ST-947 Replace Private Law references (#43)

* ST-947 Replace Private Law references

Replace references to Private Law jurisdiction/case types
with ones for CIC.  Change local variable names, files
and test cases accordingly.

* ST-947 Update owasp version

* ST-947 Remove redundant roles

* ST-947 Bump owawp version

This version should fix
jeremylong/DependencyCheck#5220

* ST-947 Set autoUpdate to true

* ST-947 Match case api dependencycheck version

* ST-947 Rollback dependencycheck

To avoid having to update database after owasp bug/issue.

* ST-947 Bump snakeyaml

* ST-947 Bump snakeyaml

* ST-947 Suppress two CVEs

snakeyaml is wrongly identified as being vulnerable
to these two CVEs
jeremylong/DependencyCheck#5233

* ST-947 Fix jurisdiction name too long

bin/add-roles.sh

@@ -3,7 +3,5 @@
 scriptPath=$(dirname $(realpath $0))
 
 # Roles used during the CCD import
-${scriptPath}/add-ccd-role.sh "caseworker-privatelaw"
-${scriptPath}/add-ccd-role.sh "caseworker-privatelaw-solicitor"
-${scriptPath}/add-ccd-role.sh "caseworker-privatelaw-courtadmin"
+${scriptPath}/add-ccd-role.sh "caseworker-st-cic"
 ${scriptPath}/add-ccd-role.sh "citizen"

build.gradle

@@ -22,8 +22,8 @@ plugins {
   id 'pmd'
   id 'jacoco'
   id 'io.spring.dependency-management' version '1.0.11.RELEASE'
-  id 'org.springframework.boot' version '2.6.7'
-  id 'org.owasp.dependencycheck' version '7.4.1'
+  id 'org.springframework.boot' version '2.6.8'
+  id 'org.owasp.dependencycheck' version '7.3.0'
   id 'com.github.ben-manes.versions' version '0.41.0'
   id 'org.sonarqube' version '3.3'
   id 'idea'
@@ -289,6 +289,7 @@ repositories {
 
 ext {
   log4JVersion = "2.17.0"
+  set('snakeyaml.version', '1.33')
 }
 
 def versions = [
@@ -440,7 +441,7 @@ dependencies {
   smokeTestImplementation group: 'org.junit.jupiter', name: 'junit-jupiter-api', version: versions.junitJupiter
   smokeTestRuntime "org.junit.platform:junit-platform-commons:1.8.1"
 
-  smokeTestCompile(group: 'org.yaml', name: 'snakeyaml', version: '1.32') {
+  smokeTestCompile(group: 'org.yaml', name: 'snakeyaml', version: '1.33') {
     force = true
   }
 

config/owasp/suppressions.xml

@@ -42,5 +42,15 @@
     <suppress>
       <notes>snakeyaml</notes>
       <cve>CVE-2022-41854</cve>
+      <cve>CVE-2022-3064</cve>
+      <cve>CVE-2021-4235</cve>
+    </suppress>
+    <suppress>
+      <notes>https://github.com/jeremylong/DependencyCheck/issues/5121</notes>
+      <cve>CVE-2021-37533</cve>
+    </suppress>
+    <suppress>
+      <notes>False positive - matches all *utils* dependencies</notes>
+      <cve>CVE-2021-4277</cve>
     </suppress>
 </suppressions>

src/contractTest/java/uk/gov/hmcts/reform/cosapi/clients/ccd/CaseManagementConsumerTest.java

@@ -8,18 +8,19 @@
 import au.com.dius.pact.core.model.RequestResponsePact;
 import au.com.dius.pact.core.model.annotations.Pact;
 import au.com.dius.pact.core.model.annotations.PactFolder;
-import java.io.IOException;
 import org.apache.http.HttpResponse;
 import org.apache.http.HttpStatus;
+import org.apache.http.client.fluent.Request;
 import org.json.JSONException;
 import org.junit.jupiter.api.Assertions;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.test.context.junit.jupiter.SpringExtension;
-import org.apache.http.client.fluent.Request;
 import uk.gov.hmcts.reform.cosapi.clients.CommonConstants;
 
+import java.io.IOException;
+
 
 @ExtendWith(PactConsumerTestExt.class)
 @ExtendWith(SpringExtension.class)
@@ -69,7 +70,7 @@ public void verifyCreateCase(MockServer mockServer) throws IOException {
     private PactDslJsonBody createCaseResponse() {
 
         return new PactDslJsonBody()
-            .stringType("case_type", "PRLAPPS")
+            .stringType("case_type", "CriminalInjuriesCompensation")
             .stringType("callbackResponseStatus", "Success")
             .stringType("state", "State")
             .integerType("securityLevel",23)

src/contractTest/java/uk/gov/hmcts/reform/cosapi/clients/cdam/DocumentDeleteConsumerTest.java

@@ -8,7 +8,6 @@
 import au.com.dius.pact.core.model.RequestResponsePact;
 import au.com.dius.pact.core.model.annotations.Pact;
 import au.com.dius.pact.core.model.annotations.PactFolder;
-import java.io.IOException;
 import org.apache.http.HttpResponse;
 import org.apache.http.HttpStatus;
 import org.apache.http.client.fluent.Request;
@@ -20,6 +19,8 @@
 import org.springframework.test.context.junit.jupiter.SpringExtension;
 import uk.gov.hmcts.reform.cosapi.clients.CommonConstants;
 
+import java.io.IOException;
+
 
 @ExtendWith(PactConsumerTestExt.class)
 @ExtendWith(SpringExtension.class)
@@ -34,8 +35,8 @@ RequestResponsePact deleteDocument(PactDslWithProvider builder) throws JSONExcep
         // @formatter:off
 
         PactDslJsonBody body = new PactDslJsonBody()
-            .stringMatcher("caseTypeId", "PRLAPPS")
-            .stringMatcher("jurisdictionId", "PRIVATELAW")
+            .stringMatcher("caseTypeId", "CriminalInjuriesCompensation")
+            .stringMatcher("jurisdictionId", "ST_CIC")
             .asBody();
 
         return builder

src/contractTest/java/uk/gov/hmcts/reform/cosapi/clients/cdam/DocumentUploadConsumerTest.java

@@ -8,18 +8,19 @@
 import au.com.dius.pact.core.model.RequestResponsePact;
 import au.com.dius.pact.core.model.annotations.Pact;
 import au.com.dius.pact.core.model.annotations.PactFolder;
-import java.io.IOException;
 import org.apache.http.HttpResponse;
 import org.apache.http.HttpStatus;
+import org.apache.http.client.fluent.Request;
 import org.json.JSONException;
 import org.junit.jupiter.api.Assertions;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.test.context.junit.jupiter.SpringExtension;
-import org.apache.http.client.fluent.Request;
 import uk.gov.hmcts.reform.cosapi.clients.CommonConstants;
 
+import java.io.IOException;
+
 
 @ExtendWith(PactConsumerTestExt.class)
 @ExtendWith(SpringExtension.class)
@@ -33,8 +34,8 @@ RequestResponsePact uploadDocument(PactDslWithProvider builder) throws JSONExcep
         // @formatter:off
 
         PactDslJsonBody body = new PactDslJsonBody()
-            .stringMatcher("caseTypeId", "PRLAPPS")
-            .stringMatcher("jurisdictionId", "PRIVATELAW")
+            .stringMatcher("caseTypeId", "CriminalInjuriesCompensation")
+            .stringMatcher("jurisdictionId", "ST_CIC")
             .asBody();
 
         return builder

src/functionalTest/resources/application.yaml

@@ -68,20 +68,11 @@ document_management:
 
 caseinfo:
   apps:
-    - caseType: PRLAPPS
-      jurisdiction: PRIVATELAW
+    - caseType: CriminalInjuriesCompensation
+      jurisdiction: ST_CIC
       eventIds:
-        createEvent: citizen-prl-create-dss-application
-        updateEvent: citizen-prl-update-dss-application
-        submitEvent: citizen-prl-submit-dss-application
+        createEvent: citizen-cic-create-dss-application
+        updateEvent: citizen-cic-update-dss-application
+        submitEvent: citizen-cic-submit-dss-application
       caseTypeOfApplication:
-        - FMPO
-        - FGM
-    - caseType: ADOPTION
-      jurisdiction: ADOPTION
-      eventIds:
-        createEvent: citizen-adop-create-dss-application
-        updateEvent: citizen-adop-update-dss-application
-        submitEvent: citizen-adop-submit-dss-application
-      caseTypeOfApplication:
-        - RELADOP
+        - CIC

src/functionalTest/resources/requests/create-case.json

@@ -5,7 +5,7 @@
   "applicantEmailAddress": "test@test.com",
   "applicantHomeNumber": "012345678890",
   "applicantAddressTown": "London",
-  "caseTypeOfApplication": "FGM",
+  "caseTypeOfApplication": "CIC",
   "applicantFirstName": "Test First Name",
   "applicantDateOfBirth": "2020-11-09",
   "applicantAddressCountry": "United Kingdom",

src/functionalTest/resources/requests/update-case.json

@@ -5,7 +5,7 @@
   "applicantEmailAddress": "test@test.com",
   "applicantHomeNumber": "012345678890",
   "applicantAddressTown": "London",
-  "caseTypeOfApplication": "FGM",
+  "caseTypeOfApplication": "CIC",
   "applicantFirstName": "Test First Name",
   "applicantDateOfBirth": "2020-11-09",
   "applicantAddressCountry": "United Kingdom",

src/functionalTest/resources/response/create-case-response.json

@@ -8,7 +8,7 @@
     "applicantEmailAddress": "test@test.com",
     "applicantHomeNumber": "012345678890",
     "applicantAddressTown": "London",
-    "caseTypeOfApplication": "FGM",
+    "caseTypeOfApplication": "CIC",
     "applicantFirstName": "Test First Name",
     "applicantDateOfBirth": "2020-11-09",
     "applicantAddressCountry": "United Kingdom",

src/functionalTest/resources/response/update-case-response.json

@@ -8,7 +8,7 @@
     "applicantEmailAddress": "test@test.com",
     "applicantHomeNumber": "012345678890",
     "applicantAddressTown": "London",
-    "caseTypeOfApplication": "FGM",
+    "caseTypeOfApplication": "CIC",
     "applicantFirstName": "Test First Name",
     "applicantDateOfBirth": "2020-11-09",
     "applicantAddressCountry": "United Kingdom",

src/integrationTest/resources/application.yaml

@@ -50,20 +50,11 @@ case_document_am:
 
 caseinfo:
   apps:
-    - caseType: PRLAPPS
-      jurisdiction: PRIVATELAW
+    - caseType: CriminalInjuriesCompensation
+      jurisdiction: ST_CIC
       eventIds:
-        createEvent: citizen-prl-create-dss-application
-        updateEvent: citizen-prl-update-dss-application
-        submitEvent: citizen-prl-submit-dss-application
+        createEvent: citizen-cic-create-dss-application
+        updateEvent: citizen-cic-update-dss-application
+        submitEvent: citizen-cic-submit-dss-application
       caseTypeOfApplication:
-        - FMPO
-        - FGM
-    - caseType: ADOPTION
-      jurisdiction: ADOPTION
-      eventIds:
-        createEvent: citizen-adop-create-dss-application
-        updateEvent: citizen-adop-update-dss-application
-        submitEvent: citizen-adop-submit-dss-application
-      caseTypeOfApplication:
-        - RELADOP
+        - CIC

src/integrationTest/resources/requests/create-case.json

@@ -5,7 +5,7 @@
   "applicantEmailAddress": "test@test.com",
   "applicantHomeNumber": "012345678890",
   "applicantAddressTown": "London",
-  "caseTypeOfApplication": "FGM",
+  "caseTypeOfApplication": "CIC",
   "applicantFirstName": "Test First Name",
   "applicantDateOfBirth": "2020-11-09",
   "applicantAddressCountry": "United Kingdom",

src/integrationTest/resources/requests/update-case.json

@@ -5,7 +5,7 @@
   "applicantEmailAddress": "test@test.com",
   "applicantHomeNumber": "012345678890",
   "applicantAddressTown": "London",
-  "caseTypeOfApplication": "FGM",
+  "caseTypeOfApplication": "CIC",
   "applicantFirstName": "Test First Name",
   "applicantDateOfBirth": "2020-11-09",
   "applicantAddressCountry": "United Kingdom",

src/integrationTest/resources/response/create-case-response.json

@@ -8,7 +8,7 @@
     "applicantEmailAddress": "test@test.com",
     "applicantHomeNumber": "012345678890",
     "applicantAddressTown": "London",
-    "caseTypeOfApplication": "FGM",
+    "caseTypeOfApplication": "CIC",
     "applicantFirstName": "Test First Name",
     "applicantDateOfBirth": "2020-11-09",
     "applicantAddressCountry": "United Kingdom",

src/integrationTest/resources/response/update-case-response.json

@@ -8,7 +8,7 @@
     "applicantEmailAddress": "test@test.com",
     "applicantHomeNumber": "012345678890",
     "applicantAddressTown": "London",
-    "caseTypeOfApplication": "FGM",
+    "caseTypeOfApplication": "CIC",
     "applicantFirstName": "Test First Name",
     "applicantDateOfBirth": "2020-11-09",
     "applicantAddressCountry": "United Kingdom",

src/main/java/uk/gov/hmcts/reform/cosapi/common/ccd/HighLevelDataSetupApp.java

@@ -15,11 +15,9 @@ public class HighLevelDataSetupApp extends DataLoaderToDefinitionStore {
     private static final Logger LOGGER = LoggerFactory.getLogger(HighLevelDataSetupApp.class);
 
     public static final String PUBLIC = "PUBLIC";
-    private static final CcdRoleConfig[] CCD_ROLES_NEEDED_FOR_ADOPTION = {
+    private static final CcdRoleConfig[] CCD_ROLES_NEEDED_FOR_ST_CIC = {
         new CcdRoleConfig("citizen", PUBLIC),
-        new CcdRoleConfig("caseworker-privatelaw", PUBLIC),
-        new CcdRoleConfig("caseworker-privatelaw-courtadmin", PUBLIC),
-        new CcdRoleConfig("caseworker-privatelaw-solicitor", PUBLIC)
+        new CcdRoleConfig("caseworker-st-cic", PUBLIC)
     };
 
     private final CcdEnvironment environment;
@@ -43,7 +41,7 @@ protected boolean shouldTolerateDataSetupFailure() {
 
     @Override
     public void addCcdRoles() {
-        for (CcdRoleConfig roleConfig : CCD_ROLES_NEEDED_FOR_ADOPTION) {
+        for (CcdRoleConfig roleConfig : CCD_ROLES_NEEDED_FOR_ST_CIC) {
             try {
                 LOGGER.info("\n\nAdding CCD Role {}.", roleConfig);
                 addCcdRole(roleConfig);
@@ -61,7 +59,7 @@ public void addCcdRoles() {
     protected List<String> getAllDefinitionFilesToLoadAt(String definitionsPath) {
         String environmentName = environment.name().toLowerCase(Locale.UK);
         return List.of(
-            "build/ccd-config/ccd-" + "PRLAPPS" + "-" + environmentName + ".xlsx"
+            "build/ccd-config/ccd-" + "CriminalInjuriesCompensation" + "-" + environmentName + ".xlsx"
         );
     }
 

src/main/java/uk/gov/hmcts/reform/cosapi/constants/CommonConstants.java

@@ -2,11 +2,8 @@
 
 public final class CommonConstants {
 
-    public static final String PRL_JURISDICTION = "PRIVATELAW";
-    public static final String PRL_CASE_TYPE = "PRLAPPS";
-    public static final String ADOP_JURISDICTION = "ADOPTION_WEB";
-    public static final String ADOP_CASE_TYPE = "ADOPTION";
-
+    public static final String ST_CIC_JURISDICTION = "ST_CIC";
+    public static final String ST_CIC_CASE_TYPE = "CriminalInjuriesCompensation";
 
     private CommonConstants() {
     }

src/main/java/uk/gov/hmcts/reform/cosapi/edgecase/PrivateLawEdgeCase.java → src/main/java/uk/gov/hmcts/reform/cosapi/edgecase/CicEdgeCase.java

@@ -13,16 +13,18 @@
 
 
 @Component
-public class PrivateLawEdgeCase implements CCDConfig<CaseData, State, UserRole> {
+public class CicEdgeCase implements CCDConfig<CaseData, State, UserRole> {
 
     @Autowired
     AppsConfig appsConfig;
 
     @Override
     public void configure(final ConfigBuilder<CaseData, State, UserRole> configBuilder) {
-        configBuilder.setCallbackHost(System.getenv().getOrDefault("CASE_API_URL", "http://localhost:4550"));
-        configBuilder.caseType(CommonConstants.PRL_CASE_TYPE, "New edge case", "Handling of edge cases");
-        configBuilder.jurisdiction(CommonConstants.PRL_JURISDICTION, "Prl jurisdiction adoption", "edge-cases");
+        configBuilder.setCallbackHost(System.getenv().getOrDefault("CASE_API_URL",
+                                                                   "http://localhost:4550"));
+        configBuilder.caseType(CommonConstants.ST_CIC_CASE_TYPE, "New edge case", "Handling of edge cases");
+        configBuilder.jurisdiction(CommonConstants.ST_CIC_JURISDICTION,
+                                   "ST jurisdiction CIC", "edge-cases");
         configBuilder.grant(State.DRAFT, Permissions.CREATE_READ_UPDATE, UserRole.CITIZEN);
     }
 }

src/main/java/uk/gov/hmcts/reform/cosapi/edgecase/constants/CaseType.java

@@ -6,7 +6,7 @@
 @RequiredArgsConstructor
 @Getter
 public enum CaseType {
-    A_100("A100"), A_200("A200"), ADOPTION("ADOPTION"), PRL("PRIVATELAW"), CRU("CRU");
+    CIC("CriminalInjuriesCompensation");
 
     private final String name;
 }

src/main/java/uk/gov/hmcts/reform/cosapi/edgecase/event/privatelaw/CreateCaseEvent.java → src/main/java/uk/gov/hmcts/reform/cosapi/edgecase/event/cic/CreateCaseEvent.java

@@ -1,4 +1,4 @@
-package uk.gov.hmcts.reform.cosapi.edgecase.event.privatelaw;
+package uk.gov.hmcts.reform.cosapi.edgecase.event.cic;
 
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -37,7 +37,7 @@ public void configure(final ConfigBuilder<CaseData, State, UserRole> configBuild
         var updatedRoles = addSystemUpdateRole.addIfConfiguredForEnvironment(defaultRoles);
 
         configBuilder
-            .event(AppsUtil.getExactAppsDetailsByCaseType(appsConfig, CommonConstants.PRL_CASE_TYPE).getEventIds()
+            .event(AppsUtil.getExactAppsDetailsByCaseType(appsConfig, CommonConstants.ST_CIC_CASE_TYPE).getEventIds()
                        .getCreateEvent())
             .initialState(DRAFT)
             .name("Create edge case draft case")

src/main/java/uk/gov/hmcts/reform/cosapi/edgecase/event/privatelaw/SubmitCaseEvent.java → src/main/java/uk/gov/hmcts/reform/cosapi/edgecase/event/cic/SubmitCaseEvent.java

@@ -1,4 +1,4 @@
-package uk.gov.hmcts.reform.cosapi.edgecase.event.privatelaw;
+package uk.gov.hmcts.reform.cosapi.edgecase.event.cic;
 
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -28,7 +28,7 @@ public class SubmitCaseEvent implements CCDConfig<CaseData, State, UserRole>  {
     public void configure(final ConfigBuilder<CaseData, State, UserRole> configBuilder) {
 
         configBuilder
-            .event(AppsUtil.getExactAppsDetailsByCaseType(appsConfig, CommonConstants.PRL_CASE_TYPE).getEventIds()
+            .event(AppsUtil.getExactAppsDetailsByCaseType(appsConfig, CommonConstants.ST_CIC_CASE_TYPE).getEventIds()
                        .getSubmitEvent())
             .forStates(State.DRAFT)
             .name("Applicant Submitting the case")

src/main/java/uk/gov/hmcts/reform/cosapi/edgecase/event/privatelaw/UpdateCaseEvent.java → src/main/java/uk/gov/hmcts/reform/cosapi/edgecase/event/cic/UpdateCaseEvent.java

@@ -1,4 +1,4 @@
-package uk.gov.hmcts.reform.cosapi.edgecase.event.privatelaw;
+package uk.gov.hmcts.reform.cosapi.edgecase.event.cic;
 
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -26,7 +26,7 @@ public class UpdateCaseEvent implements CCDConfig<CaseData, State, UserRole>  {
     @Override
     public void configure(final ConfigBuilder<CaseData, State, UserRole> configBuilder) {
         configBuilder
-            .event(AppsUtil.getExactAppsDetailsByCaseType(appsConfig, CommonConstants.PRL_CASE_TYPE).getEventIds()
+            .event(AppsUtil.getExactAppsDetailsByCaseType(appsConfig, CommonConstants.ST_CIC_CASE_TYPE).getEventIds()
                        .getUpdateEvent())
             .forStates(State.DRAFT, State.SUBMITTED)
             .name("Edge case")