ARCPOC-1411: BE - Activity Audit Report - Body with unsupported request fields passes

[github-actions]

Jira link

See ARCPOC-1411

Change description

Implements Jira issue ARCPOC-1411: BE - Activity Audit Report - Body with unsupported request fields passes

Codex ran on the Azure AKS self-hosted runner scale set using the Jira issue context. See the Codex final message below for the implementation summary.

Testing done

Codex may run targeted checks during generation. This workflow verifies the generated patch in a separate no-write job before the trusted publish job opens the pull request. See the Codex final message below and workflow logs for details.

Security Vulnerability Assessment

CVE Suppression: Are there any CVEs present in the codebase (either newly introduced or pre-existing) that are being intentionally suppressed or ignored by this commit?

• Yes
• No

Checklist

• commit messages are meaningful and follow good commit message guidelines
• README and other documentation has been updated / added (if needed)
• tests have been updated / new tests has been added (if needed)
• Does this PR introduce a breaking change

Codex Final Message

Implemented ARCPOC-1411.

Summary:

• Added ActivityAuditFilterRequestBodyAdvice to reject unsupported top-level JSON fields for ActivityAuditFilterDto before the report job is created.
• Updated AppRegExceptionHandler to return a clear 400 detail: Unsupported request field: <field>.
• Added unit coverage for the request-body advice and exception formatting.
• Added an integration regression for POST /reports/activity-audit/jobs with unsupported courtCode.

Verification:

• git diff --check - passed.
• GRADLE_DAEMON_BIND_ADDRESS=127.0.0.1 GRADLE_USER_HOME=/tmp/gradle /home/runner/.gradle/wrapper/dists/gradle-9.5.1-all/3mo7ofu40rhxhyro6vr9xd6jp/gradle-9.5.1/bin/gradle --no-daemon test --tests 'uk.gov.hmcts.appregister.report.controller.ActivityAuditFilterRequestBodyAdviceTest' --tests 'uk.gov.hmcts.appregister.common.exception.AppRegExceptionHandlerTest' - failed before test execution because Gradle could not start in this runner: java.net.SocketException: Operation not permitted from FileLockContentionHandler.

[zachealy113]

/codex-review

Please make a small safe improvement: add an assertion to the unsupported activity-audit field regression test that confirms no report job is created when the request is rejected with 400.

[github-actions]

Codex pushed an update for review feedback from @zachealy113.

Feedback: #501 (review)

Commit: 200aded

Codex final message:

Implemented the review feedback in ReportingControllerPostTest.java.

The unsupported activity-audit field regression test now records the existing ACTIVITY_AUDIT_REPORT async job count before the rejected request and asserts it is unchanged after the 400, confirming no report job is created.

Verification:

• git diff --check passed.
• Targeted Gradle integration test could not run in this sandbox: Gradle first hit a read-only default cache, then with GRADLE_USER_HOME=/tmp/codex-gradle failed during startup because Java socket creation is blocked (FileLockContentionHandler, java.net.SocketException: Operation not permitted).