From 69aa91bded1cea4fcf9739c63aa7b536ee0cd74e Mon Sep 17 00:00:00 2001 From: Semkiv Andriy Date: Wed, 23 Aug 2023 10:48:24 +0300 Subject: [PATCH 1/3] Fixed 403 error when area admin tries to get applications #1197 --- .../Services/ApplicationService.cs | 26 +++++++++++++++++++ .../Services/CurrentUserService.cs | 2 +- 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/OutOfSchool/OutOfSchool.WebApi/Services/ApplicationService.cs b/OutOfSchool/OutOfSchool.WebApi/Services/ApplicationService.cs index 20b12879c7..b6da69da39 100644 --- a/OutOfSchool/OutOfSchool.WebApi/Services/ApplicationService.cs +++ b/OutOfSchool/OutOfSchool.WebApi/Services/ApplicationService.cs @@ -30,6 +30,7 @@ public class ApplicationService : IApplicationService, INotificationReciever private readonly ICurrentUserService currentUserService; private readonly IMinistryAdminService ministryAdminService; private readonly IRegionAdminService regionAdminService; + private readonly IAreaAdminService areaAdminService; private readonly ICodeficatorService codeficatorService; private readonly string errorNullWorkshopMessage = "Operation failed. Workshop in Application dto is null"; @@ -52,6 +53,7 @@ public class ApplicationService : IApplicationService, INotificationReciever /// Service for managing current user rights. /// Service for managing ministry admin rigths. /// Service for managing region admin rigths. + /// Service for managing area admin rigths. /// Codeficator service. public ApplicationService( IApplicationRepository repository, @@ -66,6 +68,7 @@ public ApplicationService( ICurrentUserService currentUserService, IMinistryAdminService ministryAdminService, IRegionAdminService regionAdminService, + IAreaAdminService areaAdminService, ICodeficatorService codeficatorService) { applicationRepository = repository ?? throw new ArgumentNullException(nameof(repository)); @@ -83,6 +86,7 @@ public ApplicationService( this.currentUserService = currentUserService ?? throw new ArgumentNullException(nameof(currentUserService)); this.ministryAdminService = ministryAdminService ?? throw new ArgumentNullException(nameof(ministryAdminService)); this.regionAdminService = regionAdminService ?? throw new ArgumentNullException(nameof(regionAdminService)); + this.areaAdminService = areaAdminService ?? throw new ArgumentNullException(nameof(regionAdminService)); this.codeficatorService = codeficatorService ?? throw new ArgumentNullException(nameof(codeficatorService)); } @@ -139,6 +143,28 @@ public async Task> GetAll(ApplicationFilter filter) } } + if (currentUserService.IsAreaAdmin()) + { + var areaAdmin = await areaAdminService.GetByUserId(currentUserService.UserId); + predicate = predicate + .And(p => p.Workshop.InstitutionHierarchy.InstitutionId == areaAdmin.InstitutionId); + + var subSettlementsIds = await codeficatorService + .GetAllChildrenIdsByParentIdAsync(areaAdmin.CATOTTGId).ConfigureAwait(false); + + if (subSettlementsIds.Any()) + { + var tempPredicate = PredicateBuilder.False(); + + foreach (var item in subSettlementsIds) + { + tempPredicate = tempPredicate.Or(x => x.Workshop.Provider.LegalAddress.CATOTTGId == item); + } + + predicate = predicate.And(tempPredicate); + } + } + var sortPredicate = SortExpressionBuild(filter); var totalAmount = await applicationRepository.Count(where: predicate).ConfigureAwait(false); diff --git a/OutOfSchool/OutOfSchool.WebApi/Services/CurrentUserService.cs b/OutOfSchool/OutOfSchool.WebApi/Services/CurrentUserService.cs index 000cfefe3a..2012ef222b 100644 --- a/OutOfSchool/OutOfSchool.WebApi/Services/CurrentUserService.cs +++ b/OutOfSchool/OutOfSchool.WebApi/Services/CurrentUserService.cs @@ -66,7 +66,7 @@ public bool IsDeputyOrProviderAdmin() => IsInRole(Role.Provider) && (IsInSubRole(Subrole.ProviderDeputy) || IsInSubRole(Subrole.ProviderAdmin)); - public bool IsAdmin() => IsInRole(Role.TechAdmin) || IsInRole(Role.MinistryAdmin) || IsInRole(Role.RegionAdmin); + public bool IsAdmin() => IsInRole(Role.TechAdmin) || IsInRole(Role.MinistryAdmin) || IsInRole(Role.RegionAdmin) || IsInRole(Role.AreaAdmin); public bool IsTechAdmin() => IsInRole(Role.TechAdmin); From e274bb140baca19c4219e17074523db6ebfd673f Mon Sep 17 00:00:00 2001 From: Semkiv Andriy Date: Wed, 23 Aug 2023 13:19:32 +0300 Subject: [PATCH 2/3] fixed test buid error and added test GetApplications_WhenAreaAdminCalled_ShouldReturnApplications() --- .../Services/ApplicationServiceTests.cs | 44 +++++++++++++++++++ 1 file changed, 44 insertions(+) diff --git a/OutOfSchool/OutOfSchool.WebApi.Tests/Services/ApplicationServiceTests.cs b/OutOfSchool/OutOfSchool.WebApi.Tests/Services/ApplicationServiceTests.cs index 58e9c3c872..d5e4a04c7f 100644 --- a/OutOfSchool/OutOfSchool.WebApi.Tests/Services/ApplicationServiceTests.cs +++ b/OutOfSchool/OutOfSchool.WebApi.Tests/Services/ApplicationServiceTests.cs @@ -43,6 +43,7 @@ public class ApplicationServiceTests private Mock currentUserServiceMock; private Mock ministryAdminServiceMock; private Mock regionAdminServiceMock; + private Mock areaAdminServiceMock; private Mock codeficatorServiceMock; private Mock> applicationsConstraintsConfig; @@ -59,6 +60,7 @@ public void SetUp() currentUserServiceMock = new Mock(); ministryAdminServiceMock = new Mock(); regionAdminServiceMock = new Mock(); + areaAdminServiceMock = new Mock(); codeficatorServiceMock = new Mock(); logger = new Mock>(); @@ -85,6 +87,7 @@ public void SetUp() currentUserServiceMock.Object, ministryAdminServiceMock.Object, regionAdminServiceMock.Object, + areaAdminServiceMock.Object, codeficatorServiceMock.Object); } @@ -184,6 +187,47 @@ public async Task GetApplications_WhenRegionAdminCalled_ShouldReturnApplications Assert.That(result.Entities.FirstOrDefault().Workshop.InstitutionId, Is.EqualTo(institutionId)); } + [Test] + public async Task GetApplications_WhenAreaAdminCalled_ShouldReturnApplications() + { + // Arrange + var institutionId = new Guid("b929a4cd-ee3d-4bad-b2f0-d40aedf656c4"); + long catottgId = 31737; + var applications = WithApplicationsList(); + SetupGetAllByInstitutionId(applications); + + currentUserServiceMock.Setup(c => c.IsAdmin()).Returns(true); + currentUserServiceMock.Setup(c => c.IsMinistryAdmin()).Returns(false); + currentUserServiceMock.Setup(c => c.IsRegionAdmin()).Returns(false); + currentUserServiceMock.Setup(c => c.IsAreaAdmin()).Returns(true); + areaAdminServiceMock + .Setup(m => m.GetByUserId(It.IsAny())) + .Returns(Task.FromResult(new AreaAdminDto() + { + InstitutionId = institutionId, + CATOTTGId = catottgId, + })); + + currentUserServiceMock.Setup(c => c.IsAreaAdmin()).Returns(true); + areaAdminServiceMock + .Setup(m => m.GetByUserId(It.IsAny())) + .Returns(Task.FromResult(new AreaAdminDto() + { + InstitutionId = institutionId, + })); + + codeficatorServiceMock + .Setup(x => x.GetAllChildrenIdsByParentIdAsync(It.IsAny())) + .Returns(Task.FromResult((IEnumerable)new List { catottgId })); + + // Act + var result = await service.GetAll(new ApplicationFilter()); + + // Assert + Assert.That(result.Entities.Count, Is.EqualTo(1)); + Assert.That(result.Entities.FirstOrDefault().Workshop.InstitutionId, Is.EqualTo(institutionId)); + } + [Test] public async Task GetApplicationById_WhenIdIsValid_ShouldReturnApplication() { From 35067ecd0920aec4ae2c0da671e6f429254c3eb0 Mon Sep 17 00:00:00 2001 From: Semkiv Andriy <68245598+min4uk@users.noreply.github.com> Date: Fri, 25 Aug 2023 15:13:55 +0300 Subject: [PATCH 3/3] Update ApplicationService.cs --- OutOfSchool/OutOfSchool.WebApi/Services/ApplicationService.cs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/OutOfSchool/OutOfSchool.WebApi/Services/ApplicationService.cs b/OutOfSchool/OutOfSchool.WebApi/Services/ApplicationService.cs index b6da69da39..9ed37fba4f 100644 --- a/OutOfSchool/OutOfSchool.WebApi/Services/ApplicationService.cs +++ b/OutOfSchool/OutOfSchool.WebApi/Services/ApplicationService.cs @@ -86,7 +86,7 @@ public ApplicationService( this.currentUserService = currentUserService ?? throw new ArgumentNullException(nameof(currentUserService)); this.ministryAdminService = ministryAdminService ?? throw new ArgumentNullException(nameof(ministryAdminService)); this.regionAdminService = regionAdminService ?? throw new ArgumentNullException(nameof(regionAdminService)); - this.areaAdminService = areaAdminService ?? throw new ArgumentNullException(nameof(regionAdminService)); + this.areaAdminService = areaAdminService ?? throw new ArgumentNullException(nameof(areaAdminService)); this.codeficatorService = codeficatorService ?? throw new ArgumentNullException(nameof(codeficatorService)); } @@ -941,4 +941,4 @@ private async Task GetAmountOfApprovedApplications(Guid workshopId) { return await applicationRepository.Count(x => x.WorkshopId == workshopId && x.Status == ApplicationStatus.Approved); } -} \ No newline at end of file +}