Bug/ex UI 855 mo nightly pipeline fix (#1101)

* Suppress CVE * enable fortify in nightly build * Resolve fortify scan vulnerability * add '_' to caseTypeId regex * changed product to xui in jenkinsfile * node version changed to 14.21.3 * change to package.json * fortify scan change * yarn audit known issues * funnctional test enabled * test commented out * tests uncommented * disable fortifyscan --------- Co-authored-by: Dean Bullock <dean.bullock@hmcts.net> Co-authored-by: codaimaster <55559010+codaimaster@users.noreply.github.com>
hmcts · Sep 20, 2023 · 43faff8 · 43faff8
1 parent 129f552
commit 43faff8
Show file tree

Hide file tree

Showing 5 changed files with 9 additions and 6 deletions.
diff --git a/Jenkinsfile_nightly b/Jenkinsfile_nightly
@@ -39,9 +39,8 @@ static LinkedHashMap<String, Object> secret(String secretName, String envVar) {
 withNightlyPipeline(type, product, component) {
     enableSlackNotifications(channel)
     loadVaultSecrets(secrets)
-    enableFortifyScan('rpx-aat')
-    // enableFullFunctionalTest(60)
-    // enableSecurityScan()
+    // enableFortifyScan('rpx-aat')
+    enableFullFunctionalTest(60)
     enableMutationTest()
     enableCrossBrowserTest()
 

diff --git a/api/caaCases/caaCases.util.ts b/api/caaCases/caaCases.util.ts
@@ -80,6 +80,10 @@ export function getRequestBody(organisationID: string, pageNo: number, pageSize:
   };
 }
 
+export function validateCaseTypeId(caseTypeId: string): string {
+  return caseTypeId.match('^[0-9\\-_]+$') === null ? '' : caseTypeId;
+}
+
 function mapCcdData(ccdCase: CcdCase, columnConfigs: CcdColumnConfig[], caseType: string): any[] {
   const data = Array<any>();
   ccdCase.cases.forEach((caseData) => data.push(onGeneratedRow(caseData, columnConfigs, caseType)));

diff --git a/api/caaCases/index.ts b/api/caaCases/index.ts
@@ -2,12 +2,12 @@ import { NextFunction, Request, Response, Router } from 'express';
 import { getConfigValue } from '../configuration';
 import { SERVICES_MCA_PROXY_API_PATH, SERVICES_ROLE_ASSIGNMENT_API_PATH } from '../configuration/references';
 import { EnhancedRequest } from '../models/enhanced-request.interface';
-import { getApiPath, getRequestBody, mapCcdCases } from './caaCases.util';
+import { getApiPath, getRequestBody, validateCaseTypeId, mapCcdCases } from './caaCases.util';
 import { CaaCasesFilterType } from './enums';
 import { RoleAssignmentResponse } from './models/roleAssignmentResponse';
 
 export async function handleCaaCases(req: EnhancedRequest, res: Response, next: NextFunction) {
-  const caseTypeId = req.query.caseTypeId as string;
+  const caseTypeId = validateCaseTypeId(req.query.caseTypeId as string);
   const caaCasesPageType = req.query.caaCasesPageType as string;
   const caaCasesFilterType = req.query.caaCasesFilterType as string;
   const path = getApiPath(getConfigValue(SERVICES_MCA_PROXY_API_PATH), caseTypeId);

diff --git a/test/integration/tests/post_Invite_User.ts b/test/integration/tests/post_Invite_User.ts
@@ -17,6 +17,5 @@ suite('Manage Org -> POST Invite User', function() {
   // console.log('response', response.headers.get('cache-control'))
     .then((response) => {
       response.status.should.be.eql(200);
-      console.log(response);
     }));
 });
diff --git a/test/integration/tests/post_ReInvite_User.ts b/test/integration/tests/post_ReInvite_User.ts
@@ -15,6 +15,7 @@ suite('Manage Org -> POST Re Invite User', function() {
   test('POST Invite User', () => generatePOSTAPIRequest('POST', '/api/inviteUser', payload)
   // console.log('response', response.headers.get('cache-control'))
     .then((response) => {
+      // console.log('response', response)
       if (response.status === 429) {
         console.log(`User Already Invited: ${response.status}`);
       }