Merge pull request #2516 from alphagov/revert-credentials-update

Revert "PP-7583 Update credentials routes"
alphagov · Jan 20, 2021 · 82a630a · 82a630a
2 parents b1eb000 + 506b145
commit 82a630a
Show file tree

Hide file tree

Showing 14 changed files with 834 additions and 48 deletions.
diff --git a/.secrets.baseline b/.secrets.baseline
@@ -3,7 +3,7 @@
     "files": "package-lock.json",
     "lines": null
   },
-  "generated_at": "2021-01-19T17:38:25Z",
+  "generated_at": "2021-01-19T16:07:47Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"
@@ -72,7 +72,7 @@
         "hashed_secret": "ece65afda87c1c6120602c9a3b66890308d7e53c",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 138,
+        "line_number": 127,
         "type": "Secret Keyword"
       }
     ],

diff --git a/app/controllers/credentials.controller.js b/app/controllers/credentials.controller.js
@@ -97,7 +97,7 @@ module.exports = {
 
     if (_.get(req, 'session.flash.genericError.length')) {
       _.set(req, 'session.pageData.editNotificationCredentials', { username, password })
-      return res.redirect(formatAccountPathsFor(paths.account.notificationCredentials.edit, req.account && req.account.external_id))
+      return res.redirect(paths.notificationCredentials.edit)
     }
 
     const correlationId = req.headers[CORRELATION_HEADER] || ''

diff --git a/app/paths.js b/app/paths.js
@@ -19,10 +19,6 @@ module.exports = {
       revoke: '/api-keys/revoke',
       update: '/api-keys/update'
     },
-    credentials: {
-      index: '/credentials',
-      edit: '/credentials/edit'
-    },
     digitalWallet: {
       applePay: '/digital-wallet/apple-pay',
       googlePay: '/digital-wallet/google-pay'
@@ -39,10 +35,6 @@ module.exports = {
       confirmation: '/email-settings-confirmation',
       refund: '/email-settings-refund'
     },
-    notificationCredentials: {
-      edit: '/notification-credentials/edit',
-      update: '/notification-credentials'
-    },
     paymentLinks: {
       start: '/create-payment-link',
       information: '/create-payment-link/information',
@@ -87,15 +79,6 @@ module.exports = {
     },
     settings: {
       index: '/settings'
-    },  
-    stripe: {
-      addPspAccountDetails: '/stripe/add-psp-account-details'
-    },
-    stripeSetup: {
-      bankDetails: '/bank-details',
-      responsiblePerson: '/responsible-person',
-      vatNumber: '/vat-number',
-      companyNumber: '/company-number'
     },
     toggle3ds: {
       index: '/3ds'
@@ -111,6 +94,15 @@ module.exports = {
       index: '/your-psp',
       flex: '/your-psp/flex',
       worldpay3dsFlex: '/your-psp/worldpay-3ds-flex'
+    },
+    stripeSetup: {
+      bankDetails: '/bank-details',
+      responsiblePerson: '/responsible-person',
+      vatNumber: '/vat-number',
+      companyNumber: '/company-number'
+    },
+    stripe: {
+      addPspAccountDetails: '/stripe/add-psp-account-details'
     }
   },
   redirects: {
@@ -127,7 +119,16 @@ module.exports = {
     index: '/all-service-transactions',
     download: '/all-service-transactions/download'
   },
-
+  credentials: {
+    index: '/credentials',
+    edit: '/credentials/edit',
+    create: '/credentials'
+  },
+  notificationCredentials: {
+    index: '/credentials',
+    edit: '/notification-credentials/edit',
+    update: '/notification-credentials'
+  },
   user: {
     logIn: '/login',
     otpLogIn: '/otp-login',

diff --git a/app/routes.js b/app/routes.js
@@ -86,27 +86,26 @@ const stripeSetupDashboardRedirectController = require('./controllers/stripe-set
 
 // Assignments
 const {
-  healthcheck, registerUser, user, dashboard, selfCreateService, transactions,
-  serviceSwitcher,teamMembers, staticPaths, inviteValidation, editServiceName, merchantDetails,
+  healthcheck, registerUser, user, dashboard, selfCreateService, transactions, credentials,
+  serviceSwitcher, teamMembers, staticPaths, inviteValidation, editServiceName, merchantDetails,
+  notificationCredentials,
   requestToGoLive, policyPages,
   allServiceTransactions, payouts, redirects
 } = paths
 const {
   apiKeys,
-  credentials,
   digitalWallet,
   emailNotifications,
-  notificationCredentials,
   paymentLinks,
   paymentTypes,
   prototyping,
   settings,
-  stripe,
-  stripeSetup,
   toggle3ds,
   toggleBillingAddress,
   toggleMotoMaskCardNumberAndSecurityCode,
-  yourPsp
+  yourPsp,
+  stripeSetup,
+  stripe
 } = paths.account
 
 // Exports
@@ -184,10 +183,13 @@ module.exports.bind = function (app) {
   const authenticatedPaths = [
     ...lodash.values(transactions),
     ...lodash.values(allServiceTransactions),
+    ...lodash.values(credentials),
+    ...lodash.values(notificationCredentials),
     ...lodash.values(editServiceName),
     ...lodash.values(serviceSwitcher),
     ...lodash.values(teamMembers),
     ...lodash.values(merchantDetails),
+    ...lodash.values(paymentLinks),
     ...lodash.values(user.profile),
     ...lodash.values(requestToGoLive),
     ...lodash.values(policyPages),
@@ -289,9 +291,17 @@ module.exports.bind = function (app) {
   account.post(yourPsp.flex, permission('gateway-credentials:update'), paymentMethodIsCard, yourPspController.postFlex)
 
   // Credentials
+  app.get(credentials.index, permission('gateway-credentials:read'), getAccount, paymentMethodIsCard, credentialsController.index)
+  app.get(credentials.edit, permission('gateway-credentials:update'), getAccount, paymentMethodIsCard, credentialsController.editCredentials)
+  app.post(credentials.index, permission('gateway-credentials:update'), getAccount, paymentMethodIsCard, credentialsController.update)
+  app.get(notificationCredentials.index, permission('gateway-credentials:read'), getAccount, paymentMethodIsCard, credentialsController.index)
+  app.get(notificationCredentials.edit, permission('gateway-credentials:update'), getAccount, paymentMethodIsCard, credentialsController.editNotificationCredentials)
+  app.post(notificationCredentials.update, permission('gateway-credentials:update'), getAccount, paymentMethodIsCard, credentialsController.updateNotificationCredentials)
+
   account.get(credentials.index, permission('gateway-credentials:read'), paymentMethodIsCard, credentialsController.index)
   account.get(credentials.edit, permission('gateway-credentials:update'), paymentMethodIsCard, credentialsController.editCredentials)
   account.post(credentials.index, permission('gateway-credentials:update'), paymentMethodIsCard, credentialsController.update)
+  account.get(notificationCredentials.index, permission('gateway-credentials:read'), paymentMethodIsCard, credentialsController.index)
   account.get(notificationCredentials.edit, permission('gateway-credentials:update'), paymentMethodIsCard, credentialsController.editNotificationCredentials)
   account.post(notificationCredentials.update, permission('gateway-credentials:update'), paymentMethodIsCard, credentialsController.updateNotificationCredentials)
 

diff --git a/app/utils/nav-builder.js b/app/utils/nav-builder.js
@@ -17,8 +17,8 @@ const mainSettingsPaths = [
 
 const yourPspPaths = [
   paths.account.yourPsp,
-  paths.account.credentials,
-  paths.account.notificationCredentials
+  paths.credentials,
+  paths.notificationCredentials
 ]
 
 const serviceNavigationItems = (currentPath, permissions, type, account = {}) => {

diff --git a/app/views/credentials/epdq.njk b/app/views/credentials/epdq.njk
@@ -3,7 +3,7 @@
 {% block provider_content %}
 
   {% if permissions.gateway_credentials_update %}
-    <form id="credentials-form" method="post" action="{{ formatAccountPathsFor(routes.account.credentials.index, currentGatewayAccount.external_id) }}" data-validate>
+    <form id="credentials-form" method="post" action="{{routes.credentials.create}}" data-validate>
       <input id="csrf" name="csrfToken" type="hidden" value="{{csrf}}" />
 
       {{ govukInput({

diff --git a/app/views/credentials/smartpay.njk b/app/views/credentials/smartpay.njk
@@ -2,7 +2,7 @@
 
 {% block provider_content %}
   {% if editNotificationCredentialsMode %}
-    <form id="notification_credentials_form" method="post" action="{{ formatAccountPathsFor(routes.account.notificationCredentials.update, currentGatewayAccount.external_id) }}" data-validate>
+    <form id="notification_credentials_form" method="post" action="{{routes.notificationCredentials.update}}" data-validate>
       <input id="notification-csrf" name="csrfToken" type="hidden" value="{{csrf}}" />
 
       {% set username %}{{lastNotificationsData.username or currentGatewayAccount.notificationCredentials.userName}}{% endset %}
@@ -47,7 +47,7 @@
     </form>
   {% else %}
     {% if permissions.gateway_credentials_update %}
-      <form id="credentials-form" method="post" action="{{ formatAccountPathsFor(routes.account.credentials.index, currentGatewayAccount.external_id) }}" data-validate>
+      <form id="credentials-form" method="post" action="{{routes.credentials.create}}" data-validate>
           <input id="csrf" name="csrfToken" type="hidden" value="{{csrf}}" />
 
         {{ govukInput({

diff --git a/app/views/credentials/worldpay.njk b/app/views/credentials/worldpay.njk
@@ -2,7 +2,7 @@
 
 {% block provider_content %}
   {% if permissions.gateway_credentials_update %}
-    <form id="credentials-form" method="post" action="{{ formatAccountPathsFor(routes.account.credentials.index, currentGatewayAccount.external_id) }}" data-validate>
+    <form id="credentials-form" method="post" action="{{routes.credentials.create}}" data-validate>
       <input id="csrf" name="csrfToken" type="hidden" value="{{csrf}}" />
 
       {% if change === 'merchantId' %}

diff --git a/app/views/your-psp/_epdq.njk b/app/views/your-psp/_epdq.njk
@@ -18,7 +18,7 @@
         actions: {
           items: [
             {
-              href: formatAccountPathsFor(routes.account.credentials.edit, currentGatewayAccount.external_id) + "?change=merchantId",
+              href: routes.credentials.edit + "?change=merchantId",
               text: "Change",
               visuallyHiddenText: "account credentials",
               attributes: {
@@ -39,7 +39,7 @@
         actions: {
           items: [
             {
-              href: formatAccountPathsFor(routes.account.credentials.edit, currentGatewayAccount.external_id) + "?change=username",
+              href: routes.credentials.edit + "?change=username",
               text: "Change",
               visuallyHiddenText: "account credentials"
             }
@@ -57,7 +57,7 @@
         actions: {
           items: [
             {
-              href: formatAccountPathsFor(routes.account.credentials.edit, currentGatewayAccount.external_id) + "?change=password",
+              href: routes.credentials.edit + "?change=password",
               text: "Change",
               visuallyHiddenText: "account credentials"
             }
@@ -75,7 +75,7 @@
         actions: {
           items: [
             {
-              href: formatAccountPathsFor(routes.account.credentials.edit, currentGatewayAccount.external_id) + "?change=password",
+              href: routes.credentials.edit + "?change=password",
               text: "Change",
               visuallyHiddenText: "account credentials"
             }
@@ -93,7 +93,7 @@
         actions: {
           items: [
             {
-              href: formatAccountPathsFor(routes.account.credentials.edit, currentGatewayAccount.external_id) + "?change=password",
+              href: routes.credentials.edit + "?change=password",
               text: "Change",
               visuallyHiddenText: "account credentials"
             }

diff --git a/app/views/your-psp/_smartpay.njk b/app/views/your-psp/_smartpay.njk
@@ -17,7 +17,7 @@
         actions: {
           items: [
             {
-              href: formatAccountPathsFor(routes.account.credentials.edit, currentGatewayAccount.external_id) + "?change=merchantId",
+              href: routes.credentials.edit + "?change=merchantId",
               text: "Change",
               visuallyHiddenText: "account credentials",
               attributes: {
@@ -38,7 +38,7 @@
         actions: {
           items: [
             {
-              href: formatAccountPathsFor(routes.account.credentials.edit, currentGatewayAccount.external_id) + "?change=username",
+              href: routes.credentials.edit + "?change=username",
               text: "Change",
               visuallyHiddenText: "account credentials"
             }
@@ -56,7 +56,7 @@
         actions: {
           items: [
             {
-              href: formatAccountPathsFor(routes.account.credentials.edit, currentGatewayAccount.external_id) + "?change=password",
+              href: routes.credentials.edit + "?change=password",
               text: "Change",
               visuallyHiddenText: "account credentials"
             }
@@ -94,7 +94,7 @@
         actions: {
           items: [
             {
-              href: formatAccountPathsFor(routes.account.notificationCredentials.edit, currentGatewayAccount.external_id) + "?change=username",
+              href: routes.notificationCredentials.edit + "?change=username",
               text: "Change",
               visuallyHiddenText: "account credentials",
               attributes: {
@@ -115,7 +115,7 @@
         actions: {
           items: [
             {
-              href: formatAccountPathsFor(routes.account.notificationCredentials.edit, currentGatewayAccount.external_id) + "?change=password",
+              href: routes.notificationCredentials.edit + "?change=password",
               text: "Change",
               visuallyHiddenText: "account credentials"
             }

diff --git a/app/views/your-psp/_worldpay.njk b/app/views/your-psp/_worldpay.njk
@@ -17,7 +17,7 @@
         actions: {
           items: [
             {
-              href: formatAccountPathsFor(routes.account.credentials.edit, currentGatewayAccount.external_id) + "?change=merchantId",
+              href: routes.credentials.edit + "?change=merchantId",
               text: "Change",
               visuallyHiddenText: "account credentials",
               attributes: {
@@ -38,7 +38,7 @@
         actions: {
           items: [
             {
-              href: formatAccountPathsFor(routes.account.credentials.edit, currentGatewayAccount.external_id) + "?change=username",
+              href: routes.credentials.edit + "?change=username",
               text: "Change",
               visuallyHiddenText: "account credentials"
             }
@@ -56,7 +56,7 @@
         actions: {
           items: [
             {
-              href: formatAccountPathsFor(routes.account.credentials.edit, currentGatewayAccount.external_id) + "?change=password",
+              href: routes.credentials.edit + "?change=password",
               text: "Change",
               visuallyHiddenText: "account credentials"
             }

diff --git a/test/cypress/integration/settings/your-psp.cy.test.js b/test/cypress/integration/settings/your-psp.cy.test.js
@@ -9,7 +9,7 @@ describe('Your PSP settings page', () => {
   const gatewayAccountExternalId = 'a-valid-external-id'
   const serviceName = 'Purchase a positron projection permit'
   const yourPspPath = `/account/${gatewayAccountExternalId}/your-psp`
-
+  
   const testCredentials = {
     merchant_id: 'positron-permit-people',
     username: 'jonheslop',