RUBY-3433: Tech Debt : remove devise and cancancan gems + remove fron…

…t-office users from wcr engine (#1583)

* [RUBY-3433] Remove devise gem and dependencies + refactor tests to accommodate these changes

* [RUBY-3433] moving TransientRegistrationsController from engine to back-office

* [RUBY-3433] removing cancacan gem and permission check code associated with user permissions

* [RUBY-3433] Moving email tracking analyics tests to back-office

* [RUBY-3433] refactoring prepare_for_payment method not to require user object to be passed in

* [RUBY-3433] refactoring FlowPermissionChecksService not to require user object to be passed in

* [RUBY-3433] refactoring front-office related services not to require user object to be passed in

* [RUBY-3433] removing front-office user model

* [RUBY-3433] moving conviction sign-offs related tests to back-office

* [RUBY-3433] refactoring permission check not to check on front-office user permissions

* [RUBY-3433] refactoring CertificateGeneratorService to make requester parameter optional

* [RUBY-3433] Refactor permission check to make user parameter optional

* [RUBY-3433] updating readme

* [RUBY-3433] Refactor payment setup in controllers to include current user parameter

* [RUBY-3433] code styling adjustments

* [RUBY-3433] adding nocov tags to the code that does not get executed

* [RUBY-3433] Refactor current_user method in application_controller.rb

* [RUBY-3433] deleting redundant user factory

* [RUBY-3433] removing redundant method

Gemfile

@@ -18,12 +18,6 @@ gem "defra_ruby_template", "~> 5.0"
 
 gem "mongo_session_store"
 
-# Use CanCanCan for user roles and permissions
-gem "cancancan", "~> 3.5.0"
-
-# Use Devise for user authentication
-gem "devise", "~> 4.9.2"
-
 gem "matrix", "~> 0.4.2"
 
 gem "secure_headers", "~> 6.5.0"

Gemfile.lock

@@ -120,12 +120,10 @@ GEM
     async-pool (0.4.0)
       async (>= 1.25)
     base64 (0.2.0)
-    bcrypt (3.1.20)
     bindex (0.8.1)
     bson (4.15.0)
     builder (3.3.0)
     byebug (11.1.3)
-    cancancan (3.5.0)
     coderay (1.1.3)
     concurrent-ruby (1.3.4)
     console (1.23.2)
@@ -163,12 +161,6 @@ GEM
       rest-client (~> 2.0)
       uk_postcode
       validates_email_format_of
-    devise (4.9.4)
-      bcrypt (~> 3.0)
-      orm_adapter (~> 0.1)
-      railties (>= 4.1.0)
-      responders
-      warden (~> 1.2.3)
     diff-lcs (1.5.0)
     docile (1.4.0)
     domain_name (0.6.20231109)
@@ -274,7 +266,6 @@ GEM
     octokit (4.25.1)
       faraday (>= 1, < 3)
       sawyer (~> 0.9)
-    orm_adapter (0.5.0)
     os_map_ref (0.5.0)
     parallel (1.23.0)
     parser (3.2.2.4)
@@ -335,9 +326,6 @@ GEM
     rake (13.2.1)
     rbtree3 (0.7.1)
     regexp_parser (2.8.2)
-    responders (3.1.1)
-      actionpack (>= 5.2)
-      railties (>= 5.2)
     rest-client (2.1.0)
       http-accept (>= 1.7.0, < 2.0)
       http-cookie (>= 1.0.2, < 2.0)
@@ -443,8 +431,6 @@ GEM
     validates_email_format_of (1.7.2)
       i18n
     vcr (6.2.0)
-    warden (1.2.9)
-      rack (>= 2.0.9)
     web-console (4.2.1)
       actionview (>= 6.0.0)
       activemodel (>= 6.0.0)
@@ -465,11 +451,9 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
-  cancancan (~> 3.5.0)
   database_cleaner-mongoid (~> 2.0.1)
   defra_ruby_style (~> 0.3.0)
   defra_ruby_template (~> 5.0)
-  devise (~> 4.9.2)
   dotenv-rails (~> 2.8.1)
   factory_bot_rails (~> 6.2.0)
   faker (~> 3.2.0)

README.md

@@ -22,13 +22,6 @@ Make sure you already have:
 - [Bundler](http://bundler.io/) – for installing Ruby gems
 - MongoDb 3.6
 
-The engine also expects these gems to be installed in the application in which it is mounted:
-
-- [Devise](https://github.com/plataformatec/devise/) >= 4.4.3
-- [CanCanCan](https://github.com/CanCanCommunity/cancancan) ~> 1.10
-
-And for a User model to be in place. See the [dummy testing app](https://github.com/DEFRA/waste-carriers-engine/tree/master/spec/dummy) for an example of how this might be implemented.
-
 ## Mounting the engine
 
 Add the engine to your Gemfile:

app/controllers/waste_carriers_engine/application_controller.rb

@@ -23,6 +23,14 @@ class ApplicationController < ActionController::Base
       redirect_to page_path("system_error")
     end
 
+    def current_user
+      return unless defined?(super)
+
+      # :nocov:
+      super
+      # :nocov:
+    end
+
     protected
 
     def record_user_journey

app/models/waste_carriers_engine/renewing_registration.rb

@@ -71,7 +71,7 @@ def pending_payment?
       renewal_application_submitted? && super
     end
 
-    def prepare_for_payment(mode, user)
+    def prepare_for_payment(mode, user = nil)
       BuildRenewalFinanceDetailsService.run(transient_registration: self, payment_method: mode, user:)
     end
 

app/services/waste_carriers_engine/base_registration_permission_checks_service.rb

@@ -8,7 +8,7 @@ class BaseRegistrationPermissionChecksService < BaseService
 
     attr_reader :transient_registration, :user, :permission_check_result
 
-    def run(transient_registration:, user:)
+    def run(transient_registration:, user: nil)
       @transient_registration = transient_registration
       @user = user
       @permission_check_result = PermissionChecksResult.new

app/services/waste_carriers_engine/flow_permission_checks_service.rb

@@ -9,7 +9,7 @@ class MissingFlowPermissionChecksService < StandardError; end
 
     attr_reader :transient_registration, :user
 
-    def run(transient_registration:, user:)
+    def run(transient_registration:, user: nil)
       @transient_registration = transient_registration
       @user = user
 

app/services/waste_carriers_engine/govpay_payment_service.rb

@@ -5,7 +5,7 @@
 module WasteCarriersEngine
   class GovpayPaymentService
 
-    def initialize(transient_registration, order, current_user)
+    def initialize(transient_registration, order, current_user = nil)
       @transient_registration = transient_registration
       @order = order
       @current_user = current_user

app/services/waste_carriers_engine/renewing_registration_permission_checks_service.rb

@@ -10,6 +10,9 @@ def all_checks_pass?
     end
 
     def user_has_permission?
+      # user permission checks apply only to the back office
+      return true unless WasteCarriersEngine.configuration.host_is_back_office?
+
       return true if transient_registration.from_magic_link
       return true if can?(:update, transient_registration)
 

config/locales/activemodel.en.yml

@@ -0,0 +1,15 @@
+# Additional translations at https://github.com/plataformatec/devise/wiki/I18n
+
+en:
+  activemodel:
+    errors:
+      models:
+        waste_carriers_engine/renewal_lookup_validatable:
+          already_confirmed: "Email was already confirmed, please try signing in"
+          confirmation_period_expired: "Email needs to be confirmed within %{period}, please request a new one"
+          expired: "Password reset token has expired, please request a new one"
+          not_found: "Password reset token not found"
+          not_locked: "Account was not locked"
+          not_saved:
+            one: "1 error prohibited this %{resource} from being saved:"
+            other: "%{count} errors prohibited this %{resource} from being saved:"