@gov-cy/govcy-express-services 1.11.3 → 1.12.0

package/README.md

@@ -156,17 +156,17 @@ The CY Login settings are configured in the `secrets/.env` file.
 
 Each service can specify which types of authenticated CY Login profiles are allowed to access it using the `site.cyLoginPolicies` property in its site configuration.
 
-```json
-"cyLoginPolicies": ["naturalPerson", "legalPerson", "eidasNaturalPerson"]
-```
+```json
+"cyLoginPolicies": ["naturalPerson", "legalPerson", "eidasNaturalPerson"]
+```
 
 ##### Supported Policies
 
-| Policy name     | Description                                                  | Typical use                                          |
-| --------------- | ------------------------------------------------------------ | ---------------------------------------------------- |
-| `naturalPerson` | Allows individual users (Cypriot citizens or foreign residents) who have a verified profile in the Civil Registry. Identified by `profile_type: "Individual"` and a 10-digit identifier starting with `00` (citizen) or `05` (foreigner). | Citizen-facing services, personal applications, etc. |
-| `legalPerson`   | Allows legal entities (companies, partnerships, organisations) with verified profiles in the Registrar of Companies. Identified by `profile_type: "Organisation"` and a `legal_unique_identifier`. | Business-facing services, company submissions, etc.  |
-| `eidasNaturalPerson` | Allows eIDAS natural persons identified by `profile_type: "Individual"` and `unique_identifier` in the `CC/CC/<identifier>` format. | Cross-border eIDAS individual services. |
+| Policy name     | Description                                                  | Typical use                                          |
+| --------------- | ------------------------------------------------------------ | ---------------------------------------------------- |
+| `naturalPerson` | Allows individual users (Cypriot citizens or foreign residents) who have a verified profile in the Civil Registry. Identified by `profile_type: "Individual"` and a 10-digit identifier starting with `00` (citizen) or `05` (foreigner). | Citizen-facing services, personal applications, etc. |
+| `legalPerson`   | Allows legal entities (companies, partnerships, organisations) with verified profiles in the Registrar of Companies. Identified by `profile_type: "Organisation"` and a `legal_unique_identifier`. | Business-facing services, company submissions, etc.  |
+| `eidasNaturalPerson` | Allows eIDAS natural persons identified by `profile_type: "Individual"` and `unique_identifier` in the `CC/CC/<identifier>` format. | Cross-border eIDAS individual services. |
 
 ##### How it works
 
@@ -185,21 +185,21 @@ This maintains backward compatibility with existing services that only supported
 
 ##### Example
 
-Allow both natural and legal persons:
+Allow both natural and legal persons:
 
-```json
-"site": {
-  "cyLoginPolicies": ["naturalPerson", "legalPerson"]
-}
-```
-
-Allow Cypriot and eIDAS natural persons:
-
-```json
-"site": {
-  "cyLoginPolicies": ["naturalPerson", "eidasNaturalPerson"]
-}
-```
+```json
+"site": {
+  "cyLoginPolicies": ["naturalPerson", "legalPerson"]
+}
+```
+
+Allow Cypriot and eIDAS natural persons:
+
+```json
+"site": {
+  "cyLoginPolicies": ["naturalPerson", "eidasNaturalPerson"]
+}
+```
 
 Restrict access to natural persons only:
 
@@ -1905,10 +1905,10 @@ The validation rules for each element are defined in the `"validations` array fo
     - `noSpecialChars`: Consists only of letters, numbers and some other characters
     - `noSpecialCharsEl`: Consists only of Greek letters, numbers and some other characters
     - `textWide_EL`: Consists of Greek Letters and a wider range of characters
-    - `textWide_EL_Latin`: Consists of Greek Letters, Latin letters, numbers and a wider range of characters
-    - `textWide_EL_Latin_TR`: Consists of Greek Letters, Latin letters, Turkish letters, numbers and a wider range of characters
-    - `textWide_EL_Latn`: Deprecated alias of `textWide_EL_Latin` (still supported for backward compatibility)
-    - `textWide_EL_Latn_TR`: Deprecated alias of `textWide_EL_Latin_TR` (still supported for backward compatibility)
+    - `textWide_EL_Latin`: Consists of Greek Letters, Latin letters, numbers and a wider range of characters
+    - `textWide_EL_Latin_TR`: Consists of Greek Letters, Latin letters, Turkish letters, numbers and a wider range of characters
+    - `textWide_EL_Latn`: Deprecated alias of `textWide_EL_Latin` (still supported for backward compatibility)
+    - `textWide_EL_Latn_TR`: Deprecated alias of `textWide_EL_Latin_TR` (still supported for backward compatibility)
     - `textWide_UTF`: Consists of any letters, numbers and a wider range of characters
     - `numeric`: Numeric input
     - `numDecimal`: Numeric decimal input
@@ -1925,16 +1925,23 @@ The validation rules for each element are defined in the `"validations` array fo
     - `email`: Email input
     - `date`: Date input (DD/MM/YYYY)
     - `dateISO`: ISO date input `YYYY-M-D`
-    - `dateDMY`: European/Common Format date input `D/M/YYYY`
-    - `maxCurrentYear`: Maximum current year input
+    - `dateDMY`: European/Common Format date input `D/M/YYYY`
+    - `maxCurrentYear`: Maximum current year input. Use it for year-only inputs e.g. `2026` or formats that start with year e.g. `YYYY-M-D` (which works well with `dateInput` component). Do not use it with `D/M/YYYY` values (e.g. datePicker values); use date-based checks instead (`minCurrentDate`, `maxCurrentDate`, `withinDaysBeforeToday`, `withinDaysAfterToday`).
+    - `minCurrentYear`: Minimum current year input. Use it for year-only inputs e.g. `2026` or formats that start with year e.g. `YYYY-M-D` (which works well with `dateInput` component). Do not use it with `D/M/YYYY` values (e.g. datePicker values); use date-based checks instead (`minCurrentDate`, `maxCurrentDate`, `withinDaysBeforeToday`, `withinDaysAfterToday`).
+    - `minCurrentDate`: Checks if the value is greater than or equal to the current date.
+    - `maxCurrentDate`: Checks if the value is less than or equal to the current date.
 - `required`: Checks if the value is not null, undefined, or an empty string (after trimming).
 - `length`: Checks if the value has a maximum length passed in the `checkValue` parameter.
 - `regCheck`: Checks if the value matches the specified regular expression passed in the `checkValue` parameter.
-- `minValue`: Checks if the value is greater than or equal to the specified minimum value passed in the `checkValue` parameter.
-- `maxValue`: Checks if the value is less than or equal to the specified maximum value passed in the `checkValue` parameter.
-- `minValueDate`: Checks if the value is greater than or equal to the specified minimum date passed in the `checkValue` parameter.
-- `maxValueDate`: Checks if the value is less than or equal to the specified maximum date passed in the `checkValue` parameter.
-- `minLength`: Checks if the value has a minimum length passed in the `checkValue` parameter.
+- `minValue`: Checks if the value is greater than or equal to the specified minimum value passed in the `checkValue` parameter.
+- `maxValue`: Checks if the value is less than or equal to the specified maximum value passed in the `checkValue` parameter.
+- `minValueDate`: Checks if the value is greater than or equal to the specified minimum date passed in the `checkValue` parameter.
+- `maxValueDate`: Checks if the value is less than or equal to the specified maximum date passed in the `checkValue` parameter.
+- `withinDaysBeforeToday`: Checks if the value is within the last `N` days (between `today - N` and `today`), where `N` is passed in `checkValue`.
+- `withinDaysAfterToday`: Checks if the value is within the next `N` days (between `today` and `today + N`), where `N` is passed in `checkValue`.
+- `minLength`: Checks if the value has a minimum length passed in the `checkValue` parameter.
+
+For `withinDaysBeforeToday` and `withinDaysAfterToday`, validation compares calendar dates only (local server timezone), not time-of-day. Supported input date formats are `YYYY-M-D` / `YYYY-MM-DD` and `D/M/YYYY` / `DD/MM/YYYY`.
 
 Example:
 
@@ -2066,16 +2073,16 @@ To use data layer values, use the special `dataLayer[]` array. For example `data
       - `formData` is a reserved word for the form data (already inputed data by the user) for that page
         - `showExtra`refers to a input component with that name 
 
-The `dataLayer` typically contains keys such as:
-- `inputData`: **All data submitted by the user through forms**
-- `eligibilityResults`: **Cached results from service eligibility API checks**
-- `user.profile_type`: **Authenticated user profile type from CY Login context**
-- `user.policy`: **The matched CY Login policy name for the current session**
+The `dataLayer` typically contains keys such as:
+- `inputData`: **All data submitted by the user through forms**
+- `eligibilityResults`: **Cached results from service eligibility API checks**
+- `user.profile_type`: **Authenticated user profile type from CY Login context**
+- `user.policy`: **The matched CY Login policy name for the current session**
 
 Example structure for a service with ID `my-service`:
 
-```js
-dataLayer = {
+```js
+dataLayer = {
   'my-service.inputData.index.formData.fullName': 'John Smith',
   'my-service.inputData.index.formData.age': '34',
   'my-service.inputData.contact-details.formData.telephone': '+35712345678',
@@ -2085,13 +2092,13 @@ dataLayer = {
     "permanent_residence"
   ],
   'my-service.inputData.want-to-apply.formData.option-radio': 'yes',
-  'my-service.eligibilityResults.check1.succeeded': true,
-  'my-service.eligibilityResults.check2.ErrorCode': 0,
-  'user.profile_type': 'Individual',
-  'user.policy': 'naturalPerson'
-}
-
-```
+  'my-service.eligibilityResults.check1.succeeded': true,
+  'my-service.eligibilityResults.check2.ErrorCode': 0,
+  'user.profile_type': 'Individual',
+  'user.policy': 'naturalPerson'
+}
+
+```
 
 If any part of the key path is missing (e.g., the page hasn’t been visited yet or a form field was left empty), the expression will safely return `undefined` and **will not throw an error**. This behavior is by design, so that conditional logic expressions can fail silently and fallback gracefully.
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@gov-cy/govcy-express-services",
-  "version": "1.11.3",
+  "version": "1.12.0",
   "description": "An Express-based system that dynamically renders services using @gov-cy/govcy-frontend-renderer and posts data to a submission API.",
   "author": "DMRID - DSF Team",
   "license": "MIT",
@@ -58,7 +58,7 @@
   },
   "dependencies": {
     "@gov-cy/dsf-email-templates": "^2.1.15",
-    "@gov-cy/govcy-frontend-renderer": "^1.27.0",
+    "@gov-cy/govcy-frontend-renderer": "^1.28.1",
     "axios": "^1.9.0",
     "cookie-parser": "^1.4.7",
     "dotenv": "^16.3.1",

package/src/utils/govcyValidator.mjs

@@ -146,16 +146,42 @@ function validateValue(value, rules) {
       }
       return valueDate >= min;
     },
-    maxValueDate: (val, maxDate) => {
-      const valueDate = parseDate(val); // Parse the input date
-      const max = parseDate(maxDate); // Parse the maximum date
-      if (isNaN(valueDate) || isNaN(max)) {
-        return false; // Return false if either date is invalid
-      }
-      return valueDate <= max;
-    },
-    minLength: (val, min) => val.length >= min
-  };
+    maxValueDate: (val, maxDate) => {
+      const valueDate = parseDate(val); // Parse the input date
+      const max = parseDate(maxDate); // Parse the maximum date
+      if (isNaN(valueDate) || isNaN(max)) {
+        return false; // Return false if either date is invalid
+      }
+      return valueDate <= max;
+    },
+    withinDaysBeforeToday: (val, daysBeforeToday) => {
+      const valueDate = parseDate(val);
+      const days = Number.parseInt(daysBeforeToday, 10);
+      if (isNaN(valueDate) || Number.isNaN(days)) return false;
+
+      const today = new Date();
+      const valueOnly = new Date(valueDate.getFullYear(), valueDate.getMonth(), valueDate.getDate());
+      const todayOnly = new Date(today.getFullYear(), today.getMonth(), today.getDate());
+      const minAllowedDate = new Date(todayOnly);
+      minAllowedDate.setDate(minAllowedDate.getDate() - days);
+
+      return valueOnly >= minAllowedDate && valueOnly <= todayOnly;
+    },
+    withinDaysAfterToday: (val, daysAfterToday) => {
+      const valueDate = parseDate(val);
+      const days = Number.parseInt(daysAfterToday, 10);
+      if (isNaN(valueDate) || Number.isNaN(days)) return false;
+
+      const today = new Date();
+      const valueOnly = new Date(valueDate.getFullYear(), valueDate.getMonth(), valueDate.getDate());
+      const todayOnly = new Date(today.getFullYear(), today.getMonth(), today.getDate());
+      const maxAllowedDate = new Date(todayOnly);
+      maxAllowedDate.setDate(maxAllowedDate.getDate() + days);
+
+      return valueOnly >= todayOnly && valueOnly <= maxAllowedDate;
+    },
+    minLength: (val, min) => val.length >= min
+  };
 
   for (const rule of rules) {
     // Extract rule parameters
@@ -219,13 +245,23 @@ function validateValue(value, rules) {
       return message;
     }
 
-    // Check for "minLength"
-    if (check === 'minLength' && !validationRules.minLength(value, checkValue)) {
-      return message;
-    }
-
-
-  }
+    // Check for "minLength"
+    if (check === 'minLength' && !validationRules.minLength(value, checkValue)) {
+      return message;
+    }
+
+    // Check for "withinDaysBeforeToday"
+    if (check === 'withinDaysBeforeToday' && !validationRules.withinDaysBeforeToday(value, checkValue)) {
+      return message;
+    }
+
+    // Check for "withinDaysAfterToday"
+    if (check === 'withinDaysAfterToday' && !validationRules.withinDaysAfterToday(value, checkValue)) {
+      return message;
+    }
+
+
+  }
 
   return null;
 }