Merge pull request #299 from cabinetoffice/release/11.0

Release/11.0

src/main/java/gov/cabinetoffice/gap/adminbackend/config/OpenSearchConfig.java → src/main/java/gov/cabinetoffice/gap/adminbackend/config/OpenSearchSqsProperties.java

@@ -11,11 +11,8 @@
 @Builder
 @AllArgsConstructor
 @NoArgsConstructor
-@Configuration
-@ConfigurationProperties(prefix = "open-search")
-public class OpenSearchConfig {
-        private String url;
-        private String domain;
-        private String username;
-        private String password;
+@Configuration("openSearchSqsProperties")
+@ConfigurationProperties(prefix = "open-search-sqs")
+public class OpenSearchSqsProperties {
+    private String queueUrl;
 }

src/main/java/gov/cabinetoffice/gap/adminbackend/constants/ValidationMaps.java

@@ -1,7 +1,7 @@
 package gov.cabinetoffice.gap.adminbackend.constants;
 
 import java.util.AbstractMap;
-import java.util.Collections;
+import java.util.HashMap;
 import java.util.Map;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.ConcurrentMap;
@@ -26,6 +26,7 @@ public class ValidationMaps {
                     new AbstractMap.SimpleEntry<String, Object>("allowedTypes",
                             new String[] { "DOC", "DOCX", "ODT", "PDF", "XLS", "XLSX", "ZIP" })));
 
-    public final static Map<String, Object> NO_VALIDATION = Collections.emptyMap();
+    public final static Map<String, Object> NO_VALIDATION = new HashMap<>();
+
 
 }

src/main/java/gov/cabinetoffice/gap/adminbackend/controllers/GrantAdvertController.java

@@ -92,14 +92,21 @@ public ResponseEntity<CreateGrantAdvertResponseDto> create(HttpServletRequest re
     public ResponseEntity updatePage(HttpServletRequest request, @PathVariable UUID grantAdvertId,
             @PathVariable String sectionId, @PathVariable String pageId,
             @RequestBody @NotNull GrantAdvertPagePatchResponseDto patchAdvertPageResponse) {
-        GrantAdvertPageResponse responseWithId = GrantAdvertPageResponse.builder().id(pageId)
-                .status(patchAdvertPageResponse.getStatus()).questions(patchAdvertPageResponse.getQuestions()).build();
+        GrantAdvertPageResponse responseWithId = GrantAdvertPageResponse.builder()
+                .id(pageId)
+                .status(patchAdvertPageResponse.getStatus())
+                .questions(patchAdvertPageResponse.getQuestions())
+                .build();
+
         GrantAdvertPageResponseValidationDto patchPageDto = GrantAdvertPageResponseValidationDto.builder()
-                .grantAdvertId(grantAdvertId).sectionId(sectionId).page(responseWithId).build();
-        // given we need sectionId to validate the Dto, we can't validate in the
-        // controller method
-        Set<ConstraintViolation<GrantAdvertPageResponseValidationDto>> validationErrorsSet = validator
-                .validate(patchPageDto);
+                .grantAdvertId(grantAdvertId)
+                .sectionId(sectionId)
+                .page(responseWithId)
+                .build();
+
+        // given we need sectionId to validate the Dto, we can't validate in the controller method
+        Set<ConstraintViolation<GrantAdvertPageResponseValidationDto>> validationErrorsSet =
+                validator.validate(patchPageDto);
 
         if (!validationErrorsSet.isEmpty()) {
             List<ValidationError> validationErrorsList = reorderValidationErrors(patchAdvertPageResponse,
@@ -111,11 +118,13 @@ public ResponseEntity updatePage(HttpServletRequest request, @PathVariable UUID
 
         try {
             AdminSession session = HelperUtils.getAdminSessionForAuthenticatedUser();
-            eventLogService.logAdvertUpdatedEvent(request.getRequestedSessionId(), session.getUserSub(),
-                    session.getFunderId(), grantAdvertId.toString());
-        }
-        catch (Exception e) {
-            // If anything goes wrong logging to event service, log and continue
+            eventLogService.logAdvertUpdatedEvent(
+                    request.getRequestedSessionId(),
+                    session.getUserSub(),
+                    session.getFunderId(),
+                    grantAdvertId.toString()
+            );
+        } catch (Exception e) {
             log.error("Could not send to event service. Exception: ", e);
         }
 

src/main/java/gov/cabinetoffice/gap/adminbackend/controllers/SchemeEditorController.java

@@ -55,7 +55,7 @@ public ResponseEntity<List<SchemeEditorsDTO>> getSchemeEditors(@PathVariable fin
     @PostMapping
     public ResponseEntity<String> addEditorToScheme(@PathVariable final Integer schemeId, @RequestBody @Valid final SchemeEditorPostDTO newEditorDto, final HttpServletRequest request) {
         final String jwt = HelperUtils.getJwtFromCookies(request, userServiceConfig.getCookieName());
-        schemeEditorService.addEditorToScheme(schemeId, newEditorDto.getEditorEmailAddress(), jwt);
+        schemeEditorService.addEditorToScheme(schemeId, newEditorDto.getEditorEmailAddress().toLowerCase(), jwt);
         return ResponseEntity.ok("Editor added to scheme successfully");
     }
 

src/main/java/gov/cabinetoffice/gap/adminbackend/controllers/UserController.java

@@ -160,13 +160,15 @@ public ResponseEntity<String> updateFundingOrganisation(@RequestBody UpdateFundi
     @PreAuthorize("hasRole('SUPER_ADMIN')")
     public ResponseEntity<Void> checkNewAdminEmailIsValid(
             @RequestBody @Valid final CheckNewAdminEmailDto checkNewAdminEmailDto, final HttpServletRequest request) {
-        if (checkNewAdminEmailDto.getEmailAddress().equals(checkNewAdminEmailDto.getOldEmailAddress())) {
+        // the email we store comes from One Login, which will always convert the value the user entered to lowercase
+        final String newAdminEmail = checkNewAdminEmailDto.getEmailAddress().toLowerCase();
+        if (newAdminEmail.equals(checkNewAdminEmailDto.getOldEmailAddress())) {
             throw new FieldViolationException("emailAddress", "This user already owns this grant.");
         }
 
         try {
             final String jwt = HelperUtils.getJwtFromCookies(request, userServiceConfig.getCookieName());
-            userService.getGrantAdminIdFromUserServiceEmail(checkNewAdminEmailDto.getEmailAddress(), jwt);
+            userService.getGrantAdminIdFromUserServiceEmail(newAdminEmail, jwt);
         }
         catch (Exception e) {
             throw new FieldViolationException("emailAddress", "Email address does not belong to an admin user");

src/main/java/gov/cabinetoffice/gap/adminbackend/dtos/SendAdvertToSqsDto.java

@@ -0,0 +1,4 @@
+package gov.cabinetoffice.gap.adminbackend.dtos;
+
+public record SendAdvertToSqsDto(String contentfulEntryId, String type) {
+}

src/main/java/gov/cabinetoffice/gap/adminbackend/dtos/pages/AdvertSummaryPageDTO.java

@@ -7,6 +7,7 @@
 import lombok.Data;
 import lombok.NoArgsConstructor;
 
+import java.time.ZonedDateTime;
 import java.util.List;
 import java.util.UUID;
 
@@ -24,6 +25,9 @@ public class AdvertSummaryPageDTO {
 
     private GrantAdvertStatus status;
 
+    private ZonedDateTime openingDate;
+    private ZonedDateTime closingDate;
+
     @Data
     @AllArgsConstructor
     @NoArgsConstructor

src/main/java/gov/cabinetoffice/gap/adminbackend/mappers/ApplicationFormMapper.java

@@ -61,10 +61,13 @@ void updateApplicationEntityFromPatchDto(ApplicationFormPatchDTO patchDTO,
     // add/update a single value
     default void updateGenericQuestionPatchToQuestionDto(QuestionGenericPatchDTO questionGenericPatchDTO,
             @MappingTarget ApplicationFormQuestionDTO questionDto) {
+
         if (questionGenericPatchDTO == null) {
             return;
         }
 
+        boolean responseTypeChanging = false;
+
         if (questionGenericPatchDTO.getProfileField() != null) {
             questionDto.setProfileField(questionGenericPatchDTO.getProfileField());
         }
@@ -81,19 +84,18 @@ default void updateGenericQuestionPatchToQuestionDto(QuestionGenericPatchDTO que
             questionDto.setQuestionSuffix(questionGenericPatchDTO.getQuestionSuffix());
         }
         if (questionGenericPatchDTO.getResponseType() != null) {
+            responseTypeChanging = true;
             questionDto.setResponseType(questionGenericPatchDTO.getResponseType());
         }
 
         Map<String, Object> map = questionGenericPatchDTO.getValidation();
-        if (questionDto.getValidation() != null) {
+        if (questionDto.getValidation() != null && !responseTypeChanging) {
             if (map != null) {
-                questionDto.getValidation().putAll(map);
+               questionDto.getValidation().putAll(map);
             }
         }
-        else {
-            if (map != null) {
+        else if (map != null) {
                 questionDto.setValidation(map);
-            }
         }
     }
 
@@ -103,6 +105,8 @@ default void updateOptionsQuestionPatchToQuestionDto(QuestionOptionsPatchDTO que
             return;
         }
 
+        boolean responseTypeChanging = false;
+
         if (questionOptionsPatchDTO.getProfileField() != null) {
             questionDto.setProfileField(questionOptionsPatchDTO.getProfileField());
         }
@@ -119,29 +123,29 @@ default void updateOptionsQuestionPatchToQuestionDto(QuestionOptionsPatchDTO que
             questionDto.setQuestionSuffix(questionOptionsPatchDTO.getQuestionSuffix());
         }
         if (questionOptionsPatchDTO.getResponseType() != null) {
+            responseTypeChanging = true;
             questionDto.setResponseType(questionOptionsPatchDTO.getResponseType());
         }
-        if (questionDto.getValidation() != null) {
-            Map<String, Object> map = questionOptionsPatchDTO.getValidation();
+
+        Map<String, Object> map = questionOptionsPatchDTO.getValidation();
+        if (questionDto.getValidation() != null && !responseTypeChanging) {
             if (map != null) {
                 questionDto.getValidation().putAll(map);
             }
         }
         else {
-            Map<String, Object> map = questionOptionsPatchDTO.getValidation();
             if (map != null) {
                 questionDto.setValidation(map);
             }
         }
+        List<String> list = questionOptionsPatchDTO.getOptions();
         if (questionDto.getOptions() != null) {
-            List<String> list = questionOptionsPatchDTO.getOptions();
             if (list != null) {
                 questionDto.getOptions().clear();
                 questionDto.getOptions().addAll(list);
             }
         }
         else {
-            List<String> list = questionOptionsPatchDTO.getOptions();
             if (list != null) {
                 questionDto.setOptions(new ArrayList<>(list));
             }

src/main/java/gov/cabinetoffice/gap/adminbackend/repositories/ApplicationFormRepository.java

@@ -36,4 +36,6 @@ Optional<String> determineQuestionResponseType(@Param("appId") Integer applicati
     List<ApplicationFormsFoundView> findMatchingApplicationForm(@Param("applicationId") Integer applicationId, @Param("applicationName") String applicationName,
             @Param("grantSchemeId") Integer grantSchemeId);
 
+    @Query("select a from ApplicationFormEntity a where a.createdBy = ?1 or a.lastUpdateBy = ?1")
+    List<ApplicationFormEntity> findByCreatedByOrLastUpdateBy(Integer createdBy);
 }

src/main/java/gov/cabinetoffice/gap/adminbackend/repositories/GrantAdvertRepository.java

@@ -1,5 +1,6 @@
 package gov.cabinetoffice.gap.adminbackend.repositories;
 
+import gov.cabinetoffice.gap.adminbackend.entities.GrantAdmin;
 import gov.cabinetoffice.gap.adminbackend.entities.GrantAdvert;
 import org.springframework.data.jpa.repository.EntityGraph;
 import org.springframework.data.jpa.repository.JpaRepository;
@@ -9,6 +10,7 @@
 import org.springframework.stereotype.Repository;
 import org.springframework.transaction.annotation.Transactional;
 
+import java.util.List;
 import java.util.Optional;
 import java.util.UUID;
 
@@ -33,4 +35,8 @@ public interface GrantAdvertRepository extends JpaRepository<GrantAdvert, UUID>
     @Query("DELETE FROM GrantAdvert g WHERE g.id = :id " +
             "AND EXISTS (SELECT 1 FROM g.scheme.grantAdmins ga WHERE ga.id = :grantAdminId)")
     int deleteByIdAndSchemeEditor(UUID id, Integer grantAdminId);
+
+    @Query("select g from GrantAdvert g where g.createdBy = ?1 or g.lastUpdatedBy = ?1")
+    List<GrantAdvert> findByCreatedByOrLastUpdatedBy(GrantAdmin admin);
+
 }

src/main/java/gov/cabinetoffice/gap/adminbackend/security/filters/CustomRequestLoggingFilter.java

@@ -0,0 +1,40 @@
+package gov.cabinetoffice.gap.adminbackend.security.filters;
+
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.AbstractRequestLoggingFilter;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.Set;
+
+@Component
+@Slf4j
+public class CustomRequestLoggingFilter extends AbstractRequestLoggingFilter {
+
+    public CustomRequestLoggingFilter() {
+        this.setIncludeHeaders(true);
+        this.setIncludeQueryString(true);
+        this.setMaxPayloadLength(10000);
+        this.setIncludePayload(true);
+    }
+
+    @Override
+    protected boolean shouldLog(HttpServletRequest request) {
+        if (request.getRequestURI().endsWith("/health")) {
+            return false;
+        }
+
+        return logger.isDebugEnabled();
+    }
+
+    @Override
+    protected void beforeRequest(HttpServletRequest request, String message) {
+        logger.debug(message);
+    }
+
+    @Override
+    protected void afterRequest(HttpServletRequest request, String message) {
+        logger.debug(message);
+    }
+
+}

src/main/java/gov/cabinetoffice/gap/adminbackend/services/ApplicationFormService.java

@@ -410,9 +410,9 @@ public ApplicationStatusEnum getApplicationStatus(Integer applicationId) {
                 .getApplicationStatus();
     }
 
-    public void removeAdminReferenceBySchemeId(GrantAdmin grantAdmin, Integer schemeId) {
-        applicationFormRepository.findByGrantSchemeId(schemeId)
-                .ifPresent(application -> {
+    public void removeAdminReferenceBySchemeId(GrantAdmin grantAdmin) {
+        applicationFormRepository.findByCreatedByOrLastUpdateBy(grantAdmin.getId())
+                .forEach(application -> {
                     if (Objects.equals(application.getLastUpdateBy(), grantAdmin.getId())) {
                         application.setLastUpdateBy(null);
                     }