HIA-775 Implement LAO Redaction (#763)

* HIA-775 implement LAO redaction

Author: anthony-britton-moj

build.gradle.kts

@@ -1,3 +1,5 @@
+import org.gradle.internal.impldep.org.junit.experimental.categories.Categories.CategoryFilter.exclude
+
 plugins {
   id("uk.gov.justice.hmpps.gradle-spring-boot") version "7.1.3"
   kotlin("plugin.spring") version "2.1.10"
@@ -9,11 +11,13 @@ configurations {
 
 dependencies {
   runtimeOnly("org.flywaydb:flyway-database-postgresql")
-  implementation("org.springframework.boot:spring-boot-starter-webflux:3.4.3")
+  implementation("org.springframework.boot:spring-boot-starter-webflux")
   implementation("org.jetbrains.kotlinx:kotlinx-serialization-json:1.8.0")
   implementation("io.sentry:sentry-spring-boot-starter-jakarta:8.3.0")
   implementation("io.sentry:sentry-logback:8.3.0")
-  implementation("org.springframework.data:spring-data-commons:3.4.3")
+  implementation("org.springframework.data:spring-data-commons")
+  implementation("org.springframework:spring-aop")
+  implementation("org.aspectj:aspectjweaver")
   implementation("uk.gov.justice.service.hmpps:hmpps-sqs-spring-boot-starter:5.3.2") {
     exclude("org.springframework.security", "spring-security-config")
     exclude("org.springframework.security", "spring-security-core")

src/main/kotlin/uk/gov/justice/digital/hmpps/hmppsintegrationapi/common/CrnSupplier.kt

@@ -0,0 +1,9 @@
+package uk.gov.justice.digital.hmpps.hmppsintegrationapi.common
+
+interface CrnSupplier {
+  fun getCrn(hmppsId: String): String?
+
+  companion object {
+    val CRN_REGEX = "^[A-Z]\\d{6}$".toRegex()
+  }
+}

src/main/kotlin/uk/gov/justice/digital/hmpps/hmppsintegrationapi/config/HmppsIntegrationApiExceptionHandler.kt

@@ -19,6 +19,7 @@ import uk.gov.justice.digital.hmpps.hmppsintegrationapi.exception.ConflictFoundE
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.exception.EntityNotFoundException
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.exception.ForbiddenByUpstreamServiceException
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.exception.HmppsAuthFailedException
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.exception.LimitedAccessException
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.exception.MessageFailedException
 
 @RestControllerAdvice
@@ -80,7 +81,7 @@ class HmppsIntegrationApiExceptionHandler {
       )
   }
 
-  @ExceptionHandler(ForbiddenByUpstreamServiceException::class)
+  @ExceptionHandler(ForbiddenByUpstreamServiceException::class, LimitedAccessException::class)
   fun handleAuthenticationFailedException(e: ForbiddenByUpstreamServiceException): ResponseEntity<ErrorResponse?>? {
     logAndCapture("Forbidden to complete action by upstream service: {}", e)
     return ResponseEntity

src/main/kotlin/uk/gov/justice/digital/hmpps/hmppsintegrationapi/controllers/v1/RiskManagementController.kt

@@ -16,6 +16,8 @@ import uk.gov.justice.digital.hmpps.hmppsintegrationapi.config.AuthorisationConf
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.exception.EntityNotFoundException
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.exception.ForbiddenByUpstreamServiceException
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.extensions.decodeUrlCharacters
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.limitedaccess.redactor.LaoRedaction
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.limitedaccess.redactor.LaoRedaction.Mode
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.RiskManagementPlan
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.UpstreamApi
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.UpstreamApiError
@@ -31,6 +33,7 @@ class RiskManagementController(
   @Autowired val getRiskManagementPlansForCrnService: GetRiskManagementPlansForCrnService,
   @Autowired val auditService: AuditService,
 ) {
+  @LaoRedaction(Mode.REJECT)
   @GetMapping("/v1/persons/{encodedHmppsId}/risk-management-plan")
   @Operation(
     summary = "Returns a list of Risk Management Plans created for the person with the provided HMPPS ID.",

src/main/kotlin/uk/gov/justice/digital/hmpps/hmppsintegrationapi/controllers/v1/person/DynamicRisksController.kt

@@ -15,6 +15,8 @@ import org.springframework.web.bind.annotation.RequestParam
 import org.springframework.web.bind.annotation.RestController
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.exception.EntityNotFoundException
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.extensions.decodeUrlCharacters
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.limitedaccess.redactor.LaoRedaction
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.limitedaccess.redactor.LaoRedaction.Mode
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.DynamicRisk
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.UpstreamApiError
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.services.GetDynamicRisksForPersonService
@@ -29,6 +31,7 @@ class DynamicRisksController(
   @Autowired val getDynamicRisksForPersonService: GetDynamicRisksForPersonService,
   @Autowired val auditService: AuditService,
 ) {
+  @LaoRedaction(Mode.REDACT)
   @GetMapping("{encodedHmppsId}/risks/dynamic")
   @Operation(
     summary = "Returns dynamic risks associated with a person.",

src/main/kotlin/uk/gov/justice/digital/hmpps/hmppsintegrationapi/controllers/v1/person/LicenceConditionController.kt

@@ -13,6 +13,8 @@ import org.springframework.web.bind.annotation.RequestMapping
 import org.springframework.web.bind.annotation.RestController
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.exception.EntityNotFoundException
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.extensions.decodeUrlCharacters
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.limitedaccess.redactor.LaoRedaction
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.limitedaccess.redactor.LaoRedaction.Mode
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.DataResponse
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.PersonLicences
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.UpstreamApiError
@@ -26,6 +28,7 @@ class LicenceConditionController(
   @Autowired val auditService: AuditService,
   @Autowired val getLicenceConditionService: GetLicenceConditionService,
 ) {
+  @LaoRedaction(Mode.REDACT)
   @GetMapping("{encodedHmppsId}/licences/conditions")
   @Operation(
     summary = "Returns license conditions associated with a person, sorted by createdDateTime (newest first).",

src/main/kotlin/uk/gov/justice/digital/hmpps/hmppsintegrationapi/controllers/v1/person/MappaDetailController.kt

@@ -14,6 +14,8 @@ import org.springframework.web.bind.annotation.RequestMapping
 import org.springframework.web.bind.annotation.RestController
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.exception.EntityNotFoundException
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.extensions.decodeUrlCharacters
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.limitedaccess.redactor.LaoRedaction
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.limitedaccess.redactor.LaoRedaction.Mode
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.DataResponse
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.MappaDetail
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.UpstreamApiError
@@ -27,6 +29,7 @@ class MappaDetailController(
   @Autowired val getMappaDetailForPersonService: GetMappaDetailForPersonService,
   @Autowired val auditService: AuditService,
 ) {
+  @LaoRedaction(Mode.REDACT)
   @GetMapping("{encodedHmppsId}/risks/mappadetail")
   @Operation(
     summary = "Returns the mappa detail related to a person.",

src/main/kotlin/uk/gov/justice/digital/hmpps/hmppsintegrationapi/controllers/v1/person/RiskSeriousHarmController.kt

@@ -13,6 +13,8 @@ import org.springframework.web.bind.annotation.RequestMapping
 import org.springframework.web.bind.annotation.RestController
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.exception.EntityNotFoundException
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.extensions.decodeUrlCharacters
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.limitedaccess.redactor.LaoRedaction
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.limitedaccess.redactor.LaoRedaction.Mode
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.DataResponse
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.Risks
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.UpstreamApiError
@@ -26,6 +28,7 @@ class RiskSeriousHarmController(
   @Autowired val getRiskSeriousHarmForPersonService: GetRiskSeriousHarmForPersonService,
   @Autowired val auditService: AuditService,
 ) {
+  @LaoRedaction(Mode.REDACT)
   @GetMapping("{encodedHmppsId}/risks/serious-harm")
   @Operation(
     summary = "Returns Risk of Serious Harm (ROSH) risks associated with a person. Returns only assessments completed in the last year. This endpoint does not serve LAO (Limited Access Offender) data.",

src/main/kotlin/uk/gov/justice/digital/hmpps/hmppsintegrationapi/controllers/v1/person/StatusInformationController.kt

@@ -15,6 +15,8 @@ import org.springframework.web.bind.annotation.RequestParam
 import org.springframework.web.bind.annotation.RestController
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.exception.EntityNotFoundException
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.extensions.decodeUrlCharacters
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.limitedaccess.redactor.LaoRedaction
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.limitedaccess.redactor.LaoRedaction.Mode
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.StatusInformation
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.UpstreamApiError
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.services.GetStatusInformationForPersonService
@@ -29,6 +31,7 @@ class StatusInformationController(
   @Autowired val getStatusInformationForPersonService: GetStatusInformationForPersonService,
   @Autowired val auditService: AuditService,
 ) {
+  @LaoRedaction(Mode.REDACT)
   @GetMapping("{encodedHmppsId}/status-information")
   @Operation(
     summary = "Returns the status information associated with a person.",

src/main/kotlin/uk/gov/justice/digital/hmpps/hmppsintegrationapi/exception/AuthorisationFailedException.kt

@@ -0,0 +1,3 @@
+package uk.gov.justice.digital.hmpps.hmppsintegrationapi.exception
+
+class LimitedAccessException : RuntimeException("Attempt to access a limited access case")

src/main/kotlin/uk/gov/justice/digital/hmpps/hmppsintegrationapi/exception/LimitedAccessException.kt

@@ -13,6 +13,7 @@ import org.springframework.core.annotation.Order
 import org.springframework.stereotype.Component
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.config.AuthorisationConfig
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.config.GlobalsConfig
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.exception.LimitedAccessException
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.roleconfig.ConsumerConfig
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.services.internal.AuthoriseConsumerService
 import java.io.IOException
@@ -44,7 +45,15 @@ class AuthorisationFilter(
 
     val includesResult = authoriseConsumerService.doesConsumerHaveIncludesAccess(authorisationConfig.consumers[subjectDistinguishedName], requestedPath)
     if (includesResult) {
-      chain.doFilter(request, response)
+      try {
+        chain.doFilter(request, response)
+      } catch (e: Throwable) {
+        if (e.cause is LimitedAccessException) {
+          res.sendError(HttpServletResponse.SC_FORBIDDEN, e.message)
+        } else {
+          throw e
+        }
+      }
       return
     }
 

src/main/kotlin/uk/gov/justice/digital/hmpps/hmppsintegrationapi/extensions/AuthorisationFilter.kt

@@ -14,7 +14,9 @@ import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.Response
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.Sentence
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.StatusInformation
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.UpstreamApi
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.ndelius.CaseAccess
 import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.ndelius.NDeliusSupervisions
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.ndelius.UserAccess
 
 @Component
 class NDeliusGateway(
@@ -162,6 +164,26 @@ class NDeliusGateway(
     }
   }
 
+  fun getCaseAccess(crn: String): Response<CaseAccess?> {
+    val result =
+      webClient.request<UserAccess>(
+        HttpMethod.POST,
+        "/probation-cases/access",
+        authenticationHeader(),
+        UpstreamApi.NDELIUS,
+        mapOf("crns" to listOf(crn)),
+      )
+    return when (result) {
+      is WebClientWrapperResponse.Success -> {
+        Response(result.data.access.firstOrNull { it.crn == crn })
+      }
+
+      is WebClientWrapperResponse.Error -> {
+        Response(null, result.errors)
+      }
+    }
+  }
+
   private fun authenticationHeader(): Map<String, String> {
     val token = hmppsAuthGateway.getClientToken("nDelius")
 

src/main/kotlin/uk/gov/justice/digital/hmpps/hmppsintegrationapi/gateways/NDeliusGateway.kt

@@ -0,0 +1,18 @@
+package uk.gov.justice.digital.hmpps.hmppsintegrationapi.limitedaccess
+
+import org.springframework.stereotype.Service
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.common.CrnSupplier
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.gateways.NDeliusGateway
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.ndelius.CaseAccess
+
+interface AccessFor {
+  fun getAccessFor(hmppsId: String): CaseAccess?
+}
+
+@Service
+class GetCaseAccess(
+  private val crnSupplier: CrnSupplier,
+  private val deliusApi: NDeliusGateway,
+) : AccessFor {
+  override fun getAccessFor(hmppsId: String): CaseAccess? = crnSupplier.getCrn(hmppsId)?.let { deliusApi.getCaseAccess(it).data }
+}

src/main/kotlin/uk/gov/justice/digital/hmpps/hmppsintegrationapi/limitedaccess/GetCaseAccess.kt

@@ -0,0 +1,11 @@
+package uk.gov.justice.digital.hmpps.hmppsintegrationapi.limitedaccess
+
+data class LaoContext(
+  val crn: String,
+  val excluded: Boolean,
+  val restricted: Boolean,
+  val excludedMessage: String?,
+  val restrictedMessage: String?,
+) {
+  fun isLimitedAccess() = excluded || restricted
+}

src/main/kotlin/uk/gov/justice/digital/hmpps/hmppsintegrationapi/limitedaccess/LaoContext.kt

@@ -0,0 +1,14 @@
+package uk.gov.justice.digital.hmpps.hmppsintegrationapi.limitedaccess.redactor
+
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.limitedaccess.redactor.Redactor.Companion.REDACTED
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.DynamicRisk
+
+object LaoDynamicRiskRedactor : Redactor<DynamicRisk> {
+  override val type = DynamicRisk::class
+
+  override fun redact(toRedact: Any): DynamicRisk =
+    when (toRedact) {
+      is DynamicRisk -> toRedact.copy(notes = REDACTED)
+      else -> throw IllegalArgumentException("${this::class.simpleName} unable to redact ${toRedact::class.simpleName}")
+    }
+}

src/main/kotlin/uk/gov/justice/digital/hmpps/hmppsintegrationapi/limitedaccess/redactor/LaoDynamicRiskRedactor.kt

@@ -0,0 +1,14 @@
+package uk.gov.justice.digital.hmpps.hmppsintegrationapi.limitedaccess.redactor
+
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.limitedaccess.redactor.Redactor.Companion.REDACTED
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.MappaDetail
+
+object LaoMappaDetailRedactor : Redactor<MappaDetail> {
+  override val type = MappaDetail::class
+
+  override fun redact(toRedact: Any): MappaDetail =
+    when (toRedact) {
+      is MappaDetail -> toRedact.copy(notes = REDACTED)
+      else -> throw IllegalArgumentException("${this::class.simpleName} unable to redact ${toRedact::class.simpleName}")
+    }
+}

src/main/kotlin/uk/gov/justice/digital/hmpps/hmppsintegrationapi/limitedaccess/redactor/LaoMappaDetailRedactor.kt

@@ -0,0 +1,13 @@
+package uk.gov.justice.digital.hmpps.hmppsintegrationapi.limitedaccess.redactor
+
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.PersonLicences
+
+object LaoPersonLicencesRedactor : Redactor<PersonLicences> {
+  override val type = PersonLicences::class
+
+  override fun redact(toRedact: Any): PersonLicences =
+    when (toRedact) {
+      is PersonLicences -> toRedact.copy(licences = toRedact.licences.map { it.copy(conditions = it.conditions.map { it.copy(condition = Redactor.REDACTED) }) })
+      else -> throw IllegalArgumentException("${this::class.simpleName} unable to redact ${toRedact::class.simpleName}")
+    }
+}

src/main/kotlin/uk/gov/justice/digital/hmpps/hmppsintegrationapi/limitedaccess/redactor/LaoPersonLicencesRedactor.kt

@@ -0,0 +1,27 @@
+package uk.gov.justice.digital.hmpps.hmppsintegrationapi.limitedaccess.redactor
+
+import kotlin.reflect.KClass
+
+interface Redactor<T : Any> {
+  val type: KClass<T>
+
+  fun redact(toRedact: Any): T
+
+  companion object {
+    const val REDACTED = "**REDACTED**"
+  }
+}
+
+object LaoRedactor {
+  private val redactors =
+    setOf(
+      LaoPersonLicencesRedactor,
+      LaoStatusInformationRedactor,
+      LaoMappaDetailRedactor,
+      LaoDynamicRiskRedactor,
+      LaoRisksRedactor,
+    )
+
+  @Suppress("UNCHECKED_CAST")
+  fun of(any: Any): Redactor<*>? = redactors.firstOrNull { it.type == any::class }
+}

src/main/kotlin/uk/gov/justice/digital/hmpps/hmppsintegrationapi/limitedaccess/redactor/LaoRedactor.kt

@@ -0,0 +1,71 @@
+package uk.gov.justice.digital.hmpps.hmppsintegrationapi.limitedaccess.redactor
+
+import org.aspectj.lang.ProceedingJoinPoint
+import org.aspectj.lang.annotation.Around
+import org.aspectj.lang.annotation.Aspect
+import org.springframework.context.annotation.Configuration
+import org.springframework.context.annotation.EnableAspectJAutoProxy
+import org.springframework.stereotype.Component
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.exception.LimitedAccessException
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.extensions.decodeUrlCharacters
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.limitedaccess.AccessFor
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.limitedaccess.LaoContext
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.limitedaccess.redactor.LaoRedaction.Mode
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.hmpps.DataResponse
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.models.ndelius.CaseAccess
+import uk.gov.justice.digital.hmpps.hmppsintegrationapi.util.PaginatedResponse
+
+@Configuration
+@EnableAspectJAutoProxy
+class AopConfig
+
+@Aspect
+@Component
+class LaoRedactorAspect(
+  private val loaChecker: AccessFor,
+) {
+  @Around("@annotation(redaction)")
+  fun redact(
+    joinPoint: ProceedingJoinPoint,
+    redaction: LaoRedaction,
+  ): Any {
+    val hmppsId = (joinPoint.args.first() as String).decodeUrlCharacters()
+    val laoContext = loaChecker.getAccessFor(hmppsId)?.asLaoContext()
+    if (laoContext?.isLimitedAccess() == true && redaction.mode == Mode.REJECT) {
+      throw LimitedAccessException()
+    }
+    val result = joinPoint.proceed()
+    return if (laoContext?.isLimitedAccess() == true) {
+      when (result) {
+        is DataResponse<*> -> redactDataResponse(result)
+        is PaginatedResponse<*> -> redactPaginatedResponse(result)
+        else -> LaoRedactor.of(result)?.redact(result) ?: result
+      }
+    } else {
+      result
+    }
+  }
+
+  private fun redactDataResponse(dataResponse: DataResponse<*>): DataResponse<*> = LaoRedactor.of(dataResponse.data as Any)?.redact(dataResponse.data)?.let { DataResponse(it) } ?: dataResponse
+
+  private fun redactPaginatedResponse(paginatedResponse: PaginatedResponse<*>): PaginatedResponse<*> {
+    val redactor = paginatedResponse.data.firstOrNull()?.let { LaoRedactor.of(it) }
+    return PaginatedResponse(
+      paginatedResponse.data.map { redactor?.redact(it as Any) ?: it },
+      paginatedResponse.pagination,
+    )
+  }
+
+  private fun CaseAccess.asLaoContext() = LaoContext(crn, userExcluded, userRestricted, exclusionMessage, restrictionMessage)
+}
+
+@Target(AnnotationTarget.FUNCTION)
+@Retention(AnnotationRetention.RUNTIME)
+annotation class LaoRedaction(
+  val mode: Mode = Mode.REDACT,
+) {
+  enum class Mode {
+    REDACT,
+    REJECT,
+  }
+}