Merge branch 'main' into feat/FSADT1-1523

bcgov · Oct 28, 2024 · 6c5134c · 6c5134c
2 parents c6675fb + ac85746
commit 6c5134c
Show file tree

Hide file tree

Showing 28 changed files with 643 additions and 3,010 deletions.
diff --git a/.github/workflows/pr-close.yml b/.github/workflows/pr-close.yml
@@ -12,7 +12,7 @@ concurrency:
 jobs:
   cleanup:
     name: Cleanup and Images
-    uses: bcgov/quickstart-openshift-helpers/.github/workflows/[email protected].0
+    uses: bcgov/quickstart-openshift-helpers/.github/workflows/[email protected].2
     secrets:
       oc_namespace: ${{ secrets.OC_NAMESPACE }}
       oc_token: ${{ secrets.OC_TOKEN }}

diff --git a/.github/workflows/pr-validate.yml b/.github/workflows/pr-validate.yml
@@ -22,7 +22,7 @@ jobs:
   validate:
     name: Validate PR
     needs: [vars]
-    uses: bcgov/quickstart-openshift-helpers/.github/workflows/[email protected].0
+    uses: bcgov/quickstart-openshift-helpers/.github/workflows/[email protected].2
     with:
       markdown_links: |
         Any successful deployments (not always required) will be available [here](https://${{ github.event.repository.name }}-${{ needs.vars.outputs.url }}-frontend.apps.silver.devops.gov.bc.ca/)

diff --git a/.github/workflows/reusable-tests-repo.yml b/.github/workflows/reusable-tests-repo.yml
@@ -11,7 +11,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@0.27.0
+        uses: aquasecurity/trivy-action@0.28.0
         with:
           format: "sarif"
           output: "trivy-results.sarif"

diff --git a/backend/pom.xml b/backend/pom.xml
@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-parent</artifactId>
-        <version>3.3.4</version>
+        <version>3.3.5</version>
         <relativePath/>
     </parent>
 
@@ -40,7 +40,7 @@
         <jacoco.output.data>${project.build.directory}/coverage-reports</jacoco.output.data>
         <timestamp>${maven.build.timestamp}</timestamp>
         <maven.build.timestamp.format>yyyy-MM-dd HH:mm:ss</maven.build.timestamp.format>
-        <testcontainers.version>1.20.2</testcontainers.version>
+        <testcontainers.version>1.20.3</testcontainers.version>
         <junit-jupiter-api.version>5.9.1</junit-jupiter-api.version>
         <junit-platform.version>1.9.1</junit-platform.version>
         <netty.version>4.1.114.Final</netty.version>
@@ -183,7 +183,7 @@
         <dependency>
             <groupId>org.wiremock</groupId>
             <artifactId>wiremock-standalone</artifactId>
-            <version>3.9.1</version>
+            <version>3.9.2</version>
             <scope>test</scope>
         </dependency>
         <dependency>
@@ -229,7 +229,7 @@
             <dependency>
                 <groupId>org.springframework.security</groupId>
                 <artifactId>spring-security-core</artifactId>
-                <version>6.3.3</version>
+                <version>6.3.4</version>
             </dependency>
             <dependency>
                 <groupId>io.netty</groupId>

diff --git a/backend/src/main/java/ca/bc/gov/app/security/ApiAuthorizationCustomizer.java b/backend/src/main/java/ca/bc/gov/app/security/ApiAuthorizationCustomizer.java
@@ -35,6 +35,7 @@ public void customize(AuthorizeExchangeSpec authorize) {
             ApplicationConstant.ROLE_EDITOR,
             ApplicationConstant.ROLE_ADMIN,
             ApplicationConstant.USERTYPE_SERVICE_USER);
+
     authorize
         .pathMatchers(HttpMethod.OPTIONS, "/api/clients/matches/**")
         .hasAnyRole(
@@ -152,25 +153,26 @@ public void customize(AuthorizeExchangeSpec authorize) {
             ApplicationConstant.USERTYPE_BCEIDBUSINESS_USER,
             ApplicationConstant.USERTYPE_BCSC_USER);
 
-    // Viewer, editor and admin can GET from the clients submissions endpoint
-    authorize
-        .pathMatchers(HttpMethod.GET, "/api/clients/submissions/**")
-        .hasAnyRole(
-            ApplicationConstant.ROLE_VIEWER,
-            ApplicationConstant.ROLE_EDITOR,
-            ApplicationConstant.ROLE_ADMIN);
-
     // BCeIDBusiness, BCSC, viewer, editor and admin users can GET from the clients endpoint
     authorize
         .pathMatchers(HttpMethod.GET, "/api/clients/**")
         .hasAnyRole(
             ApplicationConstant.USERTYPE_BCEIDBUSINESS_USER,
             ApplicationConstant.USERTYPE_BCSC_USER,
+            ApplicationConstant.ROLE_VIEWER,
+            ApplicationConstant.ROLE_EDITOR,
+            ApplicationConstant.ROLE_ADMIN,
+            ApplicationConstant.ROLE_SUSPEND);
+
+    // Viewer, editor and admin can GET from the clients submissions endpoint
+    authorize
+        .pathMatchers(HttpMethod.GET, "/api/clients/submissions/**")
+        .hasAnyRole(
             ApplicationConstant.ROLE_VIEWER,
             ApplicationConstant.ROLE_EDITOR,
             ApplicationConstant.ROLE_ADMIN);
 
-    // Viewer, editor, suspend and admin users can GET from the clients endpoint
+    // Viewer, editor, suspend and admin users can GET from the clients search endpoint
     authorize
         .pathMatchers(HttpMethod.GET, "/api/clients/search/**")
         .hasAnyRole(

diff --git a/cypress/cypress/e2e/upt_1257.feature b/cypress/cypress/e2e/upt_1257.feature
@@ -0,0 +1,34 @@
+Feature: Client Type Code
+
+  #Ensure all allowable Client type codes are accepted
+
+  Scenario: Submit BC registered business
+
+
+  @loginAsEditor
+  Scenario: Editor can submit registered LLP
+    When I click on the "Create client" button
+    And I can read "Create client"
+    Then I select "BC registered business" from the "Client type" form input
+    And I type "strucan" and select "STRUCAN LLP" from the "Client name" form autocomplete
+    Then I wait for the text "This information is from BC Registries" to appear
+    Then I click on next
+    And I fill the "Primary location" address with the following
+      | Field name                      | Value           | Type          |      
+      | Street address or PO box        | 1015 Johnson    | autocomplete  |
+      | Email address                   | mail4@mail.ca   | text          |
+      | Primary phone number            | 7780000005      | text          |
+      | Secondary phone number          | 7780000006      | text          |
+      | Notes                           | This is a test  | textbox       |
+    Then I click on next
+    And I fill the "Primary contact" information with the following
+      | Field name                      | Value           | Type          |  
+      | First name                      | Testy           | text          | 
+	    | Last name                       | Tester          | text          |
+      | Email address                   | mail5@mail.ca   | text          |
+      | Primary phone number            | 7780000007      | text          |      
+      | Contact type                    | Billing         | select        |
+      | Location name                   | Mailing address | multiselect   |
+    And I click on next
+    Then I submit
+    And I wait for the text "has been created!" to appear