diff --git a/azure/template.json b/azure/template.json index 2dca93523a..da8e8051e1 100644 --- a/azure/template.json +++ b/azure/template.json @@ -92,7 +92,6 @@ "Features": { "type": "object", "defaultValue": { - "AllowLevyPayingEmployersOnly": true, "SetNotificationPreferences": false } }, @@ -577,10 +576,6 @@ "name": "ExternalLinks:EmployerFavouritesUrl", "value": "[parameters('ExternalLinks').EmployerFavouritesUrl]" }, - { - "name": "Features:AllowLevyPayingEmployersOnly", - "value": "[parameters('Features').AllowLevyPayingEmployersOnly]" - }, { "name": "Features:SetNotificationPreferences", "value": "[parameters('Features').SetNotificationPreferences]" diff --git a/src/Employer/Employer.Web/Configuration/ConfigurationExtensions.cs b/src/Employer/Employer.Web/Configuration/ConfigurationExtensions.cs index e25260390b..a5a3d5763e 100644 --- a/src/Employer/Employer.Web/Configuration/ConfigurationExtensions.cs +++ b/src/Employer/Employer.Web/Configuration/ConfigurationExtensions.cs @@ -79,8 +79,6 @@ public static void AddMvcService(this IServiceCollection services, IHostingEnvir opts.Filters.Add(new AutoValidateAntiforgeryTokenAttribute()); - opts.Filters.Add(typeof(EmployerAccessCheckFilter), 0); - opts.Filters.AddService(); opts.AddTrimModelBinderProvider(loggerFactory); diff --git a/src/Employer/Employer.Web/Configuration/CookieNames.cs b/src/Employer/Employer.Web/Configuration/CookieNames.cs index 26ed8d8d15..776cc1ef4e 100644 --- a/src/Employer/Employer.Web/Configuration/CookieNames.cs +++ b/src/Employer/Employer.Web/Configuration/CookieNames.cs @@ -9,11 +9,8 @@ public static class CookieNames public const string SetupEmployer = "setup-employer-{0}"; public const string VacancyProposedClosingDate = "vacancy-closingDate-{0}"; public const string VacancyProposedStartDate = "vacancy-startDate-{0}"; - public const string LevyEmployerIndicator = "recruit-levy"; - public const string EmployerEoi = "recruit-eoi"; public const string VacancyEmployerInfo = "vacancy-employer-info"; public const string DashboardFilter = "dashboard-filter"; - public const string EmployerAccountType = "employer-account-type"; public const string HasSeenCloningMethodIsChangingMessage = "has-seen-cloning-method-is-changing-message"; } } diff --git a/src/Employer/Employer.Web/Configuration/DataProtectionPurposes.cs b/src/Employer/Employer.Web/Configuration/DataProtectionPurposes.cs deleted file mode 100644 index c4bc26c43d..0000000000 --- a/src/Employer/Employer.Web/Configuration/DataProtectionPurposes.cs +++ /dev/null @@ -1,10 +0,0 @@ - -namespace Esfa.Recruit.Employer.Web.Configuration -{ - public static class DataProtectionPurposes - { - public const string LevyDeclarationCookie = "levy-declaration"; - public const string EoiAgreementCookie = "eoi-agreement"; - public const string EmployerAccountTypeCookie = "employer-account-type"; - } -} diff --git a/src/Employer/Employer.Web/Configuration/IoC.cs b/src/Employer/Employer.Web/Configuration/IoC.cs index b61fb81df7..efa06c2024 100644 --- a/src/Employer/Employer.Web/Configuration/IoC.cs +++ b/src/Employer/Employer.Web/Configuration/IoC.cs @@ -63,9 +63,6 @@ private static void RegisterServiceDeps(IServiceCollection services, IConfigurat services.AddTransient(_ => new GoogleMapsGeocodeImageService(configuration.GetValue("GoogleMapsPrivateKey"))); services.AddTransient(); services.AddTransient(); - services.AddTransient(); - services.AddTransient(); - services.AddTransient(); services.AddTransient(); services.AddTransient(); } @@ -108,7 +105,6 @@ private static void RegisterOrchestratorDeps(IServiceCollection services) services.AddTransient(); services.AddTransient(); services.AddTransient(); - services.AddTransient(); services.AddTransient(); services.AddTransient(); services.AddTransient(); diff --git a/src/Employer/Employer.Web/Configuration/Routing/RouteNames.cs b/src/Employer/Employer.Web/Configuration/Routing/RouteNames.cs index 2728cabfdb..241bd88825 100644 --- a/src/Employer/Employer.Web/Configuration/Routing/RouteNames.cs +++ b/src/Employer/Employer.Web/Configuration/Routing/RouteNames.cs @@ -136,10 +136,6 @@ public static class RouteNames public const string SubmitVacancyChanges_Post = "SubmitVacancyChanges_Post"; public const string CancelVacancyChanges_Get = "CancelVacancyChanges_Get"; - public const string LevyDeclaration_Get = "LevyDeclaration_Get"; - public const string LevyDeclaration_Post = "LevyDeclaration_Post"; - public const string NonLevyInfo_Get = "NonLevyInfo_Get"; - public const string BlockedEmployer_Get = "BlockedEmployer_Get"; public const string ManageNotifications_Get = "ManageNotifications_Get"; diff --git a/src/Employer/Employer.Web/Configuration/ViewNames.cs b/src/Employer/Employer.Web/Configuration/ViewNames.cs index cb8096068b..a7f60e7352 100644 --- a/src/Employer/Employer.Web/Configuration/ViewNames.cs +++ b/src/Employer/Employer.Web/Configuration/ViewNames.cs @@ -20,7 +20,6 @@ public class ViewNames public const string AccessDenied = "AccessDenied"; public const string PageNotFound = "PageNotFound"; - public const string BlockedEmployer = "BlockedEmployer"; public const string ApplicationWithdrawn = "ApplicationWithdrawn"; } } diff --git a/src/Employer/Employer.Web/Controllers/ErrorController.cs b/src/Employer/Employer.Web/Controllers/ErrorController.cs index f9f758f386..d4d4e89a06 100644 --- a/src/Employer/Employer.Web/Controllers/ErrorController.cs +++ b/src/Employer/Employer.Web/Controllers/ErrorController.cs @@ -92,11 +92,6 @@ public IActionResult ErrorHandler() return AccessDenied(); } - if (exception is BlockedEmployerException) - { - return RedirectToRoute(RouteNames.BlockedEmployer_Get, new { EmployerAccountId = employerAccountId }); - } - if(exception is ApplicationWithdrawnException withdrawnException) { return ApplicationWithdrawn(employerAccountId.ToString(), withdrawnException); @@ -134,15 +129,6 @@ private IActionResult ApplicationWithdrawn(string employerAccountId, Application return View(ViewNames.ApplicationWithdrawn, returnLink); } - // Blocked employer url required for analytics reasons - [HttpGet("error/blocked-employer/{employerAccountId}", Name = RouteNames.BlockedEmployer_Get)] - public IActionResult BlockedEmployer(string employerAccountId) - { - _logger.LogInformation($"Handling redirection of blocked employer: {employerAccountId}."); - Response.StatusCode = (int)HttpStatusCode.Unauthorized; - return View(ViewNames.BlockedEmployer); - } - private void AddDashboardMessage(string message) { if(TempData.ContainsKey(TempDataKeys.DashboardErrorMessage)) diff --git a/src/Employer/Employer.Web/Controllers/LevyDeclarationController.cs b/src/Employer/Employer.Web/Controllers/LevyDeclarationController.cs deleted file mode 100644 index df1f18e734..0000000000 --- a/src/Employer/Employer.Web/Controllers/LevyDeclarationController.cs +++ /dev/null @@ -1,58 +0,0 @@ -using Esfa.Recruit.Employer.Web.Configuration; -using Esfa.Recruit.Employer.Web.Configuration.Routing; -using Esfa.Recruit.Employer.Web.Extensions; -using Esfa.Recruit.Employer.Web.Orchestrators; -using Esfa.Recruit.Employer.Web.Services; -using Esfa.Recruit.Employer.Web.ViewModels.LevyDeclaration; -using Microsoft.AspNetCore.Mvc; -using System.Security.Claims; -using System.Threading.Tasks; - -namespace Esfa.Recruit.Employer.Web.Controllers -{ - [Route(RoutePaths.AccountRoutePath)] - public class LevyDeclarationController : Controller - { - private readonly LevyDeclarationOrchestrator _orchestrator; - private readonly ILevyDeclarationCookieWriter _levyCookieWriter; - - public LevyDeclarationController( - LevyDeclarationOrchestrator orchestrator, - ILevyDeclarationCookieWriter levyCookieWriter) - { - _orchestrator = orchestrator; - _levyCookieWriter = levyCookieWriter; - } - - [HttpGet("levy-declaration", Name = RouteNames.LevyDeclaration_Get)] - public IActionResult Options() - { - return View(new LevyDeclarationModel()); - } - - [HttpPost("levy-declaration", Name = RouteNames.LevyDeclaration_Post)] - public async Task Options(string employerAccountId, LevyDeclarationModel viewModel) - { - if (!ModelState.IsValid) - return View(viewModel); - - var response = await _orchestrator.SaveSelectionAsync(viewModel, User); - - if (response.CreateLevyCookie) - SetLevyDeclarationCookie(User, employerAccountId); - - return RedirectToRoute(response.RedirectRouteName); - } - - [HttpGet("non-levy-info", Name = RouteNames.NonLevyInfo_Get)] - public IActionResult NonLevyInfo() - { - return View(); - } - - private void SetLevyDeclarationCookie(ClaimsPrincipal user, string employerAccountId) - { - _levyCookieWriter.WriteCookie(Response, user.GetUserId(), employerAccountId, hasLevyDeclaration: true); - } - } -} \ No newline at end of file diff --git a/src/Employer/Employer.Web/Controllers/LogoutController.cs b/src/Employer/Employer.Web/Controllers/LogoutController.cs index d2f5f40e10..a40227f97e 100644 --- a/src/Employer/Employer.Web/Controllers/LogoutController.cs +++ b/src/Employer/Employer.Web/Controllers/LogoutController.cs @@ -2,34 +2,15 @@ using Microsoft.AspNetCore.Mvc; using System.Threading.Tasks; using Esfa.Recruit.Employer.Web.Extensions; -using Esfa.Recruit.Employer.Web.Services; namespace Esfa.Recruit.Employer.Web.Controllers { [Route(RoutePaths.Services)] public class LogoutController : Controller { - private readonly ILevyDeclarationCookieWriter _levyDeclarationCookieWriter; - private readonly IEoiAgreementCookieWriter _eoiAgreementCookieWriter; - private readonly IEmployerAccountTypeCookieWriter _employerAccountTypeCookieWriter; - - public LogoutController( - ILevyDeclarationCookieWriter levyDeclarationCookieWriter, - IEoiAgreementCookieWriter eoiAgreementCookieWriter, - IEmployerAccountTypeCookieWriter employerAccountTypeCookieWriter) - { - _levyDeclarationCookieWriter = levyDeclarationCookieWriter; - _eoiAgreementCookieWriter = eoiAgreementCookieWriter; - _employerAccountTypeCookieWriter = employerAccountTypeCookieWriter; - } - [HttpGet, Route("logout", Name = RouteNames.Logout_Get)] public async Task Logout() { - _levyDeclarationCookieWriter.DeleteCookie(Response); - _eoiAgreementCookieWriter.DeleteCookie(Response); - _employerAccountTypeCookieWriter.DeleteCookie(Response); - await HttpContext.SignOutEmployerWebAsync(); } } diff --git a/src/Employer/Employer.Web/Exceptions/BlockedEmployerException.cs b/src/Employer/Employer.Web/Exceptions/BlockedEmployerException.cs deleted file mode 100644 index a6c5201318..0000000000 --- a/src/Employer/Employer.Web/Exceptions/BlockedEmployerException.cs +++ /dev/null @@ -1,10 +0,0 @@ -using System; -using Esfa.Recruit.Vacancies.Client.Domain.Exceptions; - -namespace Esfa.Recruit.Employer.Web.Exceptions -{ - public class BlockedEmployerException : RecruitException - { - public BlockedEmployerException(string message) : base(message) { } - } -} \ No newline at end of file diff --git a/src/Employer/Employer.Web/Filters/EmployerAccessCheckFilter.cs b/src/Employer/Employer.Web/Filters/EmployerAccessCheckFilter.cs deleted file mode 100644 index 1170270fcc..0000000000 --- a/src/Employer/Employer.Web/Filters/EmployerAccessCheckFilter.cs +++ /dev/null @@ -1,262 +0,0 @@ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Threading.Tasks; -using Esfa.Recruit.Employer.Web.Configuration.Routing; -using Esfa.Recruit.Employer.Web.Controllers; -using Esfa.Recruit.Employer.Web.Exceptions; -using Esfa.Recruit.Employer.Web.Extensions; -using Esfa.Recruit.Employer.Web.Services; -using Esfa.Recruit.Vacancies.Client.Infrastructure.Client; -using Esfa.Recruit.Vacancies.Client.Infrastructure.Services.EmployerAccount; -using Microsoft.AspNetCore.Http; -using Microsoft.AspNetCore.Mvc; -using Microsoft.AspNetCore.Mvc.Filters; - -namespace Esfa.Recruit.Employer.Web.Filters -{ - /// - /// Ensures current employer code in URL has permissions to access the request page - /// - - /// - /// Using the employer code in the URL this filter will ensure the employer - /// meets at least one the following criteria - /// 1: Request is for a page that doesn't require special access - /// 2: Has a signed levy declaration - /// 3: Has an Expression Of Interest - /// - /// Expected results: - /// A: Employers with a levy declaration cannot go to any levy pages - redirect to dashboard - /// B: Levy employers with no declaration should be redirected to the levy page - /// C: Non-levy employers with no EOI should be blocked - /// - public class EmployerAccessCheckFilter : IAsyncActionFilter, IOrderedFilter - { - private readonly ILevyDeclarationCookieWriter _levyCookieWriter; - private readonly IEoiAgreementCookieWriter _eoiCookieWriter; - private readonly IEmployerAccountTypeCookieWriter _employerAccountTypeCookieWriter; - private readonly IRecruitVacancyClient _recruitVacancyClient; - private readonly IEmployerAccountProvider _employerAccountProvider; - private readonly string[] _allowedAccountTypes = { "levy", "nonlevy" }; - - public EmployerAccessCheckFilter(ILevyDeclarationCookieWriter levyCookieWriter, - IRecruitVacancyClient recruitVacancyClient, - IEmployerAccountProvider employerAccountProvider, - IEoiAgreementCookieWriter eoiCookieWriter, - IEmployerAccountTypeCookieWriter employerAccountTypeCookieWriter) - { - _levyCookieWriter = levyCookieWriter; - _recruitVacancyClient = recruitVacancyClient; - _employerAccountProvider = employerAccountProvider; - _eoiCookieWriter = eoiCookieWriter; - _employerAccountTypeCookieWriter = employerAccountTypeCookieWriter; - } - - public int Order { get; } = 50; - - public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next) - { - if (RequestIsForWhiteListedPage(context)) - { - await next(); - return; - } - - bool requestIsForALevyPage = RequestIsForALevyPage(context); - - var employerAccountId = context.RouteData.Values[RouteValues.EmployerAccountId]?.ToString().ToUpper(); - var userId = context.HttpContext.User.GetUserId(); - - if (await WasHandledByEoi( - context, - next, - userId: userId, - employerAccountId: employerAccountId)) - { - return; - } - - if (await WasHandledByLevyDeclaration( - context, - next, - userId: userId, - employerAccountId: employerAccountId, - requestIsForALevyPage: requestIsForALevyPage)) - { - return; - } - - if (requestIsForALevyPage) - { - await next(); - return; - } - - // No access to the requested page, so show a "Blocked" message for NonLevy - // or redirect to the Levy Declaration page for levy employers - string employerAccountType = await GetEmployerAccountType(context, userId, employerAccountId); - if (string.Compare(employerAccountType, "levy", true) == 0) - { - context.Result = new RedirectToRouteResult(RouteNames.LevyDeclaration_Get, new { employerAccountId }); - } - else - { - throw new BlockedEmployerException($"Employer account '{employerAccountId}' is blocked"); - } - } - - private async Task GetEmployerAccountType(ActionExecutingContext context, string userId, string employerAccountId) - { - string result; - if (!GetCookieValueForUserAndEmployer(context.HttpContext, - userId: userId, - employerAccountId: employerAccountId, - readValue: _employerAccountTypeCookieWriter.GetCookieFromRequest, - result: out result)) - { - EmployerAccountDetails accountDetails = await _employerAccountProvider.GetEmployerAccountDetailsAsync(employerAccountId); - result = accountDetails.ApprenticeshipEmployerType; - - if (!_allowedAccountTypes.Any(x => string.Compare(accountDetails.ApprenticeshipEmployerType, x, true) == 0)) - throw new BlockedEmployerException($"Unknown account type {accountDetails.ApprenticeshipEmployerType}"); - - _employerAccountTypeCookieWriter.WriteCookie(context.HttpContext.Response, userId, employerAccountId, result); - } - return result; - } - - private async Task WasHandledByLevyDeclaration( - ActionExecutingContext context, - ActionExecutionDelegate next, - string userId, - string employerAccountId, - bool requestIsForALevyPage) - { - bool hasLevyDeclaration; - if (GetCookieValueForUserAndEmployer( - context.HttpContext, - userId: userId, - employerAccountId: employerAccountId, - readValue: _levyCookieWriter.GetCookieFromRequest, - result: out string hasLevyDeclarationAsString)) - { - hasLevyDeclaration = bool.Parse(hasLevyDeclarationAsString); - } - else - { - hasLevyDeclaration = await HasStoredLevyDeclaration( - employerAccountId: employerAccountId, - userId: userId); - _levyCookieWriter.WriteCookie(context.HttpContext.Response, userId, employerAccountId, hasLevyDeclaration); - } - - // No Levy declaration = not handled - if (!hasLevyDeclaration) - return false; - - // Don't allow Levy pages if Levy is already declared - if (requestIsForALevyPage) - { - context.Result = new RedirectToRouteResult(RouteNames.Dashboard_Get, new { employerAccountId }); - return true; - } - - // Allow pages when Levy declaration is present - await next(); - return true; - } - - private async Task WasHandledByEoi( - ActionExecutingContext context, - ActionExecutionDelegate next, - string userId, - string employerAccountId) - { - bool hasEoi; - if (GetCookieValueForUserAndEmployer( - context.HttpContext, - userId: userId, - employerAccountId: employerAccountId, - readValue: _eoiCookieWriter.GetCookieFromRequest, - result: out string hasEoiAsString)) - { - hasEoi = bool.Parse(hasEoiAsString); - } - else - { - hasEoi = await GetEmployerHasEoi(employerAccountId); - _eoiCookieWriter.WriteCookie(context.HttpContext.Response, userId, employerAccountId, hasEoi); - - // Why redirect to the dashboard? - if (hasEoi) - { - context.Result = new RedirectToRouteResult(RouteNames.Dashboard_Get, new { employerAccountId }); - return true; - } - } - - if (hasEoi) - { - await next(); - return true; - } - - return false; - } - - private async Task HasStoredLevyDeclaration(string employerAccountId, string userId) - { - var details = await _recruitVacancyClient.GetUsersDetailsAsync(userId); - - return details.AccountsDeclaredAsLevyPayers.Contains(employerAccountId); - } - - private bool RequestIsForWhiteListedPage(ActionExecutingContext context) - { - var controllerName = (((Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor)context.ActionDescriptor).ControllerTypeInfo).Name; - - var whitelistControllers = new List { nameof(ErrorController), nameof(LogoutController), nameof(ExternalLinksController), nameof(ContentPolicyReportController) }; - - return whitelistControllers.Contains(controllerName); - } - - private bool RequestIsForALevyPage(ActionExecutingContext context) - { - var controllerName = (((Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor)context.ActionDescriptor).ControllerTypeInfo).Name; - - return controllerName == nameof(LevyDeclarationController); - } - - private async Task GetEmployerHasEoi(string employerAccountId) - { - var account = await _employerAccountProvider.GetEmployerAccountDetailsAsync(employerAccountId); - return account.AccountAgreementType == AccountAgreementType.NonLevyExpressionOfInterest; - } - - private bool GetCookieValueForUserAndEmployer( - HttpContext httpContext, - string userId, - string employerAccountId, - Func readValue, - out string result) - { - string cookieValue = readValue(httpContext) ?? ""; - - string[] cookieValueParts = cookieValue.Split('/'); - result = null; - - if (cookieValueParts.Length != 3) - return false; - - string cookieUserIdAndEmployerId = cookieValueParts[0] + "/" + cookieValueParts[1]; - string expectedUserIdAndEmployerId = userId + "/" + employerAccountId; - - if (cookieUserIdAndEmployerId != expectedUserIdAndEmployerId) - return false; - - result = cookieValueParts[2]; - return true; - } - } -} \ No newline at end of file diff --git a/src/Employer/Employer.Web/Orchestrators/LevyDeclarationOrchestrator.cs b/src/Employer/Employer.Web/Orchestrators/LevyDeclarationOrchestrator.cs deleted file mode 100644 index 4bc8ac0dcf..0000000000 --- a/src/Employer/Employer.Web/Orchestrators/LevyDeclarationOrchestrator.cs +++ /dev/null @@ -1,38 +0,0 @@ -using System.Security.Claims; -using System.Threading.Tasks; -using Esfa.Recruit.Employer.Web.Configuration.Routing; -using Esfa.Recruit.Employer.Web.Extensions; -using Esfa.Recruit.Employer.Web.ViewModels.LevyDeclaration; -using Esfa.Recruit.Vacancies.Client.Infrastructure.Client; - -namespace Esfa.Recruit.Employer.Web.Orchestrators -{ - public class LevyDeclarationOrchestrator - { - private readonly IEmployerVacancyClient _client; - - public LevyDeclarationOrchestrator(IEmployerVacancyClient client) - { - _client = client; - } - - public async Task SaveSelectionAsync(LevyDeclarationModel viewModel, ClaimsPrincipal user) - { - if (viewModel.ConfirmAsLevyPayer.Value) - await _client.SaveLevyDeclarationAsync(user.GetUserId(), viewModel.EmployerAccountId); - - return new LevySelectionOrchestratorResponse - { - RedirectRouteName = viewModel.ConfirmAsLevyPayer.Value ? RouteNames.Dashboard_Get : RouteNames.NonLevyInfo_Get, - CreateLevyCookie = viewModel.ConfirmAsLevyPayer.Value - }; - } - } - - public class LevySelectionOrchestratorResponse - { - public string RedirectRouteName { get; set; } - public bool CreateLevyCookie { get; set; } - } - -} \ No newline at end of file diff --git a/src/Employer/Employer.Web/Services/EmployerAccountTypeCookieWriter.cs b/src/Employer/Employer.Web/Services/EmployerAccountTypeCookieWriter.cs deleted file mode 100644 index 46506d333a..0000000000 --- a/src/Employer/Employer.Web/Services/EmployerAccountTypeCookieWriter.cs +++ /dev/null @@ -1,59 +0,0 @@ -using System.Security.Cryptography; -using Esfa.Recruit.Employer.Web.Configuration; -using Microsoft.AspNetCore.DataProtection; -using Microsoft.AspNetCore.Hosting; -using Microsoft.AspNetCore.Http; -using Microsoft.Extensions.Logging; - -namespace Esfa.Recruit.Employer.Web.Services -{ - public class EmployerAccountTypeCookieWriter : IEmployerAccountTypeCookieWriter - { - private readonly IHostingEnvironment _hostingEnvironment; - private readonly IDataProtector _dataProtector; - private readonly ILogger _logger; - - public EmployerAccountTypeCookieWriter( - IHostingEnvironment hostingEnvironment, - IDataProtectionProvider dataProtectionProvider, - ILogger logger) - { - _hostingEnvironment = hostingEnvironment; - _dataProtector = dataProtectionProvider.CreateProtector(DataProtectionPurposes.EmployerAccountTypeCookie); - _logger = logger; - } - - public string GetCookieFromRequest(HttpContext context) - { - string content = null; - var encrtyptedContent = context.Request.Cookies[CookieNames.EmployerAccountType]; - - if (string.IsNullOrWhiteSpace(encrtyptedContent)) - return null; - - try - { - content = _dataProtector.Unprotect(encrtyptedContent); - } - catch (CryptographicException ex) - { - _logger.LogWarning(ex, "Couldn't decrypt employer account type cookie. Probably due to recent release changing DataProtection keys"); - DeleteCookie(context.Response); - } - - return content; - } - - public void WriteCookie(HttpResponse response, string userId, string employerAccountId, string employerAccountType) - { - var protectedValue = _dataProtector.Protect(userId + '/' + employerAccountId + '/' + employerAccountType); - - response.Cookies.Append(CookieNames.EmployerAccountType, protectedValue, EsfaCookieOptions.GetDefaultHttpCookieOption(_hostingEnvironment)); - } - - public void DeleteCookie(HttpResponse response) - { - response.Cookies.Delete(CookieNames.EmployerAccountType); - } - } -} diff --git a/src/Employer/Employer.Web/Services/EoiAgreementCookieWriter.cs b/src/Employer/Employer.Web/Services/EoiAgreementCookieWriter.cs deleted file mode 100644 index 8b5af64a47..0000000000 --- a/src/Employer/Employer.Web/Services/EoiAgreementCookieWriter.cs +++ /dev/null @@ -1,56 +0,0 @@ -using System.Security.Cryptography; -using Esfa.Recruit.Employer.Web.Configuration; -using Microsoft.AspNetCore.DataProtection; -using Microsoft.AspNetCore.Hosting; -using Microsoft.AspNetCore.Http; -using Microsoft.Extensions.Logging; - -namespace Esfa.Recruit.Employer.Web.Services -{ - public class EoiAgreementCookieWriter : IEoiAgreementCookieWriter - { - private readonly IHostingEnvironment _hostingEnvironment; - private readonly IDataProtector _dataProtector; - private readonly ILogger _logger; - - public EoiAgreementCookieWriter(IHostingEnvironment hostingEnvironment, IDataProtectionProvider dataProtectionProvider, ILogger logger) - { - _hostingEnvironment = hostingEnvironment; - _dataProtector = dataProtectionProvider.CreateProtector(DataProtectionPurposes.EoiAgreementCookie); - _logger = logger; - } - - public string GetCookieFromRequest(HttpContext context) - { - string content = null; - var encrtyptedContent = context.Request.Cookies[CookieNames.EmployerEoi]; - - if (string.IsNullOrWhiteSpace(encrtyptedContent)) - return null; - - try - { - content = _dataProtector.Unprotect(encrtyptedContent); - } - catch (CryptographicException ex) - { - _logger.LogWarning(ex, "Couldn't decrypt eoi cookie. Probably due to recent release changing DataProtection keys"); - DeleteCookie(context.Response); - } - - return content; - } - - public void WriteCookie(HttpResponse response, string userId, string employerAccountId, bool hasEoi) - { - var protectedValue = _dataProtector.Protect(userId + "/" + employerAccountId + "/" + hasEoi); - - response.Cookies.Append(CookieNames.EmployerEoi, protectedValue, EsfaCookieOptions.GetDefaultHttpCookieOption(_hostingEnvironment)); - } - - public void DeleteCookie(HttpResponse response) - { - response.Cookies.Delete(CookieNames.EmployerEoi); - } - } -} \ No newline at end of file diff --git a/src/Employer/Employer.Web/Services/IEmployerAccountTypeCookieWriter.cs b/src/Employer/Employer.Web/Services/IEmployerAccountTypeCookieWriter.cs deleted file mode 100644 index aff8c28694..0000000000 --- a/src/Employer/Employer.Web/Services/IEmployerAccountTypeCookieWriter.cs +++ /dev/null @@ -1,11 +0,0 @@ -using Microsoft.AspNetCore.Http; - -namespace Esfa.Recruit.Employer.Web.Services -{ - public interface IEmployerAccountTypeCookieWriter - { - string GetCookieFromRequest(HttpContext context); - void WriteCookie(HttpResponse response, string userId, string employerAccountId, string employerAccountType); - void DeleteCookie(HttpResponse response); - } -} diff --git a/src/Employer/Employer.Web/Services/IEoiAgreementCookieWriter.cs b/src/Employer/Employer.Web/Services/IEoiAgreementCookieWriter.cs deleted file mode 100644 index 57b14c5954..0000000000 --- a/src/Employer/Employer.Web/Services/IEoiAgreementCookieWriter.cs +++ /dev/null @@ -1,11 +0,0 @@ -using Microsoft.AspNetCore.Http; - -namespace Esfa.Recruit.Employer.Web.Services -{ - public interface IEoiAgreementCookieWriter - { - string GetCookieFromRequest(HttpContext context); - void WriteCookie(HttpResponse response, string userId, string employerAccountId, bool hasEoi); - void DeleteCookie(HttpResponse response); - } -} diff --git a/src/Employer/Employer.Web/Services/ILevyDeclarationCookieWriter.cs b/src/Employer/Employer.Web/Services/ILevyDeclarationCookieWriter.cs deleted file mode 100644 index 6abd36d364..0000000000 --- a/src/Employer/Employer.Web/Services/ILevyDeclarationCookieWriter.cs +++ /dev/null @@ -1,11 +0,0 @@ -using Microsoft.AspNetCore.Http; - -namespace Esfa.Recruit.Employer.Web.Services -{ - public interface ILevyDeclarationCookieWriter - { - string GetCookieFromRequest(HttpContext context); - void WriteCookie(HttpResponse response, string userId, string employerAccountId, bool hasLevyDeclaration); - void DeleteCookie(HttpResponse response); - } -} diff --git a/src/Employer/Employer.Web/Services/LevyDeclarationCookieWriter.cs b/src/Employer/Employer.Web/Services/LevyDeclarationCookieWriter.cs deleted file mode 100644 index 51c2c82aec..0000000000 --- a/src/Employer/Employer.Web/Services/LevyDeclarationCookieWriter.cs +++ /dev/null @@ -1,56 +0,0 @@ -using System.Security.Cryptography; -using Esfa.Recruit.Employer.Web.Configuration; -using Microsoft.AspNetCore.DataProtection; -using Microsoft.AspNetCore.Hosting; -using Microsoft.AspNetCore.Http; -using Microsoft.Extensions.Logging; - -namespace Esfa.Recruit.Employer.Web.Services -{ - public class LevyDeclarationCookieWriter : ILevyDeclarationCookieWriter - { - private readonly IHostingEnvironment _hostingEnvironment; - private readonly IDataProtector _dataProtector; - private readonly ILogger _logger; - - public LevyDeclarationCookieWriter(IHostingEnvironment hostingEnvironment, IDataProtectionProvider dataProtectionProvider, ILogger logger) - { - _hostingEnvironment = hostingEnvironment; - _dataProtector = dataProtectionProvider.CreateProtector(DataProtectionPurposes.LevyDeclarationCookie); - _logger = logger; - } - - public string GetCookieFromRequest(HttpContext context) - { - string content = null; - var encrtyptedContent = context.Request.Cookies[CookieNames.LevyEmployerIndicator]; - - if (string.IsNullOrWhiteSpace(encrtyptedContent)) - return null; - - try - { - content = _dataProtector.Unprotect(encrtyptedContent); - } - catch (CryptographicException ex) - { - _logger.LogWarning(ex, "Couldn't decrypt levy cookie. Probably due to recent release changing DataProtection keys"); - DeleteCookie(context.Response); - } - - return content; - } - - public void WriteCookie(HttpResponse response, string userId, string employerAccountId, bool hasLevyDeclaration) - { - var protectedValue = _dataProtector.Protect(userId + "/" + employerAccountId + "/" + hasLevyDeclaration); - - response.Cookies.Append(CookieNames.LevyEmployerIndicator, protectedValue, EsfaCookieOptions.GetDefaultHttpCookieOption(_hostingEnvironment)); - } - - public void DeleteCookie(HttpResponse response) - { - response.Cookies.Delete(CookieNames.LevyEmployerIndicator); - } - } -} \ No newline at end of file diff --git a/src/Employer/Employer.Web/ViewModels/LevyDeclaration/LevyDeclarationModel.cs b/src/Employer/Employer.Web/ViewModels/LevyDeclaration/LevyDeclarationModel.cs deleted file mode 100644 index 9ffe89022c..0000000000 --- a/src/Employer/Employer.Web/ViewModels/LevyDeclaration/LevyDeclarationModel.cs +++ /dev/null @@ -1,14 +0,0 @@ -using System.ComponentModel.DataAnnotations; -using Microsoft.AspNetCore.Mvc; - -namespace Esfa.Recruit.Employer.Web.ViewModels.LevyDeclaration -{ - public class LevyDeclarationModel - { - [FromRoute] - public string EmployerAccountId { get; set; } - - [Required(ErrorMessage = ValidationMessages.LevyDeclarationConfirmationMessages.SelectionRequired)] - public bool? ConfirmAsLevyPayer { get; set; } - } -} \ No newline at end of file diff --git a/src/Employer/Employer.Web/ViewModels/ValidationMessages.cs b/src/Employer/Employer.Web/ViewModels/ValidationMessages.cs index e97057a17f..4ea7d6bb6b 100644 --- a/src/Employer/Employer.Web/ViewModels/ValidationMessages.cs +++ b/src/Employer/Employer.Web/ViewModels/ValidationMessages.cs @@ -2,11 +2,6 @@ namespace Esfa.Recruit.Employer.Web.ViewModels { public static class ValidationMessages { - public static class LevyDeclarationConfirmationMessages - { - public const string SelectionRequired = "You must select one option."; - } - public static class LocationPreferenceMessages { public const string SelectionRequired = "You must select a work address"; diff --git a/src/Employer/Employer.Web/Views/Error/BlockedEmployer.cshtml b/src/Employer/Employer.Web/Views/Error/BlockedEmployer.cshtml deleted file mode 100644 index 12fb6981d6..0000000000 --- a/src/Employer/Employer.Web/Views/Error/BlockedEmployer.cshtml +++ /dev/null @@ -1,20 +0,0 @@ -@{ - ViewBag.Title = "Blocked employer"; - ViewBag.ShowNav = false; -} - -
-
-
-

You don't have access to this section

-
-
-
-
-

Call us on @RecruitViewConstants.HelpdeskPhoneNumber to resolve this issue.

-

Return to homepage

-
-
-
-
-
\ No newline at end of file diff --git a/src/Employer/Employer.Web/Views/LevyDeclaration/NonLevyInfo.cshtml b/src/Employer/Employer.Web/Views/LevyDeclaration/NonLevyInfo.cshtml deleted file mode 100644 index d86fb54b76..0000000000 --- a/src/Employer/Employer.Web/Views/LevyDeclaration/NonLevyInfo.cshtml +++ /dev/null @@ -1,14 +0,0 @@ -@inject ManageApprenticeshipsLinkHelper ExternalLinks -
-
-

If you do not pay the apprenticeship levy

-

You are currently not able to create a vacancy within Manage Apprenticeships yourself. You will need to contact your training provider who will be able to do this on your behalf.

-

Find out how:

- - Return to Manage apprenticeships -
-
\ No newline at end of file diff --git a/src/Employer/Employer.Web/Views/LevyDeclaration/Options.cshtml b/src/Employer/Employer.Web/Views/LevyDeclaration/Options.cshtml deleted file mode 100644 index 9665f0f93f..0000000000 --- a/src/Employer/Employer.Web/Views/LevyDeclaration/Options.cshtml +++ /dev/null @@ -1,27 +0,0 @@ -@model Esfa.Recruit.Employer.Web.ViewModels.LevyDeclaration.LevyDeclarationModel -
-
- -

You must pay the apprenticeship levy to post vacancies on Recruitment

-
-
-
- -
-
- - -
-
- - -
-
-
-
-
- -
-
-
-
\ No newline at end of file diff --git a/src/Employer/Employer.Web/appsettings.Development.json b/src/Employer/Employer.Web/appsettings.Development.json index fccac075ab..ee315fe6e4 100644 --- a/src/Employer/Employer.Web/appsettings.Development.json +++ b/src/Employer/Employer.Web/appsettings.Development.json @@ -23,7 +23,6 @@ "EmployerFavouritesUrl": "https://test-employerfavourites.apprenticeships.education.gov.uk" }, "Features": { - "AllowLevyPayingEmployersOnly": false, "SetNotificationPreferences": true }, "ConnectionStrings": { diff --git a/src/Employer/Employer.Web/appsettings.json b/src/Employer/Employer.Web/appsettings.json index 0731141f42..d787371741 100644 --- a/src/Employer/Employer.Web/appsettings.json +++ b/src/Employer/Employer.Web/appsettings.json @@ -42,7 +42,6 @@ "EmployerFavouritesUrl": "https://test-employerfavourites.apprenticeships.education.gov.uk" }, "Features": { - "AllowLevyPayingEmployersOnly": true, "SetNotificationPreferences": false }, "ManageApprenticeshipsRoutes": { diff --git a/src/Employer/UnitTests/Employer.Web/Filters/EmployerAccessCheckFilterTests.cs b/src/Employer/UnitTests/Employer.Web/Filters/EmployerAccessCheckFilterTests.cs deleted file mode 100644 index 25db69feb0..0000000000 --- a/src/Employer/UnitTests/Employer.Web/Filters/EmployerAccessCheckFilterTests.cs +++ /dev/null @@ -1,377 +0,0 @@ -using System; -using System.Collections.Generic; -using System.Reflection; -using System.Security.Claims; -using System.Threading.Tasks; -using Esfa.Recruit.Employer.Web.Configuration; -using Esfa.Recruit.Employer.Web.Configuration.Routing; -using Esfa.Recruit.Employer.Web.Controllers; -using Esfa.Recruit.Employer.Web.Exceptions; -using Esfa.Recruit.Employer.Web.Filters; -using Esfa.Recruit.Employer.Web.Services; -using Esfa.Recruit.Vacancies.Client.Infrastructure.Client; -using Esfa.Recruit.Vacancies.Client.Infrastructure.Services.EmployerAccount; -using FluentAssertions; -using Microsoft.AspNetCore.Http; -using Microsoft.AspNetCore.Mvc; -using Microsoft.AspNetCore.Mvc.Controllers; -using Microsoft.AspNetCore.Mvc.Filters; -using Microsoft.AspNetCore.Mvc.ModelBinding; -using Microsoft.AspNetCore.Routing; -using Moq; -using Xunit; -using DomainUser = Esfa.Recruit.Vacancies.Client.Domain.Entities.User; - -namespace Esfa.Recruit.Employer.UnitTests.Employer.Web.Filters -{ - public class EmployerAccessCheckFilterTests - { - private EmployerAccessCheckFilter _sut; - private Mock _levyDeclarationCookieWriter; - private Mock _recruitVacancyClient; - private Mock _employerAccountProvider; - private Mock _eoiAgreementCookieWriter; - private Mock _employerAccountTypeCookieWriter; - private Mock _httpContext; - private Mock _next; - private ModelStateDictionary _modelState; - private ControllerActionDescriptor _controllerActionDescriptor; - private ActionExecutingContext _actionExecutingContext; - private ActionContext _actionContext; - private RouteData _routeData; - private ClaimsPrincipal _user; - private DomainUser _domainUser; - private EmployerAccountDetails _account; - private string _employerAccountTypeCookieValue; - - private const string LevyEmployerAccountTypeCookieValue = "USERID/EMPLOYERID/LEVY"; - private const string NonLevyEmployerAccountTypeCookieValue = "USERID/EMPLOYERID/NONLEVY"; - - // Common - [Theory] - [InlineData(typeof(ErrorController))] - [InlineData(typeof(LogoutController))] - [InlineData(typeof(ExternalLinksController))] - [InlineData(typeof(ContentPolicyReportController))] - public async Task WhenRequestPageIsWhitelisted_ThenShouldCallNext(Type controllerType) - { - _controllerActionDescriptor.ControllerTypeInfo = controllerType.GetTypeInfo(); - - await _sut.OnActionExecutionAsync(_actionExecutingContext, _next.Object); - - _next.Verify(x => x(), Times.Once); - } - - [Theory] - [InlineData(null, "Levy")] - [InlineData("", "Levy")] - [InlineData(null, "NonLevy")] - [InlineData("", "NonLevy")] - public async Task WhenUserHasNoEmployerAccountTypeCookie_ThenShouldWriteCookie(string cookieValue, string accountType) - { - _account.ApprenticeshipEmployerType = accountType; - _employerAccountTypeCookieValue = cookieValue; - - try - { - await _sut.OnActionExecutionAsync(_actionExecutingContext, _next.Object); - } - catch (BlockedEmployerException) - { - } - - _next.Verify(x => x(), Times.Never); - _employerAccountTypeCookieWriter.Verify(x => - x.WriteCookie( - It.IsAny(), - "USERID", - "EMPLOYERID", - _account.ApprenticeshipEmployerType) - ); - } - - [Theory] - [InlineData("DifferentUSERID/EMPLOYERID/Levy", "Levy")] - [InlineData("USERID/DifferentEMPLOYERID/Levy", "Levy")] - [InlineData("DifferentUSERID/EMPLOYERID/NonLevy", "NonLevy")] - [InlineData("USERID/DifferentEMPLOYERID/NonLevy", "NonLevy")] - public async Task WhenUserHasAnInvalidEmployerAccountTypeCookie_ThenShouldRewriteCookie(string cookieValue, string accountType) - { - _account.ApprenticeshipEmployerType = accountType; - _employerAccountTypeCookieValue = cookieValue; - - try - { - await _sut.OnActionExecutionAsync(_actionExecutingContext, _next.Object); - } - catch (BlockedEmployerException) - { - } - - _next.Verify(x => x(), Times.Never); - _employerAccountTypeCookieWriter.Verify( - x => x.WriteCookie(It.IsAny(), "USERID", "EMPLOYERID", accountType)); - } - - [Fact] - public async Task WhenLevyAccountAndAllElseFailsAndNotALevyPageRequested_ThenShouldRedirectToLevyDeclaration() - { - _employerAccountTypeCookieValue = LevyEmployerAccountTypeCookieValue; - - await _sut.OnActionExecutionAsync(_actionExecutingContext, _next.Object); - - _actionExecutingContext.Result.Should() - .Match(x => - x.RouteName == RouteNames.LevyDeclaration_Get - && (string)x.RouteValues["employerAccountId"] == "EMPLOYERID" - ); - - _next.Verify(x => x(), Times.Never); - } - - [Fact] - public async Task WhenNonLevyAccountAndAllElseFailsAndNotALevyPageRequested_ThenShouldThrowException() - { - _employerAccountTypeCookieValue = NonLevyEmployerAccountTypeCookieValue; - - await Assert.ThrowsAsync(() => - _sut.OnActionExecutionAsync(_actionExecutingContext, _next.Object)); - - _next.Verify(x => x(), Times.Never); - } - - - [Theory] - [InlineData(LevyEmployerAccountTypeCookieValue)] - [InlineData(NonLevyEmployerAccountTypeCookieValue)] - public async Task WhenAllElseFailsAndLevyPageRequested_ThenShouldCallNext(string cookieValue) - { - _employerAccountTypeCookieValue = cookieValue; - _controllerActionDescriptor.ControllerTypeInfo = typeof(LevyDeclarationController).GetTypeInfo(); - - await _sut.OnActionExecutionAsync(_actionExecutingContext, _next.Object); - - _next.Verify(x => x(), Times.Once); - } - - [Fact] - public async Task WhenInvalidEoiCookie_ThenShouldRewriteCookie() - { - _employerAccountTypeCookieValue = LevyEmployerAccountTypeCookieValue; - - _eoiAgreementCookieWriter - .Setup(x => x.GetCookieFromRequest(It.IsAny())) - .Returns("This cookied value is incorrect"); - - await _sut.OnActionExecutionAsync(_actionExecutingContext, _next.Object); - - _next.Verify(x => x(), Times.Never); - _eoiAgreementCookieWriter.Verify(x => x.WriteCookie(It.IsAny(), "USERID", "EMPLOYERID", false), Times.Once); - } - - [Fact] - public async Task WhenValidEoiCookieWithTrueValue_ThenShouldCallNext() - { - _employerAccountTypeCookieValue = NonLevyEmployerAccountTypeCookieValue; - - _eoiAgreementCookieWriter - .Setup(x => x.GetCookieFromRequest(It.IsAny())) - .Returns("USERID/EMPLOYERID/True"); - - await _sut.OnActionExecutionAsync(_actionExecutingContext, _next.Object); - - _next.Verify(x => x(), Times.Once); - } - - [Fact] - public async Task WhenNoEoiCookieButHasEoi_ThenShouldWriteEoiCookie() - { - _employerAccountTypeCookieValue = NonLevyEmployerAccountTypeCookieValue; - _account.AccountAgreementType = AccountAgreementType.NonLevyExpressionOfInterest; - - await _sut.OnActionExecutionAsync(_actionExecutingContext, _next.Object); - - _next.Verify(x => x(), Times.Never); - _eoiAgreementCookieWriter.Verify(x => x.WriteCookie(It.IsAny(), "USERID", "EMPLOYERID", true)); - } - - [Fact] - public async Task WhenNoEoiCookieButHasEoi_ThenShouldRedirectToDashboard() - { - _employerAccountTypeCookieValue = NonLevyEmployerAccountTypeCookieValue; - _account.AccountAgreementType = AccountAgreementType.NonLevyExpressionOfInterest; - - await _sut.OnActionExecutionAsync(_actionExecutingContext, _next.Object); - - _next.Verify(x => x(), Times.Never); - _actionExecutingContext.Result.Should() - .Match(x => - x.RouteName == RouteNames.Dashboard_Get - && (string)x.RouteValues["employerAccountId"] == "EMPLOYERID" - ); - } - - // Levy tests - [Theory] - [InlineData(false)] - [InlineData(true)] - public async Task WhenLevyEmployerWithAnInvalidLevyCookie_ThenShouldRewriteCookie(bool permitAccessToEmployer) - { - _employerAccountTypeCookieValue = LevyEmployerAccountTypeCookieValue; - if (permitAccessToEmployer) - _domainUser.AccountsDeclaredAsLevyPayers.Add("EMPLOYERID"); - - _levyDeclarationCookieWriter - .Setup(x => x.GetCookieFromRequest(It.IsAny())) - .Returns("This is not a valid cookie"); - - await _sut.OnActionExecutionAsync(_actionExecutingContext, _next.Object); - - if (permitAccessToEmployer) - _next.Verify(x => x(), Times.Once); - else - _next.Verify(x => x(), Times.Never); - - _levyDeclarationCookieWriter.Verify( - x => x.WriteCookie(It.IsAny(), "USERID", "EMPLOYERID", permitAccessToEmployer)); - } - - [Fact] - public async Task WhenLevyEmployerWithLevyCookieAndLevyPageRequested_ThenShouldRedirectToDashboard() - { - _employerAccountTypeCookieValue = LevyEmployerAccountTypeCookieValue; - - _levyDeclarationCookieWriter - .Setup(x => x.GetCookieFromRequest(It.IsAny())) - .Returns("USERID/EMPLOYERID/True"); - _controllerActionDescriptor.ControllerTypeInfo = typeof(LevyDeclarationController).GetTypeInfo(); - - await _sut.OnActionExecutionAsync(_actionExecutingContext, _next.Object); - - _next.Verify(x => x(), Times.Never); - _actionExecutingContext.Result.Should() - .Match(x => - x.RouteName == RouteNames.Dashboard_Get - && (string)x.RouteValues["employerAccountId"] == "EMPLOYERID" - ); - } - - [Fact] - public async Task WhenLevyEmployerWithLevyCookieAndNotALevyPageRequested_ThenShouldCallNext() - { - _employerAccountTypeCookieValue = LevyEmployerAccountTypeCookieValue; - _levyDeclarationCookieWriter - .Setup(x => x.GetCookieFromRequest(It.IsAny())) - .Returns("USERID/EMPLOYERID/True"); - _controllerActionDescriptor.ControllerTypeInfo = typeof(VacanciesController).GetTypeInfo(); - - await _sut.OnActionExecutionAsync(_actionExecutingContext, _next.Object); - - _next.Verify(x => x(), Times.Once); - } - - [Fact] - public async Task WhenLevyEmployerWithoutLevyCookieHasStoredDeclarationAndLevyPageRequested_ThenShouldWriteCookie() - { - _employerAccountTypeCookieValue = LevyEmployerAccountTypeCookieValue; - _domainUser.AccountsDeclaredAsLevyPayers.Add("EMPLOYERID"); - _controllerActionDescriptor.ControllerTypeInfo = typeof(LevyDeclarationController).GetTypeInfo(); - - await _sut.OnActionExecutionAsync(_actionExecutingContext, _next.Object); - - _levyDeclarationCookieWriter - .Verify(x => x.WriteCookie(It.IsAny(), "USERID", "EMPLOYERID", true)); - } - - [Fact] - public async Task WhenLevyEmployerWithoutLevyCookieHasStoredDeclarationAndLevyPageRequested_ThenShouldRedirectToDashboard() - { - _employerAccountTypeCookieValue = LevyEmployerAccountTypeCookieValue; - _domainUser.AccountsDeclaredAsLevyPayers.Add("EMPLOYERID"); - _controllerActionDescriptor.ControllerTypeInfo = typeof(LevyDeclarationController).GetTypeInfo(); - - await _sut.OnActionExecutionAsync(_actionExecutingContext, _next.Object); - - _next.Verify(x => x(), Times.Never); - _actionExecutingContext.Result.Should() - .Match(x => - x.RouteName == RouteNames.Dashboard_Get - && (string)x.RouteValues["employerAccountId"] == "EMPLOYERID" - ); - } - - [Fact] - public async Task WhenLevyEmployerWithoutLevyCookieHasStoredDeclarationAndNotALevyPageRequested_ThenShouldCallNext() - { - _employerAccountTypeCookieValue = LevyEmployerAccountTypeCookieValue; - _domainUser.AccountsDeclaredAsLevyPayers.Add("EMPLOYERID"); - - await _sut.OnActionExecutionAsync(_actionExecutingContext, _next.Object); - - _next.Verify(x => x(), Times.Once); - } - - public EmployerAccessCheckFilterTests() - { - _modelState = new ModelStateDictionary(); - _routeData = new RouteData(); - _routeData.Values[RouteValues.EmployerAccountId] = "EMPLOYERID"; - - var identity = new ClaimsIdentity(); - identity.AddClaim(new Claim(EmployerRecruitClaims.IdamsUserIdClaimTypeIdentifier, "USERID")); - _user = new ClaimsPrincipal(identity); - - _httpContext = new Mock(); - _httpContext.SetupGet(x => x.User).Returns(_user); - - _controllerActionDescriptor = new ControllerActionDescriptor(); - _controllerActionDescriptor.ControllerTypeInfo = typeof(VacanciesController).GetTypeInfo(); - - _actionContext = new ActionContext( - _httpContext.Object, - _routeData, - _controllerActionDescriptor, - _modelState - ); - - _actionExecutingContext = new ActionExecutingContext( - _actionContext, - new List(), - new Dictionary(), - _controllerActionDescriptor - ); - - _levyDeclarationCookieWriter = new Mock(); - _recruitVacancyClient = new Mock(); - _employerAccountProvider = new Mock(); - _eoiAgreementCookieWriter = new Mock(); - - _employerAccountTypeCookieWriter = new Mock(); - _employerAccountTypeCookieWriter - .Setup(x => x.GetCookieFromRequest(It.IsAny())) - .Returns(() => _employerAccountTypeCookieValue); - - _next = new Mock(); - - _domainUser = new DomainUser(); - _recruitVacancyClient - .Setup(x => x.GetUsersDetailsAsync("USERID")) - .ReturnsAsync(_domainUser); - - _account = new EmployerAccountDetails - { - AccountAgreementType = AccountAgreementType.Inconsistent - }; - _employerAccountProvider - .Setup(x => x.GetEmployerAccountDetailsAsync("EMPLOYERID")) - .ReturnsAsync(_account); - - _sut = new EmployerAccessCheckFilter(_levyDeclarationCookieWriter.Object, - _recruitVacancyClient.Object, - _employerAccountProvider.Object, - _eoiAgreementCookieWriter.Object, - _employerAccountTypeCookieWriter.Object); - } - - } -} diff --git a/src/Shared/Recruit.Shared.Web/ViewModels/ValidationMessages.cs b/src/Shared/Recruit.Shared.Web/ViewModels/ValidationMessages.cs index 96525ce54e..5b75331120 100644 --- a/src/Shared/Recruit.Shared.Web/ViewModels/ValidationMessages.cs +++ b/src/Shared/Recruit.Shared.Web/ViewModels/ValidationMessages.cs @@ -60,11 +60,6 @@ public static class CreateVacancyOptionsConfirmationMessages public const string SelectionRequired = "You must select either 'Create new vacancy' or clone one of your existing vacancies."; } - public static class LevyDeclarationConfirmationMessages - { - public const string SelectionRequired = "You must select one option."; - } - public static class UnsubscribeNotificationsConfirmationMessages { public const string SelectionRequired = "Please confirm if you’d like to unsubscribe"; diff --git a/src/Shared/Recruit.Vacancies.Client/Application/CommandHandlers/SaveUserLevyDeclarationCommandHandler.cs b/src/Shared/Recruit.Vacancies.Client/Application/CommandHandlers/SaveUserLevyDeclarationCommandHandler.cs deleted file mode 100644 index 33a32251db..0000000000 --- a/src/Shared/Recruit.Vacancies.Client/Application/CommandHandlers/SaveUserLevyDeclarationCommandHandler.cs +++ /dev/null @@ -1,39 +0,0 @@ -using Esfa.Recruit.Vacancies.Client.Application.Commands; -using Esfa.Recruit.Vacancies.Client.Domain.Repositories; -using MediatR; -using System.Threading; -using System.Threading.Tasks; -using Microsoft.Extensions.Logging; - -namespace Esfa.Recruit.Vacancies.Client.Application.CommandHandlers -{ - public class SaveUserLevyDeclarationCommandHandler : IRequestHandler - { - private readonly ILogger _logger; - private readonly IUserRepository _repository; - public SaveUserLevyDeclarationCommandHandler( - ILogger logger, - IUserRepository repository) - { - _logger = logger; - _repository = repository; - } - - public async Task Handle(SaveUserLevyDeclarationCommand message, CancellationToken cancellationToken) - { - _logger.LogInformation("Updating user with id: {userId} with Legacy declaration for account {employerAccountId}", message.UserId, message.EmployerAccountId); - - var user = await _repository.GetAsync(message.UserId); - - if (user.AccountsDeclaredAsLevyPayers.Contains(message.EmployerAccountId)) - { - _logger.LogWarning($"The account {message.EmployerAccountId} was already in the list of declared levy payers for user: {message.UserId}"); - return; - } - - user.AccountsDeclaredAsLevyPayers.Add(message.EmployerAccountId); - - await _repository.UpsertUserAsync(user); - } - } -} diff --git a/src/Shared/Recruit.Vacancies.Client/Application/Commands/SaveUserLevyDeclarationCommand.cs b/src/Shared/Recruit.Vacancies.Client/Application/Commands/SaveUserLevyDeclarationCommand.cs deleted file mode 100644 index 8b1aa9826f..0000000000 --- a/src/Shared/Recruit.Vacancies.Client/Application/Commands/SaveUserLevyDeclarationCommand.cs +++ /dev/null @@ -1,11 +0,0 @@ -using Esfa.Recruit.Vacancies.Client.Domain.Messaging; -using MediatR; - -namespace Esfa.Recruit.Vacancies.Client.Application.Commands -{ - public class SaveUserLevyDeclarationCommand : ICommand, IRequest - { - public string UserId { get; set; } - public string EmployerAccountId { get; set; } - } -} diff --git a/src/Shared/Recruit.Vacancies.Client/Domain/Entities/User.cs b/src/Shared/Recruit.Vacancies.Client/Domain/Entities/User.cs index a763ef0161..eb1f81ea9e 100644 --- a/src/Shared/Recruit.Vacancies.Client/Domain/Entities/User.cs +++ b/src/Shared/Recruit.Vacancies.Client/Domain/Entities/User.cs @@ -12,7 +12,6 @@ public class User public string Email { get; set; } public DateTime CreatedDate { get; set; } public DateTime LastSignedInDate { get; set; } - public IList AccountsDeclaredAsLevyPayers { get; set; } = new List(); public IList EmployerAccountIds { get; set; } = new List(); public long? Ukprn { get; set; } public DateTime? TransferredVacanciesEmployerRevokedPermissionAlertDismissedOn { get; set; } diff --git a/src/Shared/Recruit.Vacancies.Client/Infrastructure/Client/IEmployerVacancyClient.cs b/src/Shared/Recruit.Vacancies.Client/Infrastructure/Client/IEmployerVacancyClient.cs index 0d54f5d095..3c780daba7 100644 --- a/src/Shared/Recruit.Vacancies.Client/Infrastructure/Client/IEmployerVacancyClient.cs +++ b/src/Shared/Recruit.Vacancies.Client/Infrastructure/Client/IEmployerVacancyClient.cs @@ -20,7 +20,6 @@ public interface IEmployerVacancyClient Task SetupEmployerAsync(string employerAccountId); Task SetApplicationReviewSuccessful(Guid applicationReviewId, VacancyUser user); Task SetApplicationReviewUnsuccessful(Guid applicationReviewId, string candidateFeedback, VacancyUser user); - Task SaveLevyDeclarationAsync(string userId, string employerAccountId); Task GetVacancyCountForUserAsync(string userId); EntityValidationResult ValidateQualification(Qualification qualification); } diff --git a/src/Shared/Recruit.Vacancies.Client/Infrastructure/Client/VacancyClient.cs b/src/Shared/Recruit.Vacancies.Client/Infrastructure/Client/VacancyClient.cs index 8895adc85d..1ff780c466 100644 --- a/src/Shared/Recruit.Vacancies.Client/Infrastructure/Client/VacancyClient.cs +++ b/src/Shared/Recruit.Vacancies.Client/Infrastructure/Client/VacancyClient.cs @@ -435,15 +435,6 @@ public Task GetUsersDetailsAsync(string userId) return _userRepository.GetAsync(userId); } - public Task SaveLevyDeclarationAsync(string userId, string employerAccountId) - { - return _messaging.SendCommandAsync(new SaveUserLevyDeclarationCommand - { - UserId = userId, - EmployerAccountId = employerAccountId - }); - } - public Task GetVacancyAnalyticsSummaryAsync(long vacancyReference) { return _reader.GetVacancyAnalyticsSummaryAsync(vacancyReference); diff --git a/src/Shared/Recruit.Vacancies.Client/Infrastructure/Services/EmployerAccount/AccountAgreementType.cs b/src/Shared/Recruit.Vacancies.Client/Infrastructure/Services/EmployerAccount/AccountAgreementType.cs deleted file mode 100644 index d0a8749587..0000000000 --- a/src/Shared/Recruit.Vacancies.Client/Infrastructure/Services/EmployerAccount/AccountAgreementType.cs +++ /dev/null @@ -1,10 +0,0 @@ -namespace Esfa.Recruit.Vacancies.Client.Infrastructure.Services.EmployerAccount -{ - public enum AccountAgreementType - { - Levy, - NonLevyExpressionOfInterest, - Inconsistent, - Unknown - } -} diff --git a/src/Shared/Recruit.Vacancies.Client/Infrastructure/Services/EmployerAccount/EmployerAccountDetails.cs b/src/Shared/Recruit.Vacancies.Client/Infrastructure/Services/EmployerAccount/EmployerAccountDetails.cs deleted file mode 100644 index e31d2e5266..0000000000 --- a/src/Shared/Recruit.Vacancies.Client/Infrastructure/Services/EmployerAccount/EmployerAccountDetails.cs +++ /dev/null @@ -1,17 +0,0 @@ -namespace Esfa.Recruit.Vacancies.Client.Infrastructure.Services.EmployerAccount -{ - public class EmployerAccountDetails - { - public AccountAgreementType AccountAgreementType { get; set; } - - public string ApprenticeshipEmployerType { get; set; } - - public EmployerAccountDetails() { } - - public EmployerAccountDetails(AccountAgreementType accountAgreementType, string apprenticeshipEmployerType) - { - AccountAgreementType = accountAgreementType; - ApprenticeshipEmployerType = apprenticeshipEmployerType; - } - } -} diff --git a/src/Shared/Recruit.Vacancies.Client/Infrastructure/Services/EmployerAccount/EmployerAccountProvider.cs b/src/Shared/Recruit.Vacancies.Client/Infrastructure/Services/EmployerAccount/EmployerAccountProvider.cs index 9c0bda8665..e7aae5be37 100644 --- a/src/Shared/Recruit.Vacancies.Client/Infrastructure/Services/EmployerAccount/EmployerAccountProvider.cs +++ b/src/Shared/Recruit.Vacancies.Client/Infrastructure/Services/EmployerAccount/EmployerAccountProvider.cs @@ -84,21 +84,5 @@ public async Task GetEmployerAccountPublicHashedIdAsync(long accountId) throw; } } - - public async Task GetEmployerAccountDetailsAsync(string employerAccountId) - { - try - { - var account = await _accountApiClient.GetAccount(employerAccountId); - return new EmployerAccountDetails( - accountAgreementType: (AccountAgreementType)account.AccountAgreementType, - apprenticeshipEmployerType: account.ApprenticeshipEmployerType); - } - catch (Exception ex) - { - _logger.LogError(ex, $"Failed to retrieve account information for account Id: {employerAccountId}"); - throw; - } - } } } \ No newline at end of file diff --git a/src/Shared/Recruit.Vacancies.Client/Infrastructure/Services/EmployerAccount/IEmployerAccountProvider.cs b/src/Shared/Recruit.Vacancies.Client/Infrastructure/Services/EmployerAccount/IEmployerAccountProvider.cs index 2665439b2a..1f56a7b8a5 100644 --- a/src/Shared/Recruit.Vacancies.Client/Infrastructure/Services/EmployerAccount/IEmployerAccountProvider.cs +++ b/src/Shared/Recruit.Vacancies.Client/Infrastructure/Services/EmployerAccount/IEmployerAccountProvider.cs @@ -11,6 +11,5 @@ public interface IEmployerAccountProvider Task> GetEmployerLegalEntitiesAsync(string accountId); Task GetEmployerAccountPublicHashedIdAsync(long accountId); Task> GetLegalEntitiesConnectedToAccountAsync(string accountId); - Task GetEmployerAccountDetailsAsync(string employerAccountId); } }