Skip to content

Commit

Permalink
fix: org unit access in search [DHIS2-16268] (#1324)
Browse files Browse the repository at this point in the history
* fix: org unit access in search [DHIS2-16268]

* fix: add tests
  • Loading branch information
tomzemp authored Dec 11, 2023
1 parent e6a0da2 commit 8dd538f
Show file tree
Hide file tree
Showing 2 changed files with 78 additions and 5 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -12,18 +12,19 @@ export const getRestrictedOrgUnits = (orgUnits, orgUnitType, currentUser) => {
}

// Try the requested orgUnitType first and use currentUser.organisationUnits as fallback
const availableOrgUnits = new Set(
currentUser[orgUnitType].length > 0
const availableOrgUnits =
currentUser[orgUnitType]?.length > 0
? currentUser[orgUnitType]
: currentUser.organisationUnits
)

const availableOrgUnitIDs = new Set(availableOrgUnits.map(({ id }) => id))

return orgUnits.filter((unit) => {
const isAvailableUnit = availableOrgUnits.has(unit.id)
const isAvailableUnit = availableOrgUnitIDs.has(unit.id)
const hasAvailableAncestor =
!isAvailableUnit &&
unit.ancestors.some((ancestor) =>
availableOrgUnits.has(ancestor.id)
availableOrgUnitIDs.has(ancestor.id)
)

return isAvailableUnit || hasAvailableAncestor
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
import { getRestrictedOrgUnits } from './getRestrictedOrgUnits.js'

describe('getRestrictedOrgUnits', () => {
const orgUnits = [
{ id: 'grapefruit', ancestors: [{ id: 'pomelo' }] },
{ id: 'tangerine', ancestors: [{ id: 'orange' }, { id: 'pomelo' }] },
{ id: 'lemon', ancestors: [] },
]
const orgUnitType = 'fruit'

it('returns all organisation units for super users', () => {
const currentUser = { authorities: ['ALL'] }
const validOrgUnits = getRestrictedOrgUnits(
orgUnits,
orgUnitType,
currentUser
)
expect(validOrgUnits).toEqual(orgUnits)
})
it('filters based on specified type when available', () => {
const currentUser = {
authorities: [],
fruit: [{ id: 'grapefruit' }, { id: 'kiwi' }, { id: 'mango' }],
}
const validOrgUnits = getRestrictedOrgUnits(
orgUnits,
orgUnitType,
currentUser
)
expect(validOrgUnits.map(({ id }) => id)).toEqual(['grapefruit'])
})
it('filters based on default organisationUnits specified type is not available', () => {
const currentUser = {
authorities: [],
organisationUnits: [
{ id: 'tangerine' },
{ id: 'soursop' },
{ id: 'apricot' },
],
}
const validOrgUnits = getRestrictedOrgUnits(
orgUnits,
orgUnitType,
currentUser
)
expect(validOrgUnits.map(({ id }) => id)).toEqual(['tangerine'])
})
it('checks ancestors when filtering', () => {
const currentUser = {
authorities: [],
organisationUnits: [{ id: 'pomelo' }],
}
const validOrgUnits = getRestrictedOrgUnits(
orgUnits,
orgUnitType,
currentUser
)
expect(validOrgUnits.map(({ id }) => id)).toEqual([
'grapefruit',
'tangerine',
])
})
it('returns nothing, if user is not super user and has no org units', () => {
const currentUser = { authorities: [], organisationUnits: [] }
const validOrgUnits = getRestrictedOrgUnits(
orgUnits,
orgUnitType,
currentUser
)
expect(validOrgUnits.length).toEqual(0)
})
})

0 comments on commit 8dd538f

Please sign in to comment.