Merge pull request #1651 from Crown-Commercial-Service/p3sprint7

P3sprint7 release to UAT on 25th Apr 2023

api/BSIRolesRemovalOneTimeJob/ProgramHelpers.cs

@@ -1,4 +1,4 @@
-using Amazon.SimpleSystemsManagement.Model;
+using Amazon.SimpleSystemsManagement.Model;
 using CcsSso.Core.Domain.Jobs;
 using CcsSso.Shared.Contracts;
 using CcsSso.Shared.Domain;
@@ -94,4 +94,4 @@ public async Task<Dictionary<string, object>> LoadSecretsAsync()
       return _secrets.Data;
     }
   }
-}
+}

api/BSIRolesRemovalOneTimeJob/appsecrets.json

@@ -1,4 +1,4 @@
-{
+{
   "DbConnection": "",
   "ScheduleJobSettings": {
     "OrganisationAutovalidationJobExecutionFrequencyInMinutes": 5
@@ -21,4 +21,4 @@
   "OrgAutoValidationOneTimeJobRoles": {
     "RemoveRoleFromAllOrg": [ "ACCESS_EVIDENCE_LOCKER", "EL_JNR_SUPPLIER", "EL_SNR_SUPPLIER", "EL_SNR_BUYER", "EL_JNR_BUYER" ],
   }
-}
+}

api/BSIRolesRemovalOneTimeJob/appsettings.json

@@ -9,4 +9,4 @@
       "Microsoft.Hosting.Lifetime": "Error"
     }
   }
-}
+}

api/CcsSso.Core.Api/CustomOptions/ParameterStoreConfiguration.cs

@@ -74,6 +74,7 @@ public async Task GetSecrets()
 
       configurations.Add(_awsParameterStoreService.GetParameter(parameters, path + "ConclaveSettings/BaseUrl", "ConclaveSettings:BaseUrl"));
       configurations.Add(_awsParameterStoreService.GetParameter(parameters, path + "ConclaveSettings/OrgRegistrationRoute", "ConclaveSettings:OrgRegistrationRoute"));
+      configurations.Add(_awsParameterStoreService.GetParameter(parameters, path + "ConclaveSettings/VerifyUserDetailsRoute", "ConclaveSettings:VerifyUserDetailsRoute"));
 
       configurations.Add(_awsParameterStoreService.GetParameter(parameters, path + "JwtTokenValidationInfo/IdamClienId", "JwtTokenValidationInfo:IdamClienId"));
       configurations.Add(_awsParameterStoreService.GetParameter(parameters, path + "JwtTokenValidationInfo/Issuer", "JwtTokenValidationInfo:Issuer"));
@@ -149,6 +150,9 @@ public async Task GetSecrets()
       configurations.Add(_awsParameterStoreService.GetParameter(parameters, path + "LookUpApiSettings/LookUpApiUrl", "LookUpApiSettings:LookUpApiUrl"));
 
       configurations.Add(_awsParameterStoreService.GetParameter(parameters, path + "UserRoleApproval/Enable", "UserRoleApproval:Enable"));
+
+      configurations.Add(_awsParameterStoreService.GetParameter(parameters, path + "TokenEncryptionKey", "TokenEncryptionKey"));
+      configurations.Add(_awsParameterStoreService.GetParameter(parameters, path + "NewUserJoinRequest/LinkExpirationInMinutes", "NewUserJoinRequest:LinkExpirationInMinutes"));
 
       foreach (var configuration in configurations)
       {

api/CcsSso.Core.Api/CustomOptions/VaultConfiguration.cs

@@ -97,6 +97,7 @@ public async Task GetSecrets()
         var conclaveSettingsVault = JsonConvert.DeserializeObject<ConclaveSettingsVault>(_secrets.Data["ConclaveSettings"].ToString());
         Data.Add("ConclaveSettings:BaseUrl", conclaveSettingsVault.BaseUrl);
         Data.Add("ConclaveSettings:OrgRegistrationRoute", conclaveSettingsVault.OrgRegistrationRoute);
+        Data.Add("ConclaveSettings:VerifyUserDetailsRoute", conclaveSettingsVault.VerifyUserDetailsRoute);
       }
 
       if (_secrets.Data.ContainsKey("JwtTokenValidationInfo"))
@@ -176,6 +177,13 @@ public async Task GetSecrets()
         Data.Add("UserRoleApproval:Enable", userRoleApproval.Enable.ToString());
       }
 
+      Data.Add("TokenEncryptionKey", _secrets.Data["TokenEncryptionKey"].ToString());
+
+      if (_secrets.Data.ContainsKey("NewUserJoinRequest"))
+      {
+        var newUserJoinRequest = JsonConvert.DeserializeObject<NewUserJoinRequest>(_secrets.Data["NewUserJoinRequest"].ToString());
+        Data.Add("NewUserJoinRequest:LinkExpirationInMinutes", newUserJoinRequest.LinkExpirationInMinutes.ToString());
+      }
     }
   }
 
@@ -252,6 +260,8 @@ public class ConclaveSettingsVault
     public string BaseUrl { get; set; }
 
     public string OrgRegistrationRoute { get; set; }
+
+    public string VerifyUserDetailsRoute { get; set; }
   }
 
 
@@ -338,4 +348,9 @@ public class UserRoleApproval
     public bool Enable { get; set; } = false;
   }
 
+  public class NewUserJoinRequest
+  {
+    public int LinkExpirationInMinutes { get; set; }
+  }
+
 }

api/CcsSso.Core.Api/Startup.cs

@@ -101,7 +101,8 @@ public void ConfigureServices(IServiceCollection services)
           ConclaveSettings = new ConclaveSettings()
           {
             BaseUrl = Configuration["ConclaveSettings:BaseUrl"],
-            OrgRegistrationRoute = Configuration["ConclaveSettings:OrgRegistrationRoute"]
+            OrgRegistrationRoute = Configuration["ConclaveSettings:OrgRegistrationRoute"],
+            VerifyUserDetailsRoute = Configuration["ConclaveSettings:VerifyUserDetailsRoute"]
           },
           // #Auto validation
           OrgAutoValidation = new OrgAutoValidation()
@@ -112,6 +113,11 @@ public void ConfigureServices(IServiceCollection services)
           {
             Enable = Convert.ToBoolean(Configuration["UserRoleApproval:Enable"])
           },
+          NewUserJoinRequest = new NewUserJoinRequest()
+          {
+            LinkExpirationInMinutes = Convert.ToInt32(Configuration["NewUserJoinRequest:LinkExpirationInMinutes"])
+          },
+          TokenEncryptionKey = Configuration["TokenEncryptionKey"],
         };
         return appConfigInfo;
       });
@@ -250,6 +256,7 @@ public void ConfigureServices(IServiceCollection services)
       services.AddScoped<IBulkUploadFileContentService, BulkUploadFileContentService>();
       services.AddScoped<IUserProfileRoleApprovalService, UserProfileRoleApprovalService>();
       services.AddScoped<IServiceRoleGroupMapperService, ServiceRoleGroupMapperService>();
+      services.AddScoped<IOrganisationGroupService, OrganisationGroupService>();
 
       services.AddHttpContextAccessor();
 

api/CcsSso.Core.Api/appsecrets.json

@@ -66,7 +66,8 @@
   },
   "ConclaveSettings": {
     "BaseUrl": "http://localhost:4200",
-    "OrgRegistrationRoute": "/manage-org/register"
+    "OrgRegistrationRoute": "/manage-org/register",
+    "VerifyUserDetailsRoute": "/manage-users/verify-user"
   },
   "OrgAutoValidation": {
     "Enable": "true"
@@ -82,5 +83,9 @@
   },
   "UserRoleApproval": {
     "Enable": "true"
+  },
+  "TokenEncryptionKey": "",
+  "NewUserJoinRequest": {
+    "LinkExpirationInMinutes": "129600"
   }
 }

api/CcsSso.Core.DbMigrations/Scripts/Phase3_Sprint6/2_Add_CAS_Roles/Add_Role_CAS_USER_eSourcing.sql

@@ -1,5 +1,4 @@
 
-
 CREATE OR REPLACE FUNCTION AddRole() RETURNS integer AS $$
 
 DECLARE serviceName text = 'eSourcing';
@@ -43,7 +42,7 @@ SELECT "Id" into RoleId From public."CcsAccessRole" WHERE "CcsAccessRoleNameKey"
 INSERT INTO public."ServiceRolePermission"(
 	"ServicePermissionId", "CcsAccessRoleId", "CreatedUserId", "LastUpdatedUserId", "CreatedOnUtc", "LastUpdatedOnUtc", "IsDeleted")
 	VALUES (ServicePermissionId, RoleId, 0, 0, now(), now(), false);
-	
+
 
 	RETURN 1;
 	END;
@@ -53,5 +52,4 @@ SELECT setval('"CcsAccessRole_Id_seq"', max("Id")) FROM "CcsAccessRole";
 SELECT setval('"ServicePermission_Id_seq"', max("Id")) FROM "ServicePermission";
 SELECT setval('"ServiceRolePermission_Id_seq"', max("Id")) FROM "ServiceRolePermission";
 SELECT AddRole();
-DROP FUNCTION AddRole;
-
+DROP FUNCTION AddRole;

api/CcsSso.Core.DbMigrations/Scripts/Phase3_Sprint6/2_Add_FP_USER_Roles/Add_Role_FP_USER_Dashboard_Service.sql

@@ -34,7 +34,7 @@ INSERT INTO public."CcsAccessRole"(
  	"CcsAccessRoleNameKey", "CcsAccessRoleName", "CcsAccessRoleDescription", "OrgTypeEligibility", 
 	"SubscriptionTypeEligibility", "TradeEligibility", "ApprovalRequired","CreatedUserId", "LastUpdatedUserId", "CreatedOnUtc", 
 	"LastUpdatedOnUtc", "IsDeleted", "MfaEnabled")
-	VALUES ('FP_USER', 'Fleet Portal Tile', 'Fleet Portal Tile', 2, 0, 1,1, 0, 0, now(), now(), 
+	VALUES ('FP_USER', 'Fleet Portal Tile', 'Fleet Portal Tile', 2, 0, 1,0, 0, 0, now(), now(), 
 			false, false);
 SELECT "Id" into RoleId From public."CcsAccessRole" WHERE "CcsAccessRoleNameKey" = 'FP_USER' AND "CcsAccessRoleName" = 'Fleet Portal Tile' LIMIT 1;
 

api/CcsSso.Core.DbMigrations/Scripts/Phase3_Sprint6/2_Add_JAGGER_BUYER_Roles/Add_Role_JAEGGER_BUYER_Contract_Award_Service.sql

@@ -1,6 +1,4 @@
-
--- No need to run this script. 
-
+-- No need to run this script.
 
 --CREATE OR REPLACE FUNCTION AddRole() RETURNS integer AS $$
 
@@ -49,4 +47,3 @@
 --SELECT setval('"ServiceRolePermission_Id_seq"', max("Id")) FROM "ServiceRolePermission";
 --SELECT AddRole();
 --DROP FUNCTION AddRole;
-

api/CcsSso.Core.DbMigrations/Scripts/Phase3_Sprint6/3_Add_CcsServiceRoleMapping_Rows.sql

@@ -33,6 +33,12 @@ $$ LANGUAGE plpgsql;
 SELECT AddGroupRoleMapping('CAS_USER_GROUP','CAT_USER','Contract Award Service (CAS) - add service');
 SELECT AddGroupRoleMapping('CAS_USER_GROUP','CAS_USER','Contract Award Service (CAS) - add to dashboard');
 SELECT AddGroupRoleMapping('CAS_USER_GROUP','CAS_USER','Contract Award Service role to create buyer in Jagger-LD');
+-- run the below line the if you are executing all the script at the first time - (Above TEST env)
+--SELECT AddGroupRoleMapping('CAS_USER_GROUP','CAT_USER','Contract Award Service role to merge buyer via Jaggaer');
+
+-- run the below line if the script already execuated. (TEST and lower environment.)
+--SELECT AddGroupRoleMapping('CAT_USER','CAT_USER','Contract Award Service role to merge buyer via Jaggaer');
+
 
 -- run the below line the if you are executing all the script at the first time - (Above TEST env)
 --SELECT AddGroupRoleMapping('CAS_USER_GROUP','CAT_USER','Contract Award Service role to merge buyer via Jaggaer');

api/CcsSso.Core.DbMigrations/Scripts/Phase3_Sprint6/Last_Delete_Old_Roles/1_LAST_DELTA_DEV_SAND_TEST_REMOVE_JAEGGER_BUYER.sql

@@ -94,7 +94,7 @@ orgsAffectedCount = 0;
 		IF (reportingModeOn = 'false') THEN
 			UPDATE "OrganisationEligibleRole" SET "IsDeleted" = true, "LastUpdatedOnUtc" = timezone('utc', now()) 
 			WHERE "IsDeleted" = false AND "Id" = organisationEligibleRoleId;
-	
+
 		RAISE NOTICE '-------------------Role % deleted from OrganisationEligibleRole Id: % -------------------', ccsAccessRoleNameKey, organisationEligibleRoleId;
 		END IF;
 
@@ -111,7 +111,7 @@ orgsAffectedCount = 0;
 	IF (reportingModeOn = 'false') THEN
 			DELETE FROM "CcsServiceRoleMapping" WHERE "CcsAccessRoleId" = ccsAccessRoleId;
 			GET DIAGNOSTICS roleMappingDeleteCount = ROW_COUNT;
-			
+
 			IF(roleMappingDeleteCount > 0) THEN
 				RAISE NOTICE 'Role mapping deleted from CcsServiceRoleMapping table for role id: %', ccsAccessRoleId;
 			END IF;
@@ -120,7 +120,7 @@ orgsAffectedCount = 0;
 	IF (reportingModeOn = 'false') THEN
 			DELETE FROM "AutoValidationRole" WHERE "CcsAccessRoleId" = ccsAccessRoleId;
 			GET DIAGNOSTICS autoValidationRoleDeletedCount = ROW_COUNT;
-			
+
 			IF(autoValidationRoleDeletedCount > 0) THEN
 				RAISE NOTICE 'Role deleted from AutoValidationRole table for role id: %', ccsAccessRoleId;
 			END IF;

api/CcsSso.Core.DbMigrations/Scripts/Phase3_Sprint7/Update_CAT_Service_Description.sql

@@ -0,0 +1,6 @@
+UPDATE "CcsServiceRoleGroup" SET 
+"Description" = 'Find and contact suitable suppliers for your procurement project, and ask them about the services they can provide. Progress to one stage further competition.'
+WHERE "Key" = 'CAT_USER';
+
+UPDATE "CcsService" SET "Description"='Find and contact suitable suppliers for your procurement project, and ask them about the services they can provide. Progress to one stage further competition.' 
+WHERE "ServiceCode" ='CAT_USER_DS';

api/CcsSso.Core.DbMigrations/Scripts/Phase3_Sprint7/Update_DM_Service_description.sql

@@ -0,0 +1,3 @@
+Update "CcsServiceRoleGroup" 
+SET "Description" = 'Migrate Users and Organisations', "LastUpdatedOnUtc" = now()
+WHERE "Key" = 'DATA_MIGRATION' AND "IsDeleted" = false;

api/CcsSso.Core.DbMigrations/Scripts/Phase3_Sprint7/Update_RMI_Key_Name.sql

@@ -0,0 +1,15 @@
+Update "CcsServiceRoleGroup" 
+SET "Name" = 'Report Management Information', "Key" = 'RMI_USER', "LastUpdatedOnUtc" = now()
+WHERE "Key" = 'RMI' AND "IsDeleted" = false;
+
+UPDATE "CcsService" 
+SET "ServiceName" = 'Report Management Information', "LastUpdatedOnUtc" = now()
+WHERE "ServiceCode" = 'RMI_USER_DS' AND "IsDeleted" = false;
+
+Update "CcsServiceRoleGroup" 
+SET "Description" = 'Use this service to obtain agreement templates, submit management information to CCS or report no business to CCS.', "LastUpdatedOnUtc" = now()
+WHERE "Key" = 'RMI_USER' AND "IsDeleted" = false;
+
+UPDATE "CcsService" 
+SET "Description" = 'Use this service to obtain agreement templates, submit management information to CCS or report no business to CCS.', "LastUpdatedOnUtc" = now()
+WHERE "ServiceCode" = 'RMI_USER_DS' AND "IsDeleted" = false;

api/CcsSso.Core.Domain/Constants/Constants.cs

@@ -80,6 +80,9 @@ public static class ErrorConstant
     public const string ErrorUserHasValidDomain = "USER_HAS_VALID_DOMAIN";
     public const string ErrorInvalidCiiOrganisationIdOrUserId = "INVALID_CII_ORGANISATION_ID_OR_USER_ID";
 
+    public const string ErrorLinkExpired = "ERROR_LINK_EXPIRED";
+    public const string ErrorUserAlreadyExists = "ERROR_USER_ALREADY_EXISTS";
+
   }
 
   public static class VirtualContactTypeName

api/CcsSso.Core.Domain/Contracts/External/IServiceRoleGroupMapperService.cs

@@ -17,6 +17,6 @@ public interface IServiceRoleGroupMapperService
 
     Task<List<CcsServiceRoleGroup>> ServiceRoleGroupsWithApprovalRequiredRoleAsync();
 
-    Task RemoveApprovalRequiredRoleGroupOtherRolesAsync(List<OrganisationEligibleRole> organisationEligibleRoles);
+    Task RemoveApprovalRequiredRoleGroupOtherRolesAsync(List<OrganisationEligibleRole> organisationEligibleRoles, string userName);
   }
 }

api/CcsSso.Core.Domain/Contracts/External/IUserProfileService.cs

@@ -1,4 +1,5 @@
 using CcsSso.Core.Domain.Dtos.External;
+using CcsSso.Dtos.Domain.Models;
 using System.Collections.Generic;
 using System.Threading.Tasks;
 
@@ -49,5 +50,7 @@ public interface IUserProfileService
     Task<UserEditResponseInfo> CreateUserV1Async(UserProfileServiceRoleGroupEditRequestInfo userProfileServiceRoleGroupEditRequestInfo, bool isNewOrgAdmin = false);
 
     Task<UserEditResponseInfo> UpdateUserV1Async(string userName, UserProfileServiceRoleGroupEditRequestInfo userProfileServiceRoleGroupEditRequestInfo);
+
+    Task<OrganisationJoinRequest> GetUserJoinRequestDetails(string joiningDetailsToken);
   }
 }

api/CcsSso.Core.Domain/Dtos/ApplicationConfigurationInfo.cs

@@ -46,6 +46,10 @@ public class ApplicationConfigurationInfo
     public bool EnableUserAccessTokenFix { get; set; }
 
     public ServiceRoleGroupSettings ServiceRoleGroupSettings { get; set; }
+
+    public string TokenEncryptionKey { get; set; }
+
+    public NewUserJoinRequest NewUserJoinRequest { get; set; }
   }
 
   public class ServiceDefaultRoleInfo
@@ -76,6 +80,8 @@ public class ConclaveSettings
     public string BaseUrl { get; set; }
 
     public string OrgRegistrationRoute { get; set; }
+
+    public string VerifyUserDetailsRoute { get; set; }
   }
 
   public class CcsEmailInfo
@@ -185,4 +191,9 @@ public class ServiceRoleGroupSettings
   {
     public bool Enable { get; set; } = false;
   }
+
+  public class NewUserJoinRequest
+  {
+    public int LinkExpirationInMinutes { get; set; }
+  }
 }

api/CcsSso.Core.Domain/Dtos/External/UserProfileResponseInfo.cs

@@ -55,9 +55,7 @@ public class UserServiceRoleGroupRequestDetail : UserRequestMain
   public class UserResponseMain
   {
     public int Id { get; set; }
-
-    public List<GroupAccessRole> UserGroups { get; set; }
-
+
     public bool CanChangePassword { get; set; }
 
     public List<UserIdentityProviderInfo> IdentityProviders { get; set; }
@@ -67,11 +65,15 @@ public class UserResponseMain
 
   public class UserResponseDetail : UserResponseMain
   {
+    public List<GroupAccessRole> UserGroups { get; set; }
+
     public List<RolePermissionInfo> RolePermissionInfo { get; set; }
   }
 
   public class UserServiceRoleGroupResponseDetail : UserResponseMain
   {
+    public List<GroupAccessServiceRoleGroup> UserGroups { get; set; }
+
     public List<ServiceRoleGroupInfo> ServiceRoleGroupInfo { get; set; }
   }
 
@@ -220,6 +222,18 @@ public class GroupAccessRole
     public string ServiceClientName { get; set; }
   }
 
+  public class GroupAccessServiceRoleGroup
+  {
+    public int GroupId { get; set; }
+
+    public int AccessServiceRoleGroupId { get; set; }
+
+    public string AccessServiceRoleGroupName { get; set; }
+
+    public string Group { get; set; }
+  }
+
+
   public class UserEditResponseInfo
   {
     public string UserId { get; set; }

api/CcsSso.Core.Domain/Dtos/NotificationInfo.cs

@@ -14,5 +14,7 @@ public class OrgJoinNotificationInfo
 
     public string FirstName { get; set; }
     public string LastName { get; set; }
+
+    public string CiiOrganisationId { get; set; }
   }
 }

api/CcsSso.Core.Domain/Dtos/OrganisationDto.cs

@@ -94,5 +94,7 @@ public class OrganisationJoinRequest
     public string Email { get; set; }
 
     public string CiiOrgId { get; set; }
+
+    public string ErrorCode { get; set; } = string.Empty;
   }
 }