Release 1.1.2 (#264)

* chore(deps): update all dependencies (#159)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* RET-2643 (#185)

* chore(deps): update all dependencies (#159)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* RET-2643

* RET-2643

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Harpreet Jhita <harpreet.jhita@justice.gov.uk>

* caseTypeId removed from log as it is null (#186)

* Added pound symbol and line seperators (#188)

* RET-2792 (#192)

* RET-2792 - revert changes (#197)

* RET-2792 (#196)

* RET-2731: Mock out ACAS Service tests and improve logging in et-sya-api (#190)

* RET-2731: Mock AcasService tests

* RET-2731: Add logs to AcasService attemptWithRetriesToFetchAcasCertificates()

* RET-2731: change acas apie key to dummy

* RET-2731: Checkstyle fixes

* RET-2731: Remove disabled annotation

Co-authored-by: KirsanovI <ivan.kirsanov@hmcts.net>

* Ret 2800 (#195)

* RET-2800: Supporting Document not present in documentCollection

* RET-2800: Fixed pmd

* moved method to CaseDocumentService

* Ret 2783 Welsh translation content - Generate Welsh pdf claim form (#191)

* RET-2783: Added welsh PDF case file generation if the user has selected to be contacted in welsh

* Fix broken unit tests

* added welsh tests

* fixed welsh tests to work with differant language generations

* minor review comments

* fixed breaking change, changing pdf document name

* fixed build issues

Co-authored-by: Jack Brogan <jack.brogan@hmcts.net>
Co-authored-by: paul.peasegood <paul.peasegood@version1.com>

* Ret 2800 2 (#198)

* RET-2800: Supporting Document not present in documentCollection

* RET-2800: Fixed pmd

* moved method to CaseDocumentService

* RET-2800: Added test coverage

* Ret 2792 new (#200)

* Ret 2792 new (#201)

* Ret 2846 (#202)

* Updates for PDF Creation

* Updates for PDF Creation

* Suppressed jackson core - jackson databind@2.13.4
NOTE: this is a new vulnerability defined on 17/NOV/2022 details are defined in the url https://nvd.nist.gov/vuln/detail/CVE-2022-42003

* Suppressed jackson core - jackson databind@2.13.4
NOTE: this is a new vulnerability defined on 17/NOV/2022 details are defined in the url https://nvd.nist.gov/vuln/detail/CVE-2022-42003

* Removed suppressed vulnerability and changed spring-cloud-starter-openfeign version from 3.1.2 to 3.1.5

* Removed suppressed vulnerability

* Vulnerability CVE-2022-42003 is resolved by adding implementation group: 'com.fasterxml.jackson.core', name:  'jackson-databind', version: '2.14.0' to the dependencies section of build.gradle at line 220. Besides upgraded depreciated main definition on line 326

* Vulnerability CVE-2022-42003 is resolved by adding implementation group: 'com.fasterxml.jackson.core', name:  'jackson-databind', version: '2.13.4.1' to the dependencies section of build.gradle at line 220. Besides upgraded depreciated main definition on line 326

* Vulnerability CVE-2022-42003 is resolved by adding   implementation group: 'com.fasterxml.jackson.core', name:  'jackson-databind', version: '2.14.0' to the dependencies section of build.gradle at line 220. Besides upgraded depreciated main definition on line 326

* Ret 2864 postcode and test updates - javadoc Implementation (#205)

* Updates for PDF Creation

* Updates for PDF Creation

* Suppressed jackson core - jackson databind@2.13.4
NOTE: this is a new vulnerability defined on 17/NOV/2022 details are defined in the url https://nvd.nist.gov/vuln/detail/CVE-2022-42003

* Suppressed jackson core - jackson databind@2.13.4
NOTE: this is a new vulnerability defined on 17/NOV/2022 details are defined in the url https://nvd.nist.gov/vuln/detail/CVE-2022-42003

* Removed suppressed vulnerability and changed spring-cloud-starter-openfeign version from 3.1.2 to 3.1.5

* Removed suppressed vulnerability

* Vulnerability CVE-2022-42003 is resolved by adding implementation group: 'com.fasterxml.jackson.core', name:  'jackson-databind', version: '2.14.0' to the dependencies section of build.gradle at line 220. Besides upgraded depreciated main definition on line 326

* Vulnerability CVE-2022-42003 is resolved by adding implementation group: 'com.fasterxml.jackson.core', name:  'jackson-databind', version: '2.13.4.1' to the dependencies section of build.gradle at line 220. Besides upgraded depreciated main definition on line 326

* Vulnerability CVE-2022-42003 is resolved by adding   implementation group: 'com.fasterxml.jackson.core', name:  'jackson-databind', version: '2.14.0' to the dependencies section of build.gradle at line 220. Besides upgraded depreciated main definition on line 326

* Updated tests added new postcode formatter to PdfMapperUtil

* Updated tests added new postcode formatter to PdfMapperUtil

* Added Javadocs to PdfMapperUtil

* Added Javadocs to PdfMapperUtil

* Added Javadocs to PdfMapperUtil

* Changed convertFirstCharactersToCapitalCase method name to convertFirstCharactersOfWordsToCapitalCase

* Updates for country list of UK. (#206)

* Handling null values (#204)

* Fixed missing imports

* Refactored test

* Merge1.1.0.2 into welsh (#208)

* RET-2643 (#185)

* chore(deps): update all dependencies (#159)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* RET-2643

* RET-2643

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Harpreet Jhita <harpreet.jhita@justice.gov.uk>

* caseTypeId removed from log as it is null (#186)

* Added pound symbol and line seperators (#188)

* RET-2792 (#192)

* RET-2792 - revert changes (#197)

* RET-2731: Mock out ACAS Service tests and improve logging in et-sya-api (#190)

* RET-2731: Mock AcasService tests

* RET-2731: Add logs to AcasService attemptWithRetriesToFetchAcasCertificates()

* RET-2731: change acas apie key to dummy

* RET-2731: Checkstyle fixes

* RET-2731: Remove disabled annotation

Co-authored-by: KirsanovI <ivan.kirsanov@hmcts.net>

* Ret 2800 (#195)

* RET-2800: Supporting Document not present in documentCollection

* RET-2800: Fixed pmd

* moved method to CaseDocumentService

* Ret 2800 2 (#198)

* RET-2800: Supporting Document not present in documentCollection

* RET-2800: Fixed pmd

* moved method to CaseDocumentService

* RET-2800: Added test coverage

* Ret 2846 (#202)

* Updates for PDF Creation

* Updates for PDF Creation

* Suppressed jackson core - jackson databind@2.13.4
NOTE: this is a new vulnerability defined on 17/NOV/2022 details are defined in the url https://nvd.nist.gov/vuln/detail/CVE-2022-42003

* Suppressed jackson core - jackson databind@2.13.4
NOTE: this is a new vulnerability defined on 17/NOV/2022 details are defined in the url https://nvd.nist.gov/vuln/detail/CVE-2022-42003

* Removed suppressed vulnerability and changed spring-cloud-starter-openfeign version from 3.1.2 to 3.1.5

* Removed suppressed vulnerability

* Vulnerability CVE-2022-42003 is resolved by adding implementation group: 'com.fasterxml.jackson.core', name:  'jackson-databind', version: '2.14.0' to the dependencies section of build.gradle at line 220. Besides upgraded depreciated main definition on line 326

* Vulnerability CVE-2022-42003 is resolved by adding implementation group: 'com.fasterxml.jackson.core', name:  'jackson-databind', version: '2.13.4.1' to the dependencies section of build.gradle at line 220. Besides upgraded depreciated main definition on line 326

* Vulnerability CVE-2022-42003 is resolved by adding   implementation group: 'com.fasterxml.jackson.core', name:  'jackson-databind', version: '2.14.0' to the dependencies section of build.gradle at line 220. Besides upgraded depreciated main definition on line 326

* Ret 2864 postcode and test updates - javadoc Implementation (#205)

* Updates for PDF Creation

* Updates for PDF Creation

* Suppressed jackson core - jackson databind@2.13.4
NOTE: this is a new vulnerability defined on 17/NOV/2022 details are defined in the url https://nvd.nist.gov/vuln/detail/CVE-2022-42003

* Suppressed jackson core - jackson databind@2.13.4
NOTE: this is a new vulnerability defined on 17/NOV/2022 details are defined in the url https://nvd.nist.gov/vuln/detail/CVE-2022-42003

* Removed suppressed vulnerability and changed spring-cloud-starter-openfeign version from 3.1.2 to 3.1.5

* Removed suppressed vulnerability

* Vulnerability CVE-2022-42003 is resolved by adding implementation group: 'com.fasterxml.jackson.core', name:  'jackson-databind', version: '2.14.0' to the dependencies section of build.gradle at line 220. Besides upgraded depreciated main definition on line 326

* Vulnerability CVE-2022-42003 is resolved by adding implementation group: 'com.fasterxml.jackson.core', name:  'jackson-databind', version: '2.13.4.1' to the dependencies section of build.gradle at line 220. Besides upgraded depreciated main definition on line 326

* Vulnerability CVE-2022-42003 is resolved by adding   implementation group: 'com.fasterxml.jackson.core', name:  'jackson-databind', version: '2.14.0' to the dependencies section of build.gradle at line 220. Besides upgraded depreciated main definition on line 326

* Updated tests added new postcode formatter to PdfMapperUtil

* Updated tests added new postcode formatter to PdfMapperUtil

* Added Javadocs to PdfMapperUtil

* Added Javadocs to PdfMapperUtil

* Added Javadocs to PdfMapperUtil

* Changed convertFirstCharactersToCapitalCase method name to convertFirstCharactersOfWordsToCapitalCase

* Updates for country list of UK. (#206)

* Update CaseService.java

Update CaseService.java

* Refactored test

* Checkstyle

Co-authored-by: GauravChawlaMOJ <58194626+GauravChawlaMOJ@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: ikirsanov <105438011+ikirsanov@users.noreply.github.com>
Co-authored-by: KirsanovI <ivan.kirsanov@hmcts.net>
Co-authored-by: robin-ieong <101253854+robin-ieong@users.noreply.github.com>
Co-authored-by: Mehmet Tahir Dede <105645217+JustMehmet@users.noreply.github.com>

* Test fix

* Test fix

Test fix

* RET-2750: Add functional tests to controllers classes (#203)

* RET-2750: Add DocumentUpload functional test

* RET-2750: Chekstyle fix

* RET-2750: Chekstyle fix

* RET-2750: Add vulnerability issue fix

* RET-2750: Change multipart params

* RET-2750: CheckStyle

* RET-2750: multipart content type

* RET-2750: Add functional tests to DocumentUploadController

* RET-2750: Add functional tests for DocumentController

* RET-2750: Fix DocumentControllerFunctionalTest

* RET-2750: Add AcasControllerFunctionalTest

Co-authored-by: KirsanovI <ivan.kirsanov@hmcts.net>

* RET-2574: Add manageOffice assignment before case submitted (#178)

* chore(deps): update all dependencies (#159)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* RET-2574: Add manageOffice assignment before case submitted

* RET-2574: Rename case assignment to local office service and move it to service package

* RET-2574: checkStyle test fixes

* RET-2574: checkStyle test fixes

* RET-2574: Fix assigning case to local office logic, remove unused imports

* RET-2574: Add suppressions for spring security and tomcat

* RET-2574: Set @disable to AcasService tests

* RET-2574: Add in convertCaseRequestToCaseDataWithTribunalOffice managingOffice assignment to caseRequest

* RET-2574: getManagingOffice returns Unassigned if invalidPostcodeException thrown

* RET-2574: checkstyle fix

* RET-2574: Remove suppressions

* RET-2574: AcasServiceTest fix

* RET-2574: AcasServiceTest fix

* RET-2574: Refactor condition in assingCaseToLocalOfficeService

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: KirsanovI <ivan.kirsanov@hmcts.net>
Co-authored-by: Harpreet Jhita <harpreet.jhita@justice.gov.uk>

* Fix disability claim (#209)

* claimantInd null values (#214)

* Keeping sonar happy (#215)

* claimantInd null values

* sonar checks

* sonar checks

* RET-2877 - Null check for contact language (#212)

* Null check for contact language

* Refactor notification service

* Use Welsh language constant

* RET-2871 fix (#217)

* RET-2818. Update et-data-model version to add hearing language preference. (#211)

* cve (#220)

* cve

* cve suppressions

* cve suppressions

* cve suppressions

* RET-2848 (#219)

* Et data model update (#225)

* Ret 2864 add java docs to public/protected elements (#224)

* 2864: add javadocs to classes

* 2864: add jdocs

* 2864: add more jdocs

* 2864: add jdocs and fix issues

* 2864: fix merge and pmd

* Release 1.1.0.2 (#207) (#226)

All code merged for Release 1.1.0.2.

- Referral Enhancements
- Initial Consideration Enhancements
- Bug Fixes
- ECM fixes/enhancements

Co-authored-by: Harpreet Jhita <harpreet.jhita@justice.gov.uk>
Co-authored-by: Marc Judge <marc.judge@version1.com>

* Add file extension (#227)

* Add file extension

* Fix checkstyle

* Bump spring boot

Co-authored-by: Marc Judge <marc.judge@version1.com>

* Acas cert logging removed (#232)

* welsh doc template updated (#233)

* Allow all test responses (#239)

Co-authored-by: Marc Judge <marc.judge@version1.com>

* RET-3045: Fix for respondent details being reset (#238)

* RET-3045: Fix for respondent details being reset

* Fix for CVEs

* Fix for CVEs

* Fix for checkstyle

* Refactered to not use var type

* Update Welsh email template to prod (#259)

* RET-2296 (#262)

* RET-2296

RET-2296

RET-2296

Update Chart.yaml

* Chart update

* Fix build (#276)

* Add null check (#277)

* CVEs

* CVEs

* Chart

* Chart

* Fix merge commit (#290)

* ACAS Claimant Request Docs

* Update values.yaml

* Fix branch

* RET-3480 - Retrieve all cases (#340)

* Retrieve all cases

* Add commons-fileupload 1.5

* Ret 3513 (#355)

* RET-3513. Remove application.properties

* RET-3513. Use dev template ids

* RET-3513. Fix submit claim emails (#362)

* RET-3513. Fix submit claim emails
- Missing Welsh template
- Both templates outdated - new pdf-template added locally.
- Welsh missing case id in citizen portal link
- Remove values.yaml values that are already in application.yaml

* Bumping chart version/ fixing aliases

---------

Co-authored-by: hmcts-jenkins-d-to-i <62423932+hmcts-jenkins-d-to-i[bot]@users.noreply.github.com>

* Ret 3513. Update error email template (#363)

* Remove testing of spring properties - useless tests.

* Update template id for error email. Remove from Values.yaml

* Tested error email being sent to all parties, had to have actual email defaults for dev.

* Update Chart.yaml

* Update Chart.yaml

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: GauravChawlaMOJ <58194626+GauravChawlaMOJ@users.noreply.github.com>
Co-authored-by: marcjudge <98343606+marcjudge@users.noreply.github.com>
Co-authored-by: ikirsanov <105438011+ikirsanov@users.noreply.github.com>
Co-authored-by: KirsanovI <ivan.kirsanov@hmcts.net>
Co-authored-by: robin-ieong <101253854+robin-ieong@users.noreply.github.com>
Co-authored-by: paul-peasegood <116294451+paul-peasegood@users.noreply.github.com>
Co-authored-by: Jack Brogan <jack.brogan@hmcts.net>
Co-authored-by: paul.peasegood <paul.peasegood@version1.com>
Co-authored-by: Mehmet Tahir Dede <105645217+JustMehmet@users.noreply.github.com>
Co-authored-by: Itay-Kirsh <Itayk747@gmail.com>
Co-authored-by: Daryl Boam <104851463+DarylBoam@users.noreply.github.com>
Co-authored-by: Marc Judge <marc.judge@version1.com>
Co-authored-by: hmcts-jenkins-d-to-i <62423932+hmcts-jenkins-d-to-i[bot]@users.noreply.github.com>

build.gradle

@@ -219,6 +219,7 @@ dependencies {
   implementation group: 'org.springframework.boot', name: 'spring-boot-starter-json'
   implementation group: 'org.springframework.boot', name: 'spring-boot-configuration-processor'
   implementation group: 'org.springframework.retry', name: 'spring-retry', version: '1.3.4'
+  implementation group: 'com.fasterxml.jackson.core', name: 'jackson-core', version: '2.14.2'
   implementation group: 'com.fasterxml.jackson.core', name:  'jackson-databind', version: '2.14.2'
 
   implementation group: 'org.springdoc', name: 'springdoc-openapi-ui', version: '1.7.0'
@@ -249,6 +250,8 @@ dependencies {
   implementation group: 'org.apache.tomcat.embed', name: 'tomcat-embed-core', version: '9.0.73'
   implementation group: 'org.apache.tomcat.embed', name: 'tomcat-embed-websocket', version: '9.0.73'
   implementation group: 'org.springframework.security', name: 'spring-security-crypto', version: '5.7.8'
+
+  implementation group: 'org.apache.commons', name: 'commons-collections4', version: '4.4'
 
   compileOnly 'org.projectlombok:lombok'
   annotationProcessor group: 'org.projectlombok', name: 'lombok'

charts/et-sya-api/Chart.yaml

@@ -3,7 +3,7 @@ appVersion: "1.0"
 description: A Helm chart for et-sya-api Java API
 name: et-sya-api
 home: https://github.com/hmcts/et-sya-api
-version: 0.0.28
+version: 0.0.29
 maintainers:
   - name: HMCTS et team
 dependencies:

charts/et-sya-api/values.yaml

@@ -37,6 +37,3 @@ java:
     TORNADO_URL: "https://docmosis.{{ .Values.global.environment }}.platform.hmcts.net/rs/render"
     CASE_DOCUMENT_AM_URL: "http://ccd-case-document-am-api-{{ .Values.global.environment }}.service.core-compute-{{ .Values.global.environment }}.internal"
     CITIZEN_PORTAL_LINK: "https://et-sya.{{ .Values.global.environment }}.platform.hmcts.net/citizen-hub/"
-    SUBMIT_CASE_EMAIL_TEMPLATE_ID: "64533cdb-a00b-463d-a656-4fc0dfb1630e"
-    CY_SUBMIT_CASE_EMAIL_TEMPLATE_ID: "970257cd-3464-4ec9-bbb8-45fd9128001c"
-    SUBMIT_CASE_DOC_UPLOAD_ERROR_EMAIL_TEMPLATE_ID: "0d7cd6f0-47c1-4ade-aac7-49e6023bac70"

config/owasp/suppressions.xml

@@ -152,17 +152,17 @@
   </suppress>
   <suppress>
     <notes><![CDATA[
-   file name: snakeyaml-1.33.jar
+   file name: json-20220924.jar
    ]]></notes>
-    <packageUrl regex="true">^pkg:maven/org\.yaml/snakeyaml@.*$</packageUrl>
-    <cve>CVE-2022-3064</cve>
+    <packageUrl regex="true">^pkg:maven/org\.json/json@.*$</packageUrl>
+    <cpe>cpe:/a:json-java_project:json-java</cpe>
   </suppress>
   <suppress>
     <notes><![CDATA[
-   file name: snakeyaml-1.33.jar
+   file name: jackson-core-2.14.2.jar
    ]]></notes>
-    <packageUrl regex="true">^pkg:maven/org\.yaml/snakeyaml@.*$</packageUrl>
-    <cpe>cpe:/a:yaml_project:yaml</cpe>
+    <packageUrl regex="true">^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-core@.*$</packageUrl>
+    <cve>CVE-2022-45688</cve>
   </suppress>
   <suppress>
    <notes><![CDATA[

src/main/java/uk/gov/hmcts/reform/et/syaapi/constants/EtSyaConstants.java

@@ -2,9 +2,11 @@
 
 import uk.gov.hmcts.ecm.common.model.helper.TribunalOffice;
 
+import java.util.List;
 /**
  * Defines attributes used by et-sya-api as constants.
  */
+
 public final class EtSyaConstants {
 
     public static final String AUTHORIZATION = "Authorization";
@@ -39,6 +41,16 @@ public final class EtSyaConstants {
     public static final String WELSH_LANGUAGE = "Welsh";
     public static final String WELSH_LANGUAGE_PARAM = "/?lng=cy";
 
+    public static final List<String> ACAS_VISIBLE_DOCS = List.of("ET1", "ACAS Certificate", "Notice of a claim",
+                                                                 "ET3", "Claimant correspondence",
+                                                                 "Respondent correspondence", "Notice of Hearing",
+                                                                 "Tribunal correspondence",
+                                                                 "Tribunal Order/Deposit Order",
+                                                                 "Tribunal Judgment/Reasons", "ET1 Attachment",
+                                                                 "ET3 Attachment");
+
+
+
     private EtSyaConstants() {
         // restrict instantiation
     }

src/main/java/uk/gov/hmcts/reform/et/syaapi/controllers/AcasController.java

@@ -1,8 +1,13 @@
 package uk.gov.hmcts.reform.et.syaapi.controllers;
 
 import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.responses.ApiResponse;
+import io.swagger.v3.oas.annotations.responses.ApiResponses;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.collections4.MultiValuedMap;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.core.io.ByteArrayResource;
 import org.springframework.format.annotation.DateTimeFormat;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.ResponseEntity;
@@ -11,12 +16,17 @@
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 import uk.gov.hmcts.reform.et.syaapi.annotation.ApiResponseGroup;
+import uk.gov.hmcts.reform.et.syaapi.models.CaseDocumentAcasResponse;
+import uk.gov.hmcts.reform.et.syaapi.service.CaseDocumentService;
 import uk.gov.hmcts.reform.et.syaapi.service.CaseService;
+import uk.gov.hmcts.reform.idam.client.IdamClient;
 
 import java.time.LocalDateTime;
 import java.util.List;
+import java.util.UUID;
 
 import static org.springframework.http.ResponseEntity.ok;
+import static uk.gov.hmcts.reform.et.syaapi.constants.EtSyaConstants.AUTHORIZATION;
 
 /**
  * REST Controller for ACAS to communicate with CCD through ET using Azure API Management.
@@ -28,6 +38,14 @@
 public class AcasController {
 
     private final CaseService caseService;
+    private final CaseDocumentService caseDocumentService;
+    private final IdamClient idamClient;
+
+    @Value("${caseWorkerUserName}")
+    private transient String caseWorkerUserName;
+    @Value("${caseWorkerPassword}")
+    private transient String caseWorkerPassword;
+
 
     /**
      * Given a datetime, this method will return a list of caseIds which have been modified since the datetime
@@ -60,4 +78,44 @@ public ResponseEntity<Object> getCaseData(
         @RequestParam(name = "caseIds") List<String> caseIds) {
         return ok(caseService.getCaseData(authorisation, caseIds));
     }
+
+    /**
+     * This method is used to retrieve a list of documents which are available to ACAS.
+     * @param authorisation used for IDAM authentication
+     * @param caseId ccd case id
+     * @return a multi valued map containing a list of documents for ACAS
+     */
+    @GetMapping(value = "/getAcasDocuments")
+    @Operation(summary = "Return a list of documents on a case")
+    @ApiResponseGroup
+    public ResponseEntity<Object> getAcasDocuments(
+        @RequestHeader(value = HttpHeaders.AUTHORIZATION) String authorisation,
+        @RequestParam(name = "caseId") String caseId) {
+        MultiValuedMap<String, CaseDocumentAcasResponse> body = caseService.retrieveAcasDocuments(caseId);
+        return ok(body.asMap());
+    }
+
+    /**
+     * This method downloads documents for ACAS. Due to permissions, we retrieve a new token which can view the document
+     * and use that to retireve the document
+     * @param documentId UUID for the document in DM Store
+     * @param authToken idam token of ACAS to initially verify access to the API
+     * @return document
+     */
+    @GetMapping("/downloadAcasDocuments")
+    @Operation(summary = "Get a document from CDAM in binary format")
+    @ApiResponses(
+        {@ApiResponse(
+            responseCode = "200",
+            description = "OK"),
+            @ApiResponse(
+                responseCode = "404",
+                description = "Case document not found")
+        })
+    public ResponseEntity<ByteArrayResource> getDocumentBinaryContent(
+        @RequestParam(name = "documentId") final UUID documentId,
+        @RequestHeader(AUTHORIZATION) String authToken) {
+        String accessToken = idamClient.getAccessToken(caseWorkerUserName, caseWorkerPassword);
+        return caseDocumentService.downloadDocument(accessToken, documentId);
+    }
 }

src/main/java/uk/gov/hmcts/reform/et/syaapi/models/CaseDocumentAcasResponse.java

@@ -0,0 +1,17 @@
+package uk.gov.hmcts.reform.et.syaapi.models;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.Builder;
+import lombok.Data;
+import lombok.extern.jackson.Jacksonized;
+
+@Data
+@Builder
+@Jacksonized
+public class CaseDocumentAcasResponse {
+    @JsonProperty("documentId")
+    String documentId;
+    @JsonProperty("modifiedOn")
+    String modifiedOn;
+
+}

src/main/java/uk/gov/hmcts/reform/et/syaapi/notification/NotificationsProperties.java

@@ -18,14 +18,6 @@ public class NotificationsProperties {
     @NotBlank
     private String govNotifyApiKey;
 
-    @Value("${notifications.sampleEmailTemplateId}")
-    @NotBlank
-    private String sampleEmailTemplateId;
-
-    @Value("${notifications.sampleSubmitCaseEmailTemplateId}")
-    @NotBlank
-    private String sampleSubmitCaseEmailTemplateId;
-
     @Value("${notifications.submitCaseEmailTemplateId}")
     @NotBlank
     private String submitCaseEmailTemplateId;

src/main/java/uk/gov/hmcts/reform/et/syaapi/service/CaseService.java

@@ -4,10 +4,13 @@
 import feign.FeignException;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.collections4.MultiValuedMap;
+import org.apache.commons.collections4.multimap.ArrayListValuedHashMap;
 import org.elasticsearch.index.query.BoolQueryBuilder;
 import org.elasticsearch.index.query.RangeQueryBuilder;
 import org.elasticsearch.index.query.TermsQueryBuilder;
 import org.elasticsearch.search.builder.SearchSourceBuilder;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.retry.annotation.Retryable;
 import org.springframework.stereotype.Service;
 import org.springframework.util.CollectionUtils;
@@ -28,6 +31,8 @@
 import uk.gov.hmcts.reform.et.syaapi.helper.CaseDetailsConverter;
 import uk.gov.hmcts.reform.et.syaapi.helper.EmployeeObjectMapper;
 import uk.gov.hmcts.reform.et.syaapi.helper.JurisdictionCodesMapper;
+import uk.gov.hmcts.reform.et.syaapi.models.CaseDocument;
+import uk.gov.hmcts.reform.et.syaapi.models.CaseDocumentAcasResponse;
 import uk.gov.hmcts.reform.et.syaapi.models.CaseRequest;
 import uk.gov.hmcts.reform.et.syaapi.service.pdf.PdfDecodedMultipartFile;
 import uk.gov.hmcts.reform.et.syaapi.service.pdf.PdfService;
@@ -44,11 +49,17 @@
 import java.util.List;
 import java.util.Map;
 import java.util.Optional;
+import java.util.UUID;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
 import java.util.stream.Stream;
 
+import static java.util.stream.Collectors.toList;
+import static org.apache.commons.lang3.StringUtils.defaultIfEmpty;
 import static org.elasticsearch.index.query.QueryBuilders.boolQuery;
 import static uk.gov.hmcts.ecm.common.model.helper.Constants.MAX_ES_SIZE;
 import static uk.gov.hmcts.ecm.common.model.helper.TribunalOffice.getCaseTypeId;
+import static uk.gov.hmcts.reform.et.syaapi.constants.EtSyaConstants.ACAS_VISIBLE_DOCS;
 import static uk.gov.hmcts.reform.et.syaapi.constants.EtSyaConstants.DEFAULT_TRIBUNAL_OFFICE;
 import static uk.gov.hmcts.reform.et.syaapi.constants.EtSyaConstants.ENGLAND_CASE_TYPE;
 import static uk.gov.hmcts.reform.et.syaapi.constants.EtSyaConstants.ET1_ATTACHMENT;
@@ -80,6 +91,11 @@ public class CaseService {
     private final CaseOfficeService caseOfficeService;
     private static final String ALL_CASES_QUERY = "{\"size\":10000,\"query\":{\"match_all\": {}}}";
 
+    @Value("${caseWorkerUserName}")
+    private transient String caseWorkerUserName;
+    @Value("${caseWorkerPassword}")
+    private transient String caseWorkerPassword;
+
     /**
      * Given a case id in the case request, this will retrieve the correct {@link CaseDetails}.
      *
@@ -171,8 +187,9 @@ private String getCaseType(CaseRequest caseRequest) {
 
     /**
      * Will accept a {@link CaseRequest} trigger an event to update a give case in ET.
+     *
      * @param authorization jwt of the user
-     * @param caseRequest case to be updated
+     * @param caseRequest   case to be updated
      * @return the newly updated case wrapped in a {@link CaseDetails} object.
      */
     public CaseDetails updateCase(String authorization,
@@ -389,6 +406,64 @@ public List<Long> getLastModifiedCasesId(String authorisation, LocalDateTime req
             .toList();
     }
 
+    /**
+     * Given a caseId, return a list of document IDs which are visible to ACAS.
+     *
+     * @param caseId 16 digit CCD id
+     * @return a MultiValuedMap containing a list of document ids and timestamps
+     */
+    public MultiValuedMap<String, CaseDocumentAcasResponse> retrieveAcasDocuments(String caseId) {
+        BoolQueryBuilder boolQueryBuilder = boolQuery()
+            .filter(new TermsQueryBuilder("reference.keyword", caseId));
+        String query = new SearchSourceBuilder()
+            .size(MAX_ES_SIZE)
+            .query(boolQueryBuilder)
+            .toString();
+        return getDocumentUuids(query);
+    }
+
+    private MultiValuedMap<String, CaseDocumentAcasResponse> getDocumentUuids(String query) {
+        String authorisation = idamClient.getAccessToken(caseWorkerUserName, caseWorkerPassword);
+        List<CaseData> caseDataList = searchAndReturnCaseDataList(authorisation, query);
+
+        List<DocumentTypeItem> documentTypeItemList = new ArrayList<>();
+
+        for (CaseData caseData : caseDataList) {
+            documentTypeItemList.addAll(caseData.getDocumentCollection().stream()
+                                            .filter(d -> ACAS_VISIBLE_DOCS.contains(defaultIfEmpty(
+                                                d.getValue().getTypeOfDocument(),
+                                                ""
+                                            )))
+                                            .collect(toList()));
+
+            if (caseData.getClaimantRequests() != null
+                && caseData.getClaimantRequests().getClaimDescriptionDocument() != null) {
+                documentTypeItemList.add(caseDocumentService.createDocumentTypeItem("ET1 Attachment",
+                                                    caseData.getClaimantRequests().getClaimDescriptionDocument()
+                ));
+            }
+        }
+
+        MultiValuedMap<String, CaseDocumentAcasResponse> documentIds = new ArrayListValuedHashMap<>();
+        Pattern pattern = Pattern.compile(".{36}$");
+
+        for (DocumentTypeItem documentTypeItem : documentTypeItemList) {
+            Matcher matcher = pattern.matcher(documentTypeItem.getValue().getUploadedDocument().getDocumentUrl());
+            if (matcher.find()) {
+                CaseDocument caseDocument = caseDocumentService.getDocumentDetails(
+                    authorisation, UUID.fromString(matcher.group())).getBody();
+                if (caseDocument != null) {
+                    CaseDocumentAcasResponse caseDocumentAcasResponse = CaseDocumentAcasResponse.builder()
+                        .documentId(matcher.group())
+                        .modifiedOn(caseDocument.getModifiedOn())
+                        .build();
+                    documentIds.put(documentTypeItem.getValue().getTypeOfDocument(), caseDocumentAcasResponse);
+                }
+            }
+        }
+        return documentIds;
+    }
+
     /**
      * Given a list of caseIds, this method will return a list of case details.
      *
@@ -407,6 +482,15 @@ public List<CaseDetails> getCaseData(String authorisation, List<String> caseIds)
         return searchEnglandScotlandCases(authorisation, query);
     }
 
+    private List<CaseData> searchAndReturnCaseDataList(String authorisation, String query) {
+        List<CaseDetails> searchResults = searchEnglandScotlandCases(authorisation, query);
+        List<CaseData> caseDataList = new ArrayList<>();
+        for (CaseDetails caseDetails : searchResults) {
+            caseDataList.add(EmployeeObjectMapper.mapRequestCaseDataToCaseData(caseDetails.getData()));
+        }
+        return caseDataList;
+    }
+
     private List<CaseDetails> searchEnglandScotlandCases(String authorisation, String query) {
         List<CaseDetails> caseDetailsList = new ArrayList<>();
         caseDetailsList.addAll(searchCaseType(authorisation, ENGLAND_CASE_TYPE, query));

src/main/java/uk/gov/hmcts/reform/et/syaapi/service/NotificationService.java

@@ -96,12 +96,14 @@ public SendEmailResponse sendSubmitCaseConfirmationEmail(CaseRequest caseRequest
             String lastName = ServiceUtil.findClaimantLastNameByCaseDataUserInfo(caseData, userInfo);
             String caseNumber = caseRequest.getCaseId() == null ? CASE_ID_NOT_FOUND : caseRequest.getCaseId();
             String selectedLanguage = ServiceUtil.findClaimantLanguage(caseData);
-            String emailTemplateId = WELSH_LANGUAGE.equals(selectedLanguage)
+
+            boolean isWelsh = WELSH_LANGUAGE.equals(selectedLanguage);
+            String emailTemplateId = isWelsh
                 ? notificationsProperties.getCySubmitCaseEmailTemplateId()
                 : notificationsProperties.getSubmitCaseEmailTemplateId();
-            String citizenPortalLink = WELSH_LANGUAGE.equals(selectedLanguage)
-                ? notificationsProperties.getCitizenPortalLink() + WELSH_LANGUAGE_PARAM
-                : notificationsProperties.getCitizenPortalLink() + "%s";
+            String citizenPortalLink = notificationsProperties.getCitizenPortalLink() + "%s"
+                + (isWelsh ? WELSH_LANGUAGE_PARAM : "");
+
             byte[] et1Pdf = ServiceUtil.findPdfFileBySelectedLanguage(casePdfFiles, selectedLanguage);
             try {
                 Map<String, Object> parameters = new ConcurrentHashMap<>();

src/main/resources/application-cftlib.yaml

@@ -10,3 +10,5 @@ core_case_data:
   api:
     url: http://localhost:4452
 
+caseWorkerUserName: ${CASEWORKER_USER_NAME:user_name}
+caseWorkerPassword: ${CASEWORKER_PASSWORD:password}