Merge pull request #5 from hmrc/API-1346

API-1346 ability to revoke an application authority

Author: haroonzone

.travis.yml

@@ -1,14 +1,19 @@
-
 sudo: false
 language: scala
 scala:
-- 2.11.6
+- 2.11.7
 jdk:
 - oraclejdk8
 cache:
   directories:
     - '$HOME/.ivy2/cache'
-branches:
-  except:
-    - master
-    
+notifications:
+  email: false
+
+before_script:
+  - "export DISPLAY=:99.0"
+  - "sh -e /etc/init.d/xvfb start"
+  - sleep 3 # give xvfb some time to start
+
+script:
+  - sbt ++$TRAVIS_SCALA_VERSION test acceptance:test

app/config/frontendAppConfig.scala

@@ -35,7 +35,7 @@ object FrontendAppConfig extends AppConfig with ServicesConfig {
 
   private val caFrontendHost = configuration.getString("ca-frontend.host").getOrElse("")
   private val contactHost = configuration.getString("contact-frontend.host").getOrElse("")
-  private val apiRevocationFrontendHost = configuration.getString("api-revocation-frontend.host").getOrElse("")
+  private val loginCallbackBaseUrl = getConfString("auth.login-callback.base-url", "")
 
   private val contactFormServiceIdentifier = "api-revocation-frontend"
 
@@ -44,6 +44,6 @@ object FrontendAppConfig extends AppConfig with ServicesConfig {
   override lazy val analyticsHost = loadConfig(s"google-analytics.host")
   override lazy val reportAProblemPartialUrl = s"$contactHost/contact/problem_reports_ajax?service=$contactFormServiceIdentifier"
   override lazy val reportAProblemNonJSUrl = s"$contactHost/contact/problem_reports_nonjs?service=$contactFormServiceIdentifier"
-  override lazy val signInUrl = s"$caFrontendHost/gg/sign-in?continue=$apiRevocationFrontendHost/api-revocation/applications"
+  override lazy val signInUrl = s"$caFrontendHost/gg/sign-in?continue=$loginCallbackBaseUrl/applications-permissions-withdrawal/applications"
   override lazy val signOutUrl = s"$caFrontendHost/gg/sign-out"
 }

app/connectors/DelegatedAuthorityConnector.scala

@@ -16,18 +16,31 @@
 
 package connectors
 
+import java.util.UUID
+
 import config.WSHttp
 import models.AppAuthorisation
 import uk.gov.hmrc.play.config.ServicesConfig
-import uk.gov.hmrc.play.http.{HeaderCarrier, HttpGet, HttpPost}
+import uk.gov.hmrc.play.http.{HeaderCarrier, HttpDelete, HttpGet, HttpPost}
+import scala.concurrent.ExecutionContext.Implicits.global
 
 trait DelegatedAuthorityConnector {
 
   val delegatedAuthorityUrl: String
-  val http: HttpPost with HttpGet
+  val http: HttpPost with HttpGet with HttpDelete
 
   def fetchApplicationAuthorities()(implicit hc: HeaderCarrier) = {
-    http.GET[Seq[AppAuthorisation]](s"$delegatedAuthorityUrl/authority/granted-applications")
+    val url = s"$delegatedAuthorityUrl/authority/granted-applications"
+    http.GET[Seq[AppAuthorisation]](url) recover {
+      recovery(url)
+    }
+  }
+
+  def revokeApplicationAuthority(applicationId: UUID)(implicit hc: HeaderCarrier) = {
+    val url = s"$delegatedAuthorityUrl/authority/granted-application/$applicationId"
+    http.DELETE(url) recover {
+      recovery(url)
+    }
   }
 }
 

app/connectors/ThirdPartyApplicationConnector.scala

@@ -0,0 +1,46 @@
+/*
+ * Copyright 2016 HM Revenue & Customs
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package connectors
+
+import java.util.UUID
+
+import config.WSHttp
+import connectors.DelegatedAuthorityConnector._
+import models.ApplicationDetails
+import uk.gov.hmrc.play.http._
+
+import scala.concurrent.Future
+import scala.concurrent.ExecutionContext.Implicits.global
+
+trait ThirdPartyApplicationConnector {
+
+  val applicationBaseUrl: String
+
+  val http: HttpPost with HttpGet
+
+  def fetchApplication(applicationId: UUID)(implicit hc: HeaderCarrier): Future[ApplicationDetails] = {
+    val url = s"$applicationBaseUrl/application/$applicationId"
+    http.GET[ApplicationDetails](url) recover {
+      recovery(url)
+    }
+  }
+}
+
+object ThirdPartyApplicationConnector extends ThirdPartyApplicationConnector {
+  override val applicationBaseUrl: String = s"${baseUrl("third-party-application")}"
+  override val http = WSHttp
+}

app/connectors/package.scala

@@ -0,0 +1,24 @@
+/*
+ * Copyright 2016 HM Revenue & Customs
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package object connectors {
+
+  private[connectors] def recovery(url: String): PartialFunction[Throwable, Nothing] = {
+    case e: Throwable => throw DownstreamMicroserviceException(url, e)
+  }
+
+  case class DownstreamMicroserviceException(url: String, t: Throwable) extends RuntimeException(s"Error obtained while calling: [$url]", t)
+}

app/controllers/Revocation.scala

@@ -16,18 +16,21 @@
 
 package controllers
 
-import connectors.DelegatedAuthorityConnector
+import java.util.UUID
+
+import config.FrontendAuthConnector
+import connectors.{DelegatedAuthorityConnector, ThirdPartyApplicationConnector}
 import play.api.mvc.Action
 import uk.gov.hmrc.play.frontend.auth.connectors.AuthConnector
 import uk.gov.hmrc.play.frontend.controller.FrontendController
-import config.FrontendAuthConnector
 
 import scala.concurrent.Future
 
 trait Revocation extends FrontendController with Authentication {
 
   val authConnector: AuthConnector
   val delegatedAuthorityConnector: DelegatedAuthorityConnector
+  val thirdPartyApplicationConnector: ThirdPartyApplicationConnector
 
   val start = Action.async { implicit request =>
     Future.successful(Ok(views.html.revocation.start()))
@@ -37,9 +40,27 @@ trait Revocation extends FrontendController with Authentication {
     delegatedAuthorityConnector.fetchApplicationAuthorities()
       .map(applications => Ok(views.html.revocation.authorizedApplications(applications)))
   }
+
+  def withdrawPage(id: UUID) = authenticated.async { implicit user => implicit request =>
+    thirdPartyApplicationConnector.fetchApplication(id)
+      .map(application => Ok(views.html.revocation.withdrawPermission(application)))
+  }
+
+  def withdrawAction(id: UUID) = authenticated.async { implicit user => implicit request =>
+    delegatedAuthorityConnector.revokeApplicationAuthority(id).map { _ =>
+      Redirect(routes.Revocation.withdrawConfirmationPage(id))
+    }
+  }
+
+  def withdrawConfirmationPage(id: UUID) = authenticated.async { implicit user => implicit request =>
+    thirdPartyApplicationConnector.fetchApplication(id).map { app =>
+      Ok(views.html.revocation.permissionWithdrawn(app))
+    }
+  }
 }
 
 object Revocation extends Revocation {
   override val authConnector = FrontendAuthConnector
   override val delegatedAuthorityConnector = DelegatedAuthorityConnector
+  override val thirdPartyApplicationConnector = ThirdPartyApplicationConnector
 }

app/models/Authority.scala

@@ -16,6 +16,8 @@
 
 package models
 
+import java.util.UUID
+
 import org.joda.time.DateTime
 import play.api.libs.json.Json
 
@@ -25,7 +27,7 @@ object Scope {
   implicit val format = Json.format[Scope]
 }
 
-case class ThirdPartyApplication(id: String, name: String)
+case class ThirdPartyApplication(id: UUID, name: String)
 
 object ThirdPartyApplication {
   implicit val format = Json.format[ThirdPartyApplication]
@@ -38,3 +40,9 @@ case class AppAuthorisation(application: ThirdPartyApplication,
 object AppAuthorisation {
   implicit val format = Json.format[AppAuthorisation]
 }
+
+case class ApplicationDetails(id: UUID, name: String)
+
+object ApplicationDetails {
+  implicit val format = Json.format[ApplicationDetails]
+}

app/views/govuk_wrapper.scala.html

@@ -29,7 +29,7 @@
 
 @insideHeader = {
     @uiLayouts.header_nav(
-      navTitle = Some("Data permissions withdrawal"),
+      navTitle = Some("Applications permissions withdrawal"),
       navTitleLink = None,
       showBetaLink = false,
       navLinks = Some(headerNavLinks))

app/views/revocation/authorizedApplications.scala.html

@@ -16,29 +16,28 @@ <h1>Authorised software applications</h1>
 
             @defining(DateTimeFormat.forPattern("dd MMMM yyyy")) { dateFormatter =>
                 <ul>
-                    @for(application <- applications) {
+                    @for(app <- applications) {
                         <li>
-                            <details data-@{application.application.id}>
-                                <summary data-name-@{application.application.id}>
-                                    @{application.application.name}
+                            <details data-@{app.application.id}>
+                                <summary data-name-@{app.application.id}>
+                                    @{app.application.name}
                                 </summary>
                                 <div class="panel-indent">
                                     <p>
                                         <strong>This application can perform the following actions in relation to HMRC data:</strong>
                                     </p>
                                     <ul class="bullets">
-                                    @for(scope <- application.scopes) {
-                                        <li data-scope-@{application.application.id}='@{scope.key}'>
+                                    @for(scope <- app.scopes) {
+                                        <li data-scope-@{app.application.id}='@{scope.key}'>
                                             @{scope.description}
                                         </li>
                                     }
                                     </ul>
-                                    <p data-grant-date-@{application.application.id}>
-                                        <strong>Permission granted on:</strong> @{dateFormatter.print(application.earliestGrantDate)}
+                                    <p data-grant-date-@{app.application.id}>
+                                        <strong>Permission granted on:</strong> @{dateFormatter.print(app.earliestGrantDate)}
                                     </p>
-                                    <form action="">
-                                        <input type="submit" class="button" value="Withdraw permission"/>
-                                    </form>
+
+                                    <a data-withdraw-permission-@{app.application.id} href="@routes.Revocation.withdrawPage(app.application.id)" class="button">Withdraw permission</a>
                                 </div>
                             </details>
                         </li>

app/views/revocation/permissionWithdrawn.scala.html

@@ -0,0 +1,22 @@
+@(application: ApplicationDetails)(implicit request: Request[_])
+
+@body = {
+    <div class="content__body">
+        <header>
+            <h1>Permission withdrawn</h1>
+        </header>
+
+        <p data-withdrawn-message>
+            <strong>@{application.name}</strong> can no longer access HMRC data.
+        </p>
+        <p>
+            <a data-applications-link href="@controllers.routes.Revocation.listAuthorizedApplications">
+                Continue to your authorised software applications.
+            </a>
+        </p>
+    </div>
+}
+
+@main_template(title = "Permission withdrawn", bodyClasses = None) {
+    @body
+}