VB-3733, VB-3792 User login and booker homepage - tests and code improvements

integration_tests/e2e/bookingJourney.cy.ts

@@ -0,0 +1,23 @@
+import TestData from '../../server/routes/testutils/testData'
+import HomePage from '../pages/home'
+import Page from '../pages/page'
+
+context('Booking journey', () => {
+  beforeEach(() => {
+    cy.task('reset')
+    cy.task('stubSignIn')
+    cy.task('stubHmppsAuthToken')
+  })
+
+  it('should complete the booking journey', () => {
+    cy.task('stubGetBookerReference')
+    cy.task('stubGetPrisoners', { prisoners: [TestData.prisonerInfoDto()] })
+    cy.signIn()
+
+    const homePage = Page.verifyOnPage(HomePage)
+    homePage.prisonerName().contains('John Smith')
+    homePage.startButton().contains('Start')
+
+    // TODO add to this test as booking journey implemented
+  })
+})

integration_tests/e2e/govukOneLogin.cy.ts

@@ -1,9 +1,8 @@
-import IndexPage from '../pages/index'
+import HomePage from '../pages/home'
 import GovukOneLoginPage from '../pages/govukOneLogin'
 import Page from '../pages/page'
 
-// TODO fix skipped tests!
-context.skip('Sign in with GOV.UK One Login', () => {
+context('Sign in with GOV.UK One Login', () => {
   beforeEach(() => {
     cy.task('reset')
     cy.task('stubSignIn')
@@ -30,14 +29,18 @@ context.skip('Sign in with GOV.UK One Login', () => {
   })
 
   it('User can sign in and view home page', () => {
+    cy.task('stubHmppsAuthToken')
+    cy.task('stubGetBookerReference')
+    cy.task('stubGetPrisoners', {})
     cy.signIn()
 
-    const indexPage = Page.verifyOnPage(IndexPage)
-    indexPage.prisonerName().contains('Adam Greene')
+    Page.verifyOnPage(HomePage)
   })
 
   it('User can request a specific page and be redirected to this after sign in', () => {
     const page = '/deep-link' // will be a 404, but OK as testing original URL preserved
+    cy.task('stubHmppsAuthToken')
+    cy.task('stubGetBookerReference')
     cy.signIn({ failOnStatusCode: false }, undefined, page)
     cy.location('pathname').should('equal', page)
     cy.contains('404')
@@ -50,8 +53,11 @@ context.skip('Sign in with GOV.UK One Login', () => {
   })
 
   it('User can log out', () => {
+    cy.task('stubHmppsAuthToken')
+    cy.task('stubGetBookerReference')
+    cy.task('stubGetPrisoners', {})
     cy.signIn()
-    const indexPage = Page.verifyOnPage(IndexPage)
+    const indexPage = Page.verifyOnPage(HomePage)
     indexPage.signOut().click()
     Page.verifyOnPage(GovukOneLoginPage)
     cy.contains('You have been logged out.')

integration_tests/mockApis/hmppsAuth.ts

@@ -1,21 +1,5 @@
-import jwt from 'jsonwebtoken'
-
 import { stubFor } from './wiremock'
 
-const createToken = () => {
-  const payload = {
-    sub: 'system_client_id',
-    grant_type: 'client_credentials',
-    scope: ['read', 'write'],
-    auth_source: 'none',
-    iss: 'http://localhost:9091/auth/auth/issuer',
-    authorities: ['ROLE_VISIT_SCHEDULER'],
-    jti: 'NBmv9IH_xw89YFE_tFoBwI1zo9Y',
-    client_id: 'system_client_id',
-  }
-  return jwt.sign(payload, 'secret', { expiresIn: '1h' })
-}
-
 const stubHmppsAuthToken = () =>
   stubFor({
     request: {
@@ -26,13 +10,12 @@ const stubHmppsAuthToken = () =>
       status: 200,
       headers: {
         'Content-Type': 'application/json;charset=UTF-8',
-        Location: 'http://localhost:3007/sign-in/callback?code=codexxxx&state=stateyyyy',
       },
       jsonBody: {
-        access_token: createToken(),
+        access_token: 'hmpps-auth-token',
         token_type: 'bearer',
         expires_in: 599,
-        scope: 'read',
+        scope: 'read write',
         sub: 'system_client_id',
         auth_source: 'none',
         jti: 'NBmv9IH_xw89YFE_tFoBwI1zo9Y',

integration_tests/mockApis/orchestration.ts

@@ -1,7 +1,41 @@
 import { SuperAgentRequest } from 'superagent'
 import { stubFor } from './wiremock'
+import TestData from '../../server/routes/testutils/testData'
+import { BookerReference, PrisonerInfoDto } from '../../server/data/orchestrationApiTypes'
 
 export default {
+  stubGetBookerReference: (bookerReference = TestData.bookerReference()): SuperAgentRequest =>
+    stubFor({
+      request: {
+        method: 'PUT',
+        url: '/orchestration/public/booker/register/auth',
+      },
+      response: {
+        status: 200,
+        headers: { 'Content-Type': 'application/json;charset=UTF-8' },
+        jsonBody: bookerReference,
+      },
+    }),
+
+  stubGetPrisoners: ({
+    bookerReference = TestData.bookerReference(),
+    prisoners = [],
+  }: {
+    bookerReference: BookerReference
+    prisoners: PrisonerInfoDto[]
+  }): SuperAgentRequest =>
+    stubFor({
+      request: {
+        method: 'GET',
+        url: `/orchestration/public/booker/${bookerReference.value}/prisoners`,
+      },
+      response: {
+        status: 200,
+        headers: { 'Content-Type': 'application/json;charset=UTF-8' },
+        jsonBody: prisoners,
+      },
+    }),
+
   stubOrchestrationPing: (status = 200): SuperAgentRequest =>
     stubFor({
       request: {

integration_tests/pages/index.ts → integration_tests/pages/home.ts

@@ -1,11 +1,11 @@
 import Page, { PageElement } from './page'
 
-export default class IndexPage extends Page {
+export default class HomePage extends Page {
   constructor() {
     super('Book a visit')
   }
 
-  headerPhaseBanner = (): PageElement => cy.get('[data-qa=header-phase-banner]')
-
   prisonerName = (): PageElement => cy.get('[data-test=prisoner-name]')
+
+  startButton = (): PageElement => cy.get('[data-test="start-booking"]')
 }

server/app.ts

@@ -37,7 +37,7 @@ export default function createApp(services: Services): express.Application {
   nunjucksSetup(app, services.applicationInfo)
   app.use(calendarPreview(services)) // TODO - remove
   app.use(setupGovukOneLogin())
-  app.use(populateCurrentBooker(services.bookerService)) // TODO add this to appSetup.ts for tests?
+  app.use(populateCurrentBooker(services.bookerService))
   app.use(setUpCsrf())
 
   app.use(routes(services))

server/middleware/populateCurrentBooker.test.ts

@@ -0,0 +1,99 @@
+import type { Request, Response } from 'express'
+import { BadRequest, NotFound } from 'http-errors'
+import { createMockBookerService } from '../services/testutils/mocks'
+import TestData from '../routes/testutils/testData'
+import populateCurrentBooker from './populateCurrentBooker'
+import logger from '../../logger'
+
+jest.mock('../../logger')
+
+describe('populateCurrentBooker', () => {
+  let req: Request
+  let res: Response
+  const next = jest.fn()
+
+  const bookerService = createMockBookerService()
+
+  beforeEach(() => {
+    jest.resetAllMocks()
+
+    req = { session: {} } as unknown as Request
+
+    res = {
+      locals: {
+        user: {
+          sub: 'user1',
+          email: 'user1@example.com',
+          phone_number: '+440123456789',
+        },
+      },
+      redirect: jest.fn(),
+    } as unknown as Response
+  })
+
+  it('should get booker reference and add to session if it is not already set', async () => {
+    const bookerReference = TestData.bookerReference().value
+    bookerService.getBookerReference.mockResolvedValue(bookerReference)
+
+    await populateCurrentBooker(bookerService)(req, res, next)
+
+    expect(bookerService.getBookerReference).toHaveBeenCalledWith({
+      oneLoginSub: res.locals.user.sub,
+      email: res.locals.user.email,
+      phoneNumber: res.locals.user.phone_number,
+    })
+    expect(req.session).toStrictEqual({ booker: { reference: bookerReference } })
+    expect(res.redirect).not.toHaveBeenCalled()
+    expect(next).toHaveBeenCalled()
+  })
+
+  it('should not get booker reference if it is already set in session', async () => {
+    req.session.booker = { reference: TestData.bookerReference().value }
+
+    await populateCurrentBooker(bookerService)(req, res, next)
+
+    expect(bookerService.getBookerReference).not.toHaveBeenCalled()
+    expect(res.redirect).not.toHaveBeenCalled()
+    expect(next).toHaveBeenCalled()
+  })
+
+  it('should redirect to /sign-out if user details are not present in res.locals', async () => {
+    delete res.locals.user
+    await populateCurrentBooker(bookerService)(req, res, next)
+
+    expect(bookerService.getBookerReference).not.toHaveBeenCalled()
+    expect(res.redirect).toHaveBeenCalledWith('/sign-out')
+    expect(next).not.toHaveBeenCalled()
+  })
+
+  it('should handle the booker not being found (404 error) by logging and redirecting to /autherror', async () => {
+    bookerService.getBookerReference.mockRejectedValue(new NotFound())
+
+    await populateCurrentBooker(bookerService)(req, res, next)
+
+    expect(bookerService.getBookerReference).toHaveBeenCalledWith({
+      oneLoginSub: res.locals.user.sub,
+      email: res.locals.user.email,
+      phoneNumber: res.locals.user.phone_number,
+    })
+    expect(res.redirect).toHaveBeenCalledWith('/autherror')
+    expect(next).not.toHaveBeenCalled()
+    expect(logger.info).toHaveBeenCalledWith('Failed to retrieve booker reference for: user1')
+  })
+
+  it('should propagate any other errors', async () => {
+    const error = new BadRequest('Oops!')
+    bookerService.getBookerReference.mockRejectedValue(error)
+
+    await populateCurrentBooker(bookerService)(req, res, next)
+
+    expect(bookerService.getBookerReference).toHaveBeenCalledWith({
+      oneLoginSub: res.locals.user.sub,
+      email: res.locals.user.email,
+      phoneNumber: res.locals.user.phone_number,
+    })
+    expect(res.redirect).not.toHaveBeenCalled()
+    expect(logger.info).not.toHaveBeenCalled()
+    expect(next).toHaveBeenCalledWith(error)
+  })
+})

server/middleware/populateCurrentBooker.ts

@@ -3,26 +3,31 @@ import logger from '../../logger'
 import BookerService from '../services/bookerService'
 import { AuthDetailDto } from '../data/orchestrationApiTypes'
 
-// TODO add tests
 export default function populateCurrentBooker(bookerService: BookerService): RequestHandler {
   return async (req, res, next) => {
-    // TODO if there is no SUB and EMAIL then log user out?
     try {
+      if (!res.locals.user || !res.locals.user.sub || !res.locals.user.email) {
+        return res.redirect('/sign-out')
+      }
+
       if (!req.session.booker) {
         const authDetailDto: AuthDetailDto = {
           oneLoginSub: res.locals.user.sub,
           email: res.locals.user.email,
           phoneNumber: res.locals.user.phone_number,
         }
-        const reference = await bookerService.getBookerReference(authDetailDto)
 
+        const reference = await bookerService.getBookerReference(authDetailDto)
         req.session.booker = { reference }
       }
-      next()
+      return next()
     } catch (error) {
-      logger.error(error, `Failed to retrieve booker reference for: ${res.locals.user?.sub}`)
-      // TODO Here it should log out user?
-      next(error)
+      if (error.status === 404) {
+        logger.info(`Failed to retrieve booker reference for: ${res.locals.user.sub}`)
+        return res.redirect('/autherror')
+      }
+
+      return next(error)
     }
   }
 }