@ministryofjustice/hmpps-connect-dps-components 5.3.5 → 5.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/README.md +16 -3
  2. package/dist/componentsService.d.ts +6 -1
  3. package/dist/data/componentApi/componentApiClient.d.ts +6 -6
  4. package/dist/index.cjs +55 -17
  5. package/dist/index.cjs.map +1 -1
  6. package/dist/index.d.ts +23 -10
  7. package/dist/index.esm.js +55 -17
  8. package/dist/index.esm.js.map +1 -1
  9. package/dist/middleware/getFrontendComponents.d.ts +2 -3
  10. package/dist/types/CspDirectives.d.ts +2 -0
  11. package/dist/types/HeaderFooterSharedData.d.ts +8 -11
  12. package/dist/types/SharedData.d.ts +19 -0
  13. package/dist/utils/updateCsp.d.ts +20 -1
  14. package/package.json +3 -3
package/README.md CHANGED
@@ -176,10 +176,22 @@ of routes. e.g. in `setUpAuthentication.ts` on the `/autherror` path:
176
176
 
177
177
  This will provide a stripped down header for if there is no user object on `res.locals`.
178
178
 
179
- ### CSP
179
+ ### Content-Security-Policy
180
180
 
181
- The package updates the content-security-middleware to include references to the fe-components API. This package should
182
- be run after Helmet to prevent this being overwritten.
181
+ The package updates the Content-Security-Policy response header (often set by [helmet middleware](https://www.npmjs.com/package/helmet))
182
+ to permit cross-domain/origin access to the FE components API.
183
+ This package should be run after helmet and other security middleware to prevent this being overwritten.
184
+
185
+ There is a new parameter (which will become on by default in future) to use CSP directives as provided by the FE components API:
186
+
187
+ ```javascript
188
+ app.use(getFrontendComponents({
189
+ logger,
190
+ componentApiConfig: config.apis.componentApi,
191
+ dpsUrl: config.serviceUrls.digitalPrison,
192
+ requestOptions: { updateContentSecurityPolicy: true }, // ← updateContentSecurityPolicy is false by default
193
+ }))
194
+ ```
183
195
 
184
196
  ### Shared Data
185
197
 
@@ -191,6 +203,7 @@ This includes:
191
203
  - caseLoads (all caseloads the user has access to)
192
204
  - services (information on services the user has access to used for global navigation)
193
205
  - allocationJobResponsibilities (the allocation policy codes the user has the associated job responsibility for. Allocation policy codes are: `KEY_WORKER`, meaning the user is a key worker and `PERSONAL_OFFICER`, meaning the user is a personal officer.)
206
+ - cspDirectives (Content-Security-Policy directives needed to use components from a different domain/origin)
194
207
 
195
208
  This can be useful e.g. for when your service needs access to activeCaseLoad information to prevent extra calls to the
196
209
  api and takes advantage of the caching that the micro frontend api does.
package/dist/componentsService.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { type RequestHandler } from 'express';
1
+ import type { RequestHandler } from 'express';
2
2
  import { ApiConfig } from '@ministryofjustice/hmpps-rest-client';
3
3
  import ComponentApiClient from './data/componentApi/componentApiClient';
4
4
  import { ConnectDpsComponentLogger } from './types/ConnectDpsComponentLogger';
@@ -8,6 +8,11 @@ export interface FrontendComponentRequestOptions {
8
8
  environmentName?: 'DEV' | 'PRE-PRODUCTION' | 'PRODUCTION';
9
9
  includeSharedData?: boolean;
10
10
  useFallbacksByDefault?: boolean;
11
+ /**
12
+ * Update Content-Security-Policy with directives returned by MFE components service
13
+ * (instead of predefined directives); false by default
14
+ */
15
+ updateContentSecurityPolicy?: boolean;
11
16
  }
12
17
  export default class ComponentsService {
13
18
  private readonly logger;
package/dist/data/componentApi/componentApiClient.d.ts CHANGED
@@ -1,10 +1,10 @@
1
1
  import { ApiConfig, RestClient } from '@ministryofjustice/hmpps-rest-client';
2
- import AvailableComponent from '../../types/AvailableComponent';
3
- import Component from '../../types/Component';
4
- import { ConnectDpsComponentLogger } from '../../types/ConnectDpsComponentLogger';
5
- import { ComponentsSharedData } from '../../types/HeaderFooterSharedData';
6
- export type ComponentsApiResponse<T extends AvailableComponent[]> = Record<T[number], Component> & {
7
- meta: ComponentsSharedData[T[number]];
2
+ import type AvailableComponent from '../../types/AvailableComponent';
3
+ import type Component from '../../types/Component';
4
+ import type { ConnectDpsComponentLogger } from '../../types/ConnectDpsComponentLogger';
5
+ import type SharedData from '../../types/SharedData';
6
+ export type ComponentsApiResponse<T extends AvailableComponent[] = AvailableComponent[]> = Record<T[number], Component> & {
7
+ meta: SharedData;
8
8
  };
9
9
  export default class ComponentApiClient extends RestClient {
10
10
  constructor(logger: ConnectDpsComponentLogger, config: ApiConfig);
package/dist/index.cjs CHANGED
@@ -41,26 +41,60 @@ function initialiseName(fullName) {
41
41
  return `${array[0][0]}. ${array.reverse()[0]}`;
42
42
  }
43
43
 
44
- function updateCsp(feComponentsUrl, res) {
45
- const csp = res.getHeaders()['content-security-policy'];
46
- const allDirectives = csp?.split(';') ?? [];
47
- const directivesToUpdate = ['script-src', 'style-src', 'img-src', 'font-src'];
48
- const updatedCspDirectives = allDirectives.map(directive => {
49
- // if directive is not in cspToUpdate or includes fe components url already return as is
50
- if (directive.includes(feComponentsUrl) || !directivesToUpdate.some(p => directive.includes(`${p} `)))
51
- return directive;
52
- // if directive is in cspToUpdate and does not have fe components url, add in
53
- return `${directive} ${feComponentsUrl}`;
44
+ function updateCsp(arg1, arg2) {
45
+ if (typeof arg1 === 'string') {
46
+ // eslint-disable-next-line no-param-reassign
47
+ arg1 = { feComponentsUrl: arg1, res: arg2 };
48
+ }
49
+ const { directives: providedDirectives, feComponentsUrl, res } = arg1;
50
+ const cspHeader = res.get('content-security-policy');
51
+ const directives = directivesFromHeader(cspHeader);
52
+ const requiredDirectives = providedDirectives ?? fallbackDirectives(feComponentsUrl);
53
+ mergeDirectives(directives, requiredDirectives);
54
+ const newCspHeader = headerFromDirectives(directives);
55
+ res.set('content-security-policy', newCspHeader);
56
+ }
57
+ /** Minimal known requirements to use MFE components on another domain/origin */
58
+ function fallbackDirectives(feComponentsUrl) {
59
+ return {
60
+ 'script-src': [feComponentsUrl],
61
+ 'style-src': [feComponentsUrl],
62
+ 'img-src': [feComponentsUrl],
63
+ 'font-src': [feComponentsUrl],
64
+ };
65
+ }
66
+ function directivesFromHeader(cspHeader) {
67
+ const header = cspHeader || "default-src 'self'";
68
+ return Object.fromEntries((header.split(';') ?? []).map(line => {
69
+ const [directive, ...values] = line.split(/\s+/);
70
+ return [directive, values];
71
+ }));
72
+ }
73
+ function headerFromDirectives(directives) {
74
+ return Object.entries(directives)
75
+ .map(([directive, values]) => (values.length > 0 ? `${directive} ${values.join(' ')}` : directive))
76
+ .join(';');
77
+ }
78
+ function mergeDirectives(directives, overrides) {
79
+ Object.entries(overrides).forEach(([directive, values]) => {
80
+ if (directive in directives) {
81
+ values.forEach(value => {
82
+ if (!directives[directive].includes(value)) {
83
+ directives[directive].push(value);
84
+ }
85
+ });
86
+ }
87
+ else {
88
+ // eslint-disable-next-line no-param-reassign
89
+ directives[directive] = ["'self'", ...values];
90
+ }
54
91
  });
55
- const requiredAndNotPresent = directivesToUpdate
56
- .filter(p => !updatedCspDirectives.find(directive => directive.includes(`${p} `)))
57
- .map(p => `${p} 'self' ${feComponentsUrl}`);
58
- res.set('content-security-policy', [...updatedCspDirectives, ...requiredAndNotPresent].join(';'));
59
92
  }
60
93
 
61
94
  const defaultOptions = {
62
95
  includeSharedData: false,
63
96
  useFallbacksByDefault: false,
97
+ updateContentSecurityPolicy: false,
64
98
  };
65
99
  class ComponentsService {
66
100
  logger;
@@ -81,7 +115,7 @@ class ComponentsService {
81
115
  ...defaultOptions,
82
116
  ...(requestOptions || {}),
83
117
  };
84
- const { includeSharedData, useFallbacksByDefault } = requestOptionsWithDefaults;
118
+ const { includeSharedData, useFallbacksByDefault, updateContentSecurityPolicy } = requestOptionsWithDefaults;
85
119
  return async (_req, res, next) => {
86
120
  const useFallbacks = (user) => {
87
121
  res.locals.feComponents = {
@@ -119,7 +153,11 @@ class ComponentsService {
119
153
  if (includeSharedData) {
120
154
  res.locals.feComponents.sharedData = meta;
121
155
  }
122
- updateCsp(this.componentApiConfig.url, res);
156
+ updateCsp({
157
+ directives: updateContentSecurityPolicy ? meta?.cspDirectives : undefined,
158
+ feComponentsUrl: this.componentApiConfig.url,
159
+ res,
160
+ });
123
161
  return next();
124
162
  }
125
163
  catch {
@@ -173,7 +211,7 @@ class CaseLoadService {
173
211
  // Update cache with values from res.feComponents.sharedData if present
174
212
  if (res.locals.feComponents && res.locals.feComponents.sharedData) {
175
213
  req.session.caseLoads = res.locals.feComponents.sharedData.caseLoads;
176
- req.session.activeCaseLoad = res.locals.feComponents.sharedData.activeCaseLoad;
214
+ req.session.activeCaseLoad = res.locals.feComponents.sharedData.activeCaseLoad ?? undefined;
177
215
  req.session.activeCaseLoadId = res.locals.feComponents.sharedData.activeCaseLoad?.caseLoadId;
178
216
  }
179
217
  // If cache is empty, fetch data from Prison API
package/dist/index.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.cjs","sources":["../src/data/componentApi/componentApiClient.ts","../src/utils/fallbacks.ts","../src/utils/updateCsp.ts","../src/componentsService.ts","../src/middleware/getFrontendComponents.ts","../src/data/prisonApi/prisonApiClient.ts","../src/caseLoadService.ts","../src/middleware/retrieveCaseLoadData.ts","../src/data/allocationsApi/allocationsApiClient.ts","../src/allocationService.ts","../src/middleware/retrieveAllocationJobResponsibilities.ts"],"sourcesContent":["import { ApiConfig, RestClient } from '@ministryofjustice/hmpps-rest-client'\nimport AvailableComponent from '../../types/AvailableComponent'\nimport Component from '../../types/Component'\nimport { ConnectDpsComponentLogger } from '../../types/ConnectDpsComponentLogger'\nimport { ComponentsSharedData } from '../../types/HeaderFooterSharedData'\n\nexport type ComponentsApiResponse<T extends AvailableComponent[]> = Record<T[number], Component> & {\n meta: ComponentsSharedData[T[number]] // TODO: rename 'meta' in the API response\n}\n\nexport default class ComponentApiClient extends RestClient {\n constructor(logger: ConnectDpsComponentLogger, config: ApiConfig) {\n super('Component API Client', config, logger)\n }\n\n async getComponents<T extends AvailableComponent[]>(userToken: string): Promise<ComponentsApiResponse<T>> {\n return this.get({\n path: '/components',\n query: 'component=header&component=footer',\n headers: { 'x-user-token': userToken },\n })\n }\n}\n","import nunjucks from 'nunjucks'\nimport { HmppsUser } from '../types/HmppsUser'\n\nexport function getFallbackHeader(\n user: HmppsUser | null,\n dpsUrl: string,\n { environmentName, authUrl, supportUrl }: { environmentName?: string; authUrl?: string; supportUrl?: string },\n): string {\n return nunjucks.render('dpsComponents/header-bar.njk', {\n isPrisonUser: !user || user.authSource === 'nomis',\n user,\n dpsUrl,\n environmentName,\n authUrl,\n supportUrl,\n name: initialiseName(user?.displayName),\n })\n}\n\nexport function getFallbackFooter(\n user: HmppsUser | null,\n { authUrl, supportUrl }: { authUrl?: string; supportUrl?: string },\n): string {\n return nunjucks.render('dpsComponents/footer.njk', {\n isPrisonUser: !user || user.authSource === 'nomis',\n supportUrl,\n authUrl,\n })\n}\n\nfunction initialiseName(fullName?: string): string | null {\n if (!fullName) return null\n\n const array = fullName.split(' ')\n return `${array[0][0]}. ${array.reverse()[0]}`\n}\n","import { type Response } from 'express'\n\nexport default function updateCsp(feComponentsUrl: string, res: Response) {\n const csp = res.getHeaders()['content-security-policy']\n const allDirectives = csp?.split(';') ?? []\n const directivesToUpdate = ['script-src', 'style-src', 'img-src', 'font-src']\n\n const updatedCspDirectives = allDirectives.map(directive => {\n // if directive is not in cspToUpdate or includes fe components url already return as is\n if (directive.includes(feComponentsUrl as string) || !directivesToUpdate.some(p => directive.includes(`${p} `)))\n return directive\n\n // if directive is in cspToUpdate and does not have fe components url, add in\n return `${directive} ${feComponentsUrl}`\n })\n\n const requiredAndNotPresent = directivesToUpdate\n .filter(p => !updatedCspDirectives.find(directive => directive.includes(`${p} `)))\n .map(p => `${p} 'self' ${feComponentsUrl}`)\n\n res.set('content-security-policy', [...updatedCspDirectives, ...requiredAndNotPresent].join(';'))\n}\n","import { type NextFunction, type Request, type Response, type RequestHandler } from 'express'\nimport { ApiConfig } from '@ministryofjustice/hmpps-rest-client'\nimport ComponentApiClient from './data/componentApi/componentApiClient'\nimport { getFallbackFooter, getFallbackHeader } from './utils/fallbacks'\nimport updateCsp from './utils/updateCsp'\nimport { HmppsUser } from './types/HmppsUser'\nimport { ConnectDpsComponentLogger } from './types/ConnectDpsComponentLogger'\n\nexport interface FrontendComponentRequestOptions {\n authUrl?: string\n supportUrl?: string\n environmentName?: 'DEV' | 'PRE-PRODUCTION' | 'PRODUCTION'\n includeSharedData?: boolean\n useFallbacksByDefault?: boolean\n}\n\nconst defaultOptions: Partial<FrontendComponentRequestOptions> = {\n includeSharedData: false,\n useFallbacksByDefault: false,\n}\n\nexport default class ComponentsService {\n constructor(\n private readonly logger: ConnectDpsComponentLogger,\n private readonly componentApiConfig: ApiConfig,\n private readonly componentApiClient: ComponentApiClient,\n private readonly dpsUrl: string,\n ) {}\n\n static create({\n logger = console,\n componentApiConfig,\n dpsUrl,\n }: {\n logger?: ConnectDpsComponentLogger\n componentApiConfig: ApiConfig\n dpsUrl: string\n }) {\n return new ComponentsService(logger, componentApiConfig, new ComponentApiClient(logger, componentApiConfig), dpsUrl)\n }\n\n getFrontendComponents(requestOptions?: FrontendComponentRequestOptions): RequestHandler {\n const requestOptionsWithDefaults = {\n ...defaultOptions,\n ...(requestOptions || {}),\n }\n const { includeSharedData, useFallbacksByDefault } = requestOptionsWithDefaults\n\n return async (_req: Request, res: Response, next: NextFunction) => {\n const useFallbacks = (user: HmppsUser | null) => {\n res.locals.feComponents = {\n header: getFallbackHeader(user, this.dpsUrl, {\n environmentName: requestOptionsWithDefaults.environmentName,\n authUrl: requestOptionsWithDefaults.authUrl,\n supportUrl: requestOptionsWithDefaults.supportUrl,\n }),\n footer: getFallbackFooter(user, {\n authUrl: requestOptionsWithDefaults.authUrl,\n supportUrl: requestOptionsWithDefaults.supportUrl,\n }),\n cssIncludes: [],\n jsIncludes: [],\n }\n }\n\n if (!res.locals.user) {\n this.logger.info('Using fallback frontend components when no user in context')\n useFallbacks(null)\n return next()\n }\n\n if (useFallbacksByDefault) {\n this.logger.info('Using fallback frontend components by default')\n useFallbacks(res.locals.user)\n return next()\n }\n\n try {\n const { header, footer, meta } = await this.componentApiClient.getComponents(res.locals.user.token as string)\n\n res.locals.feComponents = {\n header: header.html,\n footer: footer.html,\n cssIncludes: [...header.css, ...footer.css],\n jsIncludes: [...header.javascript, ...footer.javascript],\n }\n\n if (includeSharedData) {\n res.locals.feComponents.sharedData = meta\n }\n\n updateCsp(this.componentApiConfig.url, res)\n\n return next()\n } catch {\n this.logger.error('Failed to retrieve front end components, using fallbacks')\n useFallbacks(res.locals.user)\n return next()\n }\n }\n }\n}\n","import { type RequestHandler } from 'express'\nimport ComponentsService, { FrontendComponentRequestOptions } from '../componentsService'\n\ntype MiddlewareOptions = {\n requestOptions?: FrontendComponentRequestOptions\n} & Parameters<typeof ComponentsService.create>[0]\n\nexport default function getFrontendComponents({\n logger = console,\n componentApiConfig,\n dpsUrl,\n requestOptions,\n}: MiddlewareOptions): RequestHandler {\n const service = ComponentsService.create({ logger, componentApiConfig, dpsUrl })\n return service.getFrontendComponents(requestOptions)\n}\n","import { ApiConfig, asUser, RestClient } from '@ministryofjustice/hmpps-rest-client'\nimport CaseLoad from '../../types/CaseLoad'\nimport { ConnectDpsComponentLogger } from '../../types/ConnectDpsComponentLogger'\n\nexport default class PrisonApiClient extends RestClient {\n constructor(logger: ConnectDpsComponentLogger, config: ApiConfig) {\n super('Prison API Client', config, logger)\n }\n\n async getUserCaseLoads(userToken: string): Promise<CaseLoad[]> {\n return this.get(\n {\n path: '/api/users/me/caseLoads',\n query: 'allCaseloads=true',\n },\n asUser(userToken),\n )\n }\n}\n","import { type RequestHandler } from 'express'\nimport { ApiConfig } from '@ministryofjustice/hmpps-rest-client'\nimport CaseLoad from './types/CaseLoad'\nimport PrisonApiClient from './data/prisonApi/prisonApiClient'\nimport { ConnectDpsComponentLogger } from './types/ConnectDpsComponentLogger'\n\nexport default class CaseLoadService {\n constructor(\n private readonly logger: ConnectDpsComponentLogger,\n private readonly prisonApiClient: PrisonApiClient,\n ) {}\n\n static create({\n logger = console,\n prisonApiConfig,\n }: {\n logger?: ConnectDpsComponentLogger\n prisonApiConfig: ApiConfig\n }) {\n return new CaseLoadService(logger, new PrisonApiClient(logger, prisonApiConfig))\n }\n\n retrieveCaseLoadData(): RequestHandler {\n return async (req, res, next) => {\n if (!req.session) throw new Error('User session required in order to cache case loads')\n if (!res.locals.user) this.logger.warn('No res.locals.user object defined to set case load data in')\n if (!res.locals.user?.token) this.logger.warn('No res.locals.user.token defined to request case load data with')\n if (!res.locals.user?.authSource) this.logger.warn('No user auth source found')\n\n if (res.locals.user && res.locals.user.token && res.locals.user.authSource === 'nomis') {\n try {\n // Update cache with values from res.feComponents.sharedData if present\n if (res.locals.feComponents && res.locals.feComponents.sharedData) {\n req.session.caseLoads = res.locals.feComponents.sharedData.caseLoads\n req.session.activeCaseLoad = res.locals.feComponents.sharedData.activeCaseLoad\n req.session.activeCaseLoadId = res.locals.feComponents.sharedData.activeCaseLoad?.caseLoadId\n }\n\n // If cache is empty, fetch data from Prison API\n if (!req.session.caseLoads) {\n this.logger.info(`Falling back to Prison API to retrieve case loads for: ${res.locals.user.username}`)\n const userCaseLoads = await this.prisonApiClient.getUserCaseLoads(res.locals.user.token)\n const caseLoads = userCaseLoads.filter(caseload => caseload.type !== 'APP')\n const activeCaseLoad = caseLoads.find((caseLoad: CaseLoad) => caseLoad.currentlyActive)\n\n req.session.caseLoads = caseLoads\n req.session.activeCaseLoad = activeCaseLoad\n req.session.activeCaseLoadId = activeCaseLoad?.caseLoadId\n }\n\n // Populate res.locals.user with values from cache\n res.locals.user.caseLoads = req.session.caseLoads\n res.locals.user.activeCaseLoad = req.session.activeCaseLoad\n res.locals.user.activeCaseLoadId = req.session.activeCaseLoadId\n } catch (error) {\n this.logger.error(error, `Failed to retrieve case loads for: ${res.locals.user.username}`)\n return next(error)\n }\n }\n\n return next()\n }\n }\n}\n","import { type RequestHandler } from 'express'\nimport CaseLoadService from '../caseLoadService'\n\nexport default function retrieveCaseLoadData({\n logger = console,\n prisonApiConfig,\n}: Parameters<typeof CaseLoadService.create>[0]): RequestHandler {\n const service = CaseLoadService.create({ logger, prisonApiConfig })\n return service.retrieveCaseLoadData()\n}\n","import { ApiConfig, asSystem, AuthenticationClient, RestClient } from '@ministryofjustice/hmpps-rest-client'\nimport { PrisonUser } from '../../types/HmppsUser'\nimport { AllocationJobResponsibility } from '../../types/AllocationJobResponsibility'\nimport { ConnectDpsComponentLogger } from '../../types/ConnectDpsComponentLogger'\n\nexport default class AllocationsApiClient extends RestClient {\n constructor(logger: ConnectDpsComponentLogger, config: ApiConfig, authenticationClient: AuthenticationClient) {\n super('Allocations API Client', config, logger, authenticationClient)\n }\n\n async getStaffAllocationPolicies(user: PrisonUser): Promise<{ policies: AllocationJobResponsibility[] }> {\n return this.get(\n {\n path: `/prisons/${user.activeCaseLoadId}/staff/${user.userId}/job-classifications`,\n },\n asSystem(),\n )\n }\n}\n","import { type RequestHandler } from 'express'\nimport { ApiConfig, AuthenticationClient } from '@ministryofjustice/hmpps-rest-client'\nimport AllocationsApiClient from './data/allocationsApi/allocationsApiClient'\nimport { ConnectDpsComponentLogger } from './types/ConnectDpsComponentLogger'\n\nexport default class AllocationService {\n constructor(\n private readonly logger: ConnectDpsComponentLogger,\n private readonly allocationsApiClient: AllocationsApiClient,\n ) {}\n\n static create({\n logger = console,\n allocationsApiConfig,\n authenticationClient,\n }: {\n logger?: ConnectDpsComponentLogger\n allocationsApiConfig: ApiConfig\n authenticationClient: AuthenticationClient\n }) {\n return new AllocationService(logger, new AllocationsApiClient(logger, allocationsApiConfig, authenticationClient))\n }\n\n public retrieveAllocationJobResponsibilities(): RequestHandler {\n return async (req, res, next) => {\n if (!req.session) throw new Error('User session required in order to cache allocation job responsibilities')\n if (!res.locals.user.token)\n throw new Error(\n 'Caseload details needs to be populated before retrieving allocation job responsibilities. Please run retrieveCaseLoadData before retrieveAllocationJobResponsibilities.',\n )\n\n if (res.locals.user && res.locals.user.authSource === 'nomis') {\n try {\n // Update cache with values from res.feComponents.sharedData if present\n if (res.locals.feComponents && res.locals.feComponents.sharedData) {\n req.session.allocationJobResponsibilities = res.locals.feComponents.sharedData.allocationJobResponsibilities\n }\n\n // If cache is empty, fetch data from Prison API\n if (!req.session.allocationJobResponsibilities) {\n this.logger.info(\n `Falling back to Allocations API to retrieve job responsibilities for: ${res.locals.user.username}`,\n )\n const allocationPolicies = await this.allocationsApiClient.getStaffAllocationPolicies(res.locals.user)\n req.session.allocationJobResponsibilities = allocationPolicies.policies\n }\n\n // Populate res.locals.user with values from cache\n res.locals.user.allocationJobResponsibilities = req.session.allocationJobResponsibilities\n } catch (error) {\n this.logger.error(\n error,\n `Failed to retrieve allocation job responsibilities for: ${res.locals.user.username}`,\n )\n return next(error)\n }\n }\n\n return next()\n }\n }\n}\n","import { type RequestHandler } from 'express'\nimport AllocationService from '../allocationService'\n\nexport default function retrieveAllocationJobResponsibilities({\n logger = console,\n allocationsApiConfig,\n authenticationClient,\n}: Parameters<typeof AllocationService.create>[0]): RequestHandler {\n const service = AllocationService.create({ logger, allocationsApiConfig, authenticationClient })\n return service.retrieveAllocationJobResponsibilities()\n}\n"],"names":["RestClient","asUser","asSystem"],"mappings":";;;;;AAUc,MAAO,kBAAmB,SAAQA,0BAAU,CAAA;IACxD,WAAA,CAAY,MAAiC,EAAE,MAAiB,EAAA;AAC9D,QAAA,KAAK,CAAC,sBAAsB,EAAE,MAAM,EAAE,MAAM,CAAC;IAC/C;IAEA,MAAM,aAAa,CAAiC,SAAiB,EAAA;QACnE,OAAO,IAAI,CAAC,GAAG,CAAC;AACd,YAAA,IAAI,EAAE,aAAa;AACnB,YAAA,KAAK,EAAE,mCAAmC;AAC1C,YAAA,OAAO,EAAE,EAAE,cAAc,EAAE,SAAS,EAAE;AACvC,SAAA,CAAC;IACJ;AACD;;ACnBK,SAAU,iBAAiB,CAC/B,IAAsB,EACtB,MAAc,EACd,EAAE,eAAe,EAAE,OAAO,EAAE,UAAU,EAAuE,EAAA;AAE7G,IAAA,OAAO,QAAQ,CAAC,MAAM,CAAC,8BAA8B,EAAE;QACrD,YAAY,EAAE,CAAC,IAAI,IAAI,IAAI,CAAC,UAAU,KAAK,OAAO;QAClD,IAAI;QACJ,MAAM;QACN,eAAe;QACf,OAAO;QACP,UAAU;AACV,QAAA,IAAI,EAAE,cAAc,CAAC,IAAI,EAAE,WAAW,CAAC;AACxC,KAAA,CAAC;AACJ;AAEM,SAAU,iBAAiB,CAC/B,IAAsB,EACtB,EAAE,OAAO,EAAE,UAAU,EAA6C,EAAA;AAElE,IAAA,OAAO,QAAQ,CAAC,MAAM,CAAC,0BAA0B,EAAE;QACjD,YAAY,EAAE,CAAC,IAAI,IAAI,IAAI,CAAC,UAAU,KAAK,OAAO;QAClD,UAAU;QACV,OAAO;AACR,KAAA,CAAC;AACJ;AAEA,SAAS,cAAc,CAAC,QAAiB,EAAA;AACvC,IAAA,IAAI,CAAC,QAAQ;AAAE,QAAA,OAAO,IAAI;IAE1B,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC;AACjC,IAAA,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA,EAAA,EAAK,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE;AAChD;;ACjCc,SAAU,SAAS,CAAC,eAAuB,EAAE,GAAa,EAAA;IACtE,MAAM,GAAG,GAAG,GAAG,CAAC,UAAU,EAAE,CAAC,yBAAyB,CAAC;IACvD,MAAM,aAAa,GAAG,GAAG,EAAE,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE;IAC3C,MAAM,kBAAkB,GAAG,CAAC,YAAY,EAAE,WAAW,EAAE,SAAS,EAAE,UAAU,CAAC;IAE7E,MAAM,oBAAoB,GAAG,aAAa,CAAC,GAAG,CAAC,SAAS,IAAG;;QAEzD,IAAI,SAAS,CAAC,QAAQ,CAAC,eAAyB,CAAC,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,CAAA,EAAG,CAAC,CAAA,CAAA,CAAG,CAAC,CAAC;AAC7G,YAAA,OAAO,SAAS;;AAGlB,QAAA,OAAO,CAAA,EAAG,SAAS,CAAA,CAAA,EAAI,eAAe,EAAE;AAC1C,IAAA,CAAC,CAAC;IAEF,MAAM,qBAAqB,GAAG;SAC3B,MAAM,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,SAAS,IAAI,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA,CAAA,CAAG,CAAC,CAAC;SAChF,GAAG,CAAC,CAAC,IAAI,CAAA,EAAG,CAAC,CAAA,QAAA,EAAW,eAAe,CAAA,CAAE,CAAC;AAE7C,IAAA,GAAG,CAAC,GAAG,CAAC,yBAAyB,EAAE,CAAC,GAAG,oBAAoB,EAAE,GAAG,qBAAqB,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACnG;;ACLA,MAAM,cAAc,GAA6C;AAC/D,IAAA,iBAAiB,EAAE,KAAK;AACxB,IAAA,qBAAqB,EAAE,KAAK;CAC7B;AAEa,MAAO,iBAAiB,CAAA;AAEjB,IAAA,MAAA;AACA,IAAA,kBAAA;AACA,IAAA,kBAAA;AACA,IAAA,MAAA;AAJnB,IAAA,WAAA,CACmB,MAAiC,EACjC,kBAA6B,EAC7B,kBAAsC,EACtC,MAAc,EAAA;QAHd,IAAA,CAAA,MAAM,GAAN,MAAM;QACN,IAAA,CAAA,kBAAkB,GAAlB,kBAAkB;QAClB,IAAA,CAAA,kBAAkB,GAAlB,kBAAkB;QAClB,IAAA,CAAA,MAAM,GAAN,MAAM;IACtB;IAEH,OAAO,MAAM,CAAC,EACZ,MAAM,GAAG,OAAO,EAChB,kBAAkB,EAClB,MAAM,GAKP,EAAA;AACC,QAAA,OAAO,IAAI,iBAAiB,CAAC,MAAM,EAAE,kBAAkB,EAAE,IAAI,kBAAkB,CAAC,MAAM,EAAE,kBAAkB,CAAC,EAAE,MAAM,CAAC;IACtH;AAEA,IAAA,qBAAqB,CAAC,cAAgD,EAAA;AACpE,QAAA,MAAM,0BAA0B,GAAG;AACjC,YAAA,GAAG,cAAc;AACjB,YAAA,IAAI,cAAc,IAAI,EAAE,CAAC;SAC1B;AACD,QAAA,MAAM,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,GAAG,0BAA0B;QAE/E,OAAO,OAAO,IAAa,EAAE,GAAa,EAAE,IAAkB,KAAI;AAChE,YAAA,MAAM,YAAY,GAAG,CAAC,IAAsB,KAAI;AAC9C,gBAAA,GAAG,CAAC,MAAM,CAAC,YAAY,GAAG;oBACxB,MAAM,EAAE,iBAAiB,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,EAAE;wBAC3C,eAAe,EAAE,0BAA0B,CAAC,eAAe;wBAC3D,OAAO,EAAE,0BAA0B,CAAC,OAAO;wBAC3C,UAAU,EAAE,0BAA0B,CAAC,UAAU;qBAClD,CAAC;AACF,oBAAA,MAAM,EAAE,iBAAiB,CAAC,IAAI,EAAE;wBAC9B,OAAO,EAAE,0BAA0B,CAAC,OAAO;wBAC3C,UAAU,EAAE,0BAA0B,CAAC,UAAU;qBAClD,CAAC;AACF,oBAAA,WAAW,EAAE,EAAE;AACf,oBAAA,UAAU,EAAE,EAAE;iBACf;AACH,YAAA,CAAC;AAED,YAAA,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE;AACpB,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4DAA4D,CAAC;gBAC9E,YAAY,CAAC,IAAI,CAAC;gBAClB,OAAO,IAAI,EAAE;YACf;YAEA,IAAI,qBAAqB,EAAE;AACzB,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+CAA+C,CAAC;AACjE,gBAAA,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC;gBAC7B,OAAO,IAAI,EAAE;YACf;AAEA,YAAA,IAAI;gBACF,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,KAAe,CAAC;AAE7G,gBAAA,GAAG,CAAC,MAAM,CAAC,YAAY,GAAG;oBACxB,MAAM,EAAE,MAAM,CAAC,IAAI;oBACnB,MAAM,EAAE,MAAM,CAAC,IAAI;oBACnB,WAAW,EAAE,CAAC,GAAG,MAAM,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,GAAG,CAAC;oBAC3C,UAAU,EAAE,CAAC,GAAG,MAAM,CAAC,UAAU,EAAE,GAAG,MAAM,CAAC,UAAU,CAAC;iBACzD;gBAED,IAAI,iBAAiB,EAAE;oBACrB,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,GAAG,IAAI;gBAC3C;gBAEA,SAAS,CAAC,IAAI,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAG,CAAC;gBAE3C,OAAO,IAAI,EAAE;YACf;AAAE,YAAA,MAAM;AACN,gBAAA,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,0DAA0D,CAAC;AAC7E,gBAAA,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC;gBAC7B,OAAO,IAAI,EAAE;YACf;AACF,QAAA,CAAC;IACH;AACD;;AC9Fa,SAAU,qBAAqB,CAAC,EAC5C,MAAM,GAAG,OAAO,EAChB,kBAAkB,EAClB,MAAM,EACN,cAAc,GACI,EAAA;AAClB,IAAA,MAAM,OAAO,GAAG,iBAAiB,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,kBAAkB,EAAE,MAAM,EAAE,CAAC;AAChF,IAAA,OAAO,OAAO,CAAC,qBAAqB,CAAC,cAAc,CAAC;AACtD;;ACXc,MAAO,eAAgB,SAAQA,0BAAU,CAAA;IACrD,WAAA,CAAY,MAAiC,EAAE,MAAiB,EAAA;AAC9D,QAAA,KAAK,CAAC,mBAAmB,EAAE,MAAM,EAAE,MAAM,CAAC;IAC5C;IAEA,MAAM,gBAAgB,CAAC,SAAiB,EAAA;QACtC,OAAO,IAAI,CAAC,GAAG,CACb;AACE,YAAA,IAAI,EAAE,yBAAyB;AAC/B,YAAA,KAAK,EAAE,mBAAmB;AAC3B,SAAA,EACDC,sBAAM,CAAC,SAAS,CAAC,CAClB;IACH;AACD;;ACZa,MAAO,eAAe,CAAA;AAEf,IAAA,MAAA;AACA,IAAA,eAAA;IAFnB,WAAA,CACmB,MAAiC,EACjC,eAAgC,EAAA;QADhC,IAAA,CAAA,MAAM,GAAN,MAAM;QACN,IAAA,CAAA,eAAe,GAAf,eAAe;IAC/B;IAEH,OAAO,MAAM,CAAC,EACZ,MAAM,GAAG,OAAO,EAChB,eAAe,GAIhB,EAAA;AACC,QAAA,OAAO,IAAI,eAAe,CAAC,MAAM,EAAE,IAAI,eAAe,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;IAClF;IAEA,oBAAoB,GAAA;QAClB,OAAO,OAAO,GAAG,EAAE,GAAG,EAAE,IAAI,KAAI;YAC9B,IAAI,CAAC,GAAG,CAAC,OAAO;AAAE,gBAAA,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC;AACvF,YAAA,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI;AAAE,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4DAA4D,CAAC;AACpG,YAAA,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK;AAAE,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iEAAiE,CAAC;AAChH,YAAA,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,UAAU;AAAE,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,2BAA2B,CAAC;YAE/E,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,KAAK,OAAO,EAAE;AACtF,gBAAA,IAAI;;AAEF,oBAAA,IAAI,GAAG,CAAC,MAAM,CAAC,YAAY,IAAI,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,EAAE;AACjE,wBAAA,GAAG,CAAC,OAAO,CAAC,SAAS,GAAG,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,SAAS;AACpE,wBAAA,GAAG,CAAC,OAAO,CAAC,cAAc,GAAG,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,cAAc;AAC9E,wBAAA,GAAG,CAAC,OAAO,CAAC,gBAAgB,GAAG,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,cAAc,EAAE,UAAU;oBAC9F;;AAGA,oBAAA,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,EAAE;AAC1B,wBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA,uDAAA,EAA0D,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAA,CAAE,CAAC;AACtG,wBAAA,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,gBAAgB,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC;AACxF,wBAAA,MAAM,SAAS,GAAG,aAAa,CAAC,MAAM,CAAC,QAAQ,IAAI,QAAQ,CAAC,IAAI,KAAK,KAAK,CAAC;AAC3E,wBAAA,MAAM,cAAc,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC,QAAkB,KAAK,QAAQ,CAAC,eAAe,CAAC;AAEvF,wBAAA,GAAG,CAAC,OAAO,CAAC,SAAS,GAAG,SAAS;AACjC,wBAAA,GAAG,CAAC,OAAO,CAAC,cAAc,GAAG,cAAc;wBAC3C,GAAG,CAAC,OAAO,CAAC,gBAAgB,GAAG,cAAc,EAAE,UAAU;oBAC3D;;AAGA,oBAAA,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,GAAG,GAAG,CAAC,OAAO,CAAC,SAAS;AACjD,oBAAA,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,GAAG,GAAG,CAAC,OAAO,CAAC,cAAc;AAC3D,oBAAA,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,GAAG,GAAG,CAAC,OAAO,CAAC,gBAAgB;gBACjE;gBAAE,OAAO,KAAK,EAAE;AACd,oBAAA,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,EAAE,CAAA,mCAAA,EAAsC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAA,CAAE,CAAC;AAC1F,oBAAA,OAAO,IAAI,CAAC,KAAK,CAAC;gBACpB;YACF;YAEA,OAAO,IAAI,EAAE;AACf,QAAA,CAAC;IACH;AACD;;AC5Da,SAAU,oBAAoB,CAAC,EAC3C,MAAM,GAAG,OAAO,EAChB,eAAe,GAC8B,EAAA;AAC7C,IAAA,MAAM,OAAO,GAAG,eAAe,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,eAAe,EAAE,CAAC;AACnE,IAAA,OAAO,OAAO,CAAC,oBAAoB,EAAE;AACvC;;ACJc,MAAO,oBAAqB,SAAQD,0BAAU,CAAA;AAC1D,IAAA,WAAA,CAAY,MAAiC,EAAE,MAAiB,EAAE,oBAA0C,EAAA;QAC1G,KAAK,CAAC,wBAAwB,EAAE,MAAM,EAAE,MAAM,EAAE,oBAAoB,CAAC;IACvE;IAEA,MAAM,0BAA0B,CAAC,IAAgB,EAAA;QAC/C,OAAO,IAAI,CAAC,GAAG,CACb;YACE,IAAI,EAAE,YAAY,IAAI,CAAC,gBAAgB,CAAA,OAAA,EAAU,IAAI,CAAC,MAAM,CAAA,oBAAA,CAAsB;SACnF,EACDE,wBAAQ,EAAE,CACX;IACH;AACD;;ACba,MAAO,iBAAiB,CAAA;AAEjB,IAAA,MAAA;AACA,IAAA,oBAAA;IAFnB,WAAA,CACmB,MAAiC,EACjC,oBAA0C,EAAA;QAD1C,IAAA,CAAA,MAAM,GAAN,MAAM;QACN,IAAA,CAAA,oBAAoB,GAApB,oBAAoB;IACpC;IAEH,OAAO,MAAM,CAAC,EACZ,MAAM,GAAG,OAAO,EAChB,oBAAoB,EACpB,oBAAoB,GAKrB,EAAA;AACC,QAAA,OAAO,IAAI,iBAAiB,CAAC,MAAM,EAAE,IAAI,oBAAoB,CAAC,MAAM,EAAE,oBAAoB,EAAE,oBAAoB,CAAC,CAAC;IACpH;IAEO,qCAAqC,GAAA;QAC1C,OAAO,OAAO,GAAG,EAAE,GAAG,EAAE,IAAI,KAAI;YAC9B,IAAI,CAAC,GAAG,CAAC,OAAO;AAAE,gBAAA,MAAM,IAAI,KAAK,CAAC,yEAAyE,CAAC;AAC5G,YAAA,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK;AACxB,gBAAA,MAAM,IAAI,KAAK,CACb,yKAAyK,CAC1K;AAEH,YAAA,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,KAAK,OAAO,EAAE;AAC7D,gBAAA,IAAI;;AAEF,oBAAA,IAAI,GAAG,CAAC,MAAM,CAAC,YAAY,IAAI,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,EAAE;AACjE,wBAAA,GAAG,CAAC,OAAO,CAAC,6BAA6B,GAAG,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,6BAA6B;oBAC9G;;AAGA,oBAAA,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,6BAA6B,EAAE;AAC9C,wBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,CAAA,sEAAA,EAAyE,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAA,CAAE,CACpG;AACD,wBAAA,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,0BAA0B,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC;wBACtG,GAAG,CAAC,OAAO,CAAC,6BAA6B,GAAG,kBAAkB,CAAC,QAAQ;oBACzE;;AAGA,oBAAA,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,6BAA6B,GAAG,GAAG,CAAC,OAAO,CAAC,6BAA6B;gBAC3F;gBAAE,OAAO,KAAK,EAAE;AACd,oBAAA,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,KAAK,EACL,CAAA,wDAAA,EAA2D,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAA,CAAE,CACtF;AACD,oBAAA,OAAO,IAAI,CAAC,KAAK,CAAC;gBACpB;YACF;YAEA,OAAO,IAAI,EAAE;AACf,QAAA,CAAC;IACH;AACD;;AC1Da,SAAU,qCAAqC,CAAC,EAC5D,MAAM,GAAG,OAAO,EAChB,oBAAoB,EACpB,oBAAoB,GAC2B,EAAA;AAC/C,IAAA,MAAM,OAAO,GAAG,iBAAiB,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,CAAC;AAChG,IAAA,OAAO,OAAO,CAAC,qCAAqC,EAAE;AACxD;;;;;;;;;"}
1
+ {"version":3,"file":"index.cjs","sources":["../src/data/componentApi/componentApiClient.ts","../src/utils/fallbacks.ts","../src/utils/updateCsp.ts","../src/componentsService.ts","../src/middleware/getFrontendComponents.ts","../src/data/prisonApi/prisonApiClient.ts","../src/caseLoadService.ts","../src/middleware/retrieveCaseLoadData.ts","../src/data/allocationsApi/allocationsApiClient.ts","../src/allocationService.ts","../src/middleware/retrieveAllocationJobResponsibilities.ts"],"sourcesContent":["import { ApiConfig, RestClient } from '@ministryofjustice/hmpps-rest-client'\nimport type AvailableComponent from '../../types/AvailableComponent'\nimport type Component from '../../types/Component'\nimport type { ConnectDpsComponentLogger } from '../../types/ConnectDpsComponentLogger'\nimport type SharedData from '../../types/SharedData'\n\nexport type ComponentsApiResponse<T extends AvailableComponent[] = AvailableComponent[]> = Record<\n T[number],\n Component\n> & {\n meta: SharedData\n}\n\nexport default class ComponentApiClient extends RestClient {\n constructor(logger: ConnectDpsComponentLogger, config: ApiConfig) {\n super('Component API Client', config, logger)\n }\n\n async getComponents<T extends AvailableComponent[]>(userToken: string): Promise<ComponentsApiResponse<T>> {\n return this.get({\n path: '/components',\n query: 'component=header&component=footer',\n headers: { 'x-user-token': userToken },\n })\n }\n}\n","import nunjucks from 'nunjucks'\nimport { HmppsUser } from '../types/HmppsUser'\n\nexport function getFallbackHeader(\n user: HmppsUser | null,\n dpsUrl: string,\n { environmentName, authUrl, supportUrl }: { environmentName?: string; authUrl?: string; supportUrl?: string },\n): string {\n return nunjucks.render('dpsComponents/header-bar.njk', {\n isPrisonUser: !user || user.authSource === 'nomis',\n user,\n dpsUrl,\n environmentName,\n authUrl,\n supportUrl,\n name: initialiseName(user?.displayName),\n })\n}\n\nexport function getFallbackFooter(\n user: HmppsUser | null,\n { authUrl, supportUrl }: { authUrl?: string; supportUrl?: string },\n): string {\n return nunjucks.render('dpsComponents/footer.njk', {\n isPrisonUser: !user || user.authSource === 'nomis',\n supportUrl,\n authUrl,\n })\n}\n\nfunction initialiseName(fullName?: string): string | null {\n if (!fullName) return null\n\n const array = fullName.split(' ')\n return `${array[0][0]}. ${array.reverse()[0]}`\n}\n","import type { Response } from 'express'\nimport type { CspDirectives } from '../types/CspDirectives'\n\nexport interface UpdateCspOptions {\n /** Content-Security-Policy directives to merge into response’s header */\n directives?: CspDirectives\n /** Base URL of MFE components service for fallback Content-Security-Policy directives */\n feComponentsUrl: string\n /** The express response whose Content-Security-Policy header should be updated */\n res: Response\n}\n\n/**\n * Update Content-Security-Policy header in response to allow use of MFE components on another domain/origin\n * with given directives, falling back to predefined directives known to be required\n */\nexport default function updateCsp(options: UpdateCspOptions): void\n/**\n * Update Content-Security-Policy header in response to allow use of MFE components on another domain/origin\n * using predefined directives known to be required\n * @deprecated provide options to `updateCsp` as a single object\n */\nexport default function updateCsp(feComponentsUrl: string, res: Response): void\nexport default function updateCsp(arg1: UpdateCspOptions | string, arg2?: Response): void {\n if (typeof arg1 === 'string') {\n // eslint-disable-next-line no-param-reassign\n arg1 = { feComponentsUrl: arg1, res: arg2! }\n }\n const { directives: providedDirectives, feComponentsUrl, res } = arg1\n\n const cspHeader = res.get('content-security-policy')\n const directives: CspDirectives = directivesFromHeader(cspHeader)\n const requiredDirectives = providedDirectives ?? fallbackDirectives(feComponentsUrl)\n mergeDirectives(directives, requiredDirectives)\n const newCspHeader = headerFromDirectives(directives)\n res.set('content-security-policy', newCspHeader)\n}\n\n/** Minimal known requirements to use MFE components on another domain/origin */\nfunction fallbackDirectives(feComponentsUrl: string): CspDirectives {\n return {\n 'script-src': [feComponentsUrl],\n 'style-src': [feComponentsUrl],\n 'img-src': [feComponentsUrl],\n 'font-src': [feComponentsUrl],\n }\n}\n\nfunction directivesFromHeader(cspHeader: string | undefined): CspDirectives {\n const header = cspHeader || \"default-src 'self'\"\n return Object.fromEntries(\n (header.split(';') ?? []).map(line => {\n const [directive, ...values] = line.split(/\\s+/)\n return [directive, values]\n }),\n )\n}\n\nfunction headerFromDirectives(directives: CspDirectives): string {\n return Object.entries(directives)\n .map(([directive, values]) => (values.length > 0 ? `${directive} ${values.join(' ')}` : directive))\n .join(';')\n}\n\nfunction mergeDirectives(directives: CspDirectives, overrides: Readonly<CspDirectives>): void {\n Object.entries(overrides).forEach(([directive, values]) => {\n if (directive in directives) {\n values.forEach(value => {\n if (!directives[directive].includes(value)) {\n directives[directive].push(value)\n }\n })\n } else {\n // eslint-disable-next-line no-param-reassign\n directives[directive] = [\"'self'\", ...values]\n }\n })\n}\n","import type { RequestHandler } from 'express'\nimport { ApiConfig } from '@ministryofjustice/hmpps-rest-client'\nimport ComponentApiClient from './data/componentApi/componentApiClient'\nimport { getFallbackFooter, getFallbackHeader } from './utils/fallbacks'\nimport updateCsp from './utils/updateCsp'\nimport { HmppsUser } from './types/HmppsUser'\nimport { ConnectDpsComponentLogger } from './types/ConnectDpsComponentLogger'\n\nexport interface FrontendComponentRequestOptions {\n authUrl?: string\n supportUrl?: string\n environmentName?: 'DEV' | 'PRE-PRODUCTION' | 'PRODUCTION'\n includeSharedData?: boolean\n useFallbacksByDefault?: boolean\n /**\n * Update Content-Security-Policy with directives returned by MFE components service\n * (instead of predefined directives); false by default\n */\n updateContentSecurityPolicy?: boolean\n}\n\nconst defaultOptions: FrontendComponentRequestOptions = {\n includeSharedData: false,\n useFallbacksByDefault: false,\n updateContentSecurityPolicy: false,\n}\n\nexport default class ComponentsService {\n constructor(\n private readonly logger: ConnectDpsComponentLogger,\n private readonly componentApiConfig: ApiConfig,\n private readonly componentApiClient: ComponentApiClient,\n private readonly dpsUrl: string,\n ) {}\n\n static create({\n logger = console,\n componentApiConfig,\n dpsUrl,\n }: {\n logger?: ConnectDpsComponentLogger\n componentApiConfig: ApiConfig\n dpsUrl: string\n }) {\n return new ComponentsService(logger, componentApiConfig, new ComponentApiClient(logger, componentApiConfig), dpsUrl)\n }\n\n getFrontendComponents(requestOptions?: FrontendComponentRequestOptions): RequestHandler {\n const requestOptionsWithDefaults = {\n ...defaultOptions,\n ...(requestOptions || {}),\n }\n const { includeSharedData, useFallbacksByDefault, updateContentSecurityPolicy } = requestOptionsWithDefaults\n\n return async (_req, res, next) => {\n const useFallbacks = (user: HmppsUser | null) => {\n res.locals.feComponents = {\n header: getFallbackHeader(user, this.dpsUrl, {\n environmentName: requestOptionsWithDefaults.environmentName,\n authUrl: requestOptionsWithDefaults.authUrl,\n supportUrl: requestOptionsWithDefaults.supportUrl,\n }),\n footer: getFallbackFooter(user, {\n authUrl: requestOptionsWithDefaults.authUrl,\n supportUrl: requestOptionsWithDefaults.supportUrl,\n }),\n cssIncludes: [],\n jsIncludes: [],\n }\n }\n\n if (!res.locals.user) {\n this.logger.info('Using fallback frontend components when no user in context')\n useFallbacks(null)\n return next()\n }\n\n if (useFallbacksByDefault) {\n this.logger.info('Using fallback frontend components by default')\n useFallbacks(res.locals.user)\n return next()\n }\n\n try {\n const { header, footer, meta } = await this.componentApiClient.getComponents(res.locals.user.token as string)\n\n res.locals.feComponents = {\n header: header.html,\n footer: footer.html,\n cssIncludes: [...header.css, ...footer.css],\n jsIncludes: [...header.javascript, ...footer.javascript],\n }\n\n if (includeSharedData) {\n res.locals.feComponents.sharedData = meta\n }\n\n updateCsp({\n directives: updateContentSecurityPolicy ? meta?.cspDirectives : undefined,\n feComponentsUrl: this.componentApiConfig.url,\n res,\n })\n\n return next()\n } catch {\n this.logger.error('Failed to retrieve front end components, using fallbacks')\n useFallbacks(res.locals.user)\n return next()\n }\n }\n }\n}\n","import { type RequestHandler } from 'express'\nimport ComponentsService, { FrontendComponentRequestOptions } from '../componentsService'\n\nexport type FrontendComponentsMiddlewareOptions = {\n requestOptions?: FrontendComponentRequestOptions\n} & Parameters<typeof ComponentsService.create>[0]\n\nexport default function getFrontendComponents({\n logger = console,\n componentApiConfig,\n dpsUrl,\n requestOptions,\n}: FrontendComponentsMiddlewareOptions): RequestHandler {\n const service = ComponentsService.create({ logger, componentApiConfig, dpsUrl })\n return service.getFrontendComponents(requestOptions)\n}\n","import { ApiConfig, asUser, RestClient } from '@ministryofjustice/hmpps-rest-client'\nimport CaseLoad from '../../types/CaseLoad'\nimport { ConnectDpsComponentLogger } from '../../types/ConnectDpsComponentLogger'\n\nexport default class PrisonApiClient extends RestClient {\n constructor(logger: ConnectDpsComponentLogger, config: ApiConfig) {\n super('Prison API Client', config, logger)\n }\n\n async getUserCaseLoads(userToken: string): Promise<CaseLoad[]> {\n return this.get(\n {\n path: '/api/users/me/caseLoads',\n query: 'allCaseloads=true',\n },\n asUser(userToken),\n )\n }\n}\n","import { type RequestHandler } from 'express'\nimport { ApiConfig } from '@ministryofjustice/hmpps-rest-client'\nimport CaseLoad from './types/CaseLoad'\nimport PrisonApiClient from './data/prisonApi/prisonApiClient'\nimport { ConnectDpsComponentLogger } from './types/ConnectDpsComponentLogger'\n\nexport default class CaseLoadService {\n constructor(\n private readonly logger: ConnectDpsComponentLogger,\n private readonly prisonApiClient: PrisonApiClient,\n ) {}\n\n static create({\n logger = console,\n prisonApiConfig,\n }: {\n logger?: ConnectDpsComponentLogger\n prisonApiConfig: ApiConfig\n }) {\n return new CaseLoadService(logger, new PrisonApiClient(logger, prisonApiConfig))\n }\n\n retrieveCaseLoadData(): RequestHandler {\n return async (req, res, next) => {\n if (!req.session) throw new Error('User session required in order to cache case loads')\n if (!res.locals.user) this.logger.warn('No res.locals.user object defined to set case load data in')\n if (!res.locals.user?.token) this.logger.warn('No res.locals.user.token defined to request case load data with')\n if (!res.locals.user?.authSource) this.logger.warn('No user auth source found')\n\n if (res.locals.user && res.locals.user.token && res.locals.user.authSource === 'nomis') {\n try {\n // Update cache with values from res.feComponents.sharedData if present\n if (res.locals.feComponents && res.locals.feComponents.sharedData) {\n req.session.caseLoads = res.locals.feComponents.sharedData.caseLoads\n req.session.activeCaseLoad = res.locals.feComponents.sharedData.activeCaseLoad ?? undefined\n req.session.activeCaseLoadId = res.locals.feComponents.sharedData.activeCaseLoad?.caseLoadId\n }\n\n // If cache is empty, fetch data from Prison API\n if (!req.session.caseLoads) {\n this.logger.info(`Falling back to Prison API to retrieve case loads for: ${res.locals.user.username}`)\n const userCaseLoads = await this.prisonApiClient.getUserCaseLoads(res.locals.user.token)\n const caseLoads = userCaseLoads.filter(caseload => caseload.type !== 'APP')\n const activeCaseLoad = caseLoads.find((caseLoad: CaseLoad) => caseLoad.currentlyActive)\n\n req.session.caseLoads = caseLoads\n req.session.activeCaseLoad = activeCaseLoad\n req.session.activeCaseLoadId = activeCaseLoad?.caseLoadId\n }\n\n // Populate res.locals.user with values from cache\n res.locals.user.caseLoads = req.session.caseLoads\n res.locals.user.activeCaseLoad = req.session.activeCaseLoad\n res.locals.user.activeCaseLoadId = req.session.activeCaseLoadId\n } catch (error) {\n this.logger.error(error, `Failed to retrieve case loads for: ${res.locals.user.username}`)\n return next(error)\n }\n }\n\n return next()\n }\n }\n}\n","import { type RequestHandler } from 'express'\nimport CaseLoadService from '../caseLoadService'\n\nexport default function retrieveCaseLoadData({\n logger = console,\n prisonApiConfig,\n}: Parameters<typeof CaseLoadService.create>[0]): RequestHandler {\n const service = CaseLoadService.create({ logger, prisonApiConfig })\n return service.retrieveCaseLoadData()\n}\n","import { ApiConfig, asSystem, AuthenticationClient, RestClient } from '@ministryofjustice/hmpps-rest-client'\nimport { PrisonUser } from '../../types/HmppsUser'\nimport { AllocationJobResponsibility } from '../../types/AllocationJobResponsibility'\nimport { ConnectDpsComponentLogger } from '../../types/ConnectDpsComponentLogger'\n\nexport default class AllocationsApiClient extends RestClient {\n constructor(logger: ConnectDpsComponentLogger, config: ApiConfig, authenticationClient: AuthenticationClient) {\n super('Allocations API Client', config, logger, authenticationClient)\n }\n\n async getStaffAllocationPolicies(user: PrisonUser): Promise<{ policies: AllocationJobResponsibility[] }> {\n return this.get(\n {\n path: `/prisons/${user.activeCaseLoadId}/staff/${user.userId}/job-classifications`,\n },\n asSystem(),\n )\n }\n}\n","import { type RequestHandler } from 'express'\nimport { ApiConfig, AuthenticationClient } from '@ministryofjustice/hmpps-rest-client'\nimport AllocationsApiClient from './data/allocationsApi/allocationsApiClient'\nimport { ConnectDpsComponentLogger } from './types/ConnectDpsComponentLogger'\n\nexport default class AllocationService {\n constructor(\n private readonly logger: ConnectDpsComponentLogger,\n private readonly allocationsApiClient: AllocationsApiClient,\n ) {}\n\n static create({\n logger = console,\n allocationsApiConfig,\n authenticationClient,\n }: {\n logger?: ConnectDpsComponentLogger\n allocationsApiConfig: ApiConfig\n authenticationClient: AuthenticationClient\n }) {\n return new AllocationService(logger, new AllocationsApiClient(logger, allocationsApiConfig, authenticationClient))\n }\n\n public retrieveAllocationJobResponsibilities(): RequestHandler {\n return async (req, res, next) => {\n if (!req.session) throw new Error('User session required in order to cache allocation job responsibilities')\n if (!res.locals.user.token)\n throw new Error(\n 'Caseload details needs to be populated before retrieving allocation job responsibilities. Please run retrieveCaseLoadData before retrieveAllocationJobResponsibilities.',\n )\n\n if (res.locals.user && res.locals.user.authSource === 'nomis') {\n try {\n // Update cache with values from res.feComponents.sharedData if present\n if (res.locals.feComponents && res.locals.feComponents.sharedData) {\n req.session.allocationJobResponsibilities = res.locals.feComponents.sharedData.allocationJobResponsibilities\n }\n\n // If cache is empty, fetch data from Prison API\n if (!req.session.allocationJobResponsibilities) {\n this.logger.info(\n `Falling back to Allocations API to retrieve job responsibilities for: ${res.locals.user.username}`,\n )\n const allocationPolicies = await this.allocationsApiClient.getStaffAllocationPolicies(res.locals.user)\n req.session.allocationJobResponsibilities = allocationPolicies.policies\n }\n\n // Populate res.locals.user with values from cache\n res.locals.user.allocationJobResponsibilities = req.session.allocationJobResponsibilities\n } catch (error) {\n this.logger.error(\n error,\n `Failed to retrieve allocation job responsibilities for: ${res.locals.user.username}`,\n )\n return next(error)\n }\n }\n\n return next()\n }\n }\n}\n","import { type RequestHandler } from 'express'\nimport AllocationService from '../allocationService'\n\nexport default function retrieveAllocationJobResponsibilities({\n logger = console,\n allocationsApiConfig,\n authenticationClient,\n}: Parameters<typeof AllocationService.create>[0]): RequestHandler {\n const service = AllocationService.create({ logger, allocationsApiConfig, authenticationClient })\n return service.retrieveAllocationJobResponsibilities()\n}\n"],"names":["RestClient","asUser","asSystem"],"mappings":";;;;;AAac,MAAO,kBAAmB,SAAQA,0BAAU,CAAA;IACxD,WAAA,CAAY,MAAiC,EAAE,MAAiB,EAAA;AAC9D,QAAA,KAAK,CAAC,sBAAsB,EAAE,MAAM,EAAE,MAAM,CAAC;IAC/C;IAEA,MAAM,aAAa,CAAiC,SAAiB,EAAA;QACnE,OAAO,IAAI,CAAC,GAAG,CAAC;AACd,YAAA,IAAI,EAAE,aAAa;AACnB,YAAA,KAAK,EAAE,mCAAmC;AAC1C,YAAA,OAAO,EAAE,EAAE,cAAc,EAAE,SAAS,EAAE;AACvC,SAAA,CAAC;IACJ;AACD;;ACtBK,SAAU,iBAAiB,CAC/B,IAAsB,EACtB,MAAc,EACd,EAAE,eAAe,EAAE,OAAO,EAAE,UAAU,EAAuE,EAAA;AAE7G,IAAA,OAAO,QAAQ,CAAC,MAAM,CAAC,8BAA8B,EAAE;QACrD,YAAY,EAAE,CAAC,IAAI,IAAI,IAAI,CAAC,UAAU,KAAK,OAAO;QAClD,IAAI;QACJ,MAAM;QACN,eAAe;QACf,OAAO;QACP,UAAU;AACV,QAAA,IAAI,EAAE,cAAc,CAAC,IAAI,EAAE,WAAW,CAAC;AACxC,KAAA,CAAC;AACJ;AAEM,SAAU,iBAAiB,CAC/B,IAAsB,EACtB,EAAE,OAAO,EAAE,UAAU,EAA6C,EAAA;AAElE,IAAA,OAAO,QAAQ,CAAC,MAAM,CAAC,0BAA0B,EAAE;QACjD,YAAY,EAAE,CAAC,IAAI,IAAI,IAAI,CAAC,UAAU,KAAK,OAAO;QAClD,UAAU;QACV,OAAO;AACR,KAAA,CAAC;AACJ;AAEA,SAAS,cAAc,CAAC,QAAiB,EAAA;AACvC,IAAA,IAAI,CAAC,QAAQ;AAAE,QAAA,OAAO,IAAI;IAE1B,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC;AACjC,IAAA,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA,EAAA,EAAK,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE;AAChD;;ACZc,SAAU,SAAS,CAAC,IAA+B,EAAE,IAAe,EAAA;AAChF,IAAA,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;;QAE5B,IAAI,GAAG,EAAE,eAAe,EAAE,IAAI,EAAE,GAAG,EAAE,IAAK,EAAE;IAC9C;IACA,MAAM,EAAE,UAAU,EAAE,kBAAkB,EAAE,eAAe,EAAE,GAAG,EAAE,GAAG,IAAI;IAErE,MAAM,SAAS,GAAG,GAAG,CAAC,GAAG,CAAC,yBAAyB,CAAC;AACpD,IAAA,MAAM,UAAU,GAAkB,oBAAoB,CAAC,SAAS,CAAC;IACjE,MAAM,kBAAkB,GAAG,kBAAkB,IAAI,kBAAkB,CAAC,eAAe,CAAC;AACpF,IAAA,eAAe,CAAC,UAAU,EAAE,kBAAkB,CAAC;AAC/C,IAAA,MAAM,YAAY,GAAG,oBAAoB,CAAC,UAAU,CAAC;AACrD,IAAA,GAAG,CAAC,GAAG,CAAC,yBAAyB,EAAE,YAAY,CAAC;AAClD;AAEA;AACA,SAAS,kBAAkB,CAAC,eAAuB,EAAA;IACjD,OAAO;QACL,YAAY,EAAE,CAAC,eAAe,CAAC;QAC/B,WAAW,EAAE,CAAC,eAAe,CAAC;QAC9B,SAAS,EAAE,CAAC,eAAe,CAAC;QAC5B,UAAU,EAAE,CAAC,eAAe,CAAC;KAC9B;AACH;AAEA,SAAS,oBAAoB,CAAC,SAA6B,EAAA;AACzD,IAAA,MAAM,MAAM,GAAG,SAAS,IAAI,oBAAoB;AAChD,IAAA,OAAO,MAAM,CAAC,WAAW,CACvB,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,GAAG,CAAC,IAAI,IAAG;AACnC,QAAA,MAAM,CAAC,SAAS,EAAE,GAAG,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC;AAChD,QAAA,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,CAAC,CAAC,CACH;AACH;AAEA,SAAS,oBAAoB,CAAC,UAAyB,EAAA;AACrD,IAAA,OAAO,MAAM,CAAC,OAAO,CAAC,UAAU;AAC7B,SAAA,GAAG,CAAC,CAAC,CAAC,SAAS,EAAE,MAAM,CAAC,MAAM,MAAM,CAAC,MAAM,GAAG,CAAC,GAAG,CAAA,EAAG,SAAS,CAAA,CAAA,EAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,SAAS,CAAC;SACjG,IAAI,CAAC,GAAG,CAAC;AACd;AAEA,SAAS,eAAe,CAAC,UAAyB,EAAE,SAAkC,EAAA;AACpF,IAAA,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,EAAE,MAAM,CAAC,KAAI;AACxD,QAAA,IAAI,SAAS,IAAI,UAAU,EAAE;AAC3B,YAAA,MAAM,CAAC,OAAO,CAAC,KAAK,IAAG;gBACrB,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE;oBAC1C,UAAU,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC;gBACnC;AACF,YAAA,CAAC,CAAC;QACJ;aAAO;;YAEL,UAAU,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,EAAE,GAAG,MAAM,CAAC;QAC/C;AACF,IAAA,CAAC,CAAC;AACJ;;ACxDA,MAAM,cAAc,GAAoC;AACtD,IAAA,iBAAiB,EAAE,KAAK;AACxB,IAAA,qBAAqB,EAAE,KAAK;AAC5B,IAAA,2BAA2B,EAAE,KAAK;CACnC;AAEa,MAAO,iBAAiB,CAAA;AAEjB,IAAA,MAAA;AACA,IAAA,kBAAA;AACA,IAAA,kBAAA;AACA,IAAA,MAAA;AAJnB,IAAA,WAAA,CACmB,MAAiC,EACjC,kBAA6B,EAC7B,kBAAsC,EACtC,MAAc,EAAA;QAHd,IAAA,CAAA,MAAM,GAAN,MAAM;QACN,IAAA,CAAA,kBAAkB,GAAlB,kBAAkB;QAClB,IAAA,CAAA,kBAAkB,GAAlB,kBAAkB;QAClB,IAAA,CAAA,MAAM,GAAN,MAAM;IACtB;IAEH,OAAO,MAAM,CAAC,EACZ,MAAM,GAAG,OAAO,EAChB,kBAAkB,EAClB,MAAM,GAKP,EAAA;AACC,QAAA,OAAO,IAAI,iBAAiB,CAAC,MAAM,EAAE,kBAAkB,EAAE,IAAI,kBAAkB,CAAC,MAAM,EAAE,kBAAkB,CAAC,EAAE,MAAM,CAAC;IACtH;AAEA,IAAA,qBAAqB,CAAC,cAAgD,EAAA;AACpE,QAAA,MAAM,0BAA0B,GAAG;AACjC,YAAA,GAAG,cAAc;AACjB,YAAA,IAAI,cAAc,IAAI,EAAE,CAAC;SAC1B;QACD,MAAM,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,2BAA2B,EAAE,GAAG,0BAA0B;QAE5G,OAAO,OAAO,IAAI,EAAE,GAAG,EAAE,IAAI,KAAI;AAC/B,YAAA,MAAM,YAAY,GAAG,CAAC,IAAsB,KAAI;AAC9C,gBAAA,GAAG,CAAC,MAAM,CAAC,YAAY,GAAG;oBACxB,MAAM,EAAE,iBAAiB,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,EAAE;wBAC3C,eAAe,EAAE,0BAA0B,CAAC,eAAe;wBAC3D,OAAO,EAAE,0BAA0B,CAAC,OAAO;wBAC3C,UAAU,EAAE,0BAA0B,CAAC,UAAU;qBAClD,CAAC;AACF,oBAAA,MAAM,EAAE,iBAAiB,CAAC,IAAI,EAAE;wBAC9B,OAAO,EAAE,0BAA0B,CAAC,OAAO;wBAC3C,UAAU,EAAE,0BAA0B,CAAC,UAAU;qBAClD,CAAC;AACF,oBAAA,WAAW,EAAE,EAAE;AACf,oBAAA,UAAU,EAAE,EAAE;iBACf;AACH,YAAA,CAAC;AAED,YAAA,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE;AACpB,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4DAA4D,CAAC;gBAC9E,YAAY,CAAC,IAAI,CAAC;gBAClB,OAAO,IAAI,EAAE;YACf;YAEA,IAAI,qBAAqB,EAAE;AACzB,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+CAA+C,CAAC;AACjE,gBAAA,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC;gBAC7B,OAAO,IAAI,EAAE;YACf;AAEA,YAAA,IAAI;gBACF,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,KAAe,CAAC;AAE7G,gBAAA,GAAG,CAAC,MAAM,CAAC,YAAY,GAAG;oBACxB,MAAM,EAAE,MAAM,CAAC,IAAI;oBACnB,MAAM,EAAE,MAAM,CAAC,IAAI;oBACnB,WAAW,EAAE,CAAC,GAAG,MAAM,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,GAAG,CAAC;oBAC3C,UAAU,EAAE,CAAC,GAAG,MAAM,CAAC,UAAU,EAAE,GAAG,MAAM,CAAC,UAAU,CAAC;iBACzD;gBAED,IAAI,iBAAiB,EAAE;oBACrB,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,GAAG,IAAI;gBAC3C;AAEA,gBAAA,SAAS,CAAC;oBACR,UAAU,EAAE,2BAA2B,GAAG,IAAI,EAAE,aAAa,GAAG,SAAS;AACzE,oBAAA,eAAe,EAAE,IAAI,CAAC,kBAAkB,CAAC,GAAG;oBAC5C,GAAG;AACJ,iBAAA,CAAC;gBAEF,OAAO,IAAI,EAAE;YACf;AAAE,YAAA,MAAM;AACN,gBAAA,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,0DAA0D,CAAC;AAC7E,gBAAA,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC;gBAC7B,OAAO,IAAI,EAAE;YACf;AACF,QAAA,CAAC;IACH;AACD;;ACxGa,SAAU,qBAAqB,CAAC,EAC5C,MAAM,GAAG,OAAO,EAChB,kBAAkB,EAClB,MAAM,EACN,cAAc,GACsB,EAAA;AACpC,IAAA,MAAM,OAAO,GAAG,iBAAiB,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,kBAAkB,EAAE,MAAM,EAAE,CAAC;AAChF,IAAA,OAAO,OAAO,CAAC,qBAAqB,CAAC,cAAc,CAAC;AACtD;;ACXc,MAAO,eAAgB,SAAQA,0BAAU,CAAA;IACrD,WAAA,CAAY,MAAiC,EAAE,MAAiB,EAAA;AAC9D,QAAA,KAAK,CAAC,mBAAmB,EAAE,MAAM,EAAE,MAAM,CAAC;IAC5C;IAEA,MAAM,gBAAgB,CAAC,SAAiB,EAAA;QACtC,OAAO,IAAI,CAAC,GAAG,CACb;AACE,YAAA,IAAI,EAAE,yBAAyB;AAC/B,YAAA,KAAK,EAAE,mBAAmB;AAC3B,SAAA,EACDC,sBAAM,CAAC,SAAS,CAAC,CAClB;IACH;AACD;;ACZa,MAAO,eAAe,CAAA;AAEf,IAAA,MAAA;AACA,IAAA,eAAA;IAFnB,WAAA,CACmB,MAAiC,EACjC,eAAgC,EAAA;QADhC,IAAA,CAAA,MAAM,GAAN,MAAM;QACN,IAAA,CAAA,eAAe,GAAf,eAAe;IAC/B;IAEH,OAAO,MAAM,CAAC,EACZ,MAAM,GAAG,OAAO,EAChB,eAAe,GAIhB,EAAA;AACC,QAAA,OAAO,IAAI,eAAe,CAAC,MAAM,EAAE,IAAI,eAAe,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;IAClF;IAEA,oBAAoB,GAAA;QAClB,OAAO,OAAO,GAAG,EAAE,GAAG,EAAE,IAAI,KAAI;YAC9B,IAAI,CAAC,GAAG,CAAC,OAAO;AAAE,gBAAA,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC;AACvF,YAAA,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI;AAAE,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4DAA4D,CAAC;AACpG,YAAA,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK;AAAE,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iEAAiE,CAAC;AAChH,YAAA,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,UAAU;AAAE,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,2BAA2B,CAAC;YAE/E,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,KAAK,OAAO,EAAE;AACtF,gBAAA,IAAI;;AAEF,oBAAA,IAAI,GAAG,CAAC,MAAM,CAAC,YAAY,IAAI,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,EAAE;AACjE,wBAAA,GAAG,CAAC,OAAO,CAAC,SAAS,GAAG,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,SAAS;AACpE,wBAAA,GAAG,CAAC,OAAO,CAAC,cAAc,GAAG,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,cAAc,IAAI,SAAS;AAC3F,wBAAA,GAAG,CAAC,OAAO,CAAC,gBAAgB,GAAG,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,cAAc,EAAE,UAAU;oBAC9F;;AAGA,oBAAA,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,EAAE;AAC1B,wBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA,uDAAA,EAA0D,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAA,CAAE,CAAC;AACtG,wBAAA,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,gBAAgB,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC;AACxF,wBAAA,MAAM,SAAS,GAAG,aAAa,CAAC,MAAM,CAAC,QAAQ,IAAI,QAAQ,CAAC,IAAI,KAAK,KAAK,CAAC;AAC3E,wBAAA,MAAM,cAAc,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC,QAAkB,KAAK,QAAQ,CAAC,eAAe,CAAC;AAEvF,wBAAA,GAAG,CAAC,OAAO,CAAC,SAAS,GAAG,SAAS;AACjC,wBAAA,GAAG,CAAC,OAAO,CAAC,cAAc,GAAG,cAAc;wBAC3C,GAAG,CAAC,OAAO,CAAC,gBAAgB,GAAG,cAAc,EAAE,UAAU;oBAC3D;;AAGA,oBAAA,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,GAAG,GAAG,CAAC,OAAO,CAAC,SAAS;AACjD,oBAAA,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,GAAG,GAAG,CAAC,OAAO,CAAC,cAAc;AAC3D,oBAAA,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,GAAG,GAAG,CAAC,OAAO,CAAC,gBAAgB;gBACjE;gBAAE,OAAO,KAAK,EAAE;AACd,oBAAA,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,EAAE,CAAA,mCAAA,EAAsC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAA,CAAE,CAAC;AAC1F,oBAAA,OAAO,IAAI,CAAC,KAAK,CAAC;gBACpB;YACF;YAEA,OAAO,IAAI,EAAE;AACf,QAAA,CAAC;IACH;AACD;;AC5Da,SAAU,oBAAoB,CAAC,EAC3C,MAAM,GAAG,OAAO,EAChB,eAAe,GAC8B,EAAA;AAC7C,IAAA,MAAM,OAAO,GAAG,eAAe,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,eAAe,EAAE,CAAC;AACnE,IAAA,OAAO,OAAO,CAAC,oBAAoB,EAAE;AACvC;;ACJc,MAAO,oBAAqB,SAAQD,0BAAU,CAAA;AAC1D,IAAA,WAAA,CAAY,MAAiC,EAAE,MAAiB,EAAE,oBAA0C,EAAA;QAC1G,KAAK,CAAC,wBAAwB,EAAE,MAAM,EAAE,MAAM,EAAE,oBAAoB,CAAC;IACvE;IAEA,MAAM,0BAA0B,CAAC,IAAgB,EAAA;QAC/C,OAAO,IAAI,CAAC,GAAG,CACb;YACE,IAAI,EAAE,YAAY,IAAI,CAAC,gBAAgB,CAAA,OAAA,EAAU,IAAI,CAAC,MAAM,CAAA,oBAAA,CAAsB;SACnF,EACDE,wBAAQ,EAAE,CACX;IACH;AACD;;ACba,MAAO,iBAAiB,CAAA;AAEjB,IAAA,MAAA;AACA,IAAA,oBAAA;IAFnB,WAAA,CACmB,MAAiC,EACjC,oBAA0C,EAAA;QAD1C,IAAA,CAAA,MAAM,GAAN,MAAM;QACN,IAAA,CAAA,oBAAoB,GAApB,oBAAoB;IACpC;IAEH,OAAO,MAAM,CAAC,EACZ,MAAM,GAAG,OAAO,EAChB,oBAAoB,EACpB,oBAAoB,GAKrB,EAAA;AACC,QAAA,OAAO,IAAI,iBAAiB,CAAC,MAAM,EAAE,IAAI,oBAAoB,CAAC,MAAM,EAAE,oBAAoB,EAAE,oBAAoB,CAAC,CAAC;IACpH;IAEO,qCAAqC,GAAA;QAC1C,OAAO,OAAO,GAAG,EAAE,GAAG,EAAE,IAAI,KAAI;YAC9B,IAAI,CAAC,GAAG,CAAC,OAAO;AAAE,gBAAA,MAAM,IAAI,KAAK,CAAC,yEAAyE,CAAC;AAC5G,YAAA,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK;AACxB,gBAAA,MAAM,IAAI,KAAK,CACb,yKAAyK,CAC1K;AAEH,YAAA,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,KAAK,OAAO,EAAE;AAC7D,gBAAA,IAAI;;AAEF,oBAAA,IAAI,GAAG,CAAC,MAAM,CAAC,YAAY,IAAI,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,EAAE;AACjE,wBAAA,GAAG,CAAC,OAAO,CAAC,6BAA6B,GAAG,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,6BAA6B;oBAC9G;;AAGA,oBAAA,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,6BAA6B,EAAE;AAC9C,wBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,CAAA,sEAAA,EAAyE,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAA,CAAE,CACpG;AACD,wBAAA,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,0BAA0B,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC;wBACtG,GAAG,CAAC,OAAO,CAAC,6BAA6B,GAAG,kBAAkB,CAAC,QAAQ;oBACzE;;AAGA,oBAAA,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,6BAA6B,GAAG,GAAG,CAAC,OAAO,CAAC,6BAA6B;gBAC3F;gBAAE,OAAO,KAAK,EAAE;AACd,oBAAA,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,KAAK,EACL,CAAA,wDAAA,EAA2D,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAA,CAAE,CACtF;AACD,oBAAA,OAAO,IAAI,CAAC,KAAK,CAAC;gBACpB;YACF;YAEA,OAAO,IAAI,EAAE;AACf,QAAA,CAAC;IACH;AACD;;AC1Da,SAAU,qCAAqC,CAAC,EAC5D,MAAM,GAAG,OAAO,EAChB,oBAAoB,EACpB,oBAAoB,GAC2B,EAAA;AAC/C,IAAA,MAAM,OAAO,GAAG,iBAAiB,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,CAAC;AAChG,IAAA,OAAO,OAAO,CAAC,qCAAqC,EAAE;AACxD;;;;;;;;;"}
package/dist/index.d.ts CHANGED
@@ -30,19 +30,27 @@ interface Service {
30
30
 
31
31
  type AllocationJobResponsibility = 'KEY_WORKER' | 'PERSONAL_OFFICER';
32
32
 
33
- interface HeaderFooterSharedData {
34
- activeCaseLoad?: CaseLoad;
33
+ /** Map of CSP directive to necessary URL values */
34
+ type CspDirectives = Record<string, string[]>;
35
+
36
+ /**
37
+ * Information about the current user and environment
38
+ */
39
+ interface SharedData {
40
+ /** Caseloads available to prison user */
35
41
  caseLoads: CaseLoad[];
42
+ /** Currently active caseload for prison user */
43
+ activeCaseLoad: CaseLoad | null;
44
+ /** Services available to prison user */
36
45
  services: Service[];
46
+ /** Prison user allocated responsibilites */
37
47
  allocationJobResponsibilities: AllocationJobResponsibility[];
38
- }
39
- interface ComponentsSharedData {
40
- header: HeaderFooterSharedData;
41
- footer: HeaderFooterSharedData;
48
+ /** Content-Security-Policy directives needed to use components from a different domain/origin */
49
+ cspDirectives: CspDirectives;
42
50
  }
43
51
 
44
- type ComponentsApiResponse<T extends AvailableComponent[]> = Record<T[number], Component> & {
45
- meta: ComponentsSharedData[T[number]];
52
+ type ComponentsApiResponse<T extends AvailableComponent[] = AvailableComponent[]> = Record<T[number], Component> & {
53
+ meta: SharedData;
46
54
  };
47
55
  declare class ComponentApiClient extends RestClient {
48
56
  constructor(logger: ConnectDpsComponentLogger, config: ApiConfig);
@@ -55,6 +63,11 @@ interface FrontendComponentRequestOptions {
55
63
  environmentName?: 'DEV' | 'PRE-PRODUCTION' | 'PRODUCTION';
56
64
  includeSharedData?: boolean;
57
65
  useFallbacksByDefault?: boolean;
66
+ /**
67
+ * Update Content-Security-Policy with directives returned by MFE components service
68
+ * (instead of predefined directives); false by default
69
+ */
70
+ updateContentSecurityPolicy?: boolean;
58
71
  }
59
72
  declare class ComponentsService {
60
73
  private readonly logger;
@@ -70,10 +83,10 @@ declare class ComponentsService {
70
83
  getFrontendComponents(requestOptions?: FrontendComponentRequestOptions): RequestHandler;
71
84
  }
72
85
 
73
- type MiddlewareOptions = {
86
+ type FrontendComponentsMiddlewareOptions = {
74
87
  requestOptions?: FrontendComponentRequestOptions;
75
88
  } & Parameters<typeof ComponentsService.create>[0];
76
- declare function getFrontendComponents({ logger, componentApiConfig, dpsUrl, requestOptions, }: MiddlewareOptions): RequestHandler;
89
+ declare function getFrontendComponents({ logger, componentApiConfig, dpsUrl, requestOptions, }: FrontendComponentsMiddlewareOptions): RequestHandler;
77
90
 
78
91
  declare class PrisonApiClient extends RestClient {
79
92
  constructor(logger: ConnectDpsComponentLogger, config: ApiConfig);
package/dist/index.esm.js CHANGED
@@ -39,26 +39,60 @@ function initialiseName(fullName) {
39
39
  return `${array[0][0]}. ${array.reverse()[0]}`;
40
40
  }
41
41
 
42
- function updateCsp(feComponentsUrl, res) {
43
- const csp = res.getHeaders()['content-security-policy'];
44
- const allDirectives = csp?.split(';') ?? [];
45
- const directivesToUpdate = ['script-src', 'style-src', 'img-src', 'font-src'];
46
- const updatedCspDirectives = allDirectives.map(directive => {
47
- // if directive is not in cspToUpdate or includes fe components url already return as is
48
- if (directive.includes(feComponentsUrl) || !directivesToUpdate.some(p => directive.includes(`${p} `)))
49
- return directive;
50
- // if directive is in cspToUpdate and does not have fe components url, add in
51
- return `${directive} ${feComponentsUrl}`;
42
+ function updateCsp(arg1, arg2) {
43
+ if (typeof arg1 === 'string') {
44
+ // eslint-disable-next-line no-param-reassign
45
+ arg1 = { feComponentsUrl: arg1, res: arg2 };
46
+ }
47
+ const { directives: providedDirectives, feComponentsUrl, res } = arg1;
48
+ const cspHeader = res.get('content-security-policy');
49
+ const directives = directivesFromHeader(cspHeader);
50
+ const requiredDirectives = providedDirectives ?? fallbackDirectives(feComponentsUrl);
51
+ mergeDirectives(directives, requiredDirectives);
52
+ const newCspHeader = headerFromDirectives(directives);
53
+ res.set('content-security-policy', newCspHeader);
54
+ }
55
+ /** Minimal known requirements to use MFE components on another domain/origin */
56
+ function fallbackDirectives(feComponentsUrl) {
57
+ return {
58
+ 'script-src': [feComponentsUrl],
59
+ 'style-src': [feComponentsUrl],
60
+ 'img-src': [feComponentsUrl],
61
+ 'font-src': [feComponentsUrl],
62
+ };
63
+ }
64
+ function directivesFromHeader(cspHeader) {
65
+ const header = cspHeader || "default-src 'self'";
66
+ return Object.fromEntries((header.split(';') ?? []).map(line => {
67
+ const [directive, ...values] = line.split(/\s+/);
68
+ return [directive, values];
69
+ }));
70
+ }
71
+ function headerFromDirectives(directives) {
72
+ return Object.entries(directives)
73
+ .map(([directive, values]) => (values.length > 0 ? `${directive} ${values.join(' ')}` : directive))
74
+ .join(';');
75
+ }
76
+ function mergeDirectives(directives, overrides) {
77
+ Object.entries(overrides).forEach(([directive, values]) => {
78
+ if (directive in directives) {
79
+ values.forEach(value => {
80
+ if (!directives[directive].includes(value)) {
81
+ directives[directive].push(value);
82
+ }
83
+ });
84
+ }
85
+ else {
86
+ // eslint-disable-next-line no-param-reassign
87
+ directives[directive] = ["'self'", ...values];
88
+ }
52
89
  });
53
- const requiredAndNotPresent = directivesToUpdate
54
- .filter(p => !updatedCspDirectives.find(directive => directive.includes(`${p} `)))
55
- .map(p => `${p} 'self' ${feComponentsUrl}`);
56
- res.set('content-security-policy', [...updatedCspDirectives, ...requiredAndNotPresent].join(';'));
57
90
  }
58
91
 
59
92
  const defaultOptions = {
60
93
  includeSharedData: false,
61
94
  useFallbacksByDefault: false,
95
+ updateContentSecurityPolicy: false,
62
96
  };
63
97
  class ComponentsService {
64
98
  logger;
@@ -79,7 +113,7 @@ class ComponentsService {
79
113
  ...defaultOptions,
80
114
  ...(requestOptions || {}),
81
115
  };
82
- const { includeSharedData, useFallbacksByDefault } = requestOptionsWithDefaults;
116
+ const { includeSharedData, useFallbacksByDefault, updateContentSecurityPolicy } = requestOptionsWithDefaults;
83
117
  return async (_req, res, next) => {
84
118
  const useFallbacks = (user) => {
85
119
  res.locals.feComponents = {
@@ -117,7 +151,11 @@ class ComponentsService {
117
151
  if (includeSharedData) {
118
152
  res.locals.feComponents.sharedData = meta;
119
153
  }
120
- updateCsp(this.componentApiConfig.url, res);
154
+ updateCsp({
155
+ directives: updateContentSecurityPolicy ? meta?.cspDirectives : undefined,
156
+ feComponentsUrl: this.componentApiConfig.url,
157
+ res,
158
+ });
121
159
  return next();
122
160
  }
123
161
  catch {
@@ -171,7 +209,7 @@ class CaseLoadService {
171
209
  // Update cache with values from res.feComponents.sharedData if present
172
210
  if (res.locals.feComponents && res.locals.feComponents.sharedData) {
173
211
  req.session.caseLoads = res.locals.feComponents.sharedData.caseLoads;
174
- req.session.activeCaseLoad = res.locals.feComponents.sharedData.activeCaseLoad;
212
+ req.session.activeCaseLoad = res.locals.feComponents.sharedData.activeCaseLoad ?? undefined;
175
213
  req.session.activeCaseLoadId = res.locals.feComponents.sharedData.activeCaseLoad?.caseLoadId;
176
214
  }
177
215
  // If cache is empty, fetch data from Prison API
package/dist/index.esm.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.esm.js","sources":["../src/data/componentApi/componentApiClient.ts","../src/utils/fallbacks.ts","../src/utils/updateCsp.ts","../src/componentsService.ts","../src/middleware/getFrontendComponents.ts","../src/data/prisonApi/prisonApiClient.ts","../src/caseLoadService.ts","../src/middleware/retrieveCaseLoadData.ts","../src/data/allocationsApi/allocationsApiClient.ts","../src/allocationService.ts","../src/middleware/retrieveAllocationJobResponsibilities.ts"],"sourcesContent":["import { ApiConfig, RestClient } from '@ministryofjustice/hmpps-rest-client'\nimport AvailableComponent from '../../types/AvailableComponent'\nimport Component from '../../types/Component'\nimport { ConnectDpsComponentLogger } from '../../types/ConnectDpsComponentLogger'\nimport { ComponentsSharedData } from '../../types/HeaderFooterSharedData'\n\nexport type ComponentsApiResponse<T extends AvailableComponent[]> = Record<T[number], Component> & {\n meta: ComponentsSharedData[T[number]] // TODO: rename 'meta' in the API response\n}\n\nexport default class ComponentApiClient extends RestClient {\n constructor(logger: ConnectDpsComponentLogger, config: ApiConfig) {\n super('Component API Client', config, logger)\n }\n\n async getComponents<T extends AvailableComponent[]>(userToken: string): Promise<ComponentsApiResponse<T>> {\n return this.get({\n path: '/components',\n query: 'component=header&component=footer',\n headers: { 'x-user-token': userToken },\n })\n }\n}\n","import nunjucks from 'nunjucks'\nimport { HmppsUser } from '../types/HmppsUser'\n\nexport function getFallbackHeader(\n user: HmppsUser | null,\n dpsUrl: string,\n { environmentName, authUrl, supportUrl }: { environmentName?: string; authUrl?: string; supportUrl?: string },\n): string {\n return nunjucks.render('dpsComponents/header-bar.njk', {\n isPrisonUser: !user || user.authSource === 'nomis',\n user,\n dpsUrl,\n environmentName,\n authUrl,\n supportUrl,\n name: initialiseName(user?.displayName),\n })\n}\n\nexport function getFallbackFooter(\n user: HmppsUser | null,\n { authUrl, supportUrl }: { authUrl?: string; supportUrl?: string },\n): string {\n return nunjucks.render('dpsComponents/footer.njk', {\n isPrisonUser: !user || user.authSource === 'nomis',\n supportUrl,\n authUrl,\n })\n}\n\nfunction initialiseName(fullName?: string): string | null {\n if (!fullName) return null\n\n const array = fullName.split(' ')\n return `${array[0][0]}. ${array.reverse()[0]}`\n}\n","import { type Response } from 'express'\n\nexport default function updateCsp(feComponentsUrl: string, res: Response) {\n const csp = res.getHeaders()['content-security-policy']\n const allDirectives = csp?.split(';') ?? []\n const directivesToUpdate = ['script-src', 'style-src', 'img-src', 'font-src']\n\n const updatedCspDirectives = allDirectives.map(directive => {\n // if directive is not in cspToUpdate or includes fe components url already return as is\n if (directive.includes(feComponentsUrl as string) || !directivesToUpdate.some(p => directive.includes(`${p} `)))\n return directive\n\n // if directive is in cspToUpdate and does not have fe components url, add in\n return `${directive} ${feComponentsUrl}`\n })\n\n const requiredAndNotPresent = directivesToUpdate\n .filter(p => !updatedCspDirectives.find(directive => directive.includes(`${p} `)))\n .map(p => `${p} 'self' ${feComponentsUrl}`)\n\n res.set('content-security-policy', [...updatedCspDirectives, ...requiredAndNotPresent].join(';'))\n}\n","import { type NextFunction, type Request, type Response, type RequestHandler } from 'express'\nimport { ApiConfig } from '@ministryofjustice/hmpps-rest-client'\nimport ComponentApiClient from './data/componentApi/componentApiClient'\nimport { getFallbackFooter, getFallbackHeader } from './utils/fallbacks'\nimport updateCsp from './utils/updateCsp'\nimport { HmppsUser } from './types/HmppsUser'\nimport { ConnectDpsComponentLogger } from './types/ConnectDpsComponentLogger'\n\nexport interface FrontendComponentRequestOptions {\n authUrl?: string\n supportUrl?: string\n environmentName?: 'DEV' | 'PRE-PRODUCTION' | 'PRODUCTION'\n includeSharedData?: boolean\n useFallbacksByDefault?: boolean\n}\n\nconst defaultOptions: Partial<FrontendComponentRequestOptions> = {\n includeSharedData: false,\n useFallbacksByDefault: false,\n}\n\nexport default class ComponentsService {\n constructor(\n private readonly logger: ConnectDpsComponentLogger,\n private readonly componentApiConfig: ApiConfig,\n private readonly componentApiClient: ComponentApiClient,\n private readonly dpsUrl: string,\n ) {}\n\n static create({\n logger = console,\n componentApiConfig,\n dpsUrl,\n }: {\n logger?: ConnectDpsComponentLogger\n componentApiConfig: ApiConfig\n dpsUrl: string\n }) {\n return new ComponentsService(logger, componentApiConfig, new ComponentApiClient(logger, componentApiConfig), dpsUrl)\n }\n\n getFrontendComponents(requestOptions?: FrontendComponentRequestOptions): RequestHandler {\n const requestOptionsWithDefaults = {\n ...defaultOptions,\n ...(requestOptions || {}),\n }\n const { includeSharedData, useFallbacksByDefault } = requestOptionsWithDefaults\n\n return async (_req: Request, res: Response, next: NextFunction) => {\n const useFallbacks = (user: HmppsUser | null) => {\n res.locals.feComponents = {\n header: getFallbackHeader(user, this.dpsUrl, {\n environmentName: requestOptionsWithDefaults.environmentName,\n authUrl: requestOptionsWithDefaults.authUrl,\n supportUrl: requestOptionsWithDefaults.supportUrl,\n }),\n footer: getFallbackFooter(user, {\n authUrl: requestOptionsWithDefaults.authUrl,\n supportUrl: requestOptionsWithDefaults.supportUrl,\n }),\n cssIncludes: [],\n jsIncludes: [],\n }\n }\n\n if (!res.locals.user) {\n this.logger.info('Using fallback frontend components when no user in context')\n useFallbacks(null)\n return next()\n }\n\n if (useFallbacksByDefault) {\n this.logger.info('Using fallback frontend components by default')\n useFallbacks(res.locals.user)\n return next()\n }\n\n try {\n const { header, footer, meta } = await this.componentApiClient.getComponents(res.locals.user.token as string)\n\n res.locals.feComponents = {\n header: header.html,\n footer: footer.html,\n cssIncludes: [...header.css, ...footer.css],\n jsIncludes: [...header.javascript, ...footer.javascript],\n }\n\n if (includeSharedData) {\n res.locals.feComponents.sharedData = meta\n }\n\n updateCsp(this.componentApiConfig.url, res)\n\n return next()\n } catch {\n this.logger.error('Failed to retrieve front end components, using fallbacks')\n useFallbacks(res.locals.user)\n return next()\n }\n }\n }\n}\n","import { type RequestHandler } from 'express'\nimport ComponentsService, { FrontendComponentRequestOptions } from '../componentsService'\n\ntype MiddlewareOptions = {\n requestOptions?: FrontendComponentRequestOptions\n} & Parameters<typeof ComponentsService.create>[0]\n\nexport default function getFrontendComponents({\n logger = console,\n componentApiConfig,\n dpsUrl,\n requestOptions,\n}: MiddlewareOptions): RequestHandler {\n const service = ComponentsService.create({ logger, componentApiConfig, dpsUrl })\n return service.getFrontendComponents(requestOptions)\n}\n","import { ApiConfig, asUser, RestClient } from '@ministryofjustice/hmpps-rest-client'\nimport CaseLoad from '../../types/CaseLoad'\nimport { ConnectDpsComponentLogger } from '../../types/ConnectDpsComponentLogger'\n\nexport default class PrisonApiClient extends RestClient {\n constructor(logger: ConnectDpsComponentLogger, config: ApiConfig) {\n super('Prison API Client', config, logger)\n }\n\n async getUserCaseLoads(userToken: string): Promise<CaseLoad[]> {\n return this.get(\n {\n path: '/api/users/me/caseLoads',\n query: 'allCaseloads=true',\n },\n asUser(userToken),\n )\n }\n}\n","import { type RequestHandler } from 'express'\nimport { ApiConfig } from '@ministryofjustice/hmpps-rest-client'\nimport CaseLoad from './types/CaseLoad'\nimport PrisonApiClient from './data/prisonApi/prisonApiClient'\nimport { ConnectDpsComponentLogger } from './types/ConnectDpsComponentLogger'\n\nexport default class CaseLoadService {\n constructor(\n private readonly logger: ConnectDpsComponentLogger,\n private readonly prisonApiClient: PrisonApiClient,\n ) {}\n\n static create({\n logger = console,\n prisonApiConfig,\n }: {\n logger?: ConnectDpsComponentLogger\n prisonApiConfig: ApiConfig\n }) {\n return new CaseLoadService(logger, new PrisonApiClient(logger, prisonApiConfig))\n }\n\n retrieveCaseLoadData(): RequestHandler {\n return async (req, res, next) => {\n if (!req.session) throw new Error('User session required in order to cache case loads')\n if (!res.locals.user) this.logger.warn('No res.locals.user object defined to set case load data in')\n if (!res.locals.user?.token) this.logger.warn('No res.locals.user.token defined to request case load data with')\n if (!res.locals.user?.authSource) this.logger.warn('No user auth source found')\n\n if (res.locals.user && res.locals.user.token && res.locals.user.authSource === 'nomis') {\n try {\n // Update cache with values from res.feComponents.sharedData if present\n if (res.locals.feComponents && res.locals.feComponents.sharedData) {\n req.session.caseLoads = res.locals.feComponents.sharedData.caseLoads\n req.session.activeCaseLoad = res.locals.feComponents.sharedData.activeCaseLoad\n req.session.activeCaseLoadId = res.locals.feComponents.sharedData.activeCaseLoad?.caseLoadId\n }\n\n // If cache is empty, fetch data from Prison API\n if (!req.session.caseLoads) {\n this.logger.info(`Falling back to Prison API to retrieve case loads for: ${res.locals.user.username}`)\n const userCaseLoads = await this.prisonApiClient.getUserCaseLoads(res.locals.user.token)\n const caseLoads = userCaseLoads.filter(caseload => caseload.type !== 'APP')\n const activeCaseLoad = caseLoads.find((caseLoad: CaseLoad) => caseLoad.currentlyActive)\n\n req.session.caseLoads = caseLoads\n req.session.activeCaseLoad = activeCaseLoad\n req.session.activeCaseLoadId = activeCaseLoad?.caseLoadId\n }\n\n // Populate res.locals.user with values from cache\n res.locals.user.caseLoads = req.session.caseLoads\n res.locals.user.activeCaseLoad = req.session.activeCaseLoad\n res.locals.user.activeCaseLoadId = req.session.activeCaseLoadId\n } catch (error) {\n this.logger.error(error, `Failed to retrieve case loads for: ${res.locals.user.username}`)\n return next(error)\n }\n }\n\n return next()\n }\n }\n}\n","import { type RequestHandler } from 'express'\nimport CaseLoadService from '../caseLoadService'\n\nexport default function retrieveCaseLoadData({\n logger = console,\n prisonApiConfig,\n}: Parameters<typeof CaseLoadService.create>[0]): RequestHandler {\n const service = CaseLoadService.create({ logger, prisonApiConfig })\n return service.retrieveCaseLoadData()\n}\n","import { ApiConfig, asSystem, AuthenticationClient, RestClient } from '@ministryofjustice/hmpps-rest-client'\nimport { PrisonUser } from '../../types/HmppsUser'\nimport { AllocationJobResponsibility } from '../../types/AllocationJobResponsibility'\nimport { ConnectDpsComponentLogger } from '../../types/ConnectDpsComponentLogger'\n\nexport default class AllocationsApiClient extends RestClient {\n constructor(logger: ConnectDpsComponentLogger, config: ApiConfig, authenticationClient: AuthenticationClient) {\n super('Allocations API Client', config, logger, authenticationClient)\n }\n\n async getStaffAllocationPolicies(user: PrisonUser): Promise<{ policies: AllocationJobResponsibility[] }> {\n return this.get(\n {\n path: `/prisons/${user.activeCaseLoadId}/staff/${user.userId}/job-classifications`,\n },\n asSystem(),\n )\n }\n}\n","import { type RequestHandler } from 'express'\nimport { ApiConfig, AuthenticationClient } from '@ministryofjustice/hmpps-rest-client'\nimport AllocationsApiClient from './data/allocationsApi/allocationsApiClient'\nimport { ConnectDpsComponentLogger } from './types/ConnectDpsComponentLogger'\n\nexport default class AllocationService {\n constructor(\n private readonly logger: ConnectDpsComponentLogger,\n private readonly allocationsApiClient: AllocationsApiClient,\n ) {}\n\n static create({\n logger = console,\n allocationsApiConfig,\n authenticationClient,\n }: {\n logger?: ConnectDpsComponentLogger\n allocationsApiConfig: ApiConfig\n authenticationClient: AuthenticationClient\n }) {\n return new AllocationService(logger, new AllocationsApiClient(logger, allocationsApiConfig, authenticationClient))\n }\n\n public retrieveAllocationJobResponsibilities(): RequestHandler {\n return async (req, res, next) => {\n if (!req.session) throw new Error('User session required in order to cache allocation job responsibilities')\n if (!res.locals.user.token)\n throw new Error(\n 'Caseload details needs to be populated before retrieving allocation job responsibilities. Please run retrieveCaseLoadData before retrieveAllocationJobResponsibilities.',\n )\n\n if (res.locals.user && res.locals.user.authSource === 'nomis') {\n try {\n // Update cache with values from res.feComponents.sharedData if present\n if (res.locals.feComponents && res.locals.feComponents.sharedData) {\n req.session.allocationJobResponsibilities = res.locals.feComponents.sharedData.allocationJobResponsibilities\n }\n\n // If cache is empty, fetch data from Prison API\n if (!req.session.allocationJobResponsibilities) {\n this.logger.info(\n `Falling back to Allocations API to retrieve job responsibilities for: ${res.locals.user.username}`,\n )\n const allocationPolicies = await this.allocationsApiClient.getStaffAllocationPolicies(res.locals.user)\n req.session.allocationJobResponsibilities = allocationPolicies.policies\n }\n\n // Populate res.locals.user with values from cache\n res.locals.user.allocationJobResponsibilities = req.session.allocationJobResponsibilities\n } catch (error) {\n this.logger.error(\n error,\n `Failed to retrieve allocation job responsibilities for: ${res.locals.user.username}`,\n )\n return next(error)\n }\n }\n\n return next()\n }\n }\n}\n","import { type RequestHandler } from 'express'\nimport AllocationService from '../allocationService'\n\nexport default function retrieveAllocationJobResponsibilities({\n logger = console,\n allocationsApiConfig,\n authenticationClient,\n}: Parameters<typeof AllocationService.create>[0]): RequestHandler {\n const service = AllocationService.create({ logger, allocationsApiConfig, authenticationClient })\n return service.retrieveAllocationJobResponsibilities()\n}\n"],"names":[],"mappings":";;;AAUc,MAAO,kBAAmB,SAAQ,UAAU,CAAA;IACxD,WAAA,CAAY,MAAiC,EAAE,MAAiB,EAAA;AAC9D,QAAA,KAAK,CAAC,sBAAsB,EAAE,MAAM,EAAE,MAAM,CAAC;IAC/C;IAEA,MAAM,aAAa,CAAiC,SAAiB,EAAA;QACnE,OAAO,IAAI,CAAC,GAAG,CAAC;AACd,YAAA,IAAI,EAAE,aAAa;AACnB,YAAA,KAAK,EAAE,mCAAmC;AAC1C,YAAA,OAAO,EAAE,EAAE,cAAc,EAAE,SAAS,EAAE;AACvC,SAAA,CAAC;IACJ;AACD;;ACnBK,SAAU,iBAAiB,CAC/B,IAAsB,EACtB,MAAc,EACd,EAAE,eAAe,EAAE,OAAO,EAAE,UAAU,EAAuE,EAAA;AAE7G,IAAA,OAAO,QAAQ,CAAC,MAAM,CAAC,8BAA8B,EAAE;QACrD,YAAY,EAAE,CAAC,IAAI,IAAI,IAAI,CAAC,UAAU,KAAK,OAAO;QAClD,IAAI;QACJ,MAAM;QACN,eAAe;QACf,OAAO;QACP,UAAU;AACV,QAAA,IAAI,EAAE,cAAc,CAAC,IAAI,EAAE,WAAW,CAAC;AACxC,KAAA,CAAC;AACJ;AAEM,SAAU,iBAAiB,CAC/B,IAAsB,EACtB,EAAE,OAAO,EAAE,UAAU,EAA6C,EAAA;AAElE,IAAA,OAAO,QAAQ,CAAC,MAAM,CAAC,0BAA0B,EAAE;QACjD,YAAY,EAAE,CAAC,IAAI,IAAI,IAAI,CAAC,UAAU,KAAK,OAAO;QAClD,UAAU;QACV,OAAO;AACR,KAAA,CAAC;AACJ;AAEA,SAAS,cAAc,CAAC,QAAiB,EAAA;AACvC,IAAA,IAAI,CAAC,QAAQ;AAAE,QAAA,OAAO,IAAI;IAE1B,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC;AACjC,IAAA,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA,EAAA,EAAK,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE;AAChD;;ACjCc,SAAU,SAAS,CAAC,eAAuB,EAAE,GAAa,EAAA;IACtE,MAAM,GAAG,GAAG,GAAG,CAAC,UAAU,EAAE,CAAC,yBAAyB,CAAC;IACvD,MAAM,aAAa,GAAG,GAAG,EAAE,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE;IAC3C,MAAM,kBAAkB,GAAG,CAAC,YAAY,EAAE,WAAW,EAAE,SAAS,EAAE,UAAU,CAAC;IAE7E,MAAM,oBAAoB,GAAG,aAAa,CAAC,GAAG,CAAC,SAAS,IAAG;;QAEzD,IAAI,SAAS,CAAC,QAAQ,CAAC,eAAyB,CAAC,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,CAAA,EAAG,CAAC,CAAA,CAAA,CAAG,CAAC,CAAC;AAC7G,YAAA,OAAO,SAAS;;AAGlB,QAAA,OAAO,CAAA,EAAG,SAAS,CAAA,CAAA,EAAI,eAAe,EAAE;AAC1C,IAAA,CAAC,CAAC;IAEF,MAAM,qBAAqB,GAAG;SAC3B,MAAM,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,SAAS,IAAI,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA,CAAA,CAAG,CAAC,CAAC;SAChF,GAAG,CAAC,CAAC,IAAI,CAAA,EAAG,CAAC,CAAA,QAAA,EAAW,eAAe,CAAA,CAAE,CAAC;AAE7C,IAAA,GAAG,CAAC,GAAG,CAAC,yBAAyB,EAAE,CAAC,GAAG,oBAAoB,EAAE,GAAG,qBAAqB,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACnG;;ACLA,MAAM,cAAc,GAA6C;AAC/D,IAAA,iBAAiB,EAAE,KAAK;AACxB,IAAA,qBAAqB,EAAE,KAAK;CAC7B;AAEa,MAAO,iBAAiB,CAAA;AAEjB,IAAA,MAAA;AACA,IAAA,kBAAA;AACA,IAAA,kBAAA;AACA,IAAA,MAAA;AAJnB,IAAA,WAAA,CACmB,MAAiC,EACjC,kBAA6B,EAC7B,kBAAsC,EACtC,MAAc,EAAA;QAHd,IAAA,CAAA,MAAM,GAAN,MAAM;QACN,IAAA,CAAA,kBAAkB,GAAlB,kBAAkB;QAClB,IAAA,CAAA,kBAAkB,GAAlB,kBAAkB;QAClB,IAAA,CAAA,MAAM,GAAN,MAAM;IACtB;IAEH,OAAO,MAAM,CAAC,EACZ,MAAM,GAAG,OAAO,EAChB,kBAAkB,EAClB,MAAM,GAKP,EAAA;AACC,QAAA,OAAO,IAAI,iBAAiB,CAAC,MAAM,EAAE,kBAAkB,EAAE,IAAI,kBAAkB,CAAC,MAAM,EAAE,kBAAkB,CAAC,EAAE,MAAM,CAAC;IACtH;AAEA,IAAA,qBAAqB,CAAC,cAAgD,EAAA;AACpE,QAAA,MAAM,0BAA0B,GAAG;AACjC,YAAA,GAAG,cAAc;AACjB,YAAA,IAAI,cAAc,IAAI,EAAE,CAAC;SAC1B;AACD,QAAA,MAAM,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,GAAG,0BAA0B;QAE/E,OAAO,OAAO,IAAa,EAAE,GAAa,EAAE,IAAkB,KAAI;AAChE,YAAA,MAAM,YAAY,GAAG,CAAC,IAAsB,KAAI;AAC9C,gBAAA,GAAG,CAAC,MAAM,CAAC,YAAY,GAAG;oBACxB,MAAM,EAAE,iBAAiB,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,EAAE;wBAC3C,eAAe,EAAE,0BAA0B,CAAC,eAAe;wBAC3D,OAAO,EAAE,0BAA0B,CAAC,OAAO;wBAC3C,UAAU,EAAE,0BAA0B,CAAC,UAAU;qBAClD,CAAC;AACF,oBAAA,MAAM,EAAE,iBAAiB,CAAC,IAAI,EAAE;wBAC9B,OAAO,EAAE,0BAA0B,CAAC,OAAO;wBAC3C,UAAU,EAAE,0BAA0B,CAAC,UAAU;qBAClD,CAAC;AACF,oBAAA,WAAW,EAAE,EAAE;AACf,oBAAA,UAAU,EAAE,EAAE;iBACf;AACH,YAAA,CAAC;AAED,YAAA,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE;AACpB,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4DAA4D,CAAC;gBAC9E,YAAY,CAAC,IAAI,CAAC;gBAClB,OAAO,IAAI,EAAE;YACf;YAEA,IAAI,qBAAqB,EAAE;AACzB,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+CAA+C,CAAC;AACjE,gBAAA,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC;gBAC7B,OAAO,IAAI,EAAE;YACf;AAEA,YAAA,IAAI;gBACF,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,KAAe,CAAC;AAE7G,gBAAA,GAAG,CAAC,MAAM,CAAC,YAAY,GAAG;oBACxB,MAAM,EAAE,MAAM,CAAC,IAAI;oBACnB,MAAM,EAAE,MAAM,CAAC,IAAI;oBACnB,WAAW,EAAE,CAAC,GAAG,MAAM,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,GAAG,CAAC;oBAC3C,UAAU,EAAE,CAAC,GAAG,MAAM,CAAC,UAAU,EAAE,GAAG,MAAM,CAAC,UAAU,CAAC;iBACzD;gBAED,IAAI,iBAAiB,EAAE;oBACrB,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,GAAG,IAAI;gBAC3C;gBAEA,SAAS,CAAC,IAAI,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAG,CAAC;gBAE3C,OAAO,IAAI,EAAE;YACf;AAAE,YAAA,MAAM;AACN,gBAAA,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,0DAA0D,CAAC;AAC7E,gBAAA,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC;gBAC7B,OAAO,IAAI,EAAE;YACf;AACF,QAAA,CAAC;IACH;AACD;;AC9Fa,SAAU,qBAAqB,CAAC,EAC5C,MAAM,GAAG,OAAO,EAChB,kBAAkB,EAClB,MAAM,EACN,cAAc,GACI,EAAA;AAClB,IAAA,MAAM,OAAO,GAAG,iBAAiB,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,kBAAkB,EAAE,MAAM,EAAE,CAAC;AAChF,IAAA,OAAO,OAAO,CAAC,qBAAqB,CAAC,cAAc,CAAC;AACtD;;ACXc,MAAO,eAAgB,SAAQ,UAAU,CAAA;IACrD,WAAA,CAAY,MAAiC,EAAE,MAAiB,EAAA;AAC9D,QAAA,KAAK,CAAC,mBAAmB,EAAE,MAAM,EAAE,MAAM,CAAC;IAC5C;IAEA,MAAM,gBAAgB,CAAC,SAAiB,EAAA;QACtC,OAAO,IAAI,CAAC,GAAG,CACb;AACE,YAAA,IAAI,EAAE,yBAAyB;AAC/B,YAAA,KAAK,EAAE,mBAAmB;AAC3B,SAAA,EACD,MAAM,CAAC,SAAS,CAAC,CAClB;IACH;AACD;;ACZa,MAAO,eAAe,CAAA;AAEf,IAAA,MAAA;AACA,IAAA,eAAA;IAFnB,WAAA,CACmB,MAAiC,EACjC,eAAgC,EAAA;QADhC,IAAA,CAAA,MAAM,GAAN,MAAM;QACN,IAAA,CAAA,eAAe,GAAf,eAAe;IAC/B;IAEH,OAAO,MAAM,CAAC,EACZ,MAAM,GAAG,OAAO,EAChB,eAAe,GAIhB,EAAA;AACC,QAAA,OAAO,IAAI,eAAe,CAAC,MAAM,EAAE,IAAI,eAAe,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;IAClF;IAEA,oBAAoB,GAAA;QAClB,OAAO,OAAO,GAAG,EAAE,GAAG,EAAE,IAAI,KAAI;YAC9B,IAAI,CAAC,GAAG,CAAC,OAAO;AAAE,gBAAA,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC;AACvF,YAAA,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI;AAAE,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4DAA4D,CAAC;AACpG,YAAA,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK;AAAE,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iEAAiE,CAAC;AAChH,YAAA,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,UAAU;AAAE,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,2BAA2B,CAAC;YAE/E,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,KAAK,OAAO,EAAE;AACtF,gBAAA,IAAI;;AAEF,oBAAA,IAAI,GAAG,CAAC,MAAM,CAAC,YAAY,IAAI,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,EAAE;AACjE,wBAAA,GAAG,CAAC,OAAO,CAAC,SAAS,GAAG,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,SAAS;AACpE,wBAAA,GAAG,CAAC,OAAO,CAAC,cAAc,GAAG,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,cAAc;AAC9E,wBAAA,GAAG,CAAC,OAAO,CAAC,gBAAgB,GAAG,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,cAAc,EAAE,UAAU;oBAC9F;;AAGA,oBAAA,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,EAAE;AAC1B,wBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA,uDAAA,EAA0D,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAA,CAAE,CAAC;AACtG,wBAAA,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,gBAAgB,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC;AACxF,wBAAA,MAAM,SAAS,GAAG,aAAa,CAAC,MAAM,CAAC,QAAQ,IAAI,QAAQ,CAAC,IAAI,KAAK,KAAK,CAAC;AAC3E,wBAAA,MAAM,cAAc,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC,QAAkB,KAAK,QAAQ,CAAC,eAAe,CAAC;AAEvF,wBAAA,GAAG,CAAC,OAAO,CAAC,SAAS,GAAG,SAAS;AACjC,wBAAA,GAAG,CAAC,OAAO,CAAC,cAAc,GAAG,cAAc;wBAC3C,GAAG,CAAC,OAAO,CAAC,gBAAgB,GAAG,cAAc,EAAE,UAAU;oBAC3D;;AAGA,oBAAA,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,GAAG,GAAG,CAAC,OAAO,CAAC,SAAS;AACjD,oBAAA,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,GAAG,GAAG,CAAC,OAAO,CAAC,cAAc;AAC3D,oBAAA,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,GAAG,GAAG,CAAC,OAAO,CAAC,gBAAgB;gBACjE;gBAAE,OAAO,KAAK,EAAE;AACd,oBAAA,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,EAAE,CAAA,mCAAA,EAAsC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAA,CAAE,CAAC;AAC1F,oBAAA,OAAO,IAAI,CAAC,KAAK,CAAC;gBACpB;YACF;YAEA,OAAO,IAAI,EAAE;AACf,QAAA,CAAC;IACH;AACD;;AC5Da,SAAU,oBAAoB,CAAC,EAC3C,MAAM,GAAG,OAAO,EAChB,eAAe,GAC8B,EAAA;AAC7C,IAAA,MAAM,OAAO,GAAG,eAAe,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,eAAe,EAAE,CAAC;AACnE,IAAA,OAAO,OAAO,CAAC,oBAAoB,EAAE;AACvC;;ACJc,MAAO,oBAAqB,SAAQ,UAAU,CAAA;AAC1D,IAAA,WAAA,CAAY,MAAiC,EAAE,MAAiB,EAAE,oBAA0C,EAAA;QAC1G,KAAK,CAAC,wBAAwB,EAAE,MAAM,EAAE,MAAM,EAAE,oBAAoB,CAAC;IACvE;IAEA,MAAM,0BAA0B,CAAC,IAAgB,EAAA;QAC/C,OAAO,IAAI,CAAC,GAAG,CACb;YACE,IAAI,EAAE,YAAY,IAAI,CAAC,gBAAgB,CAAA,OAAA,EAAU,IAAI,CAAC,MAAM,CAAA,oBAAA,CAAsB;SACnF,EACD,QAAQ,EAAE,CACX;IACH;AACD;;ACba,MAAO,iBAAiB,CAAA;AAEjB,IAAA,MAAA;AACA,IAAA,oBAAA;IAFnB,WAAA,CACmB,MAAiC,EACjC,oBAA0C,EAAA;QAD1C,IAAA,CAAA,MAAM,GAAN,MAAM;QACN,IAAA,CAAA,oBAAoB,GAApB,oBAAoB;IACpC;IAEH,OAAO,MAAM,CAAC,EACZ,MAAM,GAAG,OAAO,EAChB,oBAAoB,EACpB,oBAAoB,GAKrB,EAAA;AACC,QAAA,OAAO,IAAI,iBAAiB,CAAC,MAAM,EAAE,IAAI,oBAAoB,CAAC,MAAM,EAAE,oBAAoB,EAAE,oBAAoB,CAAC,CAAC;IACpH;IAEO,qCAAqC,GAAA;QAC1C,OAAO,OAAO,GAAG,EAAE,GAAG,EAAE,IAAI,KAAI;YAC9B,IAAI,CAAC,GAAG,CAAC,OAAO;AAAE,gBAAA,MAAM,IAAI,KAAK,CAAC,yEAAyE,CAAC;AAC5G,YAAA,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK;AACxB,gBAAA,MAAM,IAAI,KAAK,CACb,yKAAyK,CAC1K;AAEH,YAAA,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,KAAK,OAAO,EAAE;AAC7D,gBAAA,IAAI;;AAEF,oBAAA,IAAI,GAAG,CAAC,MAAM,CAAC,YAAY,IAAI,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,EAAE;AACjE,wBAAA,GAAG,CAAC,OAAO,CAAC,6BAA6B,GAAG,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,6BAA6B;oBAC9G;;AAGA,oBAAA,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,6BAA6B,EAAE;AAC9C,wBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,CAAA,sEAAA,EAAyE,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAA,CAAE,CACpG;AACD,wBAAA,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,0BAA0B,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC;wBACtG,GAAG,CAAC,OAAO,CAAC,6BAA6B,GAAG,kBAAkB,CAAC,QAAQ;oBACzE;;AAGA,oBAAA,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,6BAA6B,GAAG,GAAG,CAAC,OAAO,CAAC,6BAA6B;gBAC3F;gBAAE,OAAO,KAAK,EAAE;AACd,oBAAA,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,KAAK,EACL,CAAA,wDAAA,EAA2D,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAA,CAAE,CACtF;AACD,oBAAA,OAAO,IAAI,CAAC,KAAK,CAAC;gBACpB;YACF;YAEA,OAAO,IAAI,EAAE;AACf,QAAA,CAAC;IACH;AACD;;AC1Da,SAAU,qCAAqC,CAAC,EAC5D,MAAM,GAAG,OAAO,EAChB,oBAAoB,EACpB,oBAAoB,GAC2B,EAAA;AAC/C,IAAA,MAAM,OAAO,GAAG,iBAAiB,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,CAAC;AAChG,IAAA,OAAO,OAAO,CAAC,qCAAqC,EAAE;AACxD;;;;"}
1
+ {"version":3,"file":"index.esm.js","sources":["../src/data/componentApi/componentApiClient.ts","../src/utils/fallbacks.ts","../src/utils/updateCsp.ts","../src/componentsService.ts","../src/middleware/getFrontendComponents.ts","../src/data/prisonApi/prisonApiClient.ts","../src/caseLoadService.ts","../src/middleware/retrieveCaseLoadData.ts","../src/data/allocationsApi/allocationsApiClient.ts","../src/allocationService.ts","../src/middleware/retrieveAllocationJobResponsibilities.ts"],"sourcesContent":["import { ApiConfig, RestClient } from '@ministryofjustice/hmpps-rest-client'\nimport type AvailableComponent from '../../types/AvailableComponent'\nimport type Component from '../../types/Component'\nimport type { ConnectDpsComponentLogger } from '../../types/ConnectDpsComponentLogger'\nimport type SharedData from '../../types/SharedData'\n\nexport type ComponentsApiResponse<T extends AvailableComponent[] = AvailableComponent[]> = Record<\n T[number],\n Component\n> & {\n meta: SharedData\n}\n\nexport default class ComponentApiClient extends RestClient {\n constructor(logger: ConnectDpsComponentLogger, config: ApiConfig) {\n super('Component API Client', config, logger)\n }\n\n async getComponents<T extends AvailableComponent[]>(userToken: string): Promise<ComponentsApiResponse<T>> {\n return this.get({\n path: '/components',\n query: 'component=header&component=footer',\n headers: { 'x-user-token': userToken },\n })\n }\n}\n","import nunjucks from 'nunjucks'\nimport { HmppsUser } from '../types/HmppsUser'\n\nexport function getFallbackHeader(\n user: HmppsUser | null,\n dpsUrl: string,\n { environmentName, authUrl, supportUrl }: { environmentName?: string; authUrl?: string; supportUrl?: string },\n): string {\n return nunjucks.render('dpsComponents/header-bar.njk', {\n isPrisonUser: !user || user.authSource === 'nomis',\n user,\n dpsUrl,\n environmentName,\n authUrl,\n supportUrl,\n name: initialiseName(user?.displayName),\n })\n}\n\nexport function getFallbackFooter(\n user: HmppsUser | null,\n { authUrl, supportUrl }: { authUrl?: string; supportUrl?: string },\n): string {\n return nunjucks.render('dpsComponents/footer.njk', {\n isPrisonUser: !user || user.authSource === 'nomis',\n supportUrl,\n authUrl,\n })\n}\n\nfunction initialiseName(fullName?: string): string | null {\n if (!fullName) return null\n\n const array = fullName.split(' ')\n return `${array[0][0]}. ${array.reverse()[0]}`\n}\n","import type { Response } from 'express'\nimport type { CspDirectives } from '../types/CspDirectives'\n\nexport interface UpdateCspOptions {\n /** Content-Security-Policy directives to merge into response’s header */\n directives?: CspDirectives\n /** Base URL of MFE components service for fallback Content-Security-Policy directives */\n feComponentsUrl: string\n /** The express response whose Content-Security-Policy header should be updated */\n res: Response\n}\n\n/**\n * Update Content-Security-Policy header in response to allow use of MFE components on another domain/origin\n * with given directives, falling back to predefined directives known to be required\n */\nexport default function updateCsp(options: UpdateCspOptions): void\n/**\n * Update Content-Security-Policy header in response to allow use of MFE components on another domain/origin\n * using predefined directives known to be required\n * @deprecated provide options to `updateCsp` as a single object\n */\nexport default function updateCsp(feComponentsUrl: string, res: Response): void\nexport default function updateCsp(arg1: UpdateCspOptions | string, arg2?: Response): void {\n if (typeof arg1 === 'string') {\n // eslint-disable-next-line no-param-reassign\n arg1 = { feComponentsUrl: arg1, res: arg2! }\n }\n const { directives: providedDirectives, feComponentsUrl, res } = arg1\n\n const cspHeader = res.get('content-security-policy')\n const directives: CspDirectives = directivesFromHeader(cspHeader)\n const requiredDirectives = providedDirectives ?? fallbackDirectives(feComponentsUrl)\n mergeDirectives(directives, requiredDirectives)\n const newCspHeader = headerFromDirectives(directives)\n res.set('content-security-policy', newCspHeader)\n}\n\n/** Minimal known requirements to use MFE components on another domain/origin */\nfunction fallbackDirectives(feComponentsUrl: string): CspDirectives {\n return {\n 'script-src': [feComponentsUrl],\n 'style-src': [feComponentsUrl],\n 'img-src': [feComponentsUrl],\n 'font-src': [feComponentsUrl],\n }\n}\n\nfunction directivesFromHeader(cspHeader: string | undefined): CspDirectives {\n const header = cspHeader || \"default-src 'self'\"\n return Object.fromEntries(\n (header.split(';') ?? []).map(line => {\n const [directive, ...values] = line.split(/\\s+/)\n return [directive, values]\n }),\n )\n}\n\nfunction headerFromDirectives(directives: CspDirectives): string {\n return Object.entries(directives)\n .map(([directive, values]) => (values.length > 0 ? `${directive} ${values.join(' ')}` : directive))\n .join(';')\n}\n\nfunction mergeDirectives(directives: CspDirectives, overrides: Readonly<CspDirectives>): void {\n Object.entries(overrides).forEach(([directive, values]) => {\n if (directive in directives) {\n values.forEach(value => {\n if (!directives[directive].includes(value)) {\n directives[directive].push(value)\n }\n })\n } else {\n // eslint-disable-next-line no-param-reassign\n directives[directive] = [\"'self'\", ...values]\n }\n })\n}\n","import type { RequestHandler } from 'express'\nimport { ApiConfig } from '@ministryofjustice/hmpps-rest-client'\nimport ComponentApiClient from './data/componentApi/componentApiClient'\nimport { getFallbackFooter, getFallbackHeader } from './utils/fallbacks'\nimport updateCsp from './utils/updateCsp'\nimport { HmppsUser } from './types/HmppsUser'\nimport { ConnectDpsComponentLogger } from './types/ConnectDpsComponentLogger'\n\nexport interface FrontendComponentRequestOptions {\n authUrl?: string\n supportUrl?: string\n environmentName?: 'DEV' | 'PRE-PRODUCTION' | 'PRODUCTION'\n includeSharedData?: boolean\n useFallbacksByDefault?: boolean\n /**\n * Update Content-Security-Policy with directives returned by MFE components service\n * (instead of predefined directives); false by default\n */\n updateContentSecurityPolicy?: boolean\n}\n\nconst defaultOptions: FrontendComponentRequestOptions = {\n includeSharedData: false,\n useFallbacksByDefault: false,\n updateContentSecurityPolicy: false,\n}\n\nexport default class ComponentsService {\n constructor(\n private readonly logger: ConnectDpsComponentLogger,\n private readonly componentApiConfig: ApiConfig,\n private readonly componentApiClient: ComponentApiClient,\n private readonly dpsUrl: string,\n ) {}\n\n static create({\n logger = console,\n componentApiConfig,\n dpsUrl,\n }: {\n logger?: ConnectDpsComponentLogger\n componentApiConfig: ApiConfig\n dpsUrl: string\n }) {\n return new ComponentsService(logger, componentApiConfig, new ComponentApiClient(logger, componentApiConfig), dpsUrl)\n }\n\n getFrontendComponents(requestOptions?: FrontendComponentRequestOptions): RequestHandler {\n const requestOptionsWithDefaults = {\n ...defaultOptions,\n ...(requestOptions || {}),\n }\n const { includeSharedData, useFallbacksByDefault, updateContentSecurityPolicy } = requestOptionsWithDefaults\n\n return async (_req, res, next) => {\n const useFallbacks = (user: HmppsUser | null) => {\n res.locals.feComponents = {\n header: getFallbackHeader(user, this.dpsUrl, {\n environmentName: requestOptionsWithDefaults.environmentName,\n authUrl: requestOptionsWithDefaults.authUrl,\n supportUrl: requestOptionsWithDefaults.supportUrl,\n }),\n footer: getFallbackFooter(user, {\n authUrl: requestOptionsWithDefaults.authUrl,\n supportUrl: requestOptionsWithDefaults.supportUrl,\n }),\n cssIncludes: [],\n jsIncludes: [],\n }\n }\n\n if (!res.locals.user) {\n this.logger.info('Using fallback frontend components when no user in context')\n useFallbacks(null)\n return next()\n }\n\n if (useFallbacksByDefault) {\n this.logger.info('Using fallback frontend components by default')\n useFallbacks(res.locals.user)\n return next()\n }\n\n try {\n const { header, footer, meta } = await this.componentApiClient.getComponents(res.locals.user.token as string)\n\n res.locals.feComponents = {\n header: header.html,\n footer: footer.html,\n cssIncludes: [...header.css, ...footer.css],\n jsIncludes: [...header.javascript, ...footer.javascript],\n }\n\n if (includeSharedData) {\n res.locals.feComponents.sharedData = meta\n }\n\n updateCsp({\n directives: updateContentSecurityPolicy ? meta?.cspDirectives : undefined,\n feComponentsUrl: this.componentApiConfig.url,\n res,\n })\n\n return next()\n } catch {\n this.logger.error('Failed to retrieve front end components, using fallbacks')\n useFallbacks(res.locals.user)\n return next()\n }\n }\n }\n}\n","import { type RequestHandler } from 'express'\nimport ComponentsService, { FrontendComponentRequestOptions } from '../componentsService'\n\nexport type FrontendComponentsMiddlewareOptions = {\n requestOptions?: FrontendComponentRequestOptions\n} & Parameters<typeof ComponentsService.create>[0]\n\nexport default function getFrontendComponents({\n logger = console,\n componentApiConfig,\n dpsUrl,\n requestOptions,\n}: FrontendComponentsMiddlewareOptions): RequestHandler {\n const service = ComponentsService.create({ logger, componentApiConfig, dpsUrl })\n return service.getFrontendComponents(requestOptions)\n}\n","import { ApiConfig, asUser, RestClient } from '@ministryofjustice/hmpps-rest-client'\nimport CaseLoad from '../../types/CaseLoad'\nimport { ConnectDpsComponentLogger } from '../../types/ConnectDpsComponentLogger'\n\nexport default class PrisonApiClient extends RestClient {\n constructor(logger: ConnectDpsComponentLogger, config: ApiConfig) {\n super('Prison API Client', config, logger)\n }\n\n async getUserCaseLoads(userToken: string): Promise<CaseLoad[]> {\n return this.get(\n {\n path: '/api/users/me/caseLoads',\n query: 'allCaseloads=true',\n },\n asUser(userToken),\n )\n }\n}\n","import { type RequestHandler } from 'express'\nimport { ApiConfig } from '@ministryofjustice/hmpps-rest-client'\nimport CaseLoad from './types/CaseLoad'\nimport PrisonApiClient from './data/prisonApi/prisonApiClient'\nimport { ConnectDpsComponentLogger } from './types/ConnectDpsComponentLogger'\n\nexport default class CaseLoadService {\n constructor(\n private readonly logger: ConnectDpsComponentLogger,\n private readonly prisonApiClient: PrisonApiClient,\n ) {}\n\n static create({\n logger = console,\n prisonApiConfig,\n }: {\n logger?: ConnectDpsComponentLogger\n prisonApiConfig: ApiConfig\n }) {\n return new CaseLoadService(logger, new PrisonApiClient(logger, prisonApiConfig))\n }\n\n retrieveCaseLoadData(): RequestHandler {\n return async (req, res, next) => {\n if (!req.session) throw new Error('User session required in order to cache case loads')\n if (!res.locals.user) this.logger.warn('No res.locals.user object defined to set case load data in')\n if (!res.locals.user?.token) this.logger.warn('No res.locals.user.token defined to request case load data with')\n if (!res.locals.user?.authSource) this.logger.warn('No user auth source found')\n\n if (res.locals.user && res.locals.user.token && res.locals.user.authSource === 'nomis') {\n try {\n // Update cache with values from res.feComponents.sharedData if present\n if (res.locals.feComponents && res.locals.feComponents.sharedData) {\n req.session.caseLoads = res.locals.feComponents.sharedData.caseLoads\n req.session.activeCaseLoad = res.locals.feComponents.sharedData.activeCaseLoad ?? undefined\n req.session.activeCaseLoadId = res.locals.feComponents.sharedData.activeCaseLoad?.caseLoadId\n }\n\n // If cache is empty, fetch data from Prison API\n if (!req.session.caseLoads) {\n this.logger.info(`Falling back to Prison API to retrieve case loads for: ${res.locals.user.username}`)\n const userCaseLoads = await this.prisonApiClient.getUserCaseLoads(res.locals.user.token)\n const caseLoads = userCaseLoads.filter(caseload => caseload.type !== 'APP')\n const activeCaseLoad = caseLoads.find((caseLoad: CaseLoad) => caseLoad.currentlyActive)\n\n req.session.caseLoads = caseLoads\n req.session.activeCaseLoad = activeCaseLoad\n req.session.activeCaseLoadId = activeCaseLoad?.caseLoadId\n }\n\n // Populate res.locals.user with values from cache\n res.locals.user.caseLoads = req.session.caseLoads\n res.locals.user.activeCaseLoad = req.session.activeCaseLoad\n res.locals.user.activeCaseLoadId = req.session.activeCaseLoadId\n } catch (error) {\n this.logger.error(error, `Failed to retrieve case loads for: ${res.locals.user.username}`)\n return next(error)\n }\n }\n\n return next()\n }\n }\n}\n","import { type RequestHandler } from 'express'\nimport CaseLoadService from '../caseLoadService'\n\nexport default function retrieveCaseLoadData({\n logger = console,\n prisonApiConfig,\n}: Parameters<typeof CaseLoadService.create>[0]): RequestHandler {\n const service = CaseLoadService.create({ logger, prisonApiConfig })\n return service.retrieveCaseLoadData()\n}\n","import { ApiConfig, asSystem, AuthenticationClient, RestClient } from '@ministryofjustice/hmpps-rest-client'\nimport { PrisonUser } from '../../types/HmppsUser'\nimport { AllocationJobResponsibility } from '../../types/AllocationJobResponsibility'\nimport { ConnectDpsComponentLogger } from '../../types/ConnectDpsComponentLogger'\n\nexport default class AllocationsApiClient extends RestClient {\n constructor(logger: ConnectDpsComponentLogger, config: ApiConfig, authenticationClient: AuthenticationClient) {\n super('Allocations API Client', config, logger, authenticationClient)\n }\n\n async getStaffAllocationPolicies(user: PrisonUser): Promise<{ policies: AllocationJobResponsibility[] }> {\n return this.get(\n {\n path: `/prisons/${user.activeCaseLoadId}/staff/${user.userId}/job-classifications`,\n },\n asSystem(),\n )\n }\n}\n","import { type RequestHandler } from 'express'\nimport { ApiConfig, AuthenticationClient } from '@ministryofjustice/hmpps-rest-client'\nimport AllocationsApiClient from './data/allocationsApi/allocationsApiClient'\nimport { ConnectDpsComponentLogger } from './types/ConnectDpsComponentLogger'\n\nexport default class AllocationService {\n constructor(\n private readonly logger: ConnectDpsComponentLogger,\n private readonly allocationsApiClient: AllocationsApiClient,\n ) {}\n\n static create({\n logger = console,\n allocationsApiConfig,\n authenticationClient,\n }: {\n logger?: ConnectDpsComponentLogger\n allocationsApiConfig: ApiConfig\n authenticationClient: AuthenticationClient\n }) {\n return new AllocationService(logger, new AllocationsApiClient(logger, allocationsApiConfig, authenticationClient))\n }\n\n public retrieveAllocationJobResponsibilities(): RequestHandler {\n return async (req, res, next) => {\n if (!req.session) throw new Error('User session required in order to cache allocation job responsibilities')\n if (!res.locals.user.token)\n throw new Error(\n 'Caseload details needs to be populated before retrieving allocation job responsibilities. Please run retrieveCaseLoadData before retrieveAllocationJobResponsibilities.',\n )\n\n if (res.locals.user && res.locals.user.authSource === 'nomis') {\n try {\n // Update cache with values from res.feComponents.sharedData if present\n if (res.locals.feComponents && res.locals.feComponents.sharedData) {\n req.session.allocationJobResponsibilities = res.locals.feComponents.sharedData.allocationJobResponsibilities\n }\n\n // If cache is empty, fetch data from Prison API\n if (!req.session.allocationJobResponsibilities) {\n this.logger.info(\n `Falling back to Allocations API to retrieve job responsibilities for: ${res.locals.user.username}`,\n )\n const allocationPolicies = await this.allocationsApiClient.getStaffAllocationPolicies(res.locals.user)\n req.session.allocationJobResponsibilities = allocationPolicies.policies\n }\n\n // Populate res.locals.user with values from cache\n res.locals.user.allocationJobResponsibilities = req.session.allocationJobResponsibilities\n } catch (error) {\n this.logger.error(\n error,\n `Failed to retrieve allocation job responsibilities for: ${res.locals.user.username}`,\n )\n return next(error)\n }\n }\n\n return next()\n }\n }\n}\n","import { type RequestHandler } from 'express'\nimport AllocationService from '../allocationService'\n\nexport default function retrieveAllocationJobResponsibilities({\n logger = console,\n allocationsApiConfig,\n authenticationClient,\n}: Parameters<typeof AllocationService.create>[0]): RequestHandler {\n const service = AllocationService.create({ logger, allocationsApiConfig, authenticationClient })\n return service.retrieveAllocationJobResponsibilities()\n}\n"],"names":[],"mappings":";;;AAac,MAAO,kBAAmB,SAAQ,UAAU,CAAA;IACxD,WAAA,CAAY,MAAiC,EAAE,MAAiB,EAAA;AAC9D,QAAA,KAAK,CAAC,sBAAsB,EAAE,MAAM,EAAE,MAAM,CAAC;IAC/C;IAEA,MAAM,aAAa,CAAiC,SAAiB,EAAA;QACnE,OAAO,IAAI,CAAC,GAAG,CAAC;AACd,YAAA,IAAI,EAAE,aAAa;AACnB,YAAA,KAAK,EAAE,mCAAmC;AAC1C,YAAA,OAAO,EAAE,EAAE,cAAc,EAAE,SAAS,EAAE;AACvC,SAAA,CAAC;IACJ;AACD;;ACtBK,SAAU,iBAAiB,CAC/B,IAAsB,EACtB,MAAc,EACd,EAAE,eAAe,EAAE,OAAO,EAAE,UAAU,EAAuE,EAAA;AAE7G,IAAA,OAAO,QAAQ,CAAC,MAAM,CAAC,8BAA8B,EAAE;QACrD,YAAY,EAAE,CAAC,IAAI,IAAI,IAAI,CAAC,UAAU,KAAK,OAAO;QAClD,IAAI;QACJ,MAAM;QACN,eAAe;QACf,OAAO;QACP,UAAU;AACV,QAAA,IAAI,EAAE,cAAc,CAAC,IAAI,EAAE,WAAW,CAAC;AACxC,KAAA,CAAC;AACJ;AAEM,SAAU,iBAAiB,CAC/B,IAAsB,EACtB,EAAE,OAAO,EAAE,UAAU,EAA6C,EAAA;AAElE,IAAA,OAAO,QAAQ,CAAC,MAAM,CAAC,0BAA0B,EAAE;QACjD,YAAY,EAAE,CAAC,IAAI,IAAI,IAAI,CAAC,UAAU,KAAK,OAAO;QAClD,UAAU;QACV,OAAO;AACR,KAAA,CAAC;AACJ;AAEA,SAAS,cAAc,CAAC,QAAiB,EAAA;AACvC,IAAA,IAAI,CAAC,QAAQ;AAAE,QAAA,OAAO,IAAI;IAE1B,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC;AACjC,IAAA,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA,EAAA,EAAK,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE;AAChD;;ACZc,SAAU,SAAS,CAAC,IAA+B,EAAE,IAAe,EAAA;AAChF,IAAA,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;;QAE5B,IAAI,GAAG,EAAE,eAAe,EAAE,IAAI,EAAE,GAAG,EAAE,IAAK,EAAE;IAC9C;IACA,MAAM,EAAE,UAAU,EAAE,kBAAkB,EAAE,eAAe,EAAE,GAAG,EAAE,GAAG,IAAI;IAErE,MAAM,SAAS,GAAG,GAAG,CAAC,GAAG,CAAC,yBAAyB,CAAC;AACpD,IAAA,MAAM,UAAU,GAAkB,oBAAoB,CAAC,SAAS,CAAC;IACjE,MAAM,kBAAkB,GAAG,kBAAkB,IAAI,kBAAkB,CAAC,eAAe,CAAC;AACpF,IAAA,eAAe,CAAC,UAAU,EAAE,kBAAkB,CAAC;AAC/C,IAAA,MAAM,YAAY,GAAG,oBAAoB,CAAC,UAAU,CAAC;AACrD,IAAA,GAAG,CAAC,GAAG,CAAC,yBAAyB,EAAE,YAAY,CAAC;AAClD;AAEA;AACA,SAAS,kBAAkB,CAAC,eAAuB,EAAA;IACjD,OAAO;QACL,YAAY,EAAE,CAAC,eAAe,CAAC;QAC/B,WAAW,EAAE,CAAC,eAAe,CAAC;QAC9B,SAAS,EAAE,CAAC,eAAe,CAAC;QAC5B,UAAU,EAAE,CAAC,eAAe,CAAC;KAC9B;AACH;AAEA,SAAS,oBAAoB,CAAC,SAA6B,EAAA;AACzD,IAAA,MAAM,MAAM,GAAG,SAAS,IAAI,oBAAoB;AAChD,IAAA,OAAO,MAAM,CAAC,WAAW,CACvB,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,GAAG,CAAC,IAAI,IAAG;AACnC,QAAA,MAAM,CAAC,SAAS,EAAE,GAAG,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC;AAChD,QAAA,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,CAAC,CAAC,CACH;AACH;AAEA,SAAS,oBAAoB,CAAC,UAAyB,EAAA;AACrD,IAAA,OAAO,MAAM,CAAC,OAAO,CAAC,UAAU;AAC7B,SAAA,GAAG,CAAC,CAAC,CAAC,SAAS,EAAE,MAAM,CAAC,MAAM,MAAM,CAAC,MAAM,GAAG,CAAC,GAAG,CAAA,EAAG,SAAS,CAAA,CAAA,EAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,SAAS,CAAC;SACjG,IAAI,CAAC,GAAG,CAAC;AACd;AAEA,SAAS,eAAe,CAAC,UAAyB,EAAE,SAAkC,EAAA;AACpF,IAAA,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,EAAE,MAAM,CAAC,KAAI;AACxD,QAAA,IAAI,SAAS,IAAI,UAAU,EAAE;AAC3B,YAAA,MAAM,CAAC,OAAO,CAAC,KAAK,IAAG;gBACrB,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE;oBAC1C,UAAU,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC;gBACnC;AACF,YAAA,CAAC,CAAC;QACJ;aAAO;;YAEL,UAAU,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,EAAE,GAAG,MAAM,CAAC;QAC/C;AACF,IAAA,CAAC,CAAC;AACJ;;ACxDA,MAAM,cAAc,GAAoC;AACtD,IAAA,iBAAiB,EAAE,KAAK;AACxB,IAAA,qBAAqB,EAAE,KAAK;AAC5B,IAAA,2BAA2B,EAAE,KAAK;CACnC;AAEa,MAAO,iBAAiB,CAAA;AAEjB,IAAA,MAAA;AACA,IAAA,kBAAA;AACA,IAAA,kBAAA;AACA,IAAA,MAAA;AAJnB,IAAA,WAAA,CACmB,MAAiC,EACjC,kBAA6B,EAC7B,kBAAsC,EACtC,MAAc,EAAA;QAHd,IAAA,CAAA,MAAM,GAAN,MAAM;QACN,IAAA,CAAA,kBAAkB,GAAlB,kBAAkB;QAClB,IAAA,CAAA,kBAAkB,GAAlB,kBAAkB;QAClB,IAAA,CAAA,MAAM,GAAN,MAAM;IACtB;IAEH,OAAO,MAAM,CAAC,EACZ,MAAM,GAAG,OAAO,EAChB,kBAAkB,EAClB,MAAM,GAKP,EAAA;AACC,QAAA,OAAO,IAAI,iBAAiB,CAAC,MAAM,EAAE,kBAAkB,EAAE,IAAI,kBAAkB,CAAC,MAAM,EAAE,kBAAkB,CAAC,EAAE,MAAM,CAAC;IACtH;AAEA,IAAA,qBAAqB,CAAC,cAAgD,EAAA;AACpE,QAAA,MAAM,0BAA0B,GAAG;AACjC,YAAA,GAAG,cAAc;AACjB,YAAA,IAAI,cAAc,IAAI,EAAE,CAAC;SAC1B;QACD,MAAM,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,2BAA2B,EAAE,GAAG,0BAA0B;QAE5G,OAAO,OAAO,IAAI,EAAE,GAAG,EAAE,IAAI,KAAI;AAC/B,YAAA,MAAM,YAAY,GAAG,CAAC,IAAsB,KAAI;AAC9C,gBAAA,GAAG,CAAC,MAAM,CAAC,YAAY,GAAG;oBACxB,MAAM,EAAE,iBAAiB,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,EAAE;wBAC3C,eAAe,EAAE,0BAA0B,CAAC,eAAe;wBAC3D,OAAO,EAAE,0BAA0B,CAAC,OAAO;wBAC3C,UAAU,EAAE,0BAA0B,CAAC,UAAU;qBAClD,CAAC;AACF,oBAAA,MAAM,EAAE,iBAAiB,CAAC,IAAI,EAAE;wBAC9B,OAAO,EAAE,0BAA0B,CAAC,OAAO;wBAC3C,UAAU,EAAE,0BAA0B,CAAC,UAAU;qBAClD,CAAC;AACF,oBAAA,WAAW,EAAE,EAAE;AACf,oBAAA,UAAU,EAAE,EAAE;iBACf;AACH,YAAA,CAAC;AAED,YAAA,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE;AACpB,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4DAA4D,CAAC;gBAC9E,YAAY,CAAC,IAAI,CAAC;gBAClB,OAAO,IAAI,EAAE;YACf;YAEA,IAAI,qBAAqB,EAAE;AACzB,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+CAA+C,CAAC;AACjE,gBAAA,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC;gBAC7B,OAAO,IAAI,EAAE;YACf;AAEA,YAAA,IAAI;gBACF,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,KAAe,CAAC;AAE7G,gBAAA,GAAG,CAAC,MAAM,CAAC,YAAY,GAAG;oBACxB,MAAM,EAAE,MAAM,CAAC,IAAI;oBACnB,MAAM,EAAE,MAAM,CAAC,IAAI;oBACnB,WAAW,EAAE,CAAC,GAAG,MAAM,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,GAAG,CAAC;oBAC3C,UAAU,EAAE,CAAC,GAAG,MAAM,CAAC,UAAU,EAAE,GAAG,MAAM,CAAC,UAAU,CAAC;iBACzD;gBAED,IAAI,iBAAiB,EAAE;oBACrB,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,GAAG,IAAI;gBAC3C;AAEA,gBAAA,SAAS,CAAC;oBACR,UAAU,EAAE,2BAA2B,GAAG,IAAI,EAAE,aAAa,GAAG,SAAS;AACzE,oBAAA,eAAe,EAAE,IAAI,CAAC,kBAAkB,CAAC,GAAG;oBAC5C,GAAG;AACJ,iBAAA,CAAC;gBAEF,OAAO,IAAI,EAAE;YACf;AAAE,YAAA,MAAM;AACN,gBAAA,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,0DAA0D,CAAC;AAC7E,gBAAA,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC;gBAC7B,OAAO,IAAI,EAAE;YACf;AACF,QAAA,CAAC;IACH;AACD;;ACxGa,SAAU,qBAAqB,CAAC,EAC5C,MAAM,GAAG,OAAO,EAChB,kBAAkB,EAClB,MAAM,EACN,cAAc,GACsB,EAAA;AACpC,IAAA,MAAM,OAAO,GAAG,iBAAiB,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,kBAAkB,EAAE,MAAM,EAAE,CAAC;AAChF,IAAA,OAAO,OAAO,CAAC,qBAAqB,CAAC,cAAc,CAAC;AACtD;;ACXc,MAAO,eAAgB,SAAQ,UAAU,CAAA;IACrD,WAAA,CAAY,MAAiC,EAAE,MAAiB,EAAA;AAC9D,QAAA,KAAK,CAAC,mBAAmB,EAAE,MAAM,EAAE,MAAM,CAAC;IAC5C;IAEA,MAAM,gBAAgB,CAAC,SAAiB,EAAA;QACtC,OAAO,IAAI,CAAC,GAAG,CACb;AACE,YAAA,IAAI,EAAE,yBAAyB;AAC/B,YAAA,KAAK,EAAE,mBAAmB;AAC3B,SAAA,EACD,MAAM,CAAC,SAAS,CAAC,CAClB;IACH;AACD;;ACZa,MAAO,eAAe,CAAA;AAEf,IAAA,MAAA;AACA,IAAA,eAAA;IAFnB,WAAA,CACmB,MAAiC,EACjC,eAAgC,EAAA;QADhC,IAAA,CAAA,MAAM,GAAN,MAAM;QACN,IAAA,CAAA,eAAe,GAAf,eAAe;IAC/B;IAEH,OAAO,MAAM,CAAC,EACZ,MAAM,GAAG,OAAO,EAChB,eAAe,GAIhB,EAAA;AACC,QAAA,OAAO,IAAI,eAAe,CAAC,MAAM,EAAE,IAAI,eAAe,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;IAClF;IAEA,oBAAoB,GAAA;QAClB,OAAO,OAAO,GAAG,EAAE,GAAG,EAAE,IAAI,KAAI;YAC9B,IAAI,CAAC,GAAG,CAAC,OAAO;AAAE,gBAAA,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC;AACvF,YAAA,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI;AAAE,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4DAA4D,CAAC;AACpG,YAAA,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK;AAAE,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iEAAiE,CAAC;AAChH,YAAA,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,UAAU;AAAE,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,2BAA2B,CAAC;YAE/E,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,KAAK,OAAO,EAAE;AACtF,gBAAA,IAAI;;AAEF,oBAAA,IAAI,GAAG,CAAC,MAAM,CAAC,YAAY,IAAI,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,EAAE;AACjE,wBAAA,GAAG,CAAC,OAAO,CAAC,SAAS,GAAG,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,SAAS;AACpE,wBAAA,GAAG,CAAC,OAAO,CAAC,cAAc,GAAG,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,cAAc,IAAI,SAAS;AAC3F,wBAAA,GAAG,CAAC,OAAO,CAAC,gBAAgB,GAAG,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,cAAc,EAAE,UAAU;oBAC9F;;AAGA,oBAAA,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,EAAE;AAC1B,wBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA,uDAAA,EAA0D,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAA,CAAE,CAAC;AACtG,wBAAA,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,gBAAgB,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC;AACxF,wBAAA,MAAM,SAAS,GAAG,aAAa,CAAC,MAAM,CAAC,QAAQ,IAAI,QAAQ,CAAC,IAAI,KAAK,KAAK,CAAC;AAC3E,wBAAA,MAAM,cAAc,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC,QAAkB,KAAK,QAAQ,CAAC,eAAe,CAAC;AAEvF,wBAAA,GAAG,CAAC,OAAO,CAAC,SAAS,GAAG,SAAS;AACjC,wBAAA,GAAG,CAAC,OAAO,CAAC,cAAc,GAAG,cAAc;wBAC3C,GAAG,CAAC,OAAO,CAAC,gBAAgB,GAAG,cAAc,EAAE,UAAU;oBAC3D;;AAGA,oBAAA,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,GAAG,GAAG,CAAC,OAAO,CAAC,SAAS;AACjD,oBAAA,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,GAAG,GAAG,CAAC,OAAO,CAAC,cAAc;AAC3D,oBAAA,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,GAAG,GAAG,CAAC,OAAO,CAAC,gBAAgB;gBACjE;gBAAE,OAAO,KAAK,EAAE;AACd,oBAAA,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,EAAE,CAAA,mCAAA,EAAsC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAA,CAAE,CAAC;AAC1F,oBAAA,OAAO,IAAI,CAAC,KAAK,CAAC;gBACpB;YACF;YAEA,OAAO,IAAI,EAAE;AACf,QAAA,CAAC;IACH;AACD;;AC5Da,SAAU,oBAAoB,CAAC,EAC3C,MAAM,GAAG,OAAO,EAChB,eAAe,GAC8B,EAAA;AAC7C,IAAA,MAAM,OAAO,GAAG,eAAe,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,eAAe,EAAE,CAAC;AACnE,IAAA,OAAO,OAAO,CAAC,oBAAoB,EAAE;AACvC;;ACJc,MAAO,oBAAqB,SAAQ,UAAU,CAAA;AAC1D,IAAA,WAAA,CAAY,MAAiC,EAAE,MAAiB,EAAE,oBAA0C,EAAA;QAC1G,KAAK,CAAC,wBAAwB,EAAE,MAAM,EAAE,MAAM,EAAE,oBAAoB,CAAC;IACvE;IAEA,MAAM,0BAA0B,CAAC,IAAgB,EAAA;QAC/C,OAAO,IAAI,CAAC,GAAG,CACb;YACE,IAAI,EAAE,YAAY,IAAI,CAAC,gBAAgB,CAAA,OAAA,EAAU,IAAI,CAAC,MAAM,CAAA,oBAAA,CAAsB;SACnF,EACD,QAAQ,EAAE,CACX;IACH;AACD;;ACba,MAAO,iBAAiB,CAAA;AAEjB,IAAA,MAAA;AACA,IAAA,oBAAA;IAFnB,WAAA,CACmB,MAAiC,EACjC,oBAA0C,EAAA;QAD1C,IAAA,CAAA,MAAM,GAAN,MAAM;QACN,IAAA,CAAA,oBAAoB,GAApB,oBAAoB;IACpC;IAEH,OAAO,MAAM,CAAC,EACZ,MAAM,GAAG,OAAO,EAChB,oBAAoB,EACpB,oBAAoB,GAKrB,EAAA;AACC,QAAA,OAAO,IAAI,iBAAiB,CAAC,MAAM,EAAE,IAAI,oBAAoB,CAAC,MAAM,EAAE,oBAAoB,EAAE,oBAAoB,CAAC,CAAC;IACpH;IAEO,qCAAqC,GAAA;QAC1C,OAAO,OAAO,GAAG,EAAE,GAAG,EAAE,IAAI,KAAI;YAC9B,IAAI,CAAC,GAAG,CAAC,OAAO;AAAE,gBAAA,MAAM,IAAI,KAAK,CAAC,yEAAyE,CAAC;AAC5G,YAAA,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK;AACxB,gBAAA,MAAM,IAAI,KAAK,CACb,yKAAyK,CAC1K;AAEH,YAAA,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,KAAK,OAAO,EAAE;AAC7D,gBAAA,IAAI;;AAEF,oBAAA,IAAI,GAAG,CAAC,MAAM,CAAC,YAAY,IAAI,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,EAAE;AACjE,wBAAA,GAAG,CAAC,OAAO,CAAC,6BAA6B,GAAG,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,6BAA6B;oBAC9G;;AAGA,oBAAA,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,6BAA6B,EAAE;AAC9C,wBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,CAAA,sEAAA,EAAyE,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAA,CAAE,CACpG;AACD,wBAAA,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,0BAA0B,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC;wBACtG,GAAG,CAAC,OAAO,CAAC,6BAA6B,GAAG,kBAAkB,CAAC,QAAQ;oBACzE;;AAGA,oBAAA,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,6BAA6B,GAAG,GAAG,CAAC,OAAO,CAAC,6BAA6B;gBAC3F;gBAAE,OAAO,KAAK,EAAE;AACd,oBAAA,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,KAAK,EACL,CAAA,wDAAA,EAA2D,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAA,CAAE,CACtF;AACD,oBAAA,OAAO,IAAI,CAAC,KAAK,CAAC;gBACpB;YACF;YAEA,OAAO,IAAI,EAAE;AACf,QAAA,CAAC;IACH;AACD;;AC1Da,SAAU,qCAAqC,CAAC,EAC5D,MAAM,GAAG,OAAO,EAChB,oBAAoB,EACpB,oBAAoB,GAC2B,EAAA;AAC/C,IAAA,MAAM,OAAO,GAAG,iBAAiB,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,CAAC;AAChG,IAAA,OAAO,OAAO,CAAC,qCAAqC,EAAE;AACxD;;;;"}
package/dist/middleware/getFrontendComponents.d.ts CHANGED
@@ -1,7 +1,6 @@
1
1
  import { type RequestHandler } from 'express';
2
2
  import ComponentsService, { FrontendComponentRequestOptions } from '../componentsService';
3
- type MiddlewareOptions = {
3
+ export type FrontendComponentsMiddlewareOptions = {
4
4
  requestOptions?: FrontendComponentRequestOptions;
5
5
  } & Parameters<typeof ComponentsService.create>[0];
6
- export default function getFrontendComponents({ logger, componentApiConfig, dpsUrl, requestOptions, }: MiddlewareOptions): RequestHandler;
7
- export {};
6
+ export default function getFrontendComponents({ logger, componentApiConfig, dpsUrl, requestOptions, }: FrontendComponentsMiddlewareOptions): RequestHandler;
package/dist/types/CspDirectives.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ /** Map of CSP directive to necessary URL values */
2
+ export type CspDirectives = Record<string, string[]>;
package/dist/types/HeaderFooterSharedData.d.ts CHANGED
@@ -1,13 +1,10 @@
1
- import CaseLoad from './CaseLoad';
2
- import Service from './Service';
3
- import { AllocationJobResponsibility } from './AllocationJobResponsibility';
4
- export default interface HeaderFooterSharedData {
5
- activeCaseLoad?: CaseLoad;
6
- caseLoads: CaseLoad[];
7
- services: Service[];
8
- allocationJobResponsibilities: AllocationJobResponsibility[];
9
- }
1
+ import type SharedData from './SharedData';
2
+ /** @deprecated: use `SharedData` directly */
3
+ export type HeaderFooterSharedData = SharedData;
4
+ /** @deprecated: use `SharedData` directly */
5
+ export default HeaderFooterSharedData;
6
+ /** @deprecated: use `SharedData` directly, the meta information is the same for all components */
10
7
  export interface ComponentsSharedData {
11
- header: HeaderFooterSharedData;
12
- footer: HeaderFooterSharedData;
8
+ header: SharedData;
9
+ footer: SharedData;
13
10
  }
package/dist/types/SharedData.d.ts ADDED
@@ -0,0 +1,19 @@
1
+ import type CaseLoad from './CaseLoad';
2
+ import type Service from './Service';
3
+ import type { AllocationJobResponsibility } from './AllocationJobResponsibility';
4
+ import type { CspDirectives } from './CspDirectives';
5
+ /**
6
+ * Information about the current user and environment
7
+ */
8
+ export default interface SharedData {
9
+ /** Caseloads available to prison user */
10
+ caseLoads: CaseLoad[];
11
+ /** Currently active caseload for prison user */
12
+ activeCaseLoad: CaseLoad | null;
13
+ /** Services available to prison user */
14
+ services: Service[];
15
+ /** Prison user allocated responsibilites */
16
+ allocationJobResponsibilities: AllocationJobResponsibility[];
17
+ /** Content-Security-Policy directives needed to use components from a different domain/origin */
18
+ cspDirectives: CspDirectives;
19
+ }
package/dist/utils/updateCsp.d.ts CHANGED
@@ -1,2 +1,21 @@
1
- import { type Response } from 'express';
1
+ import type { Response } from 'express';
2
+ import type { CspDirectives } from '../types/CspDirectives';
3
+ export interface UpdateCspOptions {
4
+ /** Content-Security-Policy directives to merge into response’s header */
5
+ directives?: CspDirectives;
6
+ /** Base URL of MFE components service for fallback Content-Security-Policy directives */
7
+ feComponentsUrl: string;
8
+ /** The express response whose Content-Security-Policy header should be updated */
9
+ res: Response;
10
+ }
11
+ /**
12
+ * Update Content-Security-Policy header in response to allow use of MFE components on another domain/origin
13
+ * with given directives, falling back to predefined directives known to be required
14
+ */
15
+ export default function updateCsp(options: UpdateCspOptions): void;
16
+ /**
17
+ * Update Content-Security-Policy header in response to allow use of MFE components on another domain/origin
18
+ * using predefined directives known to be required
19
+ * @deprecated provide options to `updateCsp` as a single object
20
+ */
2
21
  export default function updateCsp(feComponentsUrl: string, res: Response): void;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@ministryofjustice/hmpps-connect-dps-components",
3
- "version": "5.3.5",
3
+ "version": "5.4.0",
4
4
  "description": "A package to allow the inclusion of connect DPS micro frontend components within DPS applications",
5
5
  "main": "./dist/index.cjs",
6
6
  "module": "./dist/index.esm.js",
@@ -71,7 +71,7 @@
71
71
  "jest-junit": "^16.0.0",
72
72
  "lint-staged": "^16.2.7",
73
73
  "nock": "^14.0.11",
74
- "rollup": "4.60.0",
74
+ "rollup": "4.60.1",
75
75
  "rollup-plugin-dts": "6.4.1",
76
76
  "supertest": "^7.2.2",
77
77
  "ts-jest": "^29.4.6",
@@ -80,7 +80,7 @@
80
80
  },
81
81
  "dependencies": {
82
82
  "@ministryofjustice/hmpps-rest-client": "1.2.0",
83
- "@types/node": "24.12.0",
83
+ "@types/node": "24.12.2",
84
84
  "@types/nunjucks": "^3.2.6",
85
85
  "nunjucks": "^3.2.4",
86
86
  "superagent": "^10.3.0"