@defra-fish/gafl-webapp-service 1.64.0-rc.2 → 1.64.0-rc.20

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@defra-fish/gafl-webapp-service",
-  "version": "1.64.0-rc.2",
+  "version": "1.64.0-rc.20",
   "description": "The websales frontend for the GAFL service",
   "type": "module",
   "engines": {
@@ -36,48 +36,48 @@
     "prepare": "gulp --gulpfile build/gulpfile.cjs"
   },
   "dependencies": {
-    "@defra-fish/business-rules-lib": "1.64.0-rc.2",
-    "@defra-fish/connectors-lib": "1.64.0-rc.2",
-    "@defra/hapi-gapi": "^2.0.0",
-    "@hapi/boom": "^9.1.2",
-    "@hapi/catbox-redis": "^6.0.2",
-    "@hapi/cookie": "^11.0.2",
-    "@hapi/crumb": "^8.0.1",
-    "@hapi/hapi": "^20.2.1",
-    "@hapi/inert": "^6.0.5",
-    "@hapi/joi-date": "^2.0.1",
-    "@hapi/scooter": "^6.0.1",
-    "@hapi/vision": "^6.1.0",
-    "blankie": "^5.0.0",
-    "debug": "^4.3.3",
-    "disinfect": "^1.1.0",
-    "find": "^0.3.0",
-    "govuk-frontend": "^5.10.2",
-    "hapi-i18n": "^3.0.1",
-    "joi": "^17.6.0",
-    "moment": "^2.29.1",
-    "moment-timezone": "^0.5.34",
-    "node-fetch": "^2.7.0",
-    "nunjucks": "^3.2.3",
-    "openid-client": "^4.9.1",
-    "semver": "^7.3.5",
-    "uuid": "^8.3.2"
+    "@defra-fish/business-rules-lib": "1.64.0-rc.20",
+    "@defra-fish/connectors-lib": "1.64.0-rc.20",
+    "@defra/hapi-gapi": "2.0.0",
+    "@hapi/boom": "9.1.2",
+    "@hapi/catbox-redis": "6.0.2",
+    "@hapi/cookie": "11.0.2",
+    "@hapi/crumb": "8.0.1",
+    "@hapi/hapi": "20.2.1",
+    "@hapi/inert": "6.0.5",
+    "@hapi/joi-date": "2.0.1",
+    "@hapi/scooter": "6.0.1",
+    "@hapi/vision": "6.1.0",
+    "blankie": "5.0.0",
+    "debug": "4.3.3",
+    "disinfect": "1.1.0",
+    "find": "0.3.0",
+    "govuk-frontend": "5.10.2",
+    "hapi-i18n": "3.0.1",
+    "joi": "17.6.0",
+    "moment": "2.29.1",
+    "moment-timezone": "0.5.34",
+    "node-fetch": "2.7.0",
+    "nunjucks": "3.2.3",
+    "openid-client": "4.9.1",
+    "semver": "7.3.5",
+    "uuid": "8.3.2"
   },
   "devDependencies": {
-    "@hapi/catbox-memory": "^5.0.1",
-    "del": "^6.0.0",
-    "gulp": "^4.0.2",
-    "gulp-concat": "^2.6.1",
-    "gulp-merge": "^0.1.1",
-    "gulp-minify": "^3.1.0",
-    "gulp-sass": "^5.1.0",
-    "gulp-sourcemaps": "^3.0.0",
-    "sass": "^1.69.3"
+    "@hapi/catbox-memory": "5.0.1",
+    "del": "6.0.0",
+    "gulp": "4.0.2",
+    "gulp-concat": "2.6.1",
+    "gulp-merge": "0.1.1",
+    "gulp-minify": "3.1.0",
+    "gulp-sass": "5.1.0",
+    "gulp-sourcemaps": "3.0.0",
+    "sass": "1.69.3"
   },
   "jest": {
     "setupFilesAfterEnv": [
       "./gafl-jest-matchers.js"
     ]
   },
-  "gitHead": "b901cb67affda78c747af57f88753b8039bd2172"
+  "gitHead": "853e2b2a4d2e9ce0160d941b3e108e972a108ae5"
 }

package/src/handlers/__tests__/cancel-rp-authentication-handler.spec.js

@@ -1,18 +1,207 @@
-import cancelRpAuthenticationHandler from '../cancel-rp-authentication-handler'
-import { CONTROLLER } from '../../uri.js'
+import handler from '../cancel-rp-authentication-handler'
+import { CANCEL_RP_IDENTIFY, CANCEL_RP_DETAILS } from '../../uri.js'
+import { addLanguageCodeToUri } from '../../processors/uri-helper.js'
+import { salesApi } from '@defra-fish/connectors-lib'
 
+jest.mock('../../processors/uri-helper.js')
+jest.mock('@defra-fish/connectors-lib')
+jest.mock('../../processors/renewals-write-cache.js', () => ({
+  setUpCacheFromAuthenticationResult: jest.fn().mockResolvedValue(undefined),
+  setUpPayloads: jest.fn().mockResolvedValue(undefined)
+}))
+jest.mock('@defra-fish/business-rules-lib', () => ({
+  validation: {
+    contact: {
+      createBirthDateValidator: () => ({ validateAsync: async () => '1970-01-01' }),
+      createOverseasPostcodeValidator: () => ({ validateAsync: async () => 'AA1 1AA' })
+    }
+  }
+}))
 jest.mock('../../uri.js', () => ({
-  CONTROLLER: { uri: Symbol('controller-uri') }
+  CANCEL_RP_IDENTIFY: { page: 'cancel-rp-identify page', uri: Symbol('cancel-rp-identify-uri') },
+  CANCEL_RP_DETAILS: { uri: Symbol('cancel-rp-details-uri') }
 }))
 
-const getSampleResponseToolkit = () => ({
-  redirectWithLanguageCode: jest.fn()
+const getSampleRequest = (payloadOverride = {}) => {
+  const page = {
+    getCurrentPermission: jest.fn().mockResolvedValue({
+      payload: {
+        referenceNumber: 'ABC123',
+        'date-of-birth-day': '01',
+        'date-of-birth-month': '01',
+        'date-of-birth-year': '1970',
+        postcode: 'AA1 1AA',
+        ...payloadOverride
+      }
+    }),
+    setCurrentPermission: jest.fn()
+  }
+  const status = {
+    getCurrentPermission: jest.fn().mockResolvedValue({}),
+    setCurrentPermission: jest.fn()
+  }
+  const helpers = { page, status }
+  const cache = () => ({ helpers })
+  return { cache }
+}
+
+const getSampleResponseTooklkit = () => ({
+  redirectWithLanguageCode: jest.fn().mockReturnValue('redirected')
+})
+
+const invokeHandlerWithMocks = async ({ salesApiResponse, decoratedIdentifyUri } = {}) => {
+  if (typeof salesApiResponse !== 'undefined') {
+    salesApi.authenticateRecurringPayment.mockResolvedValueOnce(salesApiResponse)
+  }
+  if (decoratedIdentifyUri) {
+    addLanguageCodeToUri.mockReturnValueOnce(decoratedIdentifyUri)
+  }
+  const request = getSampleRequest()
+  const h = getSampleResponseTooklkit()
+  if (decoratedIdentifyUri) {
+    h.redirect = jest.fn().mockReturnValue('redirect-response')
+  }
+  const result = await handler(request, h)
+  return { request, h, result }
+}
+
+const mockSuccessResponse = () => ({
+  permission: { id: 'perm-id' },
+  recurringPayment: { id: 'rcp-id', status: 0, cancelledDate: null }
 })
 
 describe('Cancel RP Authentication Handler', () => {
-  it('redirects with language code to CONTROLLER.uri', () => {
-    const sampleResponseToolkit = getSampleResponseToolkit()
-    cancelRpAuthenticationHandler(undefined, sampleResponseToolkit)
-    expect(sampleResponseToolkit.redirectWithLanguageCode).toHaveBeenCalledWith(CONTROLLER.uri)
+  beforeEach(() => {
+    jest.resetAllMocks()
+  })
+
+  describe('Successful authentication', () => {
+    it('returns the redirect result', async () => {
+      const { result } = await invokeHandlerWithMocks({
+        salesApiResponse: mockSuccessResponse()
+      })
+      expect(result).toBe('redirected')
+    })
+
+    it('redirects to details', async () => {
+      const { h } = await invokeHandlerWithMocks({
+        salesApiResponse: mockSuccessResponse()
+      })
+      expect(h.redirectWithLanguageCode).toHaveBeenCalledWith(CANCEL_RP_DETAILS.uri)
+    })
+
+    it('marks status as authorised', async () => {
+      const { request } = await invokeHandlerWithMocks({
+        salesApiResponse: mockSuccessResponse()
+      })
+      expect(request.cache().helpers.status.setCurrentPermission).toHaveBeenCalledWith({ authentication: { authorised: true } })
+    })
+  })
+
+  describe('Unsuccessful authentication - no match', () => {
+    it('redirects to the decorated identify URI', async () => {
+      const { h } = await invokeHandlerWithMocks({ salesApiResponse: null, decoratedIdentifyUri: 'decorated-identify-uri' })
+      expect(h.redirect).toHaveBeenCalledWith('decorated-identify-uri')
+    })
+
+    it('sets page cache error and preserves payload', async () => {
+      const { request } = await invokeHandlerWithMocks({ salesApiResponse: null, decoratedIdentifyUri: 'decorated-identify-uri' })
+      expect(request.cache().helpers.page.setCurrentPermission).toHaveBeenCalledWith(
+        CANCEL_RP_IDENTIFY.page,
+        expect.objectContaining({
+          payload: expect.any(Object),
+          error: { referenceNumber: 'not-found' }
+        })
+      )
+    })
+
+    it('marks status as unauthorised', async () => {
+      const { request } = await invokeHandlerWithMocks({ salesApiResponse: null, decoratedIdentifyUri: 'decorated-identify-uri' })
+      expect(request.cache().helpers.status.setCurrentPermission).toHaveBeenCalledWith(
+        expect.objectContaining({ authentication: { authorised: false } })
+      )
+    })
+  })
+
+  describe('Unsuccessful authentication - no recurring payment agreement', () => {
+    it('redirects to the decorated identify URI', async () => {
+      const { h } = await invokeHandlerWithMocks({
+        salesApiResponse: { permission: { id: 'perm-id' }, recurringPayment: null },
+        decoratedIdentifyUri: 'decorated-identify-uri'
+      })
+      expect(h.redirect).toHaveBeenCalledWith('decorated-identify-uri')
+    })
+
+    it('sets page cache error for no RCP setup', async () => {
+      const { request } = await invokeHandlerWithMocks({
+        salesApiResponse: { permission: { id: 'perm-id' }, recurringPayment: null },
+        decoratedIdentifyUri: 'decorated-identify-uri'
+      })
+      expect(request.cache().helpers.page.setCurrentPermission).toHaveBeenCalledWith(
+        CANCEL_RP_IDENTIFY.page,
+        expect.objectContaining({
+          payload: expect.any(Object),
+          error: { recurringPayment: 'not-set-up' }
+        })
+      )
+    })
+
+    it('marks status as unauthorised', async () => {
+      const { request } = await invokeHandlerWithMocks({
+        salesApiResponse: { permission: { id: 'perm-id' }, recurringPayment: null },
+        decoratedIdentifyUri: 'decorated-identify-uri'
+      })
+      expect(request.cache().helpers.status.setCurrentPermission).toHaveBeenCalledWith(
+        expect.objectContaining({ authentication: { authorised: false } })
+      )
+    })
+  })
+
+  describe('Unsuccessful authentication - RCP cancelled', () => {
+    it('redirects to the decorated identify URI', async () => {
+      const { h } = await invokeHandlerWithMocks({
+        salesApiResponse: { permission: { id: 'perm-id' }, recurringPayment: { id: 'rcp-id', status: 1, cancelledDate: '2024-01-01' } },
+        decoratedIdentifyUri: 'decorated-identify-uri'
+      })
+      expect(h.redirect).toHaveBeenCalledWith('decorated-identify-uri')
+    })
+
+    it('sets page cache error for RCP cancelled', async () => {
+      const { request } = await invokeHandlerWithMocks({
+        salesApiResponse: { permission: { id: 'perm-id' }, recurringPayment: { id: 'rcp-id', status: 1, cancelledDate: '2024-01-01' } },
+        decoratedIdentifyUri: 'decorated-identify-uri'
+      })
+      expect(request.cache().helpers.page.setCurrentPermission).toHaveBeenCalledWith(
+        CANCEL_RP_IDENTIFY.page,
+        expect.objectContaining({
+          payload: expect.any(Object),
+          error: { recurringPayment: 'rcp-cancelled' }
+        })
+      )
+    })
+
+    it('marks status as unauthorised', async () => {
+      const { request } = await invokeHandlerWithMocks({
+        salesApiResponse: { permission: { id: 'perm-id' }, recurringPayment: { id: 'rcp-id', status: 1, cancelledDate: '2024-01-01' } },
+        decoratedIdentifyUri: 'decorated-identify-uri'
+      })
+      expect(request.cache().helpers.status.setCurrentPermission).toHaveBeenCalledWith(
+        expect.objectContaining({ authentication: { authorised: false } })
+      )
+    })
+  })
+
+  it('uses referenceNumber from status when payload is missing', async () => {
+    salesApi.authenticateRecurringPayment.mockResolvedValueOnce({
+      permission: { id: 'perm-id' },
+      recurringPayment: { id: 'rcp-id', status: 0, cancelledDate: null }
+    })
+    const request = getSampleRequest({ referenceNumber: undefined })
+    request.cache().helpers.status.getCurrentPermission.mockResolvedValueOnce({
+      referenceNumber: 'A1B2C3'
+    })
+    const h = getSampleResponseTooklkit()
+    await handler(request, h)
+    expect(salesApi.authenticateRecurringPayment).toHaveBeenCalledWith('A1B2C3', expect.anything(), expect.anything())
   })
 })

package/src/handlers/cancel-rp-authentication-handler.js

@@ -1,6 +1,62 @@
-import { CONTROLLER } from '../uri.js'
+import { CANCEL_RP_IDENTIFY, CANCEL_RP_DETAILS } from '../../src/uri.js'
+import { addLanguageCodeToUri } from '../processors/uri-helper.js'
+import { salesApi } from '@defra-fish/connectors-lib'
+import { validation } from '@defra-fish/business-rules-lib'
+import { setUpCacheFromAuthenticationResult, setUpPayloads } from '../processors/renewals-write-cache.js'
+import Joi from 'joi'
 
-export default async (_request, h) => {
-  console.log('cancel rp authenticate handler', h.redirectWithLanguageCode)
-  return h.redirectWithLanguageCode(CONTROLLER.uri)
+const buildAuthFailure = (referenceNumber, payload, error) => ({
+  page: {
+    page: CANCEL_RP_IDENTIFY.page,
+    data: { payload, error }
+  },
+  status: {
+    referenceNumber,
+    authentication: { authorised: false }
+  },
+  redirectPath: CANCEL_RP_IDENTIFY.uri
+})
+
+const applyAuthFailure = async (request, h, failure) => {
+  await request.cache().helpers.page.setCurrentPermission(failure.page.page, failure.page.data)
+  await request.cache().helpers.status.setCurrentPermission(failure.status)
+  return h.redirect(addLanguageCodeToUri(request, failure.redirectPath))
 }
+
+const cancelRpAuthenticationHandler = async (request, h) => {
+  const { payload } = await request.cache().helpers.page.getCurrentPermission(CANCEL_RP_IDENTIFY.page)
+  const permission = await request.cache().helpers.status.getCurrentPermission()
+
+  const referenceNumber = payload.referenceNumber || permission.referenceNumber
+
+  const dateOfBirth = await validation.contact
+    .createBirthDateValidator(Joi)
+    .validateAsync(`${payload['date-of-birth-year']}-${payload['date-of-birth-month']}-${payload['date-of-birth-day']}`)
+  const postcode = await validation.contact.createOverseasPostcodeValidator(Joi).validateAsync(payload.postcode)
+
+  const authenticationResult = await salesApi.authenticateRecurringPayment(referenceNumber, dateOfBirth, postcode)
+
+  const failures = error => applyAuthFailure(request, h, buildAuthFailure(referenceNumber, payload, error))
+
+  if (!authenticationResult) {
+    return failures({ referenceNumber: 'not-found' })
+  }
+
+  if (!authenticationResult.recurringPayment) {
+    return failures({ recurringPayment: 'not-set-up' })
+  }
+
+  if (authenticationResult.recurringPayment?.status === 1 || authenticationResult.recurringPayment?.cancelledDate) {
+    return failures({ recurringPayment: 'rcp-cancelled' })
+  }
+
+  await setUpCacheFromAuthenticationResult(request, authenticationResult)
+  await setUpPayloads(request)
+  await request.cache().helpers.status.setCurrentPermission({
+    authentication: { authorised: true }
+  })
+
+  return h.redirectWithLanguageCode(CANCEL_RP_DETAILS.uri)
+}
+
+export default cancelRpAuthenticationHandler

package/src/locales/cy.json

@@ -140,6 +140,19 @@
   "back": "Yn ôl",
   "buy_another_licence": "Prynu trwydded arall",
   "buy_different_licence": "Prynu trwydded wahanol",
+  "cancel_rp_identify_caption": "Cancel your recurring card payment agreement",
+  "cancel_rp_identify_title": "Enter your details",
+  "cancel_rp_identify_body": "Cancelling your recurring card payment agreement will not cancel or refund your current licence. You can still fish until your current licence expires but your licence will not renew automatically.",
+  "cancel_rp_identify_ref_number": "Last 6 characters of your licence number",
+  "cancel_rp_identify_ref_number_hint": "For example, F4A315",
+  "cancel_rp_identify_ref_number_error": "Enter the last 6 characters of your licence number",
+  "cancel_rp_identify_ref_pattern": "The last six characters of your licence number don’t look right. Check and enter again",
+  "cancel_rp_identify_dob": "Date of birth",
+  "cancel_rp_identify_dob_hint": "For example, 31 3 1980",
+  "cancel_rp_identify_postcode": "Postcode",
+  "cancel_rp_identify_postcode_hint": "For example, WA4 1AB",
+  "cancel_rp_identify_postcode_error": "Enter a postcode",
+  "cancel_rp_identify_postcode_pattern": "Your postcode doesn’t look right. Check and enter again",
   "change_licence_details_you": "Adolygu neu newid manylion eich trwydded",
   "change_licence_details_other": "Adolygu neu newid manylion y drwydded",
   "change_licence_number": "Newid rhif y drwydded",
@@ -775,7 +788,6 @@
   "rp_cancel_complete_title": "Cancel your recurring card payment agreement - complete",
   "rp_cancel_confirm_title": "Cancel your recurring card payment agreement - confirm",
   "rp_cancel_details_title": "Cancel your recurring card payment agreement - details",
-  "rp_cancel_identify_title": "Cancel your recurring card payment agreement - identify",
   "save_changes": "Cadw newidiadau",
   "server_error_title_suffix": " - GOV.UK",
   "server_error_bulletpoint_1": "Os ydych chi wedi gofyn am hysbysiad dros e-bost neu neges destun, dylai’r hysbysiad gyrraedd o fewn 3 awr os bydd y taliad wedi cael ei gymryd.",

package/src/locales/en.json

@@ -140,6 +140,19 @@
   "back": "Back",
   "buy_another_licence": "Buy another licence",
   "buy_different_licence": "Buy a different licence",
+  "cancel_rp_identify_caption": "Cancel your recurring card payment agreement",
+  "cancel_rp_identify_title": "Enter your details",
+  "cancel_rp_identify_body": "Cancelling your recurring card payment agreement will not cancel or refund your current licence. You can still fish until your current licence expires but your licence will not renew automatically.",
+  "cancel_rp_identify_ref_number": "Last 6 characters of your licence number",
+  "cancel_rp_identify_ref_number_hint": "For example, F4A315",
+  "cancel_rp_identify_ref_number_error": "Enter the last 6 characters of your licence number",
+  "cancel_rp_identify_ref_pattern": "The last six characters of your licence number don’t look right. Check and enter again",
+  "cancel_rp_identify_dob": "Date of birth",
+  "cancel_rp_identify_dob_hint": "For example, 31 3 1980",
+  "cancel_rp_identify_postcode": "Postcode",
+  "cancel_rp_identify_postcode_hint": "For example, WA4 1AB",
+  "cancel_rp_identify_postcode_error": "Enter a postcode",
+  "cancel_rp_identify_postcode_pattern": "Your postcode doesn’t look right. Check and enter again",
   "change_licence_details_you": "Review or change the licence details",
   "change_licence_details_other": "Review or change the licence details",
   "change_licence_number": "Change licence number",
@@ -775,7 +788,6 @@
   "rp_cancel_complete_title": "Cancel your recurring card payment agreement - complete",
   "rp_cancel_confirm_title": "Cancel your recurring card payment agreement - confirm",
   "rp_cancel_details_title": "Cancel your recurring card payment agreement - details",
-  "rp_cancel_identify_title": "Cancel your recurring card payment agreement - identify",
   "save_changes": "Save changes",
   "server_error_title_suffix": " - GOV.UK",
   "server_error_bulletpoint_1": "If you have requested an email or text notification, this should be delivered in 3 hours if a payment has been taken.",

package/src/pages/guidance/accessibility-statement.njk

@@ -59,17 +59,17 @@
         <p class="govuk-body">{{ mssgs.access_statement_tech_body }}</p>
 
         <h2 class="govuk-heading-m">{{ mssgs.access_statement_compliance_heading }}</h2>
-        <p class="govuk-body">{{ mssgs.access_statement_compliance_body_1 }}<a href="https://www.w3.org/TR/WCAG21/" class="govuk-link" target="_blank">{{ mssgs.access_statement_compliance_body_link_1 }}</a>{{ mssgs.full_stop }}</p>
-        <p class="govuk-body">{{ mssgs.access_statement_compliance_body_2 }}<a href="https://www.w3.org/TR/WCAG21/" class="govuk-link" target="_blank">{{ mssgs.access_statement_compliance_body_link_2 }}</a>{{ mssgs.full_stop }}</p>
+        <p class="govuk-body">{{ mssgs.access_statement_compliance_body_1 }}<a href="https://www.w3.org/TR/WCAG22/" class="govuk-link" target="_blank">{{ mssgs.access_statement_compliance_body_link_1 }}</a>{{ mssgs.full_stop }}</p>
+        <p class="govuk-body">{{ mssgs.access_statement_compliance_body_2 }}<a href="https://www.w3.org/TR/WCAG22/" class="govuk-link" target="_blank">{{ mssgs.access_statement_compliance_body_link_2 }}</a>{{ mssgs.full_stop }}</p>
 
         <h2 class="govuk-heading-m">{{ mssgs.access_statement_nonaccess_heading }}</h2>
         <p class="govuk-body">{{ mssgs.access_statement_nonaccess_body }}</p>
 
         <h2 class="govuk-heading-m">{{ mssgs.access_statement_noncompliance_heading }}</h2>
         <ul class="govuk-list govuk-list--bullet">
-            <li> {{ mssgs.access_statement_noncompliance_body_1 }}<a href="https://www.w3.org/WAI/WCAG21/Understanding/keyboard-no-exception.html" class="govuk-link" target="_blank">{{ mssgs.access_statement_noncompliance_body_link_1 }}</a>{{ mssgs.access_statement_noncompliance_body_2 }}</li>
-            <li> {{ mssgs.access_statement_noncompliance_body_3 }}<a href="https://www.w3.org/WAI/WCAG21/Understanding/contrast-enhanced.html" class="govuk-link" target="_blank">{{ mssgs.access_statement_noncompliance_body_link_2 }}</a>{{ mssgs.access_statement_noncompliance_body_4 }} </li>
-            <li> {{ mssgs.access_statement_noncompliance_body_5 }}<a href="https://www.w3.org/WAI/WCAG21/Understanding/link-purpose-link-only.html" class="govuk-link" target="_blank">{{ mssgs.access_statement_noncompliance_body_link_3 }}</a>{{ mssgs.access_statement_noncompliance_body_6 }} </li>
+            <li> {{ mssgs.access_statement_noncompliance_body_1 }}<a href="https://www.w3.org/WAI/WCAG22/Understanding/keyboard-no-exception.html" class="govuk-link" target="_blank">{{ mssgs.access_statement_noncompliance_body_link_1 }}</a>{{ mssgs.access_statement_noncompliance_body_2 }}</li>
+            <li> {{ mssgs.access_statement_noncompliance_body_3 }}<a href="https://www.w3.org/WAI/WCAG22/Understanding/contrast-enhanced.html" class="govuk-link" target="_blank">{{ mssgs.access_statement_noncompliance_body_link_2 }}</a>{{ mssgs.access_statement_noncompliance_body_4 }} </li>
+            <li> {{ mssgs.access_statement_noncompliance_body_5 }}<a href="https://www.w3.org/WAI/WCAG22/Understanding/link-purpose-link-only.html" class="govuk-link" target="_blank">{{ mssgs.access_statement_noncompliance_body_link_3 }}</a>{{ mssgs.access_statement_noncompliance_body_6 }} </li>
         </ul>
 
         <h2 class="govuk-heading-m">{{ mssgs.access_statement_burden_title }}</h2>

package/src/pages/recurring-payments/cancel/identify/__tests__/route.spec.js

@@ -0,0 +1,174 @@
+import pageRoute from '../../../../../routes/page-route.js'
+import { CANCEL_RP_IDENTIFY } from '../../../../../uri.js'
+import { addLanguageCodeToUri } from '../../../../../processors/uri-helper.js'
+import { getData, validator } from '../route.js'
+import { dateOfBirthValidator, getDateErrorFlags } from '../../../../../schema/validators/validators.js'
+import { validation } from '@defra-fish/business-rules-lib'
+import GetDataRedirect from '../../../../../handlers/get-data-redirect.js'
+
+require('../route.js')
+
+jest.mock('../../../../../routes/page-route.js')
+jest.mock('../../../../../uri.js', () => ({
+  ...jest.requireActual('../../../../../uri.js'),
+  CANCEL_RP_IDENTIFY: { page: 'cancel-rp identify page', uri: Symbol('cancel-rp identify uri') },
+  CANCEL_RP_AUTHENTICATE: { uri: 'cancel-rp-authenticate uri' }
+}))
+jest.mock('../../../../../processors/uri-helper.js')
+jest.mock('../../../../../schema/validators/validators.js')
+
+describe('cancel recurring payment identify route', () => {
+  afterEach(() => {
+    jest.restoreAllMocks()
+  })
+
+  describe('getData', () => {
+    const getMockRequest = (referenceNumber, pageGet = async () => ({})) => ({
+      cache: () => ({
+        helpers: {
+          status: {
+            getCurrentPermission: () => ({
+              referenceNumber
+            }),
+            setCurrentPermission: jest.fn()
+          },
+          page: {
+            getCurrentPermission: pageGet
+          }
+        }
+      }),
+      i18n: {
+        getCatalog: () => [],
+        getLocales: () => []
+      }
+    })
+
+    it('passes correct page name when getting page cache', async () => {
+      const pageGet = jest.fn(() => ({}))
+      await getData(getMockRequest(undefined, pageGet))
+      expect(pageGet).toHaveBeenCalledWith(CANCEL_RP_IDENTIFY.page)
+    })
+
+    it.each([['09F6VF'], ['013AH6'], ['LK563F']])('returns referenceNumber when permission includes %s', async referenceNumber => {
+      const result = await getData(getMockRequest(referenceNumber))
+      expect(result.referenceNumber).toEqual(referenceNumber)
+    })
+
+    it('throws redirect when permission number fails validation', async () => {
+      const spy = jest
+        .spyOn(validation.permission, 'permissionNumberUniqueComponentValidator')
+        .mockReturnValue({ validate: () => ({ error: true }) })
+      const request = getMockRequest('BAD123')
+      request.cache().helpers.status.setCurrentPermission = jest.fn()
+      await expect(getData(request)).rejects.toBeInstanceOf(GetDataRedirect)
+      spy.mockRestore()
+    })
+
+    it('adds return value of getErrorFlags to the page data', async () => {
+      const errorFlags = { unique: Symbol('error-flags') }
+      getDateErrorFlags.mockReturnValueOnce(errorFlags)
+      const result = await getData(getMockRequest())
+      expect(result).toEqual(expect.objectContaining(errorFlags))
+    })
+
+    it('passes error to getErrorFlags', async () => {
+      const error = Symbol('error')
+      await getData(getMockRequest(undefined, async () => ({ error })))
+      expect(getDateErrorFlags).toHaveBeenCalledWith(error)
+    })
+
+    it.each([
+      ['full-date', 'object.missing'],
+      ['day', 'any.required']
+    ])('adds error details (%s: %s) to the page data', async (errorKey, errorValue) => {
+      const pageGet = async () => ({
+        error: { [errorKey]: errorValue }
+      })
+      const result = await getData(getMockRequest(undefined, pageGet))
+      expect(result.error).toEqual({ errorKey, errorValue })
+    })
+
+    it('omits error if there is no error', async () => {
+      const result = await getData(getMockRequest())
+      expect(result.error).toBeUndefined()
+    })
+  })
+
+  describe('pageRoute', () => {
+    it('passes CANCEL_RP_IDENTIFY.page as the first argument to pageRoute', () => {
+      expect(pageRoute.mock.calls[0][0]).toBe(CANCEL_RP_IDENTIFY.page)
+    })
+
+    it('passes CANCEL_RP_IDENTIFY.uri as the second argument to pageRoute', () => {
+      expect(pageRoute.mock.calls[0][1]).toBe(CANCEL_RP_IDENTIFY.uri)
+    })
+
+    it('calls pageRoute with validator, nextPage function, and getData', () => {
+      expect(pageRoute).toBeCalledWith(CANCEL_RP_IDENTIFY.page, CANCEL_RP_IDENTIFY.uri, validator, expect.any(Function), getData)
+    })
+  })
+
+  describe('page route next', () => {
+    const getNextPage = () => pageRoute.mock.calls[0][3]
+
+    it('passes a function', () => {
+      const nextPage = getNextPage()
+      expect(typeof nextPage).toBe('function')
+    })
+
+    it('calls addLanguageCodeToUri', () => {
+      const nextPage = getNextPage()
+      nextPage()
+      expect(addLanguageCodeToUri).toHaveBeenCalled()
+    })
+
+    it('passes request to addLanguageCodeToUri', () => {
+      const request = Symbol('request')
+      const nextPage = getNextPage()
+      nextPage(request)
+      expect(addLanguageCodeToUri).toHaveBeenCalledWith(request, expect.anything())
+    })
+
+    it('returns result of addLanguageCodeToUri', () => {
+      const expectedResult = Symbol('add language code to uri')
+      const nextPage = getNextPage()
+      addLanguageCodeToUri.mockReturnValueOnce(expectedResult)
+      expect(nextPage()).toBe(expectedResult)
+    })
+  })
+
+  describe('validator', () => {
+    const getMockPayload = (postcode = 'AA1 1AA', referenceNumber = 'A1B2C3') => ({
+      postcode,
+      referenceNumber
+    })
+
+    it('fails if dateOfBirthValidator throws', () => {
+      const expectedError = new Error('expected error')
+      dateOfBirthValidator.mockImplementationOnce(() => {
+        throw expectedError
+      })
+      expect(() => validator(getMockPayload())).toThrow(expectedError)
+    })
+
+    it('passes if dateOfBirthValidator succeeds', () => {
+      expect(() => validator(getMockPayload())).not.toThrow()
+    })
+
+    it('passes payload to dateOfBirthValidator', () => {
+      const p = getMockPayload()
+      validator(p)
+      expect(dateOfBirthValidator).toHaveBeenCalledWith(p)
+    })
+
+    it('fails if permission number is invalid', () => {
+      jest.spyOn(validation.permission, 'permissionNumberUniqueComponentValidator').mockReturnValue({ validate: () => ({ error: 'bad' }) })
+      expect(() => validator({ referenceNumber: 'BAD', postcode: 'AA1 1AA' })).toThrow()
+    })
+
+    it('fails if postcode is invalid', () => {
+      jest.spyOn(validation.contact, 'createOverseasPostcodeValidator').mockReturnValue({ validate: () => ({ error: 'bad' }) })
+      expect(() => validator({ referenceNumber: 'ABC123', postcode: 'ZZZ' })).toThrow()
+    })
+  })
+})

package/src/pages/recurring-payments/cancel/identify/cancel-rp-identify.njk

@@ -1,15 +1,175 @@
 {% extends "layout.njk" %}
 
+{% from "fieldset/macro.njk" import govukFieldset %}
 {% from "button/macro.njk" import govukButton %}
 {% from "page-title.njk" import pageTitle %}
+{% from "date-input/macro.njk" import govukDateInput %}
+{% from "input/macro.njk" import govukInput %}
+{% from "error-summary.njk" import errorSummary %}
+
+{% set title = mssgs.cancel_rp_identify_title %}
 
-{% set title = mssgs.rp_cancel_identify_title %}
 {% block pageTitle %}{{ pageTitle(title, error, mssgs) }}{% endblock %}
 
+{%
+    set errorMap = {
+        'referenceNumber' : {
+            'string.empty': { text: mssgs.cancel_rp_identify_ref_number_error, ref: '#ref' },
+            'string.pattern.base': { text: mssgs.cancel_rp_identify_ref_pattern, ref: '#ref' }
+        },
+        'postcode': {
+            'string.empty': { ref: '#postcode', text: mssgs.cancel_rp_identify_postcode_error },
+            'string.pattern.base': { ref: '#postcode', text: mssgs.cancel_rp_identify_postcode_pattern }
+        },
+        'full-date': {
+            'object.missing': { ref: '#date-of-birth-day', text: mssgs.dob_error }
+        },
+        'day-and-month': {
+            'object.missing': { ref: '#date-of-birth-day', text: mssgs.dob_error_missing_day_and_month }
+        },
+        'day-and-year': {
+            'object.missing': { ref: '#date-of-birth-day', text: mssgs.dob_error_missing_day_and_year }
+        },
+        'month-and-year': {
+            'object.missing': { ref: '#date-of-birth-month', text: mssgs.dob_error_missing_month_and_year }
+        },
+        'day': {
+            'any.required': { ref: '#date-of-birth-day', text: mssgs.dob_error_missing_day }
+        },
+        'month': {
+            'any.required': { ref: '#date-of-birth-month', text: mssgs.dob_error_missing_month }
+        },
+        'year': {
+            'any.required': { ref: '#date-of-birth-year', text: mssgs.dob_error_missing_year }
+        },
+        'non-numeric': {
+            'number.base': { ref: '#date-of-birth-day', text: mssgs.dob_error_non_numeric }
+        },
+        'invalid-date': {
+            'any.custom': { ref: '#date-of-birth-day', text: mssgs.dob_error_date_real }
+        },
+        'date-range': {
+            'date.min': { ref: '#date-of-birth-day', text: mssgs.dob_error_year_min },
+            'date.max': { ref: '#date-of-birth-day', text: mssgs.dob_error_year_max }
+        }
+    }
+%}
+
+{% set dateInputItems = [
+    {
+      label: mssgs.date_day,
+      name: "day",
+      classes: "govuk-input--width-2 govuk-input--error" if data.isDayError else "govuk-input--width-2",
+      value: payload['date-of-birth-day'],
+      attributes: { maxlength : 2 }
+    },
+    {
+      label: mssgs.date_month,
+      name: "month",
+      classes: "govuk-input--width-2 govuk-input--error" if data.isMonthError else "govuk-input--width-2",
+      value: payload['date-of-birth-month'],
+      attributes: { maxlength : 2 }
+    },
+    {
+      label: mssgs.date_year,
+      name: "year",
+      classes: "govuk-input--width-4 govuk-input--error" if data.isYearError else "govuk-input--width-4",
+      value: payload['date-of-birth-year'],
+      attributes: { maxlength : 4 }
+    }
+  ]
+%}
+
 {% block content %}
 <div class="govuk-grid-row">
-    <div class="govuk-grid-column-two-thirds">
-        <form method="post" class="govuk-!-margin-bottom-6">
+  <div class="govuk-grid-column-two-thirds">
+    {{ errorSummary(error, errorMap, mssgs.there_is_a_problem) }}
+    <form method="post" class="govuk-!-margin-bottom-6">
+
+      {% set legendHtml %}
+        <span class="govuk-caption-l">{{ mssgs.cancel_rp_identify_caption }}</span>
+        {{ title }}
+      {% endset %}
+
+      {% call govukFieldset({
+        describedBy: "ref-hint date-of-birth-hint postcode-hint",
+        legend: {
+          html: legendHtml,
+          classes: "govuk-fieldset__legend--l govuk-!-margin-bottom-3",
+          isPageHeading: true
+        }
+      }) %}
+
+                <p class="govuk-body-m">{{ mssgs.cancel_rp_identify_body }}</p>
+
+                  {{ govukInput({
+                    id: "ref",
+                    name: "referenceNumber",
+                    type: "text",
+                    classes: "govuk-input--width-10",
+                    errorMessage: { text: mssgs.cancel_rp_identify_ref_number_error } if error['referenceNumber'],
+                    label: {
+                      text: mssgs.cancel_rp_identify_ref_number,
+                      classes: "govuk-!-font-weight-bold"
+                    },
+                    hint: {
+                        text: mssgs.cancel_rp_identify_ref_number_hint
+                    },
+                    attributes: {
+                      spellcheck: "false",
+                      maxlength: "6"
+                    },
+                    value: payload.referenceNumber
+                  }) }}
+
+                {{ govukDateInput({
+                  id: "date-of-birth",
+                  namePrefix: "date-of-birth",
+                  items: dateInputItems,
+                  fieldset: {
+                      legend: {
+                            text: mssgs.cancel_rp_identify_dob,
+                            isPageHeading: false,
+                            classes: "govuk-!-font-weight-bold govuk-label"
+                      }
+                  },
+                  errorMessage: ({
+                    text: errorMap[data.error.errorKey][data.error.errorValue].text }
+                    if data.error and data.error.errorKey in [
+                      'full-date',
+                      'day-and-month',
+                      'day-and-year',
+                      'month-and-year',
+                      'day',
+                      'month',
+                      'year',
+                      'non-numeric',
+                      'invalid-date',
+                      'date-range'
+                    ]
+                  ),
+                  hint: {
+                    text: mssgs.cancel_rp_identify_dob_hint
+                  }
+                }) }}
+
+                {{ govukInput({
+                  label: {
+                    text: mssgs.cancel_rp_identify_postcode,
+                    classes: "govuk-!-font-weight-bold"
+                  },
+                  id: "postcode",
+                  name: "postcode",
+                  hint: { text: mssgs.cancel_rp_identify_postcode_hint },
+                  value: payload['postcode'],
+                  autocomplete: 'postal-code',
+                  classes: "govuk-input--width-10",
+                  attributes: { maxlength: 10 },
+                  errorMessage: { text: mssgs.cancel_rp_identify_postcode_error } if error['postcode']
+                }) }}
+
+            {% endcall %}
+
           {{ govukButton({
             attributes: { id: 'continue' },
             preventDoubleClick: true,
@@ -21,4 +181,11 @@
         </form>
     </div>
 </div>
-{% endblock %}
+{% endblock %}
+
+{% block bodyEnd %}
+<script type="module" nonce="{{ nonce }}">
+  import { initAll } from '/public/javascript/govuk-frontend-min.js'
+  initAll()
+</script>
+{% endblock %}

package/src/pages/recurring-payments/cancel/identify/route.js

@@ -1,13 +1,58 @@
-import pageRoute from '../../../../routes/page-route.js'
 import { CANCEL_RP_AUTHENTICATE, CANCEL_RP_IDENTIFY } from '../../../../uri.js'
+import pageRoute from '../../../../routes/page-route.js'
+import Joi from 'joi'
+import { validation } from '@defra-fish/business-rules-lib'
 import { addLanguageCodeToUri } from '../../../../processors/uri-helper.js'
+import GetDataRedirect from '../../../../handlers/get-data-redirect.js'
+import { dateOfBirthValidator, getDateErrorFlags } from '../../../../schema/validators/validators.js'
+
+export const getData = async request => {
+  const permission = await request.cache().helpers.status.getCurrentPermission()
+  const page = await request.cache().helpers.page.getCurrentPermission(CANCEL_RP_IDENTIFY.page)
+
+  if (permission.referenceNumber) {
+    const validatePermissionNumber = validation.permission
+      .permissionNumberUniqueComponentValidator(Joi)
+      .validate(permission.referenceNumber)
+    if (validatePermissionNumber.error) {
+      await request.cache().helpers.status.setCurrentPermission({ referenceNumber: null })
+      throw new GetDataRedirect(addLanguageCodeToUri(request, CANCEL_RP_IDENTIFY.uri))
+    }
+  }
+
+  const pageData = {
+    referenceNumber: permission.referenceNumber,
+    ...getDateErrorFlags(page?.error)
+  }
+
+  if (page?.error) {
+    const [errorKey] = Object.keys(page.error)
+    const errorValue = page.error[errorKey]
+    pageData.error = { errorKey, errorValue }
+  }
+
+  return pageData
+}
+
+export const validator = payload => {
+  dateOfBirthValidator(payload)
+
+  Joi.assert(
+    {
+      postcode: payload.postcode,
+      referenceNumber: payload.referenceNumber
+    },
+    Joi.object({
+      referenceNumber: validation.permission.permissionNumberUniqueComponentValidator(Joi),
+      postcode: validation.contact.createOverseasPostcodeValidator(Joi)
+    }).options({ abortEarly: false })
+  )
+}
 
 export default pageRoute(
   CANCEL_RP_IDENTIFY.page,
   CANCEL_RP_IDENTIFY.uri,
-  () => {},
-  request => {
-    return addLanguageCodeToUri(request, CANCEL_RP_AUTHENTICATE.uri)
-  },
-  () => {}
+  validator,
+  request => addLanguageCodeToUri(request, CANCEL_RP_AUTHENTICATE.uri),
+  getData
 )

package/src/pages/recurring-payments/cancel/identify/__tests__/route.test.js

@@ -1,106 +0,0 @@
-import pageRoute from '../../../../../routes/page-route.js'
-import { CANCEL_RP_AUTHENTICATE, CANCEL_RP_IDENTIFY } from '../../../../../uri.js'
-import { addLanguageCodeToUri } from '../../../../../processors/uri-helper.js'
-
-require('../route.js')
-// eslint-disable-next-line no-unused-vars
-const [[_v, _p, validator, completion, getData]] = pageRoute.mock.calls
-
-jest.mock('../../../../../routes/page-route.js')
-jest.mock('../../../../../uri.js', () => ({
-  ...jest.requireActual('../../../../../uri.js'),
-  CANCEL_RP_IDENTIFY: { page: Symbol('cancel-rp-identify'), uri: Symbol('cancel-rp-identify-uri') },
-  CANCEL_RP_AUTHENTICATE: { uri: Symbol('cancel-rp-authenticate-uri') }
-}))
-jest.mock('../../../../../processors/uri-helper.js')
-
-describe('pageRoute receives expected arguments', () => {
-  it('passes CANCEL_RP_IDENTIFY.page as the view name', () => {
-    jest.isolateModules(() => {
-      require('../route.js')
-      expect(pageRoute).toHaveBeenCalledWith(
-        CANCEL_RP_IDENTIFY.page,
-        expect.anything(),
-        expect.anything(),
-        expect.anything(),
-        expect.anything()
-      )
-    })
-  })
-
-  it('passes CANCEL_RP_IDENTIFY.uri as the path', () => {
-    jest.isolateModules(() => {
-      require('../route.js')
-      expect(pageRoute).toHaveBeenCalledWith(
-        expect.anything(),
-        CANCEL_RP_IDENTIFY.uri,
-        expect.anything(),
-        expect.anything(),
-        expect.anything()
-      )
-    })
-  })
-
-  it('passes a function as the validator', () => {
-    jest.isolateModules(() => {
-      require('../route.js')
-      expect(pageRoute).toHaveBeenCalledWith(
-        expect.anything(),
-        expect.anything(),
-        expect.any(Function),
-        expect.anything(),
-        expect.anything()
-      )
-    })
-  })
-
-  it('passes a function to generate redirect location on completion', () => {
-    jest.isolateModules(() => {
-      require('../route.js')
-      expect(pageRoute).toHaveBeenCalledWith(
-        expect.anything(),
-        expect.anything(),
-        expect.anything(),
-        expect.any(Function),
-        expect.anything()
-      )
-    })
-  })
-
-  it('passes a function to get the page data', () => {
-    jest.isolateModules(() => {
-      require('../route.js')
-      expect(pageRoute).toHaveBeenCalledWith(
-        expect.anything(),
-        expect.anything(),
-        expect.anything(),
-        expect.anything(),
-        expect.any(Function)
-      )
-    })
-  })
-})
-
-describe('completion function', () => {
-  beforeEach(jest.clearAllMocks)
-
-  it('calls addLanguageCodeToUri with request', () => {
-    const sampleRequest = Symbol('sample request')
-    completion(sampleRequest)
-    expect(addLanguageCodeToUri).toHaveBeenCalledWith(sampleRequest, expect.anything())
-  })
-
-  it('calls addLanguageCodeToUri with CANCEL_RP_AUTHENTICATE uri', () => {
-    completion({})
-    expect(addLanguageCodeToUri).toHaveBeenCalledWith(expect.anything(), CANCEL_RP_AUTHENTICATE.uri)
-  })
-
-  it('returns the value of addLanguageCodeToUri', () => {
-    const expectedCompletionRedirect = Symbol('expected-completion-redirect')
-    addLanguageCodeToUri.mockReturnValueOnce(expectedCompletionRedirect)
-
-    const completionRedirect = completion({})
-
-    expect(completionRedirect).toBe(expectedCompletionRedirect)
-  })
-})