From 527d2349d518981f95e8f5c7d16a92270e3ed281 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=8Dvar=20Oddsson?= Date: Fri, 30 Aug 2024 15:21:25 +0000 Subject: [PATCH 1/9] Create CaseFileInterceptor --- .../src/app/modules/case/case.controller.ts | 4 +-- .../guards/limitedAccessCaseExists.guard.ts | 2 +- .../case/interceptors/caseFile.interceptor.ts | 35 +++++++++++++++++++ ...=> completedAppealAccessed.interceptor.ts} | 2 +- .../case/limitedAccessCase.controller.ts | 4 +-- .../modules/case/limitedAccessCase.service.ts | 5 +++ .../modules/file/guards/caseFileCategory.ts | 2 ++ .../guards/limitedAccessViewCaseFile.guard.ts | 6 ++-- libs/judicial-system/types/src/index.ts | 1 + libs/judicial-system/types/src/lib/file.ts | 20 +++++------ libs/judicial-system/types/src/lib/user.ts | 7 ++++ 11 files changed, 69 insertions(+), 19 deletions(-) create mode 100644 apps/judicial-system/backend/src/app/modules/case/interceptors/caseFile.interceptor.ts rename apps/judicial-system/backend/src/app/modules/case/interceptors/{case.interceptor.ts => completedAppealAccessed.interceptor.ts} (94%) diff --git a/apps/judicial-system/backend/src/app/modules/case/case.controller.ts b/apps/judicial-system/backend/src/app/modules/case/case.controller.ts index 954025e9b815..f0df853fa1af 100644 --- a/apps/judicial-system/backend/src/app/modules/case/case.controller.ts +++ b/apps/judicial-system/backend/src/app/modules/case/case.controller.ts @@ -99,8 +99,8 @@ import { prosecutorUpdateRule, publicProsecutorStaffUpdateRule, } from './guards/rolesRules' -import { CaseInterceptor } from './interceptors/case.interceptor' import { CaseListInterceptor } from './interceptors/caseList.interceptor' +import { CompletedAppealAccessedInterceptor } from './interceptors/completedAppealAccessed.interceptor' import { Case } from './models/case.model' import { SignatureConfirmationResponse } from './models/signatureConfirmation.response' import { transitionCase } from './state/case.state' @@ -468,7 +468,7 @@ export class CaseController { ) @Get('case/:caseId') @ApiOkResponse({ type: Case, description: 'Gets an existing case' }) - @UseInterceptors(CaseInterceptor) + @UseInterceptors(CompletedAppealAccessedInterceptor) getById(@Param('caseId') caseId: string, @CurrentCase() theCase: Case): Case { this.logger.debug(`Getting case ${caseId} by id`) diff --git a/apps/judicial-system/backend/src/app/modules/case/guards/limitedAccessCaseExists.guard.ts b/apps/judicial-system/backend/src/app/modules/case/guards/limitedAccessCaseExists.guard.ts index 460480edf5f8..f92e78361b74 100644 --- a/apps/judicial-system/backend/src/app/modules/case/guards/limitedAccessCaseExists.guard.ts +++ b/apps/judicial-system/backend/src/app/modules/case/guards/limitedAccessCaseExists.guard.ts @@ -14,7 +14,7 @@ export class LimitedAccessCaseExistsGuard implements CanActivate { async canActivate(context: ExecutionContext): Promise { const request = context.switchToHttp().getRequest() - const caseId = request.params.caseId + const caseId: string = request.params.caseId if (!caseId) { throw new BadRequestException('Missing case id') diff --git a/apps/judicial-system/backend/src/app/modules/case/interceptors/caseFile.interceptor.ts b/apps/judicial-system/backend/src/app/modules/case/interceptors/caseFile.interceptor.ts new file mode 100644 index 000000000000..d492fb402ab0 --- /dev/null +++ b/apps/judicial-system/backend/src/app/modules/case/interceptors/caseFile.interceptor.ts @@ -0,0 +1,35 @@ +import { Observable } from 'rxjs' +import { map } from 'rxjs/operators' + +import { + CallHandler, + ExecutionContext, + Injectable, + NestInterceptor, +} from '@nestjs/common' + +import { isPrisonStaffUser, User } from '@island.is/judicial-system/types' + +import { Case } from '../models/case.model' + +@Injectable() +export class CaseFileInterceptor implements NestInterceptor { + intercept(context: ExecutionContext, next: CallHandler): Observable { + const request = context.switchToHttp().getRequest() + const user: User = request.user + + return next.handle().pipe( + map((data: Case) => { + const returnData = data + + if (isPrisonStaffUser(user)) { + returnData.caseFiles = [] + + return returnData + } + + return returnData + }), + ) + } +} diff --git a/apps/judicial-system/backend/src/app/modules/case/interceptors/case.interceptor.ts b/apps/judicial-system/backend/src/app/modules/case/interceptors/completedAppealAccessed.interceptor.ts similarity index 94% rename from apps/judicial-system/backend/src/app/modules/case/interceptors/case.interceptor.ts rename to apps/judicial-system/backend/src/app/modules/case/interceptors/completedAppealAccessed.interceptor.ts index 6beab2bc3915..5ff8d84bff3f 100644 --- a/apps/judicial-system/backend/src/app/modules/case/interceptors/case.interceptor.ts +++ b/apps/judicial-system/backend/src/app/modules/case/interceptors/completedAppealAccessed.interceptor.ts @@ -20,7 +20,7 @@ import { EventLogService } from '../../event-log' import { Case } from '../models/case.model' @Injectable() -export class CaseInterceptor implements NestInterceptor { +export class CompletedAppealAccessedInterceptor implements NestInterceptor { constructor(private readonly eventLogService: EventLogService) {} intercept(context: ExecutionContext, next: CallHandler): Observable { diff --git a/apps/judicial-system/backend/src/app/modules/case/limitedAccessCase.controller.ts b/apps/judicial-system/backend/src/app/modules/case/limitedAccessCase.controller.ts index aee8f67f1e40..e5301bf2cad3 100644 --- a/apps/judicial-system/backend/src/app/modules/case/limitedAccessCase.controller.ts +++ b/apps/judicial-system/backend/src/app/modules/case/limitedAccessCase.controller.ts @@ -53,7 +53,7 @@ import { CaseWriteGuard } from './guards/caseWrite.guard' import { LimitedAccessCaseExistsGuard } from './guards/limitedAccessCaseExists.guard' import { RequestSharedWithDefenderGuard } from './guards/requestSharedWithDefender.guard' import { defenderTransitionRule, defenderUpdateRule } from './guards/rolesRules' -import { CaseInterceptor } from './interceptors/case.interceptor' +import { CompletedAppealAccessedInterceptor } from './interceptors/completedAppealAccessed.interceptor' import { Case } from './models/case.model' import { transitionCase } from './state/case.state' import { @@ -85,7 +85,7 @@ export class LimitedAccessCaseController { type: Case, description: 'Gets a limited set of properties of an existing case', }) - @UseInterceptors(CaseInterceptor) + @UseInterceptors(CompletedAppealAccessedInterceptor) async getById( @Param('caseId') caseId: string, @CurrentCase() theCase: Case, diff --git a/apps/judicial-system/backend/src/app/modules/case/limitedAccessCase.service.ts b/apps/judicial-system/backend/src/app/modules/case/limitedAccessCase.service.ts index 691c040563a7..0fcf11710d00 100644 --- a/apps/judicial-system/backend/src/app/modules/case/limitedAccessCase.service.ts +++ b/apps/judicial-system/backend/src/app/modules/case/limitedAccessCase.service.ts @@ -16,6 +16,10 @@ import { LOGGER_PROVIDER } from '@island.is/logging' import { formatNationalId } from '@island.is/judicial-system/formatters' import { MessageService, MessageType } from '@island.is/judicial-system/message' import type { User as TUser } from '@island.is/judicial-system/types' +import { + isPrisonStaffUser, + isPrisonSystemUser, +} from '@island.is/judicial-system/types' import { CaseAppealState, CaseFileCategory, @@ -36,6 +40,7 @@ import { CaseFile, defenderCaseFileCategoriesForRestrictionAndInvestigationCases, } from '../file' +import { prisonSystemCaseFileCategories } from '../file/guards/caseFileCategory' import { Institution } from '../institution' import { User } from '../user' import { Case } from './models/case.model' diff --git a/apps/judicial-system/backend/src/app/modules/file/guards/caseFileCategory.ts b/apps/judicial-system/backend/src/app/modules/file/guards/caseFileCategory.ts index 5455ad7976b0..acbd6e7c3b7d 100644 --- a/apps/judicial-system/backend/src/app/modules/file/guards/caseFileCategory.ts +++ b/apps/judicial-system/backend/src/app/modules/file/guards/caseFileCategory.ts @@ -22,3 +22,5 @@ export const defenderCaseFileCategoriesForIndictmentCases = [ CaseFileCategory.PROSECUTOR_CASE_FILE, CaseFileCategory.DEFENDANT_CASE_FILE, ] + +export const prisonSystemCaseFileCategories = [CaseFileCategory.APPEAL_RULING] diff --git a/apps/judicial-system/backend/src/app/modules/file/guards/limitedAccessViewCaseFile.guard.ts b/apps/judicial-system/backend/src/app/modules/file/guards/limitedAccessViewCaseFile.guard.ts index 3526675d6902..1cb67738a5d7 100644 --- a/apps/judicial-system/backend/src/app/modules/file/guards/limitedAccessViewCaseFile.guard.ts +++ b/apps/judicial-system/backend/src/app/modules/file/guards/limitedAccessViewCaseFile.guard.ts @@ -21,6 +21,7 @@ import { CaseFile } from '../models/file.model' import { defenderCaseFileCategoriesForIndictmentCases, defenderCaseFileCategoriesForRestrictionAndInvestigationCases, + prisonSystemCaseFileCategories, } from './caseFileCategory' @Injectable() @@ -65,11 +66,10 @@ export class LimitedAccessViewCaseFileGuard implements CanActivate { } } - if (isPrisonSystemUser(user)) { + if (isPrisonSystemUser(user) && caseFile.category) { if ( isCompletedCase(theCase.state) && - caseFile.category && - caseFile.category === CaseFileCategory.APPEAL_RULING + prisonSystemCaseFileCategories.includes(caseFile.category) ) { return true } diff --git a/libs/judicial-system/types/src/index.ts b/libs/judicial-system/types/src/index.ts index f3103257e18e..60752968ed8a 100644 --- a/libs/judicial-system/types/src/index.ts +++ b/libs/judicial-system/types/src/index.ts @@ -22,6 +22,7 @@ export { isCourtOfAppealsUser, prisonSystemRoles, isPrisonSystemUser, + isPrisonStaffUser, defenceRoles, isDefenceUser, isAdminUser, diff --git a/libs/judicial-system/types/src/lib/file.ts b/libs/judicial-system/types/src/lib/file.ts index 44f65118a9a1..ae687d066896 100644 --- a/libs/judicial-system/types/src/lib/file.ts +++ b/libs/judicial-system/types/src/lib/file.ts @@ -15,16 +15,16 @@ export enum CaseFileCategory { CASE_FILE_RECORD = 'CASE_FILE_RECORD', PROSECUTOR_CASE_FILE = 'PROSECUTOR_CASE_FILE', DEFENDANT_CASE_FILE = 'DEFENDANT_CASE_FILE', - PROSECUTOR_APPEAL_BRIEF = 'PROSECUTOR_APPEAL_BRIEF', - DEFENDANT_APPEAL_BRIEF = 'DEFENDANT_APPEAL_BRIEF', - PROSECUTOR_APPEAL_BRIEF_CASE_FILE = 'PROSECUTOR_APPEAL_BRIEF_CASE_FILE', - DEFENDANT_APPEAL_BRIEF_CASE_FILE = 'DEFENDANT_APPEAL_BRIEF_CASE_FILE', - PROSECUTOR_APPEAL_STATEMENT = 'PROSECUTOR_APPEAL_STATEMENT', - DEFENDANT_APPEAL_STATEMENT = 'DEFENDANT_APPEAL_STATEMENT', - PROSECUTOR_APPEAL_STATEMENT_CASE_FILE = 'PROSECUTOR_APPEAL_STATEMENT_CASE_FILE', - DEFENDANT_APPEAL_STATEMENT_CASE_FILE = 'DEFENDANT_APPEAL_STATEMENT_CASE_FILE', - PROSECUTOR_APPEAL_CASE_FILE = 'PROSECUTOR_APPEAL_CASE_FILE', - DEFENDANT_APPEAL_CASE_FILE = 'DEFENDANT_APPEAL_CASE_FILE', + PROSECUTOR_APPEAL_BRIEF = 'PROSECUTOR_APPEAL_BRIEF', // Sækjandi: Kæruskjal til Landsréttar + DEFENDANT_APPEAL_BRIEF = 'DEFENDANT_APPEAL_BRIEF', // Verjandi: Kæruskjal til Landsréttar + PROSECUTOR_APPEAL_BRIEF_CASE_FILE = 'PROSECUTOR_APPEAL_BRIEF_CASE_FILE', // Sækjandi: Fylgigögn kæruskjals til Landsréttar + DEFENDANT_APPEAL_BRIEF_CASE_FILE = 'DEFENDANT_APPEAL_BRIEF_CASE_FILE', // Verjandi: Fylgigögn kæruskjals til Landsréttar + PROSECUTOR_APPEAL_STATEMENT = 'PROSECUTOR_APPEAL_STATEMENT', // Sækjandi: Greinargerð + DEFENDANT_APPEAL_STATEMENT = 'DEFENDANT_APPEAL_STATEMENT', // Verjandi: Greinargerð + PROSECUTOR_APPEAL_STATEMENT_CASE_FILE = 'PROSECUTOR_APPEAL_STATEMENT_CASE_FILE', // Sækjandi: Fylgigögn greinargerðar + DEFENDANT_APPEAL_STATEMENT_CASE_FILE = 'DEFENDANT_APPEAL_STATEMENT_CASE_FILE', // Verjandi: Fylgigögn greinargerðar + PROSECUTOR_APPEAL_CASE_FILE = 'PROSECUTOR_APPEAL_CASE_FILE', // Sækjandi: Viðbótargögn við kæru til Landsréttar + DEFENDANT_APPEAL_CASE_FILE = 'DEFENDANT_APPEAL_CASE_FILE', // Verjandi: Viðbótargögn við kæru til Landsréttar APPEAL_COURT_RECORD = 'APPEAL_COURT_RECORD', APPEAL_RULING = 'APPEAL_RULING', } diff --git a/libs/judicial-system/types/src/lib/user.ts b/libs/judicial-system/types/src/lib/user.ts index ba7a5a6ec417..e530c7851505 100644 --- a/libs/judicial-system/types/src/lib/user.ts +++ b/libs/judicial-system/types/src/lib/user.ts @@ -114,6 +114,13 @@ export const isPrisonSystemUser = (user?: InstitutionUser): boolean => { ) } +export const isPrisonStaffUser = (user: InstitutionUser): boolean => + Boolean( + user.role && + prisonSystemRoles.includes(user.role) && + user.institution?.type === InstitutionType.PRISON, + ) + export const defenceRoles: string[] = [UserRole.DEFENDER] export const isDefenceUser = (user?: InstitutionUser): boolean => { From 92d7f8293b709b23a382f928f9211911bd296923 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=8Dvar=20Oddsson?= Date: Mon, 2 Sep 2024 13:02:06 +0000 Subject: [PATCH 2/9] Filter case files in interceptor --- .../case/interceptors/caseFile.interceptor.ts | 25 +++++++++++++++---- .../case/limitedAccessCase.controller.ts | 3 ++- 2 files changed, 22 insertions(+), 6 deletions(-) diff --git a/apps/judicial-system/backend/src/app/modules/case/interceptors/caseFile.interceptor.ts b/apps/judicial-system/backend/src/app/modules/case/interceptors/caseFile.interceptor.ts index d492fb402ab0..3f4ed9288f69 100644 --- a/apps/judicial-system/backend/src/app/modules/case/interceptors/caseFile.interceptor.ts +++ b/apps/judicial-system/backend/src/app/modules/case/interceptors/caseFile.interceptor.ts @@ -8,8 +8,14 @@ import { NestInterceptor, } from '@nestjs/common' -import { isPrisonStaffUser, User } from '@island.is/judicial-system/types' +import { + CaseFileCategory, + isPrisonStaffUser, + isPrisonSystemUser, + User, +} from '@island.is/judicial-system/types' +import { CaseFile } from '../../file' import { Case } from '../models/case.model' @Injectable() @@ -21,14 +27,23 @@ export class CaseFileInterceptor implements NestInterceptor { return next.handle().pipe( map((data: Case) => { const returnData = data - if (isPrisonStaffUser(user)) { - returnData.caseFiles = [] + data.caseFiles?.splice(0, data.caseFiles.length) + + return data + } else if (isPrisonSystemUser(user)) { + data.caseFiles?.splice( + 0, + data.caseFiles.length, + ...data.caseFiles.filter( + (cf) => cf.category === CaseFileCategory.APPEAL_RULING, + ), + ) + return returnData + } else { return returnData } - - return returnData }), ) } diff --git a/apps/judicial-system/backend/src/app/modules/case/limitedAccessCase.controller.ts b/apps/judicial-system/backend/src/app/modules/case/limitedAccessCase.controller.ts index e5301bf2cad3..05213152794c 100644 --- a/apps/judicial-system/backend/src/app/modules/case/limitedAccessCase.controller.ts +++ b/apps/judicial-system/backend/src/app/modules/case/limitedAccessCase.controller.ts @@ -53,6 +53,7 @@ import { CaseWriteGuard } from './guards/caseWrite.guard' import { LimitedAccessCaseExistsGuard } from './guards/limitedAccessCaseExists.guard' import { RequestSharedWithDefenderGuard } from './guards/requestSharedWithDefender.guard' import { defenderTransitionRule, defenderUpdateRule } from './guards/rolesRules' +import { CaseFileInterceptor } from './interceptors/caseFile.interceptor' import { CompletedAppealAccessedInterceptor } from './interceptors/completedAppealAccessed.interceptor' import { Case } from './models/case.model' import { transitionCase } from './state/case.state' @@ -85,7 +86,7 @@ export class LimitedAccessCaseController { type: Case, description: 'Gets a limited set of properties of an existing case', }) - @UseInterceptors(CompletedAppealAccessedInterceptor) + @UseInterceptors(CompletedAppealAccessedInterceptor, CaseFileInterceptor) async getById( @Param('caseId') caseId: string, @CurrentCase() theCase: Case, From f47829a3f01fa33cd9bc29afdf5acffa44b9b1a0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=8Dvar=20Oddsson?= Date: Mon, 2 Sep 2024 13:38:34 +0000 Subject: [PATCH 3/9] Only send appeal ruling for completed appeals --- .../app/modules/case/interceptors/caseFile.interceptor.ts | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/apps/judicial-system/backend/src/app/modules/case/interceptors/caseFile.interceptor.ts b/apps/judicial-system/backend/src/app/modules/case/interceptors/caseFile.interceptor.ts index 3f4ed9288f69..df35ade764c6 100644 --- a/apps/judicial-system/backend/src/app/modules/case/interceptors/caseFile.interceptor.ts +++ b/apps/judicial-system/backend/src/app/modules/case/interceptors/caseFile.interceptor.ts @@ -9,13 +9,13 @@ import { } from '@nestjs/common' import { + CaseAppealState, CaseFileCategory, isPrisonStaffUser, isPrisonSystemUser, User, } from '@island.is/judicial-system/types' -import { CaseFile } from '../../file' import { Case } from '../models/case.model' @Injectable() @@ -27,7 +27,10 @@ export class CaseFileInterceptor implements NestInterceptor { return next.handle().pipe( map((data: Case) => { const returnData = data - if (isPrisonStaffUser(user)) { + if ( + isPrisonStaffUser(user) || + data.appealState !== CaseAppealState.COMPLETED + ) { data.caseFiles?.splice(0, data.caseFiles.length) return data From d1818567f1a3c9a470bd8f466e98315514c7aca3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=8Dvar=20Oddsson?= Date: Mon, 2 Sep 2024 13:51:55 +0000 Subject: [PATCH 4/9] Refactor --- .../modules/case/interceptors/caseFile.interceptor.ts | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/apps/judicial-system/backend/src/app/modules/case/interceptors/caseFile.interceptor.ts b/apps/judicial-system/backend/src/app/modules/case/interceptors/caseFile.interceptor.ts index df35ade764c6..d0271ccc6eb5 100644 --- a/apps/judicial-system/backend/src/app/modules/case/interceptors/caseFile.interceptor.ts +++ b/apps/judicial-system/backend/src/app/modules/case/interceptors/caseFile.interceptor.ts @@ -26,14 +26,11 @@ export class CaseFileInterceptor implements NestInterceptor { return next.handle().pipe( map((data: Case) => { - const returnData = data if ( isPrisonStaffUser(user) || data.appealState !== CaseAppealState.COMPLETED ) { data.caseFiles?.splice(0, data.caseFiles.length) - - return data } else if (isPrisonSystemUser(user)) { data.caseFiles?.splice( 0, @@ -42,11 +39,9 @@ export class CaseFileInterceptor implements NestInterceptor { (cf) => cf.category === CaseFileCategory.APPEAL_RULING, ), ) - - return returnData - } else { - return returnData } + + return data }), ) } From 8eade8e4a417093e381ed4cf56829308fb3cc6c2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=8Dvar=20Oddsson?= Date: Mon, 2 Sep 2024 14:04:59 +0000 Subject: [PATCH 5/9] Remove unused code --- .../src/app/modules/case/limitedAccessCase.service.ts | 5 ----- 1 file changed, 5 deletions(-) diff --git a/apps/judicial-system/backend/src/app/modules/case/limitedAccessCase.service.ts b/apps/judicial-system/backend/src/app/modules/case/limitedAccessCase.service.ts index 0fcf11710d00..691c040563a7 100644 --- a/apps/judicial-system/backend/src/app/modules/case/limitedAccessCase.service.ts +++ b/apps/judicial-system/backend/src/app/modules/case/limitedAccessCase.service.ts @@ -16,10 +16,6 @@ import { LOGGER_PROVIDER } from '@island.is/logging' import { formatNationalId } from '@island.is/judicial-system/formatters' import { MessageService, MessageType } from '@island.is/judicial-system/message' import type { User as TUser } from '@island.is/judicial-system/types' -import { - isPrisonStaffUser, - isPrisonSystemUser, -} from '@island.is/judicial-system/types' import { CaseAppealState, CaseFileCategory, @@ -40,7 +36,6 @@ import { CaseFile, defenderCaseFileCategoriesForRestrictionAndInvestigationCases, } from '../file' -import { prisonSystemCaseFileCategories } from '../file/guards/caseFileCategory' import { Institution } from '../institution' import { User } from '../user' import { Case } from './models/case.model' From 0d4c954945d7afde0fd3a2340bc8af1623102966 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=8Dvar=20Oddsson?= Date: Mon, 2 Sep 2024 14:07:00 +0000 Subject: [PATCH 6/9] Refactor --- .../file/guards/limitedAccessViewCaseFile.guard.ts | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/apps/judicial-system/backend/src/app/modules/file/guards/limitedAccessViewCaseFile.guard.ts b/apps/judicial-system/backend/src/app/modules/file/guards/limitedAccessViewCaseFile.guard.ts index 1cb67738a5d7..4ad4a80cfcd4 100644 --- a/apps/judicial-system/backend/src/app/modules/file/guards/limitedAccessViewCaseFile.guard.ts +++ b/apps/judicial-system/backend/src/app/modules/file/guards/limitedAccessViewCaseFile.guard.ts @@ -66,13 +66,13 @@ export class LimitedAccessViewCaseFileGuard implements CanActivate { } } - if (isPrisonSystemUser(user) && caseFile.category) { - if ( - isCompletedCase(theCase.state) && - prisonSystemCaseFileCategories.includes(caseFile.category) - ) { - return true - } + if ( + caseFile.category && + isCompletedCase(theCase.state) && + isPrisonSystemUser(user) && + prisonSystemCaseFileCategories.includes(caseFile.category) + ) { + return true } throw new ForbiddenException(`Forbidden for ${user.role}`) From f5328468dbd0f7daab0062a222f717da79051576 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=8Dvar=20Oddsson?= Date: Wed, 4 Sep 2024 10:08:48 +0000 Subject: [PATCH 7/9] Allow defence users to see all files --- .../app/modules/case/interceptors/caseFile.interceptor.ts | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/apps/judicial-system/backend/src/app/modules/case/interceptors/caseFile.interceptor.ts b/apps/judicial-system/backend/src/app/modules/case/interceptors/caseFile.interceptor.ts index d0271ccc6eb5..d7d74fb30a5c 100644 --- a/apps/judicial-system/backend/src/app/modules/case/interceptors/caseFile.interceptor.ts +++ b/apps/judicial-system/backend/src/app/modules/case/interceptors/caseFile.interceptor.ts @@ -11,6 +11,7 @@ import { import { CaseAppealState, CaseFileCategory, + isDefenceUser, isPrisonStaffUser, isPrisonSystemUser, User, @@ -26,6 +27,10 @@ export class CaseFileInterceptor implements NestInterceptor { return next.handle().pipe( map((data: Case) => { + if (isDefenceUser(user)) { + return data + } + if ( isPrisonStaffUser(user) || data.appealState !== CaseAppealState.COMPLETED From 2280ab9d152bb8ea0e96fc2481476664a2532959 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=8Dvar=20Oddsson?= Date: Wed, 4 Sep 2024 10:14:29 +0000 Subject: [PATCH 8/9] Refactor --- .../src/app/modules/file/guards/caseFileCategory.ts | 2 +- .../file/guards/limitedAccessViewCaseFile.guard.ts | 9 ++++----- libs/judicial-system/types/src/index.ts | 1 + libs/judicial-system/types/src/lib/user.ts | 7 +++++++ 4 files changed, 13 insertions(+), 6 deletions(-) diff --git a/apps/judicial-system/backend/src/app/modules/file/guards/caseFileCategory.ts b/apps/judicial-system/backend/src/app/modules/file/guards/caseFileCategory.ts index acbd6e7c3b7d..2d8d88353f35 100644 --- a/apps/judicial-system/backend/src/app/modules/file/guards/caseFileCategory.ts +++ b/apps/judicial-system/backend/src/app/modules/file/guards/caseFileCategory.ts @@ -23,4 +23,4 @@ export const defenderCaseFileCategoriesForIndictmentCases = [ CaseFileCategory.DEFENDANT_CASE_FILE, ] -export const prisonSystemCaseFileCategories = [CaseFileCategory.APPEAL_RULING] +export const prisonAdminCaseFileCategories = [CaseFileCategory.APPEAL_RULING] diff --git a/apps/judicial-system/backend/src/app/modules/file/guards/limitedAccessViewCaseFile.guard.ts b/apps/judicial-system/backend/src/app/modules/file/guards/limitedAccessViewCaseFile.guard.ts index 4ad4a80cfcd4..a8c2f8295ea7 100644 --- a/apps/judicial-system/backend/src/app/modules/file/guards/limitedAccessViewCaseFile.guard.ts +++ b/apps/judicial-system/backend/src/app/modules/file/guards/limitedAccessViewCaseFile.guard.ts @@ -7,11 +7,10 @@ import { } from '@nestjs/common' import { - CaseFileCategory, isCompletedCase, isDefenceUser, isIndictmentCase, - isPrisonSystemUser, + isPrisonAdminUser, isRequestCase, User, } from '@island.is/judicial-system/types' @@ -21,7 +20,7 @@ import { CaseFile } from '../models/file.model' import { defenderCaseFileCategoriesForIndictmentCases, defenderCaseFileCategoriesForRestrictionAndInvestigationCases, - prisonSystemCaseFileCategories, + prisonAdminCaseFileCategories, } from './caseFileCategory' @Injectable() @@ -69,8 +68,8 @@ export class LimitedAccessViewCaseFileGuard implements CanActivate { if ( caseFile.category && isCompletedCase(theCase.state) && - isPrisonSystemUser(user) && - prisonSystemCaseFileCategories.includes(caseFile.category) + isPrisonAdminUser(user) && + prisonAdminCaseFileCategories.includes(caseFile.category) ) { return true } diff --git a/libs/judicial-system/types/src/index.ts b/libs/judicial-system/types/src/index.ts index eabf3af5c9d2..cf873e6f07cc 100644 --- a/libs/judicial-system/types/src/index.ts +++ b/libs/judicial-system/types/src/index.ts @@ -33,6 +33,7 @@ export { isDefenceUser, isAdminUser, isCoreUser, + isPrisonAdminUser, isPublicProsecutor, } from './lib/user' export type { User } from './lib/user' diff --git a/libs/judicial-system/types/src/lib/user.ts b/libs/judicial-system/types/src/lib/user.ts index e530c7851505..8c0dcb478e20 100644 --- a/libs/judicial-system/types/src/lib/user.ts +++ b/libs/judicial-system/types/src/lib/user.ts @@ -114,6 +114,13 @@ export const isPrisonSystemUser = (user?: InstitutionUser): boolean => { ) } +export const isPrisonAdminUser = (user: InstitutionUser): boolean => + Boolean( + user.role && + prisonSystemRoles.includes(user.role) && + user.institution?.type === InstitutionType.PRISON_ADMIN, + ) + export const isPrisonStaffUser = (user: InstitutionUser): boolean => Boolean( user.role && From 76a86843d0b7b93ea96180816740786907d8f2b0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=8Dvar=20Oddsson?= Date: Thu, 5 Sep 2024 13:10:36 +0000 Subject: [PATCH 9/9] Fix tests --- .../guards/test/limitedAccessViewCaseFileGuard.spec.ts | 8 -------- 1 file changed, 8 deletions(-) diff --git a/apps/judicial-system/backend/src/app/modules/file/guards/test/limitedAccessViewCaseFileGuard.spec.ts b/apps/judicial-system/backend/src/app/modules/file/guards/test/limitedAccessViewCaseFileGuard.spec.ts index dd31ac1d7816..e4e7672dc2d6 100644 --- a/apps/judicial-system/backend/src/app/modules/file/guards/test/limitedAccessViewCaseFileGuard.spec.ts +++ b/apps/judicial-system/backend/src/app/modules/file/guards/test/limitedAccessViewCaseFileGuard.spec.ts @@ -229,27 +229,19 @@ describe('Limited Access View Case File Guard', () => { describe.each(allowedCaseFileCategories)( 'prison system users can view %s', (category) => { - let thenPrison: Then let thenPrisonAdmin: Then beforeEach(() => { - mockRequest.mockImplementationOnce(() => ({ - user: prisonUser, - case: { type, state }, - caseFile: { category }, - })) mockRequest.mockImplementationOnce(() => ({ user: prisonAdminUser, case: { type, state }, caseFile: { category }, })) - thenPrison = givenWhenThen() thenPrisonAdmin = givenWhenThen() }) it('should activate', () => { - expect(thenPrison.result).toBe(true) expect(thenPrisonAdmin.result).toBe(true) }) },