FLS-1452 - Remove environmental preview mode

'Preview mode' is an environment variable that is currently set on an environment-by-environment basis. It controls whether we allow passage through the application's 'publishing' endpoints. These publishing endpoints, which support FAB and Form Designer to offer form preview even where forms are not loaded into the Runner cache at app startup, are being removed as part of Live Services' forms re-architecture work. In future, instead of the Runner supporting publishing of arbitrary forms into its cache, all forms will exist in a shared location in Pre-Award, and there will be no practical use case for rendering an arbitrary form.

Please note that removing this environment variable does not itself stop forms being previewed, or the preview banner from being rendered when a form is previewed. This is because the preview banner rendering is dependent on the prefix 'preview' being present at the beginning of the form session identifier retrieved from the URL.

Author: wjrm500

.run/RUNNER.run.xml

@@ -29,7 +29,6 @@
       <env name="LOG_LEVEL" value="debug" />
       <env name="LOGOUT_URL" value="https://authenticator.communities.gov.localhost:3004/sessions/sign-out" />
       <env name="MULTIFUND_URL" value="https://frontend.communities.gov.localhost:3008/account" />
-      <env name="PREVIEW_MODE" value="true" />
       <env name="PRIVACY_POLICY_URL" value="https://frontend.communities.gov.localhost:3008/privacy" />
       <env name="RSA256_PUBLIC_KEY_BASE64" value="TUlHZk1BMEdDU3FHU0liM0RRRUJBUVVBQTRHTkFEQ0JpUUtCZ1FDdUZBL2xrczcwM2JEeDZYN0duUVIwVlVSOAp6eW8yUEJ6L2E2MVd0TjJCUitYWlV5cjlGaHc4K3E4YVRsbzZ0K2VJa3hENjE4eWpaQkx0cGhZVjUwcTAvOW1OCkk0QStPSURhQ1J0aWd0NDJ4ZUlrbmpydWZ5a280Q0xjV3BFc1dzSkZWSnJnR2xQTHZrMzJHMVJ5WFErOGY1dWsKVmlKbjBKbGlzbWo4bGtzc2pRSURBUUFC" />
       <env name="SERVICE_START_PAGE" value="https://frontend.communities.gov.localhost:3008/account" />

copilot/fsd-form-runner-adapter/manifest.yml

@@ -84,7 +84,6 @@ environments:
   dev:
     variables:
       JWT_AUTH_ENABLED: false
-      PREVIEW_MODE: true
     count:
       spot: 2
     sidecars:
@@ -107,7 +106,6 @@ environments:
   test:
     variables:
       JWT_AUTH_ENABLED: false
-      PREVIEW_MODE: true
     count:
       spot: 2
     sidecars:
@@ -130,7 +128,6 @@ environments:
   uat:
     variables:
       JWT_AUTH_ENABLED: false
-      PREVIEW_MODE: true
     count:
       range: 2-4
       cooldown:
@@ -174,7 +171,6 @@ environments:
       SERVICE_START_PAGE: "https://apply.access-funding.communities.gov.uk/account"
       ELIGIBILITY_RESULT_URL: "https://apply.access-funding.communities.gov.uk/eligibility-result"
       SENTRY_TRACES_SAMPLE_RATE: 0.1
-      PREVIEW_MODE: false
     count:
       range: 2-4
       cooldown:

docker-compose.e2e.yml

@@ -25,7 +25,6 @@ services:
       - "3009:3009"
     environment:
       - CHOKIDAR_USEPOLLING=true
-      - PREVIEW_MODE=true
       - LAST_COMMIT
       - LAST_TAG
       - ACCESSIBILITY_STATEMENT_URL=http://localhost:3008/accessibility_statement
@@ -43,7 +42,6 @@ services:
       - SERVICE_START_PAGE=http://localhost:3008/account
       - SINGLE_REDIS=true
       - FORM_RUNNER_ADAPTER_REDIS_INSTANCE_URI=redis://redis-data:6379
-      - PREVIEW_MODE=true
       - ENABLE_VIRUS_SCAN=true
     command: yarn runner start:test
     logging:

docker-compose.yml

@@ -33,7 +33,6 @@ services:
       - "3009:3009"
     environment:
       - CHOKIDAR_USEPOLLING=true
-      - PREVIEW_MODE=true
       - LAST_COMMIT
       - LAST_TAG
       - JWT_AUTH_ENABLED=false

runner/config/custom-environment-variables.json

@@ -45,7 +45,6 @@
   "authClientAuthUrl": "AUTH_CLIENT_AUTH_URL",
   "authClientTokenUrl": "AUTH_CLIENT_TOKEN_URL",
   "authClientProfileUrl": "AUTH_CLIENT_PROFILE_URL",
-  "previewMode": "PREVIEW_MODE",
   "enforceCsrf": "ENFORCE_CSRF",
   "savePerPage": "SAVE_PER_PAGE",
   "awsBucketName": "AWS_BUCKET_NAME",

runner/config/default.js

@@ -21,7 +21,6 @@ module.exports = {
    */
   port: 3009,
   env: "development",
-  previewMode: false,
   enforceCsrf: true,
   singleRedis: false,
   isE2EModeEnabled: false,

runner/config/development.json

@@ -1,6 +1,5 @@
 {
   "isTest": true,
-  "previewMode": true,
   "enforceCsrf": false,
   "env": "development"
 }

runner/config/test.json

@@ -1,7 +1,6 @@
 {
   "safelist": ["webho.ok"],
   "isTest": true,
-  "previewMode": true,
   "enforceCsrf": false,
   "initialisedSessionKey": "predictable-key",
   "env": "test"

runner/src/server/plugins/engine/MainPlugin.ts

@@ -32,6 +32,6 @@ export const plugin = {
             ...LOGGER_DATA,
             message: `[FORM-CACHE] number of forms loaded into cache ok[${countOk}] error[${countError}]`
         })
-        new RegisterFormsApi().register(server, options);
+        new RegisterFormsApi().register(server);
     }
 };

runner/src/server/plugins/engine/api/RegisterFormsApi.ts

@@ -1,6 +1,5 @@
 import {RegisterApi} from "./RegisterApi";
 import {HapiRequest, HapiResponseToolkit, HapiServer} from "../../../types";
-import {Options} from "../types/PluginOptions";
 import {FormPayload} from "../../../../../../digital-form-builder/runner/src/server/plugins/engine/types";
 // @ts-ignore
 import Boom from "boom";
@@ -22,11 +21,7 @@ export class RegisterFormsApi implements RegisterApi {
      * for its own purposes so if you're changing these endpoints you likely need to go and amend
      * the designer too!
      */
-    register(server: HapiServer, options: Options) {
-        const {previewMode} = options;
-        const disabledRouteDetailString =
-            "A request was made however previewing is disabled. See environment variable details in runner/README.md if this error is not expected.";
-
+    register(server: HapiServer) {
         server.route({
             method: "post",
             path: "/publish",
@@ -35,17 +30,8 @@ export class RegisterFormsApi implements RegisterApi {
             },
             handler: async (request: HapiRequest, h: HapiResponseToolkit) => {
                 const {adapterCacheService} = request.services([]);
-                // @ts-ignore
-                if (!previewMode || previewMode==="false") {
-                    request.logger.error(
-                        [`POST /publish`, "previewModeError"],
-                        disabledRouteDetailString
-                    );
-                    throw Boom.forbidden("Publishing is disabled");
-                }
                 const payload = request.payload as FormPayload;
                 const {id, configuration} = payload;
-
                 const parsedConfiguration =
                     typeof configuration === "string"
                         ? JSON.parse(configuration)
@@ -67,14 +53,6 @@ export class RegisterFormsApi implements RegisterApi {
             },
             handler: async (request: HapiRequest, h: HapiResponseToolkit) => {
                 const {id} = request.params;
-                // @ts-ignore
-                if (!previewMode || previewMode==="false") {
-                    request.logger.error(
-                        [`GET /published/${id}`, "previewModeError"],
-                        disabledRouteDetailString
-                    );
-                    throw Boom.unauthorized("publishing is disabled");
-                }
                 const {adapterCacheService} = request.services([]);
                 const form = await adapterCacheService.getFormAdapterModel(id, request);
                 if (!form) {
@@ -93,14 +71,6 @@ export class RegisterFormsApi implements RegisterApi {
             },
             handler: async (request: HapiRequest, h: HapiResponseToolkit) => {
                 const {adapterCacheService} = request.services([]);
-                // @ts-ignore
-                if (!previewMode || previewMode==="false") {
-                    request.logger.error(
-                        [`GET /published`, "previewModeError"],
-                        disabledRouteDetailString
-                    );
-                    throw Boom.unauthorized("publishing is disabled.");
-                }
                 return h
                     .response(JSON.stringify(await adapterCacheService.getFormConfigurations(request)))
                     .code(200);
@@ -175,10 +145,7 @@ export class RegisterFormsApi implements RegisterApi {
             // @ts-ignore
             const state = await adapterCacheService.getState(request);
 
-            // @ts-ignore isNotPreview is always false on production
-            const isNotPreview = !previewMode || previewMode==="false"
-
-            if (isNotPreview && !state.callback) {
+            if (config.copilotEnv == "prod" && !state.callback) {
                 // if you are here the session likely dropped
                 request.logger.error(["checkUserSession"], `Session expired ${request.yar.id}`);