Refactor to not use wildcard at end of path for url authorization config and remove bsi and cymulate access

Bingjie Liu · Bingjie Liu · commit 18fac09f3213 · 2024-04-24T12:57:19.000+01:00
diff --git a/src/main/resources/application-dev.yml b/src/main/resources/application-dev.yml
@@ -28,7 +28,7 @@ authorisation:
   consumers:
     mapps.client.org:
       - "/v1/persons"
-      - "/v1/persons/.*"
+      - "/v1/persons/\\.*+[^/]*$"
       - "/v1/persons/.*/images"
       - "/v1/images/.*"
       - "/v1/persons/.*/addresses"
@@ -43,18 +43,18 @@ authorisation:
       - "/v1/persons/.*/licences/conditions"
       - "/v1/persons/.*/case-notes"
       - "/v1/persons/.*/protected-characteristics"
+      - "/v1/persons/.*/risks/mappadetail"
+      - "/v1/persons/.*/risks/categories"
     ctrlo:
-      - "/v1/epf/person-details/.*/.*"
+      - "/v1/epf/person-details/.*/\\.*+[^/]*$"
     kubernetes-health-check-client:
       - "/health/liveness"
       - "/health/readiness"
     heartbeat:
-      - "/v1/persons/.*"
-    cymulate:
-      - "/v1/epf/person-details/.*/.*"
+      - "/v1/persons/\\.*+[^/]*$"
     pnd:
       - "/v1/persons"
-      - "/v1/persons/.*"
+      - "/v1/persons/\\.*+[^/]*$"
       - "/v1/persons/.*/addresses"
       - "/v1/persons/.*/alerts"
       - "/v1/persons/.*/sentences"
diff --git a/src/main/resources/application-local-docker.yml b/src/main/resources/application-local-docker.yml
@@ -26,9 +26,9 @@ authorisation:
   consumers:
     automated-test-client:
       - "/v1/persons"
-      - "/v1/persons/.*"
+      - "/v1/persons/\\.*+[^/]*$"
       - "/v1/persons/.*/images"
-      - "/v1/images/.*"
+      - "/v1/images/\\.*+[^/]*$"
       - "/v1/persons/.*/addresses"
       - "/v1/persons/.*/offences"
       - "/v1/persons/.*/alerts"
@@ -40,7 +40,10 @@ authorisation:
       - "/v1/persons/.*/reported-adjudications"
       - "/v1/persons/.*/case-notes"
       - "/v1/persons/.*/person-responsible-officer"
-      - "/v1/epf/person-details/.*/.*"
+      - "/v1/persons/.*/protected-characteristics"
+      - "/v1/persons/.*/risks/mappadetail"
+      - "/v1/persons/.*/risks/categories"
+      - "/v1/epf/person-details/.*/\\.*+[^/]*$"
       - "/health"
       - "/health/ping"
       - "/health/readiness"
diff --git a/src/main/resources/application-local.yml b/src/main/resources/application-local.yml
@@ -33,9 +33,9 @@ authorisation:
   consumers:
     automated-test-client:
       - "/v1/persons"
-      - "/v1/persons/.*"
+      - "/v1/persons/\\.*+[^/]*$"
       - "/v1/persons/.*/images"
-      - "/v1/images/.*"
+      - "/v1/images/\\.*+[^/]*$"
       - "/v1/persons/.*/addresses"
       - "/v1/persons/.*/offences"
       - "/v1/persons/.*/alerts"
@@ -45,9 +45,14 @@ authorisation:
       - "/v1/persons/.*/needs"
       - "/v1/persons/.*/risks"
       - "/v1/persons/.*/reported-adjudications"
+      - "/v1/persons/.*/adjudications"
+      - "/v1/persons/.*/licences/conditions"
+      - "/v1/persons/.*/protected-characteristics"
+      - "/v1/persons/.*/risks/mappadetail"
+      - "/v1/persons/.*/risks/categories"
       - "/v1/persons/.*/case-notes"
       - "/v1/persons/.*/person-responsible-officer"
-      - "/v1/epf/person-details/.*/.*"
+      - "/v1/epf/person-details/.*/\\.*+[^/]*$"
       - "/health"
       - "/health/ping"
       - "/health/readiness"
diff --git a/src/main/resources/application-preprod.yml b/src/main/resources/application-preprod.yml
@@ -27,9 +27,7 @@ services:
 authorisation:
   consumers:
     ctrlo:
-      - "/v1/epf/person-details/.*/.*"
-    bsi:
-      - "/v1/epf/person-details/.*/.*"
+      - "/v1/epf/person-details/.*/\\.*+[^/]*$"
     kubernetes-health-check-client:
       - "/health/liveness"
       - "/health/readiness"
diff --git a/src/main/resources/application-prod.yml b/src/main/resources/application-prod.yml
@@ -27,7 +27,7 @@ services:
 authorisation:
   consumers:
     ctrlo:
-      - "/v1/epf/person-details/.*/.*"
+      - "/v1/epf/person-details/.*/\\.*+[^/]*$"
     kubernetes-health-check-client:
       - "/health/liveness"
       - "/health/readiness"
diff --git a/src/main/resources/application-test.yml b/src/main/resources/application-test.yml
@@ -41,9 +41,9 @@ authorisation:
   consumers:
     automated-test-client:
       - "/v1/persons"
-      - "/v1/persons/.*"
+      - "/v1/persons/\\.*+[^/]*$"
       - "/v1/persons/.*/images"
-      - "/v1/images/.*"
+      - "/v1/images/\\.*+[^/]*$"
       - "/v1/persons/.*/addresses"
       - "/v1/persons/.*/offences"
       - "/v1/persons/.*/alerts"
@@ -53,11 +53,14 @@ authorisation:
       - "/v1/persons/.*/needs"
       - "/v1/persons/.*/risks"
       - "/v1/persons/.*/reported-adjudications"
-      - "/v1/epf/person-details/.*/.*"
+      - "/v1/epf/person-details/.*/\\.*+[^/]*$"
       - "/v1/persons/.*/adjudications"
       - "/v1/persons/.*/licences/conditions"
       - "/v1/persons/.*/case-notes"
       - "/v1/persons/.*/person-responsible-officer"
+      - "/v1/persons/.*/protected-characteristics"
+      - "/v1/persons/.*/risks/mappadetail"
+      - "/v1/persons/.*/risks/categories"
       - "/health"
       - "/health/ping"
       - "/health/readiness"
diff --git a/src/test/kotlin/uk/gov/justice/digital/hmpps/hmppsintegrationapi/smoke/AuthoriseConfigTest.kt b/src/test/kotlin/uk/gov/justice/digital/hmpps/hmppsintegrationapi/smoke/AuthoriseConfigTest.kt
@@ -19,33 +19,38 @@ class AuthoriseConfigTest : DescribeSpec(
       response.body().shouldEqualJson(
         """
       {
-      "automated-test-client": [
-        "/v1/persons",
-        "/v1/persons/.*",
-        "/v1/persons/.*/images",
-        "/v1/images/.*",
-        "/v1/persons/.*/addresses",
-        "/v1/persons/.*/offences",
-        "/v1/persons/.*/alerts",
-        "/v1/persons/.*/sentences",
-        "/v1/persons/.*/sentences/latest-key-dates-and-adjustments",
-        "/v1/persons/.*/risks/scores",
-        "/v1/persons/.*/needs",
-        "/v1/persons/.*/risks",
-        "/v1/persons/.*/reported-adjudications",
-        "/v1/persons/.*/case-notes",
-        "/v1/persons/.*/person-responsible-officer",
-        "/v1/epf/person-details/.*/.*",
-        "/health",
-        "/health/ping",
-        "/health/readiness",
-        "/health/liveness",
-        "/info"
-      ],
-      "config-test": [
-        "/v1/config/authorisation"
-      ]
-    }
+        "automated-test-client": [
+          "/v1/persons",
+          "/v1/persons/\\.*+[^/]*${'$'}",
+          "/v1/persons/.*/images",
+          "/v1/images/\\.*+[^/]*${'$'}",
+          "/v1/persons/.*/addresses",
+          "/v1/persons/.*/offences",
+          "/v1/persons/.*/alerts",
+          "/v1/persons/.*/sentences",
+          "/v1/persons/.*/sentences/latest-key-dates-and-adjustments",
+          "/v1/persons/.*/risks/scores",
+          "/v1/persons/.*/needs",
+          "/v1/persons/.*/risks",
+          "/v1/persons/.*/reported-adjudications",
+          "/v1/persons/.*/adjudications",
+          "/v1/persons/.*/licences/conditions",
+          "/v1/persons/.*/protected-characteristics",
+          "/v1/persons/.*/risks/mappadetail",
+          "/v1/persons/.*/risks/categories",
+          "/v1/persons/.*/case-notes",
+          "/v1/persons/.*/person-responsible-officer",
+          "/v1/epf/person-details/.*/\\.*+[^/]*${'$'}",
+          "/health",
+          "/health/ping",
+          "/health/readiness",
+          "/health/liveness",
+          "/info"
+        ],
+        "config-test": [
+          "/v1/config/authorisation"
+        ]
+      }
       """.removeWhitespaceAndNewlines(),
       )
     }
