feat(auth-admin): General mandate delegation type (#16005)

* General Mandate delegation type connected 1 to 1 with custom delegation type * fix migrate/undo for general mandate * fix codegen * fix broken tests due to new delegation type * pr comments fixed * add new model in graphql for general mandate --------- Co-authored-by: kodiakhq[bot] <49736102+kodiakhq[bot]@users.noreply.github.com>
island-is · Sep 18, 2024 · fdee1d0 · fdee1d0
1 parent e660f32
commit fdee1d0
Show file tree

Hide file tree

Showing 8 changed files with 80 additions and 1 deletion.
diff --git a/apps/services/auth/admin-api/src/app/v2/clients/test/me-clients.spec.ts b/apps/services/auth/admin-api/src/app/v2/clients/test/me-clients.spec.ts
@@ -38,6 +38,7 @@ const createTestClientData = async (app: TestApp, user: User) => {
   await Promise.all(
     [
       [AuthDelegationType.Custom, AuthDelegationProvider.Custom],
+      [AuthDelegationType.GeneralMandate, AuthDelegationProvider.Custom],
       [
         AuthDelegationType.ProcurationHolder,
         AuthDelegationProvider.CompanyRegistry,
@@ -994,6 +995,8 @@ describe('MeClientsController with auth', () => {
           body,
           supportedDelegationTypes: [
             AuthDelegationType.Custom,
+            // Add general mandate since it is directly connected to Custom delegation type
+            AuthDelegationType.GeneralMandate,
             AuthDelegationType.LegalGuardian,
             AuthDelegationType.PersonalRepresentative,
             AuthDelegationType.ProcurationHolder,
@@ -1033,6 +1036,8 @@ describe('MeClientsController with auth', () => {
           },
           supportedDelegationTypes: [
             AuthDelegationType.Custom,
+            // Add general mandate since it is directly connected to Custom delegation type
+            AuthDelegationType.GeneralMandate,
             AuthDelegationType.LegalGuardian,
             AuthDelegationType.PersonalRepresentative,
             AuthDelegationType.ProcurationHolder,

diff --git a/apps/services/auth/admin-api/src/app/v2/scopes/test/me-scopes.spec.ts b/apps/services/auth/admin-api/src/app/v2/scopes/test/me-scopes.spec.ts
@@ -114,6 +114,7 @@ const createTestData = async ({
   await Promise.all(
     [
       [AuthDelegationType.Custom, AuthDelegationProvider.Custom],
+      [AuthDelegationType.GeneralMandate, AuthDelegationProvider.Custom],
       [
         AuthDelegationType.ProcurationHolder,
         AuthDelegationProvider.CompanyRegistry,
@@ -839,6 +840,8 @@ describe('MeScopesController', () => {
           allowExplicitDelegationGrant: true,
           supportedDelegationTypes: [
             AuthDelegationType.Custom,
+            // Add general mandate since it is directly connected to Custom delegation type
+            AuthDelegationType.GeneralMandate,
             AuthDelegationType.LegalGuardian,
             AuthDelegationType.ProcurationHolder,
             AuthDelegationType.PersonalRepresentative,
@@ -864,6 +867,8 @@ describe('MeScopesController', () => {
           allowExplicitDelegationGrant: true,
           supportedDelegationTypes: [
             AuthDelegationType.Custom,
+            // Add general mandate since it is directly connected to Custom delegation type
+            AuthDelegationType.GeneralMandate,
             AuthDelegationType.LegalGuardian,
             AuthDelegationType.ProcurationHolder,
             AuthDelegationType.PersonalRepresentative,
@@ -1019,6 +1024,8 @@ describe('MeScopesController', () => {
           allowExplicitDelegationGrant: true,
           supportedDelegationTypes: [
             AuthDelegationType.Custom,
+            // Add general mandate since it is directly connected to Custom delegation type
+            AuthDelegationType.GeneralMandate,
             AuthDelegationType.LegalGuardian,
             AuthDelegationType.ProcurationHolder,
             AuthDelegationType.PersonalRepresentative,
@@ -1103,6 +1110,8 @@ describe('MeScopesController', () => {
           allowExplicitDelegationGrant: true,
           supportedDelegationTypes: [
             AuthDelegationType.Custom,
+            // Add general mandate since it is directly connected to Custom delegation type
+            AuthDelegationType.GeneralMandate,
             AuthDelegationType.LegalGuardian,
             AuthDelegationType.ProcurationHolder,
           ],

diff --git a/libs/api/domains/auth/src/lib/models/delegation.model.ts b/libs/api/domains/auth/src/lib/models/delegation.model.ts
@@ -32,6 +32,8 @@ const exhaustiveCheck = (param: never) => {
         return PersonalRepresentativeDelegation
       case AuthDelegationType.Custom:
         return CustomDelegation
+      case AuthDelegationType.GeneralMandate:
+        return GeneralMandate
       case AuthDelegationType.LegalRepresentative:
         return LegalRepresentativeDelegation
       default:
@@ -71,6 +73,14 @@ export class ProcuringHolderDelegation extends Delegation {}
 })
 export class PersonalRepresentativeDelegation extends Delegation {}
 
+@ObjectType('AuthGeneralMandate', {
+  implements: Delegation,
+})
+export class GeneralMandate extends Delegation {
+  @Field(() => Date, { nullable: true })
+  validTo?: Date
+}
+
 @ObjectType('AuthCustomDelegation', {
   implements: Delegation,
 })

diff --git a/libs/auth-api-lib/migrations/20240913092844-GeneralMandate-delegation-type.js b/libs/auth-api-lib/migrations/20240913092844-GeneralMandate-delegation-type.js
@@ -0,0 +1,31 @@
+'use strict'
+
+module.exports = {
+  async up(queryInterface) {
+    await queryInterface.sequelize.query(`
+      BEGIN;
+
+      INSERT INTO delegation_type (id, name, provider, description) VALUES ('GeneralMandate', 'General mandate', 'delegationdb', 'General mandate delegation type');
+
+      INSERT INTO client_delegation_types (client_id, delegation_type) select client_id, 'GeneralMandate' from client_delegation_types where delegation_type = 'Custom';
+
+      INSERT INTO api_scope_delegation_types (api_scope_name, delegation_type) select api_scope_name, 'GeneralMandate' from api_scope_delegation_types where delegation_type = 'Custom';
+
+      COMMIT;
+      `)
+  },
+
+  async down(queryInterface) {
+    await queryInterface.sequelize.query(`
+      BEGIN;
+
+      DELETE FROM client_delegation_types where delegation_type = 'GeneralMandate';
+
+      DELETE FROM api_scope_delegation_types where delegation_type = 'GeneralMandate';
+
+      DELETE FROM delegation_type WHERE id = 'GeneralMandate';
+
+      COMMIT;
+    `)
+  },
+}
diff --git a/libs/auth-api-lib/src/lib/clients/clients.service.ts b/libs/auth-api-lib/src/lib/clients/clients.service.ts
@@ -620,6 +620,10 @@ export class ClientsService {
       )
     }
 
+    if (supportsCustomDelegation) {
+      delegationTypes.push(AuthDelegationType.GeneralMandate)
+    }
+
     return Promise.all(
       delegationTypes.map((delegationType) =>
         this.clientDelegationType.upsert(
@@ -687,6 +691,10 @@ export class ClientsService {
       )
     }
 
+    if (delegationTypes.includes(AuthDelegationType.Custom)) {
+      delegationTypes.push(AuthDelegationType.GeneralMandate)
+    }
+
     return Promise.all(
       delegationTypes.map((delegationType) =>
         this.clientDelegationType.destroy({

diff --git a/libs/auth-api-lib/src/lib/delegations/delegation-provider.service.ts b/libs/auth-api-lib/src/lib/delegations/delegation-provider.service.ts
@@ -4,6 +4,8 @@ import { InjectModel } from '@nestjs/sequelize'
 import { PaginatedDelegationProviderDto } from './dto/paginated-delegation-provider.dto'
 import { DelegationProviderModel } from './models/delegation-provider.model'
 import { DelegationTypeModel } from './models/delegation-type.model'
+import { Op } from 'sequelize'
+import { AuthDelegationType } from '@island.is/shared/types'
 
 @Injectable()
 export class DelegationProviderService {
@@ -20,6 +22,11 @@ export class DelegationProviderService {
         {
           model: this.delegationTypeModel,
           as: 'delegationTypes',
+          where: {
+            id: {
+              [Op.ne]: AuthDelegationType.GeneralMandate, // Exclude delegation type since we do not want to show this in the UI
+            },
+          },
         },
       ],
       order: [['order', 'ASC']],

diff --git a/libs/auth-api-lib/src/lib/resources/admin/admin-scope.service.ts b/libs/auth-api-lib/src/lib/resources/admin/admin-scope.service.ts
@@ -458,7 +458,11 @@ export class AdminScopeService {
       AuthDelegationType.Custom,
     )
 
-    // create delegation type rows
+    if (allowExplicitDelegationGrant) {
+      delegationTypes.push(AuthDelegationType.GeneralMandate)
+    }
+
+    // add delegation type rows
     await Promise.all(
       delegationTypes.map((delegationType) =>
         this.apiScopeDelegationType.upsert(
@@ -531,6 +535,10 @@ export class AdminScopeService {
       ? false
       : undefined
 
+    if (delegationTypes.includes(AuthDelegationType.Custom)) {
+      delegationTypes.push(AuthDelegationType.GeneralMandate)
+    }
+
     // remove delegation type rows
     await Promise.all(
       delegationTypes.map((delegationType) =>

diff --git a/libs/shared/types/src/lib/delegation.ts b/libs/shared/types/src/lib/delegation.ts
@@ -4,6 +4,7 @@ export enum AuthDelegationType {
   Custom = 'Custom',
   PersonalRepresentative = 'PersonalRepresentative',
   LegalRepresentative = 'LegalRepresentative',
+  GeneralMandate = 'GeneralMandate',
 }
 
 export enum AuthDelegationProvider {