Merge pull request #33 from companieshouse/release/4.28.0

Release/4.28.0

Author: CarlSwan

api-enumerations

@@ -1,4 +1,5 @@
 ---
+
 base:
   url: <BASE_URL>
 

appconfig.yml

@@ -51,3 +51,4 @@ requires 'Readonly', '==2.00';
 
 test_requires 'CH::Test', '==0.32';
 test_requires 'Test::Differences', '==0.63';
+test_requires 'Test::Exception', '==0.43';

cpanfile

@@ -6,7 +6,6 @@ use CH::Perl;
 use CH::Util::Pager;
 use CH::Util::DateHelper;
 use POSIX qw(strftime);
-use Digest::SHA qw(sha1);
 use MIME::Base64 qw(encode_base64url);
 
 #-------------------------------------------------------------------------------
@@ -26,27 +25,22 @@ sub list {
         user_id        => $self->param('user_id')
     };
 
-
     $self->ch_api->user->user_transactions($query)->get->on(
         success => sub {
             my ( $api, $tx ) = @_;
             my $rf_results = $tx->success->json;
 
             for my $doc (@{$rf_results->{items}}) {
-		        if ( defined $doc->{closed_at} ) {
+                if ( defined $doc->{closed_at} ) {
                     $doc->{closed_at_date} = CH::Util::DateHelper->isodate_as_string($doc->{closed_at});
                     $doc->{closed_at_time} = CH::Util::DateHelper->isotime_as_string($doc->{closed_at})->strftime("%l:%M%P");
-		        }
-                if ( $doc->{status} eq "open" && $doc->{resources}){
-                    for my $resource (  keys %{$doc->{resources}}) {
-                        if ( $doc->{resources}->{$resource}->{kind} eq "accounts" ){
-                           $self->_build_resume_link($doc, $resource);
-                        }
-                    }
+                }
+                if ($doc->{status} eq "open" && $doc->{resume_journey_uri}) {
+                   $self->_build_resume_link($doc, $doc->{resume_journey_uri});
                 }
             }
 
-    # Work out the paging numbers
+            # Work out the paging numbers
             $pager->total_entries( $rf_results->{total_result} // 0 );
             warn "recent filings total_count %d entries per page %d",
             $pager->total_entries, $pager->entries_per_page() [RECENT_FILINGS];
@@ -81,12 +75,12 @@ sub list {
 #-------------------------------------------------------------------------------
 
 sub _build_resume_link {
-    my ($self, $transaction, $resource_key) = @_;
+    my ($self, $transaction, $resume_link) = @_;
 
     my $transaction_id = $transaction->{id};
-    my $encoded_resource_key = encode_base64url(sha1($resource_key));
-
-    $transaction->{resume_link} = "/user/transactions/" . $transaction_id . "/resume?id=" . $encoded_resource_key;
+    my $encoded_resume_link = encode_base64url($resume_link);
+    
+    $transaction->{resume_link} = "/user/transactions/" . $transaction_id . "/resume?link=" . $encoded_resume_link;
     return;
 }
 

lib/ChGovUk/Controllers/Admin/User/Filings.pm

@@ -7,134 +7,55 @@ use CH::Util::Pager;
 use CH::Util::DateHelper;
 use POSIX qw(strftime);
 use Mojo::IOLoop::Delay;
-use Digest::SHA qw(sha1);
 use MIME::Base64 qw(encode_base64url);
-use Data::Dumper;
 
 #-------------------------------------------------------------------------------
+
 sub resume {
     my ($self) = @_;
-
-    my $encoded_id = $self->param('id');
-
+    
+    $self->render_later;
+    
+    my $encoded_resume_link = $self->param('link');
+    
     $self->ch_api->transactions($self->stash('transaction_number'))->get->on(
         success => sub {
             my ($api, $tx) = @_;
-                my $transaction = $tx->success->json;
-
-                my $resource_and_id_match = 0;
-
-                for my $resource (  keys %{$transaction->{resources}}) {
-                    if ( encode_base64url(sha1($resource)) eq $encoded_id){ 
-                        $resource_and_id_match = 1;
-                        $self->_build_resume_link($transaction, $transaction->{resources}->{$resource} );
-                        last;
-                    }
-                }
-                if ( $resource_and_id_match eq  0) {
-                    error "None of the resource keys could be matched with provided encoded id";
-                    $self->render_not_found;
-                }
+            
+            my $transaction = $tx->success->json;
+            
+            my $resume_link = $transaction->{resume_journey_uri};
+            
+            if (encode_base64url($resume_link) ne $encoded_resume_link) {
+                my $message = "The transaction resume link does not match the encoded link url";
+                error "%s", $message;
+                $self->render_exception($message);
+            }
+            
+            # TODO: When support is added for third party (i.e. external) resume links, a check will need
+            # to be performed here to verify that the resume link matches a trusted domain for a given
+            # software vendor. A mechanism will be needed for adding the vendor to the transaction resource
+            # at creation time, and for registering one or more trusted domains that should be checked here.
+            # All Companies House resume links should be relative (i.e. not include the protocol or domain).
+            
+            $self->redirect_to($resume_link);
         },
         failure => sub {
             my ($api, $tx) = @_;
+            
             my ($error_message, $error_code) = ($tx->error->{message}, $tx->error->{code});
-                my $message = 'Failed to fetch transaction '.$self->stash('transaction_number').': '.$error_code.' '.$error_message;
+                my $message = 'Failed to fetch transaction ' . $self->stash('transaction_number') . ': ' . $error_code . ' ' . $error_message;
                 error "%s", $message [API];
                 $self->render_exception($message);
         },
         error => sub {
             my ($api, $error) = @_;
-                my $message = 'Failed to fetch transaction '.$self->stash('transaction_number').': '.$error;
-                error "%s", $message [ROUTING];
-                $self->render_exception($message);
-        }
-   )->execute;
-   $self->render_later;
-};
-
-#-------------------------------------------------------------------------------
-
-sub _build_resume_link {
-    my ($self, $transaction, $resource )= @_;
-    
-    my $company_number = $transaction->{company_number};
-    my $transaction_id = $transaction->{id};
-    my $kind = $resource->{kind};
-    my $abridged_accounts_id;
-    my $resume_link;
-
-    my $resource_delay = Mojo::IOLoop::Delay->new;
-    my $resource_delay_end;
-    
-    if ( $kind eq "accounts") {
-        $resource_delay_end = $resource_delay->begin(0);
-        $self->_get_accounts_document($resource->{links}->{resource}, $resource_delay_end);
-    }
-
-    $resource_delay->on(
-        finish => sub {
-            my ($delay, $resource_link, $accounts_id) = @_;
 
-            if ( $resource_link && $kind eq "accounts" ){
-                if ( $resource_link =~/abridged\/(.*)$/ ) {
-                    $abridged_accounts_id = $1;
-                }
-                $resume_link = "/company/" . $company_number . "/transaction/" . $transaction_id . "/submit-abridged-accounts/" . $accounts_id ."/" . $abridged_accounts_id . "/accounting-reference-date";
-            }
-        
-            $self->redirect_to($resume_link);
-        },
-        error => sub {
-            my ($delay, $err) = @_;
-        
-            my $message = "Error getting accounts links : %s" . $err;
-            error "Error getting accounts links : %s". $err;
+            my $message = 'Error when fetching transaction ' . $self->stash('transaction_number') . ': ' . $error;
+            error "%s", $message [ROUTING];
             $self->render_exception($message);
         }
-    );
-
-}
-
-
-# ------------------------------------------------------------------------------
-
-sub _get_accounts_document {
-    my ($self, $resource_link, $callback) = @_;
-    
-    $self->ch_api->uri($resource_link)->get->on(
-             success => sub {
-                 my ($api, $tx) = @_;
-
-                 my $accounts = $tx->success->json;
-
-                 if ( defined $accounts->{links}->{abridged_accounts} ){
-                     $callback->($accounts->{links}->{abridged_accounts}, $accounts->{id});
-                 }
-                 return $callback->();
-             },
-             failure => sub {
-                 my ($api, $tx) = @_;
-
-                 my $error_code = $tx->error->{code} // 0;
-                 my $error_message = $tx->error->{message};
-
-                 if (defined $error_code and $error_code == 404) {
-                    error " Resource [%s] not found", $resource_link;
-                    $self->render_not_found;
-                 }
-                 my $message = "Error getting accounts links : %s". $resource_link;
-                 error "Error getting accounts links : %s", $resource_link [ RESUME LINK ];
-                 $self->render_exception($message);
-             },
-             error => sub {
-                 my ($api, $error) = @_;
-
-                 my $message = "Error getting accounts links : %s". $resource_link;
-                 error "Error getting accounts links : %s", $resource_link [ RESUME LINK ];
-                 $self->render_exception($message);
-             }
-         )->execute;
+   )->execute;
 }
 
 # ------------------------------------------------------------------------------

lib/ChGovUk/Controllers/User/Transactions/Resume.pm

@@ -84,7 +84,7 @@
                                         <div id="process-spinner" class="process-spinner"></div>
                                         <span id="process-status" class="process-status">Status: in-progress</span>
                                       </div>
-                                      <input type="hidden" id="document-data" data-resource-url="/private<% $transaction.links.self %>" data-resource-id="<% $filing.value.links.resource %>" data-content-type="text/html" data-document-type="text/html" data-user-id="<% $c.user_id %>"/>
+                                      <input type="hidden" id="document-data" data-resource-url="<% $filing.value.links.resource %>" data-content-type="text/html" data-document-type="text/html" data-user-id="<% $c.user_id %>"/>
                                     </div>
                                 % }
                              % }
@@ -109,7 +109,7 @@
                                       <div id="process-spinner" class="process-spinner"></div>
                                       <span id="process-status" class="process-status">Status: in-progress</span>
                                     </div>
-                                    <input type="hidden" id="document-data" data-resource-url="/private<% $transaction.links.self %>" data-resource-id="<% $filing.value.links.resource %>" data-content-type="text/html" data-document-type="text/html" data-user-id="<% $c.user_id %>"/>
+                                    <input type="hidden" id="document-data" data-resource-url="<% $filing.value.links.resource %>" data-content-type="text/html" data-document-type="text/html" data-user-id="<% $c.user_id %>"/>
                                   </div>
                               % }
                             % }
@@ -155,7 +155,7 @@
                                       <div id="process-spinner" class="process-spinner"></div>
                                       <span id="process-status" class="process-status">Status: in-progress</span>
                                     </div>
-                                    <input type="hidden" id="document-data" data-resource-url="/private<% $transaction.links.self %>" data-resource-id="<% $filing.value.links.resource %>" data-content-type="text/html" data-document-type="text/html" data-user-id="<% $c.user_id %>"/>
+                                    <input type="hidden" id="document-data" data-resource-url="<% $filing.value.links.resource %>" data-content-type="text/html" data-document-type="text/html" data-user-id="<% $c.user_id %>"/>
                                   </div>
                                 % }
                               % }

templates/includes/transaction.tx

@@ -49,7 +49,7 @@
                 % if $transaction.status == "open" {
                     <div class="column-third column-status" id="status-<% $~transaction.count %>">
                         Status<strong> Incomplete </strong>
-                        % if $transaction.resume_link && !$c.can_do('/admin/transaction-lookup'){
+                        % if $transaction.resume_link && !$c.can_do('/admin/transaction-lookup') {
                             <a class="piwik-event" data-event-id="resume" id="transaction-<% $~transaction.count %>-resume-link" href="<% $transaction.resume_link %>">Resume</a>
                         % }
                     </div>
@@ -102,7 +102,7 @@
                                                   <div id="process-spinner" class="process-spinner"></div>
                                                   <span id="process-status" class="process-status">Status: in-progress</span>
                                                 </div>
-                                                <input type="hidden" id="document-data" data-resource-url="/private<% $transaction.links.self %>" data-resource-id="<% $filing.value.links.resource %>" data-content-type="text/html" data-document-type="text/html"/>
+                                                <input type="hidden" id="document-data" data-resource-url="<% $filing.value.links.resource %>" data-content-type="text/html" data-document-type="text/html"/>
                                               </div>
                                           % }
                                           % }
@@ -127,7 +127,7 @@
                                                   <div id="process-spinner" class="process-spinner"></div>
                                                   <span id="process-status" class="process-status">Status: in-progress</span>
                                                 </div>
-                                                <input type="hidden" id="document-data" data-resource-url="/private<% $transaction.links.self %>" data-resource-id="<% $filing.value.links.resource %>" data-content-type="text/html" data-document-type="text/html"/>
+                                                <input type="hidden" id="document-data" data-resource-url="<% $filing.value.links.resource %>" data-content-type="text/html" data-document-type="text/html"/>
                                               </div>
                                           % }
                                         % }
@@ -173,7 +173,7 @@
                                                   <div id="process-spinner" class="process-spinner"></div>
                                                   <span id="process-status" class="process-status">Status: in-progress</span>
                                                 </div>
-                                                <input type="hidden" id="document-data" data-resource-url="/private<% $transaction.links.self %>" data-resource-id="<% $filing.value.links.resource %>" data-content-type="text/html" data-document-type="text/html"/>
+                                                <input type="hidden" id="document-data" data-resource-url="<% $filing.value.links.resource %>" data-content-type="text/html" data-document-type="text/html"/>
                                               </div>
                                             % }
                                           % }