Merge pull request AOT-Technologies#2401 from shuhaib-aot/Bugfix/FWF-…

…3973-application-authorization-fix FWF-3972 [bugfix] fixed application authorization fixed for submitter only
Bonymol-aot · Dec 4, 2024 · 25c1604 · 25c1604
2 parents 5571130 + 651d454
commit 25c1604
Show file tree

Hide file tree

Showing 4 changed files with 32 additions and 16 deletions.
diff --git a/forms-flow-api/src/formsflow_api/models/authorization.py b/forms-flow-api/src/formsflow_api/models/authorization.py
@@ -5,7 +5,7 @@
 from enum import Enum, unique
 from typing import List, Optional
 
-from sqlalchemy import JSON, and_, or_
+from sqlalchemy import JSON, and_, or_, text
 from sqlalchemy.dialects.postgresql import ARRAY, ENUM
 
 from .audit_mixin import AuditDateTimeMixin, AuditUserMixin
@@ -71,17 +71,27 @@ def _auth_query(
         cls, auth_type, roles, tenant, user_name, include_created_by=False
     ):  # pylint: disable=too-many-arguments,too-many-positional-arguments
         role_condition = [Authorization.roles.contains([role]) for role in roles]
-        query = cls.query.filter(Authorization.auth_type == auth_type).filter(
-            or_(
-                *role_condition,
-                include_created_by and Authorization.created_by == user_name,
-                Authorization.user_name == user_name,
-                and_(
-                    Authorization.user_name.is_(None),
-                    or_(Authorization.roles == {}, Authorization.roles.is_(None)),
-                ),
+        query = cls.query.filter(Authorization.auth_type == auth_type)
+        if auth_type == AuthType.APPLICATION:
+            # if the authtype is application then need to check role id exist or if submitter true
+            query = query.filter(
+                or_(
+                    *role_condition,
+                    text("resource_details ->>'submitter' = 'True'"),
+                )
+            )
+        else:
+            query = query.filter(
+                or_(
+                    *role_condition,
+                    include_created_by and Authorization.created_by == user_name,
+                    Authorization.user_name == user_name,
+                    and_(
+                        Authorization.user_name.is_(None),
+                        or_(Authorization.roles == {}, Authorization.roles.is_(None)),
+                    ),
+                )
             )
-        )
 
         if tenant:
             query = query.filter(Authorization.tenant == tenant)

diff --git a/forms-flow-api/src/formsflow_api/services/form_process_mapper.py b/forms-flow-api/src/formsflow_api/services/form_process_mapper.py
@@ -429,9 +429,9 @@ def create_form(data, is_designer, **kwargs):  # pylint:disable=too-many-locals
             authorization_data = {
                 "application": {
                     "resourceId": parent_form_id,
-                    "resourceDetails": {},
+                    "resourceDetails": {"submitter": True},
                     "roles": [],
-                    "userName": user.user_name,
+                    "userName": None,
                 },
                 "designer": {
                     "resourceId": parent_form_id,

diff --git a/forms-flow-web/src/components/Form/EditForm/FormEdit.js b/forms-flow-web/src/components/Form/EditForm/FormEdit.js
@@ -447,6 +447,9 @@ const EditComponent = () => {
 
   /* ----------- save settings function to be used in settings modal ---------- */
   const filterAuthorizationData = (authorizationData) => {
+    if(authorizationData.selectedOption === "submitter"){
+      return {roles: [], userName:null, resourceDetails:{submitter:true}};
+    }
     if (authorizationData.selectedOption === "specifiedRoles") {
       return { roles: authorizationData.selectedRoles, userName: "" };
     }
@@ -475,7 +478,7 @@ const EditComponent = () => {
     const authorizations = {
       application: {
         resourceId: parentFormId,
-        resourceDetails: {},
+        resourceDetails:{submitter:false},
         ...filterAuthorizationData(rolesState.APPLICATION),
       },
       designer: {

diff --git a/forms-flow-web/src/components/Form/EditForm/FormSettings.js b/forms-flow-web/src/components/Form/EditForm/FormSettings.js
@@ -78,8 +78,11 @@ const FormSettings = forwardRef((props, ref) => {
     APPLICATION: {
       roleInput: "",
       selectedRoles: formAuthorization.APPLICATION?.roles,
-      selectedOption: setSelectedOption(formAuthorization.APPLICATION?.roles, "submitter"),
-    },
+      selectedOption: setSelectedOption(formAuthorization.APPLICATION?.roles, "submitter"), 
+      /* The 'submitter' key is stored in 'resourceDetails'. If the roles array is not empty
+       we assume that the submitter is true. */
+    }
+
   });
 
     /* ------------------------- validating form name and path ------------------------ */