hmcts / adoption-web Goto Github PK

View Code? Open in Web Editor NEW

2.0 6.0 0.0 9.55 MB

This is a repository for Adoption web application

License: MIT License

JavaScript 7.68% Dockerfile 0.01% Groovy 0.27% TypeScript 87.97% SCSS 0.29% Nunjucks 3.52% HCL 0.17% Shell 0.09%

jenkins-cft jenkins-cft-a-c

adoption-web's Introduction

adoption-web

Getting Started

Prerequisites

Running the application requires the following tools to be installed in your environment:

Node.js v12.0.0 to 18.15.0
yarn
Docker

Running the application

Ensure the prerequisites are met.

Running the application for the first time

(Optional) Install Redis:
This provides CLI tools for monitoring and changing the cache during the LA journey.

   brew install redis

Connect to F5 VPN:
Go to the webpage https://portal.platform.hmcts.net/ and follow the instruction to connect to F5 VPN.
(This is needed because we connect to APIs deployed in AAT environment while running the application locally.)
Log in to Azure:
Use the terminal where you are going to launch the application. Run below command and follow the instructions
(This is needed bacause we load secrets from adoption-aat while running the application locally.)

   az login --use-device-code

Run a local version of Draft Store in a Docker container with a Redis image:

   docker-compose -f ./draft-store.yml up -d

Comment out code that isn't used when running Draft Store locally:
Go to this file: src/main/modules/draft-store/index.ts and comment out like this:

const client = new Redis({
  host: config.get('services.draftStore.redis.host'),
  port: config.get('services.draftStore.redis.port'),
  /* password: config.get('session.redis.key'),
      tls: {
        servername: config.get('services.draftStore.redis.host'),
      }, */
});

Install dependencies:

   yarn install

Troubleshooting: If you have issues check your Node version and use Node Version Manager to change to a supported version if required:
nvm use 18.15.0

Bundle:

   yarn webpack

Run:

   yarn start:dev

The application's home page will be available at http://localhost:3001

Running the application subsequently

Connect to F5 VPN
Start the Docker container
Run:

   yarn start:dev

Developing

Code style

We use ESLint alongside sass-lint

Running the linting with auto fix:

$ yarn lint --fix

Running the tests

This template app uses Jest as the test engine. You can run unit tests by executing the following command:

$ yarn test

NOTE - the oidc integration tests may fail locally, unless you create a file in config/local.yaml with the content:

mockData:
  authToken: 'VALUE_FROM_AAT_KEYVAULT'

Replacing VALUE_FROM_AAT_KEYVAULT with the contents of the secret adoption-web-auth-token found in adoption-aat.

Here's how to run functional tests (the template contains just one sample test):

$ yarn test:routes

Running accessibility tests:

$ yarn test:a11y

Make sure all the paths in your application are covered by accessibility tests (see a11y.ts).

Security

CSRF prevention

Cross-Site Request Forgery prevention has already been set up in this template, at the application level. However, you need to make sure that CSRF token is present in every HTML form that requires it. For that purpose you can use the csrfProtection macro, included in this template app. Your njk file would look like this:

{% from "macros/csrf.njk" import csrfProtection %}
...
<form ...>
  ...
    {{ csrfProtection(csrfToken) }}
  ...
</form>
...

Helmet

This application uses Helmet, which adds various security-related HTTP headers to the responses. Apart from default Helmet functions, following headers are set:

There is a configuration section related with those headers, where you can specify:

referrerPolicy - value of the Referrer-Policy header

Here's an example setup:

    "security": {
      "referrerPolicy": "origin",
    }

Make sure you have those values set correctly for your application.

Healthcheck

The application exposes a health endpoint (https://localhost:3000/health), created with the use of Nodejs Healthcheck library. This endpoint is defined in health.ts file. Make sure you adjust it correctly in your application. In particular, remember to replace the sample check with checks specific to your frontend app, e.g. the ones verifying the state of each service it depends on.

License

This project is licensed under the MIT License - see the LICENSE file for details

Testing:

E2E tests are configured to run in parallel in 5 headless browsers by default.

To run e2e tests enter yarn test:local in the command line.

Optional configuration

To run all tests only in one browser please set PARALLEL_CHUNKS environment variable to 1. By default 5 chunks are enabled.

PARALLEL_CHUNKS=1 yarn test:local

To show tests in browser window as they run please set SHOW_BROWSER_WINDOW environment variable to true. By default browser window is hidden.

SHOW_BROWSER_WINDOW=true yarn test:local

To disable chrome web security

DISABLE_SECURITY=true yarn test:local

Running E2E against AAT environment

ADOP_WEB_URL=https://adoption-web.aat.platform.hmcts.net/ SHOW_BROWSER_WINDOW=false CITIZEN_PASSWORD=Adoption12 yarn test:local --grep 'Verify apply my own option'

Running E2E against PR enviroment

ADOP_WEB_URL=https://adoption-web-pr-146.service.core-compute-preview.internal/ SHOW_BROWSER_WINDOW=false CITIZEN_PASSWORD=Adoption12 yarn test:local --grep 'Verify apply my own option'

Step controllers

src/main/app/controller contains default controllers. These will be used if no controllers are specified alongside content in the steps folders. If a step needs additional functionality, add a controller alongside the content.ts, which inherits the default controller. Get and post controllers need 'get' or 'post' in their filenames.

adoption-web's People

Contributors

Stargazers

Watchers

adoption-web's Issues

Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Warning

These dependencies are deprecated:

Datasource	Name	Replacement PR?
npm	`@pact-foundation/absolute-version`
npm	`@types/autobind-decorator`
npm	`@types/copy-webpack-plugin`
npm	`@types/mini-css-extract-plugin`
npm	`@types/redis`
npm	`@types/webpack-dev-middleware`
npm	`csurf`
npm	`node-sass`
npm	`npm-run-all`

Rate-Limited

These updates are currently rate-limited. Click on a checkbox below to force their creation now.

Edited/Blocked

These updates have been manually edited so Renovate will no longer make changes. To discard all commits and start over, click on a checkbox.

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

Detected dependencies

docker-compose

docker-compose.yml

dockerfile

Dockerfile

hmctspublic.azurecr.io/base/node 16-alpine

helm-values

charts/adoption-web/values.yaml

helmv3

charts/adoption-web/Chart.yaml

nodejs 3.1.0

idam-pr 2.2.7

npm

package.json

@axe-core/playwright ^4.9.0

@hmcts/cookie-manager ^1.0.0

@hmcts/frontend ^0.0.50-alpha

@hmcts/nodejs-healthcheck ^1.8.4

@hmcts/nodejs-logging ^4.0.4

@hmcts/properties-volume ^1.0.0

@types/autobind-decorator ^2.1.0

@types/config ^0.0.41

@types/connect-redis ^0.0.23

@types/cookie-parser ^1.4.3

@types/csurf ^1.11.2

@types/es6-promisify ^6.0.1

@types/express ^4.17.13

@types/express-session ^1.17.4

@types/glob ^7.2.0

@types/lodash ^4.14.182

@types/multer ^1.4.7

@types/negotiator ^0.6.1

@types/node ^17.0.40

@types/nunjucks ^3.2.1

@types/redis ^2.8.32

@types/require-directory ^2.1.2

@types/serve-favicon ^2.5.3

@types/session-file-store ^1.2.2

@types/toobusy-js ^0.5.2

@types/uuid ^8.3.4

@uppy/core ^2.3.0

@uppy/drop-target ^1.1.3

@uppy/file-input ^2.1.0

@uppy/progress-bar ^2.1.0

@uppy/xhr-upload ^2.1.0

accessible-autocomplete ^2.0.4

applicationinsights ^2.5.1

autobind-decorator ^2.4.0

axios ^0.27.2

config ^3.3.7

connect-redis ^6.1.1

cookie-parser ^1.4.5

csurf ^1.11.0

dayjs ^1.11.3

dotenv ^16.4.5

email-validator ^2.0.4

express ^4.18.1

express-http-proxy ^1.6.3

express-session ^1.17.3

form-data ^4.0.0

glob ^8.0.3

govuk-frontend ^4.8.0

helmet ^4.6.0

http-status-codes ^2.2.0

ioredis ^5.2.2

js-yaml ^4.1.0

jwt-decode ^3.1.2

lodash ^4.17.21

multer ^1.4.5-lts.1

negotiator ^0.6.3

nunjucks ^3.2.4

otplib ^12.0.1

redis ^3.1.2

require-directory ^2.1.1

serve-favicon ^2.5.0

session-file-store ^1.5.0

toobusy-js ^0.5.1

ts-node ^10.8.1

tsconfig-paths ^4.0.0

typescript ^4.7.3

uuid ^8.3.2

@babel/core ^7.18.2

@babel/eslint-parser ^7.11.0

@babel/preset-env ^7.18.2

@faker-js/faker ^8.4.1

@pact-foundation/absolute-version ^0.0.4

@pact-foundation/pact ^9.17.3

@playwright/test ^1.43.1

@types/copy-webpack-plugin ^10.1.0

@types/jest ^28.1.1

@types/mini-css-extract-plugin ^2.5.1

@types/webpack-dev-middleware ^5.3.0

@typescript-eslint/eslint-plugin ^5.27.0

@typescript-eslint/parser ^5.26.0

allure-commandline ^2.17.2

axios-debug-log ^0.8.4

babel-loader ^9.1.2

chai ^4.3.6

chai-as-promised ^7.1.1

codeceptjs ^3.4.1

concurrently ^7.2.1

copy-webpack-plugin ^11.0.0

css-loader ^6.7.1

eslint ^8.17.0

eslint-config-prettier ^8.5.0

eslint-plugin-import ^2.27.5

eslint-plugin-jest ^26.5.3

eslint-plugin-prettier ^4.0.0

html-webpack-plugin ^5.5.0

husky ^8.0.1

jest ^28.1.0

jest-circus ^28.1.0

jest-extended ^2.0.0

jest-html-reporter ^3.5.0

jest-pact ^0.11.0

jest-when ^3.5.1

lint-staged ^13.0.0

mini-css-extract-plugin ^2.6.0

mocha-junit-reporter ^2.0.0

mocha-multi ^1.1.6

mochawesome ^7.1.3

moment ^2.29.4

moment-timezone 0.5.43

node-sass ^8.0.0

nodemon ^2.0.22

npm-run-all ^4.1.5

pa11y ^6.2.3

prettier ^2.6.2

sass-loader ^13.0.0

sonar-scanner ^3.1.0

style-loader ^3.3.1

ts-jest ^28.0.4

ts-loader ^9.3.0

webdriverio ^7.19.7

webpack ^5.79.0

webpack-cli ^4.9.2

webpack-dev-middleware ^5.3.3

webpack-node-externals ^3.0.0

node >=14.0.0

minimist ^1.2.6

json5 >=2.2.2

json5 >=2.2.2

cookiejar >=2.1.4

formidable ^3.2.4

semver >=7.5.2

ws ^8.17.1

yarn 3.6.4

nvm

.nvmrc

node 18.17.1

terraform

infrastructure/main.tf

infrastructure/state.tf

azurerm 3.78.0

infrastructure/versions.tf

hashicorp/terraform >= 1.4

terraform-version

infrastructure/.terraform-version

hashicorp/terraform 1.6.2

Check this box to trigger a request for Renovate to run again on this repository

Bug: /applying-with reuse bug during first login

What would you like to change?

Add an undefined check to:
app > case > CaseApi.ts > checkOldPCQIDExists
So that the find method isn't called on an undefined argument.

Example solution:

  public async checkOldPCQIDExists(cases: CcdV1Response[]): Promise<string | undefined> {
    let caseWithPCQID;
    if (cases) {
      caseWithPCQID = cases.find(caseElement => caseElement.case_data.pcqId !== null);
    }
    return caseWithPCQID?.case_data.pcqId;
  }

How do you think that would improve the project?

Prevent a bug where a new user is unable to change the content they saved on the /applying-with screen until they have logged out.

If this entry is related to a bug:

Please provide the steps to reproduce it

Create a new user
Login with new user
Select any option on /applying-with page
Select either "Save and continue" or "Save as draft" button
Then on the /task-list page select "Number of applicants"
No change to the options is required, just select either "Save and continue" or "Save as draft" button

Advice for users experiencing this bug

Log out and back in again.

Priority

It's unlikely many users will experience this issue - low priority
The method is called by the main PostController - higher risk

Dev Notes

The solution might save a null/empty pcqId in userCase on line 63 in PostController.ts if req.session.userCaseList is null/undefined.

Readme needs updating with current runbook

What would you like to change?

Readme

How do you think that would improve the project?

Will allow new devs to run the service locally

If this entry is related to a bug, please provide the steps to reproduce it

These are the steps to run at the time of writing:

Ensure the prerequisites from the Readme are met, then

brew install redis

Connect to F5 VPN
Login to Azure

az login --use-device-code

Run a local version of Draft Store in a Docker container with a Redis image

docker-compose -f ./draft-store.yml up -d

Go to this file: src/main/modules/draft-store/index.ts and comment out like this:

    const client = new Redis({
      host: config.get('services.draftStore.redis.host'),
      port: config.get('services.draftStore.redis.port'),
      /* password: config.get('session.redis.key'),
      tls: {
        servername: config.get('services.draftStore.redis.host'),
      }, */
    });

(You can start this from Docker Desktop thereafter)

install dependencies

yarn install

Bundle

yarn webpack

Run, and access on localhost:3001

yarn start:dev

Remove Redundant Code (TODOs)

What would you like to change?

steps > application > applying-with > template.njk (lines 73-78) & form.njk (lines 50-55) contain commented out code with a comment to be implemented once Save as Draft functionality exists. Functionality does now exist but seems to have been implemented separately and this code appears to no longer be required.

{# TODO uncomment this once we have save as draft fuctionality #}
            {# <p class="govuk-body">
                <button class="hmcts-button-link" type="submit" name="saveandsignout" value="true" data-prevent-double-click="true" data-module="govuk-button"/>
                {{ saveAsDraft }}
                </button>
            </p>#}

There are also another 2 instances of code which may not be in use but requires further investigation:
steps > common > common.content.ts > generatePageContent
const contactEmail = '[email protected]';

steps > la-portal > check-your-answers > content.ts > form > fields > todoVar
todoVar: { type: 'hidden', hidden: true },

How do you think that would improve the project?

Cleaner code.

If this entry is related to a bug, please provide the steps to reproduce it

Hardcoded fee values on eligibility start page

What would you like to change?

EligibilityStartGetController called the fee API. This is unnecessary now.

Work below is no longer an issue

(- as the fee content has been removed from the eligibility start page)

/eligibility/start correctly uses the fee service to get the fee value for line 9 of the page.

However, line 12 of the page has a hardcoded fee value of £183.

In addition, line 9 and line 12 for the Welsh version of this page is hardcoded to £183.

How do you think that would improve the project?

If the fee changes, the the eligibility pages would be wrong for en and cy users.

Suggested Code Change:

Change start/content.ts so that the en line 12 is:

line12:
    `If you're applying for more than one child, you must submit a new application for each child. You will not be charged if you submit these before midnight on the day of your first application. If you submit after the day of the first application, you will be charged another £${content.fee?.FeeAmount}. For this reason we recommend you begin the applications early and have everything you need.`,

Change start/content.ts so that content is passed when creating the cy const:

const cy: typeof en = content => ({

Change start/content.ts so that Welsh versions of the content get the fee value dynamically

line9:
    `Ffi prosesu’r llys ar gyfer gwneud cais yw £${content.fee?.FeeAmount}. Mae’r taliad yn ddyledus unwaith y bydd y cais wedi’i gwblhau ac yn barod i’w gyflwyno i’r llys.`,

line12:
    `Os ydych chi’n gwneud cais i fabwysiadu mwy nag un plentyn, mae’n rhaid i chi gyflwyno cais newydd ar gyfer pob plentyn. Ni chodir ffi arall arnoch os byddwch yn cyflwyno’r ceisiadau hyn cyn hanner nos ar ddyddiad cyflwyno’ch cais cyntaf. Os byddwch yn eu cyflwyno ar ôl dyddiad cyflwyno’r cais cyntaf, yna bydd rhaid i chi dalu £${content.fee?.FeeAmount} arall. Am y rheswm hwn, argymhellwn eich bod yn dechrau eich ceisiadau yn gynnar a bod gennych bopeth rydych ei angen wrth law.`,

hmcts / adoption-web Goto Github PK

adoption-web's Introduction

adoption-web

Getting Started

Prerequisites

Running the application

Running the application for the first time

Running the application subsequently

Developing

Code style

Running the tests

Security

CSRF prevention

Helmet

Healthcheck

License

Testing:

Optional configuration

Running E2E against AAT environment

Running E2E against PR enviroment

Step controllers

adoption-web's People

Contributors

Stargazers

Watchers

adoption-web's Issues

Rate-Limited

Edited/Blocked

Open

Detected dependencies

What would you like to change?

How do you think that would improve the project?

If this entry is related to a bug:

Please provide the steps to reproduce it

Advice for users experiencing this bug

Priority

Dev Notes

What would you like to change?

How do you think that would improve the project?

If this entry is related to a bug, please provide the steps to reproduce it

What would you like to change?

How do you think that would improve the project?

If this entry is related to a bug, please provide the steps to reproduce it

What would you like to change?

Work below is no longer an issue

How do you think that would improve the project?

Suggested Code Change:

Change start/content.ts so that the en line 12 is:

Change start/content.ts so that content is passed when creating the cy const:

Change start/content.ts so that Welsh versions of the content get the fee value dynamically

Recommend Projects

Recommend Topics

Recommend Org