HMAI-104 Prisons Transactions account code endpoint (#576)

* Init new endpoint, service, gateway route for prisoner transactions

* Nomis gateway unit tests for transaction queries

* Get transactions service layer unit tests

* Expanded transaction controller tests

* add test coverage of 404 and 400 errors on transactionController

* Integration test for transaction controller

* Correcting typos in transactions work

* Adding transactions endpoint to more consumers configs

* Moved transaction account code check to service layer, updated regex inc consumer config

* Revised transactions accounts endpoint uri

---------

Co-authored-by: emmalanigan <emma.lanigan@justice.gov.uk>

Author: wcdkj

src/main/kotlin/uk/gov/justice/digital/hmpps/hmppsintegrationapi/controllers/v1/TransactionsController.kt

@@ -0,0 +1,102 @@
+package uk.gov.justice.digital.hmpps.hmppsintegrationapi.controllers.v1
+
+import io.swagger.v3.oas.annotations.Operation
+import io.swagger.v3.oas.annotations.Parameter
+import io.swagger.v3.oas.annotations.media.Content
+import io.swagger.v3.oas.annotations.responses.ApiResponse
+import jakarta.validation.ValidationException
+import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.web.bind.annotation.GetMapping
+import org.springframework.web.bind.annotation.PathVariable
+import org.springframework.web.bind.annotation.RequestAttribute
+import org.springframework.web.bind.annotation.RequestMapping
+import org.springframework.web.bind.annotation.RequestParam
+import org.springframework.web.bind.annotation.RestController
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.exception.EntityNotFoundException
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.DataResponse
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.Transactions
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.UpstreamApiError
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.roleconfig.ConsumerFilters
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.services.GetTransactionsForPersonService
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.services.internal.AuditService
+import java.time.LocalDate
+
+@RestController
+@RequestMapping("/v1/prison/{prisonId}/prisoners/{hmppsId}/accounts/{accountCode}/transactions")
+class TransactionsController(
+  @Autowired val auditService: AuditService,
+  @Autowired val getTransactionsForPersonService: GetTransactionsForPersonService,
+) {
+  @Operation(
+    summary = "Returns all transactions for a prisoner associated with an account code that they have at a prison.",
+    description = "<b>Applicable filters</b>: <ul><li>prisons</li></ul>",
+    responses = [
+      ApiResponse(responseCode = "200", useReturnTypeSchema = true, description = "Successfully found a prisoner's transactions."),
+      ApiResponse(
+        responseCode = "400",
+        description = "The request data has an invalid format or the prisoner does hot have transactions at the specified prison.",
+        content = [
+          Content(
+            schema =
+              io.swagger.v3.oas.annotations.media
+                .Schema(ref = "#/components/schemas/BadRequest"),
+          ),
+        ],
+      ),
+      ApiResponse(
+        responseCode = "404",
+        content = [
+          Content(
+            schema =
+              io.swagger.v3.oas.annotations.media
+                .Schema(ref = "#/components/schemas/PersonNotFound"),
+          ),
+        ],
+      ),
+      ApiResponse(
+        responseCode = "500",
+        content = [
+          Content(
+            schema =
+              io.swagger.v3.oas.annotations.media
+                .Schema(ref = "#/components/schemas/InternalServerError"),
+          ),
+        ],
+      ),
+    ],
+  )
+  @GetMapping()
+  fun getTransactionsByAccountCode(
+    @PathVariable hmppsId: String,
+    @PathVariable prisonId: String,
+    @PathVariable accountCode: String,
+    @RequestAttribute filters: ConsumerFilters?,
+    @Parameter(description = "Start date for transactions (defaults to today if not supplied)") @RequestParam(required = false, name = "from_date") fromDate: String?,
+    @Parameter(description = "To date for transactions (defaults to today if not supplied)") @RequestParam(required = false, name = "to_date") toDate: String?,
+  ): DataResponse<Transactions?> {
+    var startDate = LocalDate.now().toString()
+    var endDate = LocalDate.now().toString()
+
+    if (fromDate == null && toDate != null || toDate == null && fromDate != null) {
+      throw ValidationException("Both fromDate and toDate must be supplied if one is populated")
+    }
+
+    if (fromDate != null && toDate != null) {
+      startDate = fromDate
+      endDate = toDate
+    }
+
+    val response = getTransactionsForPersonService.execute(hmppsId, prisonId, accountCode, startDate, endDate, filters)
+
+    if (response.hasError(UpstreamApiError.Type.ENTITY_NOT_FOUND)) {
+      throw EntityNotFoundException("Could not find transactions with id: $hmppsId")
+    }
+
+    if (response.hasError(UpstreamApiError.Type.BAD_REQUEST)) {
+      throw ValidationException("Either invalid HMPPS ID: $hmppsId at or incorrect prison: $prisonId")
+    }
+
+    auditService.createEvent("GET_TRANSACTIONS_FOR_PERSON", mapOf("hmppsId" to hmppsId, "prisonId" to prisonId, "fromDate" to fromDate, "toDate" to toDate))
+    return DataResponse(response.data)
+  }
+}

src/main/kotlin/uk/gov/justice/digital/hmpps/hmppsintegrationapi/gateways/NomisGateway.kt

@@ -16,6 +16,7 @@ import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.RiskCategor
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.Sentence
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.SentenceAdjustment
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.SentenceKeyDates
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.Transactions
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.UpstreamApi
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.nomis.NomisAccounts
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.nomis.NomisAddress
@@ -201,7 +202,11 @@ class NomisGateway(
 
     return when (result) {
       is WebClientWrapperResponse.Success -> {
-        Response(data = result.data.latestPrisonTerm.sentenceAdjustments.toSentenceAdjustment())
+        Response(
+          data =
+            result.data.latestPrisonTerm.sentenceAdjustments
+              .toSentenceAdjustment(),
+        )
       }
 
       is WebClientWrapperResponse.Error -> {
@@ -331,6 +336,34 @@ class NomisGateway(
     }
   }
 
+  fun getTransactionsForPerson(
+    prisonId: String,
+    nomisNumber: String,
+    accountCode: String,
+    fromDate: String,
+    toDate: String,
+  ): Response<Transactions?> {
+    val result =
+      webClient.request<Transactions>(
+        HttpMethod.GET,
+        "/api/v1/prison/$prisonId/offenders/$nomisNumber/accounts/$accountCode/transactions?from_date=$fromDate&to_date=$toDate",
+        authenticationHeader(),
+        UpstreamApi.NOMIS,
+      )
+    return when (result) {
+      is WebClientWrapperResponse.Success -> {
+        Response(data = result.data)
+      }
+
+      is WebClientWrapperResponse.Error -> {
+        Response(
+          data = null,
+          errors = result.errors,
+        )
+      }
+    }
+  }
+
   private fun authenticationHeader(): Map<String, String> {
     val token = hmppsAuthGateway.getClientToken("NOMIS")
 

src/main/kotlin/uk/gov/justice/digital/hmpps/hmppsintegrationapi/models/hmpps/Transactions.kt

@@ -0,0 +1,18 @@
+package uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps
+
+data class Type(
+  val code: String,
+  val desc: String,
+)
+
+data class Transaction(
+  val id: String,
+  val type: Type,
+  val description: String,
+  val amount: Int,
+  val date: String,
+)
+
+data class Transactions(
+  val transactions: List<Transaction> = emptyList(),
+)

src/main/kotlin/uk/gov/justice/digital/hmpps/hmppsintegrationapi/services/GetTransactionsForPersonService.kt

@@ -0,0 +1,78 @@
+package uk.gov.justice.digital.hmpps.hmppsintegrationapi.services
+
+import jakarta.validation.ValidationException
+import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.stereotype.Service
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.gateways.NomisGateway
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.Response
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.Transactions
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.UpstreamApi
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.UpstreamApiError
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.roleconfig.ConsumerFilters
+
+@Service
+class GetTransactionsForPersonService(
+  @Autowired val nomisGateway: NomisGateway,
+  @Autowired val getPersonService: GetPersonService,
+) {
+  fun execute(
+    hmppsId: String,
+    prisonId: String,
+    accountCode: String,
+    startDate: String,
+    endDate: String,
+    filters: ConsumerFilters? = null,
+  ): Response<Transactions?> {
+    if (
+      filters != null && !filters.matchesPrison(prisonId)
+    ) {
+      return Response(
+        data = null,
+        errors = listOf(UpstreamApiError(UpstreamApi.NOMIS, UpstreamApiError.Type.ENTITY_NOT_FOUND, "Not found")),
+      )
+    }
+
+    if (accountCode !in listOf("spends", "savings", "cash")) {
+      throw ValidationException("Account code must either be 'spends', 'savings', or 'cash'")
+    }
+
+    val personResponse = getPersonService.getNomisNumber(hmppsId = hmppsId)
+
+    if (personResponse == null) {
+      return Response(
+        data = null,
+        errors = listOf(UpstreamApiError(UpstreamApi.NOMIS, UpstreamApiError.Type.ENTITY_NOT_FOUND, "Nomis number not found")),
+      )
+    }
+
+    val nomisNumber = personResponse.data?.nomisNumber
+
+    if (nomisNumber == null) {
+      return Response(
+        data = null,
+        errors = personResponse.errors,
+      )
+    }
+
+    val nomisTransactions =
+      nomisGateway.getTransactionsForPerson(
+        prisonId,
+        nomisNumber,
+        accountCode,
+        startDate,
+        endDate,
+      )
+
+    if (nomisTransactions.errors.isNotEmpty()) {
+      return Response(
+        data = null,
+        errors = nomisTransactions.errors,
+      )
+    }
+
+    return Response(
+      data = nomisTransactions.data,
+      errors = emptyList(),
+    )
+  }
+}

src/main/resources/application-dev.yml

@@ -130,6 +130,7 @@ authorisation:
         - "/v1/prison/prisoners"
         - "/v1/prison/.*/prisoners/.*/balances$"
         - "/v1/prison/.*/prisoners/.*/balances/[^/]*$"
+        - "/v1/prison/.*/prisoners/.*/accounts/.*/transactions"
       filters:
     kilco:
       include:
@@ -139,6 +140,7 @@ authorisation:
         - "/v1/prison/prisoners/[^/]*$"
         - "/v1/prison/.*/prisoners/.*/balances$"
         - "/v1/prison/.*/prisoners/.*/balances/[^/]*$"
+        - "/v1/prison/.*/prisoners/.*/accounts/.*/transactions"
       filters:
     meganexus:
       include:
@@ -156,6 +158,7 @@ authorisation:
         - "/v1/prison/prisoners"
         - "/v1/prison/.*/prisoners/.*/balances$"
         - "/v1/prison/.*/prisoners/.*/balances/[^/]*$"
+        - "/v1/prison/.*/prisoners/.*/accounts/.*/transactions"
       filters:
     serco:
       include:

src/main/resources/application-integration-test.yml

@@ -85,6 +85,7 @@ authorisation:
         - "/v1/prison/prisoners/[^/]*$"
         - "/v1/prison/prisoners"
         - "/v1/prison/.*/prisoners/.*/balances$"
+        - "/v1/prison/.*/prisoners/.*/accounts/.*/transactions"
         - "/v1/prison/.*/prisoners/.*/balances/[^/]*$"
       filters:
     config-test:
@@ -98,6 +99,7 @@ authorisation:
     limited-prisons:
       include:
         - "/v1/prison/prisoners/[^/]*$"
+        - "/v1/prison/.*/prisoners/.*/accounts/.*/transactions"
       filters:
         prisons:
           - ABC

src/main/resources/application-local-docker.yml

@@ -59,6 +59,7 @@ authorisation:
         - "/v1/prison/prisoners/[^/]*$"
         - "/v1/prison/prisoners"
         - "/v1/prison/.*/prisoners/.*/balances$"
+        - "/v1/prison/.*/prisoners/.*/accounts/.*/transactions"
       filters:
     config-test:
       include:

src/main/resources/application-local.yml

@@ -66,6 +66,7 @@ authorisation:
         - "/v1/prison/prisoners/[^/]*$"
         - "/v1/prison/prisoners"
         - "/v1/prison/.*/prisoners/.*/balances$"
+        - "/v1/prison/.*/prisoners/.*/accounts/.*/transactions"
       filters:
     config-test:
       include:

src/main/resources/application-test.yml

@@ -88,6 +88,7 @@ authorisation:
         - "/v1/prison/prisoners"
         - "/v1/prison/.*/prisoners/.*/balances$"
         - "/v1/prison/.*/prisoners/.*/balances/[^/]*$"
+        - "/v1/prison/.*/prisoners/.*/accounts/.*/transactions"
     config-test:
       include:
         - "/v1/config/authorisation"