06:37:58.096065Z",
47 | "attributes": {
48 | "contractType": "SALARIED",
49 | "jurisdiction": "divorce",
50 | "caseId": "1596104840593121",
51 | "region": "south-east"
52 | },
53 | "authorisations": []
54 | },
55 | {
56 | "id": "6d7d10af-b4a4-425b-a0cc-315bbb828361",
57 | "actorIdType": "IDAM",
58 | "actorId": "{{userId}}",
59 | "roleType": "ORGANISATION",
60 | "roleName": "judge",
61 | "classification": "PUBLIC",
62 | "grantType": "STANDARD",
63 | "roleCategory": "JUDICIAL",
64 | "readOnly": false,
65 | "beginTime": "2021-02-01T00:00:00Z",
66 | "endTime": "2022-01-01T00:00:00Z",
67 | "created": "2020-12-23T06:37:58.096065Z",
68 | "attributes": {
69 | "contractType": "SALARIED",
70 | "jurisdiction": "divorce",
71 | "caseId": "1596104840593121",
72 | "region": "south-east"
73 | },
74 | "authorisations": []
75 | },
76 | {
77 | "id": "5d96923f-891a-4cb1-863e-9bec54d1689c",
78 | "actorIdType": "IDAM",
79 | "actorId": "{{userId}}",
80 | "roleType": "CASE",
81 | "roleName": "judge",
82 | "classification": "PUBLIC",
83 | "grantType": "STANDARD",
84 | "roleCategory": "JUDICIAL",
85 | "readOnly": false,
86 | "beginTime": "2019-01-01T00:00:00Z",
87 | "endTime": "2020-01-01T00:00:00Z",
88 | "created": "2020-12-23T06:37:58.096065Z",
89 | "attributes": {
90 | "contractType": "SALARIED",
91 | "jurisdiction": "divorce",
92 | "caseId": "1596109944711818",
93 | "region": "south-east"
94 | },
95 | "authorisations": []
96 | },
97 | {
98 | "id": "6d96923f-991a-4cb1-863e-9bec44d1689a",
99 | "actorIdType": "IDAM",
100 | "actorId": "{{userId}}",
101 | "roleType": "CASE",
102 | "roleName": "judge",
103 | "classification": "PUBLIC",
104 | "grantType": "STANDARD",
105 | "roleCategory": "JUDICIAL",
106 | "readOnly": false,
107 | "beginTime": "2022-01-01T00:00:00Z",
108 | "endTime": "2023-01-01T00:00:00Z",
109 | "created": "2020-12-23T06:37:58.096065Z",
110 | "attributes": {
111 | "contractType": "SALARIED",
112 | "jurisdiction": "divorce",
113 | "caseId": "1596109944711818",
114 | "region": "south-east"
115 | },
116 | "authorisations": []
117 | }
118 | ]
119 | },
120 | "transformers": [
121 | "dynamic-role-assignments-response-transformer"
122 | ]
123 | }
124 | }
125 |
--------------------------------------------------------------------------------
/resources/role_assignments/post_role_assignments_2_record.json:
--------------------------------------------------------------------------------
1 | {
2 | "request": {
3 | "method": "POST",
4 | "urlPattern": "/am/role-assignments/query",
5 | "bodyPatterns": [
6 | {
7 | "contains":"\"actorId\":[\"0359819a-aab6-477e-9d9c-24afdf4573b7\"]",
8 | "contains":"\"roleType\":[\"CASE\"]",
9 | "contains":"\"attributes\":[{\"caseId\":[\"1619532860727729\",\"1575978305974222\"]}]"
10 | }
11 | ]
12 | },
13 | "response": {
14 | "status": 200,
15 | "headers": {
16 | "Content-Type": "application/json"
17 | },
18 | "jsonBody": {
19 | "roleAssignmentResponse" : [
20 | {
21 | "id": "4d96923f-891a-4cb1-863e-9bec44d1689d",
22 | "actorIdType": "IDAM",
23 | "actorId": "0359819a-aab6-477e-9d9c-24afdf4573b7",
24 | "roleType": "CASE",
25 | "roleName": "[Defendant]",
26 | "classification": "PUBLIC",
27 | "grantType": "STANDARD",
28 | "roleCategory": "JUDICIAL",
29 | "readOnly": false,
30 | "beginTime": "2021-01-01T00:00:00Z",
31 | "endTime": "2022-01-01T00:00:00Z",
32 | "created": "2020-12-23T06:37:58.096065Z",
33 | "attributes": {
34 | "contractType": "SALARIED",
35 | "jurisdiction": "divorce",
36 | "caseId": "1619532860727729",
37 | "region": "south-east"
38 | },
39 | "authorisations": []
40 | },
41 | {
42 | "id": "e6fc5ebb-63e3-4613-9cfc-b3f9b1559571",
43 | "actorIdType": "IDAM",
44 | "actorId": "0359819a-aab6-477e-9d9c-24afdf4573b7",
45 | "roleType": "CASE",
46 | "roleName": "[Claimant]",
47 | "classification": "PUBLIC",
48 | "grantType": "STANDARD",
49 | "roleCategory": "JUDICIAL",
50 | "readOnly": false,
51 | "beginTime": "2021-02-01T00:00:00Z",
52 | "endTime": "2022-01-01T00:00:00Z",
53 | "created": "2020-12-23T06:37:58.096065Z",
54 | "attributes": {
55 | "contractType": "SALARIED",
56 | "jurisdiction": "divorce",
57 | "caseId": "1575978305974222",
58 | "region": "south-east"
59 | },
60 | "authorisations": []
61 | },
62 | {
63 | "id": "6d7d10af-b4a4-425b-a0cc-315bbb828361",
64 | "actorIdType": "IDAM",
65 | "actorId": "{{userId}}",
66 | "roleType": "ORGANISATION",
67 | "roleName": "judge",
68 | "classification": "PUBLIC",
69 | "grantType": "STANDARD",
70 | "roleCategory": "JUDICIAL",
71 | "readOnly": false,
72 | "beginTime": "2021-02-01T00:00:00Z",
73 | "endTime": "2022-01-01T00:00:00Z",
74 | "created": "2020-12-23T06:37:58.096065Z",
75 | "attributes": {
76 | "contractType": "SALARIED",
77 | "jurisdiction": "divorce",
78 | "caseId": "1596134840593121",
79 | "region": "south-east"
80 | },
81 | "authorisations": []
82 | },
83 | {
84 | "id": "5d96923f-891a-4cb1-863e-9bec54d1689c",
85 | "actorIdType": "IDAM",
86 | "actorId": "{{userId}}",
87 | "roleType": "CASE",
88 | "roleName": "judge",
89 | "classification": "PUBLIC",
90 | "grantType": "STANDARD",
91 | "roleCategory": "JUDICIAL",
92 | "readOnly": false,
93 | "beginTime": "2019-01-01T00:00:00Z",
94 | "endTime": "2020-01-01T00:00:00Z",
95 | "created": "2020-12-23T06:37:58.096065Z",
96 | "attributes": {
97 | "contractType": "SALARIED",
98 | "jurisdiction": "divorce",
99 | "caseId": "1596109944711818",
100 | "region": "south-east"
101 | },
102 | "authorisations": []
103 | },
104 | {
105 | "id": "6d96923f-991a-4cb1-863e-9bec44d1689a",
106 | "actorIdType": "IDAM",
107 | "actorId": "{{userId}}",
108 | "roleType": "CASE",
109 | "roleName": "judge",
110 | "classification": "PUBLIC",
111 | "grantType": "STANDARD",
112 | "roleCategory": "JUDICIAL",
113 | "readOnly": false,
114 | "beginTime": "2022-01-01T00:00:00Z",
115 | "endTime": "2023-01-01T00:00:00Z",
116 | "created": "2020-12-23T06:37:58.096065Z",
117 | "attributes": {
118 | "contractType": "SALARIED",
119 | "jurisdiction": "divorce",
120 | "caseId": "1596109944711818",
121 | "region": "south-east"
122 | },
123 | "authorisations": []
124 | }
125 | ]
126 | }
127 | }
128 | }
129 |
--------------------------------------------------------------------------------
/resources/role_assignments/post_role_assignments_one_record.json:
--------------------------------------------------------------------------------
1 | {
2 | "request": {
3 | "method": "POST",
4 | "urlPattern": "/am/role-assignments/query",
5 | "bodyPatterns": [
6 | {
7 | "contains":"\"actorId\":[\"0359819a-aab6-477e-9d9c-24afdf4573b7\"]",
8 | "contains":"\"roleType\":[\"CASE\"]",
9 | "contains":"\"attributes\":[{\"caseId\":[\"1619532860727729\"]}]"
10 | }
11 | ]
12 | },
13 | "response": {
14 | "status": 200,
15 | "headers": {
16 | "Content-Type": "application/json"
17 | },
18 | "jsonBody": {
19 | "roleAssignmentResponse" : [
20 | {
21 | "id": "4d96923f-891a-4cb1-863e-9bec44d1689d",
22 | "actorIdType": "IDAM",
23 | "actorId": "0359819a-aab6-477e-9d9c-24afdf4573b7",
24 | "roleType": "CASE",
25 | "roleName": "[Defendant]",
26 | "classification": "PUBLIC",
27 | "grantType": "STANDARD",
28 | "roleCategory": "JUDICIAL",
29 | "readOnly": false,
30 | "beginTime": "2021-01-01T00:00:00Z",
31 | "endTime": "2022-01-01T00:00:00Z",
32 | "created": "2020-12-23T06:37:58.096065Z",
33 | "attributes": {
34 | "contractType": "SALARIED",
35 | "jurisdiction": "divorce",
36 | "caseId": "1619532860727729",
37 | "region": "south-east"
38 | },
39 | "authorisations": []
40 | },
41 | {
42 | "id": "e6fc5ebb-63e3-4613-9cfc-b3f9b1559571",
43 | "actorIdType": "IDAM",
44 | "actorId": "0359819a-aab6-477e-9d9c-24afdf4573b7",
45 | "roleType": "CASE",
46 | "roleName": "[Claimant]",
47 | "classification": "PUBLIC",
48 | "grantType": "STANDARD",
49 | "roleCategory": "JUDICIAL",
50 | "readOnly": false,
51 | "beginTime": "2020-02-01T00:00:00Z",
52 | "endTime": "2021-01-01T00:00:00Z",
53 | "created": "2020-12-23T06:37:58.096065Z",
54 | "attributes": {
55 | "contractType": "SALARIED",
56 | "jurisdiction": "divorce",
57 | "caseId": "1596104840593121",
58 | "region": "south-east"
59 | },
60 | "authorisations": []
61 | },
62 | {
63 | "id": "6d7d10af-b4a4-425b-a0cc-315bbb828361",
64 | "actorIdType": "IDAM",
65 | "actorId": "{{userId}}",
66 | "roleType": "ORGANISATION",
67 | "roleName": "judge",
68 | "classification": "PUBLIC",
69 | "grantType": "STANDARD",
70 | "roleCategory": "JUDICIAL",
71 | "readOnly": false,
72 | "beginTime": "2021-02-01T00:00:00Z",
73 | "endTime": "2022-01-01T00:00:00Z",
74 | "created": "2020-12-23T06:37:58.096065Z",
75 | "attributes": {
76 | "contractType": "SALARIED",
77 | "jurisdiction": "divorce",
78 | "caseId": "1596134840593121",
79 | "region": "south-east"
80 | },
81 | "authorisations": []
82 | },
83 | {
84 | "id": "5d96923f-891a-4cb1-863e-9bec54d1689c",
85 | "actorIdType": "IDAM",
86 | "actorId": "{{userId}}",
87 | "roleType": "CASE",
88 | "roleName": "judge",
89 | "classification": "PUBLIC",
90 | "grantType": "STANDARD",
91 | "roleCategory": "JUDICIAL",
92 | "readOnly": false,
93 | "beginTime": "2019-01-01T00:00:00Z",
94 | "endTime": "2020-01-01T00:00:00Z",
95 | "created": "2020-12-23T06:37:58.096065Z",
96 | "attributes": {
97 | "contractType": "SALARIED",
98 | "jurisdiction": "divorce",
99 | "caseId": "1596109944711818",
100 | "region": "south-east"
101 | },
102 | "authorisations": []
103 | },
104 | {
105 | "id": "6d96923f-991a-4cb1-863e-9bec44d1689a",
106 | "actorIdType": "IDAM",
107 | "actorId": "{{userId}}",
108 | "roleType": "CASE",
109 | "roleName": "judge",
110 | "classification": "PUBLIC",
111 | "grantType": "STANDARD",
112 | "roleCategory": "JUDICIAL",
113 | "readOnly": false,
114 | "beginTime": "2022-01-01T00:00:00Z",
115 | "endTime": "2023-01-01T00:00:00Z",
116 | "created": "2020-12-23T06:37:58.096065Z",
117 | "attributes": {
118 | "contractType": "SALARIED",
119 | "jurisdiction": "divorce",
120 | "caseId": "1596109944711818",
121 | "region": "south-east"
122 | },
123 | "authorisations": []
124 | }
125 | ]
126 | }
127 | }
128 | }
129 |
--------------------------------------------------------------------------------
/resources/role_assignments/post_role_assignments_query_expired.json:
--------------------------------------------------------------------------------
1 | {
2 | "request": {
3 | "method": "POST",
4 | "urlPattern": "/am/role-assignments/query",
5 | "bodyPatterns": [
6 | {
7 | "contains":"\"actorId\":[\"af3c8e11-bb5c-495f-8baf-4bf64c6ca047\n\"]",
8 | "contains":"\"roleType\":[\"CASE\"]",
9 | "contains":"\"attributes\":[{\"caseId\":[\"1575981506437320\"]}]"
10 | }
11 | ]
12 | },
13 | "response": {
14 | "status": 200,
15 | "headers": {
16 | "Content-Type": "application/json"
17 | },
18 | "jsonBody": {
19 | "roleAssignmentResponse" : [
20 | {
21 | "id": "6d7d10af-b4a4-425b-a0cc-315bbb828361",
22 | "actorIdType": "IDAM",
23 | "actorId": "{{userId}}",
24 | "roleType": "ORGANISATION",
25 | "roleName": "judge",
26 | "classification": "PUBLIC",
27 | "grantType": "STANDARD",
28 | "roleCategory": "JUDICIAL",
29 | "readOnly": false,
30 | "beginTime": "2021-02-01T00:00:00Z",
31 | "endTime": "2022-01-01T00:00:00Z",
32 | "created": "2020-12-23T06:37:58.096065Z",
33 | "attributes": {
34 | "contractType": "SALARIED",
35 | "jurisdiction": "divorce",
36 | "caseId": "1596134840593121",
37 | "region": "south-east"
38 | },
39 | "authorisations": []
40 | },
41 | {
42 | "id": "5d96923f-891a-4cb1-863e-9bec54d1689c",
43 | "actorIdType": "IDAM",
44 | "actorId": "{{userId}}",
45 | "roleType": "CASE",
46 | "roleName": "judge",
47 | "classification": "PUBLIC",
48 | "grantType": "STANDARD",
49 | "roleCategory": "JUDICIAL",
50 | "readOnly": false,
51 | "beginTime": "2019-01-01T00:00:00Z",
52 | "endTime": "2020-01-01T00:00:00Z",
53 | "created": "2020-12-23T06:37:58.096065Z",
54 | "attributes": {
55 | "contractType": "SALARIED",
56 | "jurisdiction": "divorce",
57 | "caseId": "1596109944711818",
58 | "region": "south-east"
59 | },
60 | "authorisations": []
61 | },
62 | {
63 | "id": "6d96923f-991a-4cb1-863e-9bec44d1689a",
64 | "actorIdType": "IDAM",
65 | "actorId": "{{userId}}",
66 | "roleType": "CASE",
67 | "roleName": "judge",
68 | "classification": "PUBLIC",
69 | "grantType": "STANDARD",
70 | "roleCategory": "JUDICIAL",
71 | "readOnly": false,
72 | "beginTime": "2022-01-01T00:00:00Z",
73 | "endTime": "2023-01-01T00:00:00Z",
74 | "created": "2020-12-23T06:37:58.096065Z",
75 | "attributes": {
76 | "contractType": "SALARIED",
77 | "jurisdiction": "divorce",
78 | "caseId": "1596109944711818",
79 | "region": "south-east"
80 | },
81 | "authorisations": []
82 | }
83 | ]
84 | }
85 | }
86 | }
87 |
--------------------------------------------------------------------------------
/resources/role_assignments/post_role_assignments_query_notFound_3.json:
--------------------------------------------------------------------------------
1 | {
2 | "request": {
3 | "method": "POST",
4 | "urlPattern": "/am/role-assignments/query",
5 | "bodyPatterns": [
6 | {
7 | "contains":"\"actorId\":[\"0359819a-aab6-477e-9d9c-24afdf4573b7\"]",
8 | "contains":"\"roleType\":[\"CASE\"]",
9 | "contains":"\"attributes\":[{\"caseId\":[\"1575633034594367\"]}]"
10 | }
11 | ]
12 | },
13 | "response": {
14 | "status": 404,
15 | "headers": {
16 | "Content-Type": "application/json"
17 | }
18 | }
19 | }
20 |
--------------------------------------------------------------------------------