Skip to content

Commit

Permalink
Merge branch 'ofmcc-6475-pcm-verfication-on-funding-table' of https:/…
Browse files Browse the repository at this point in the history
…/github.com/bcgov/ecc-ofm into ofmcc-6475-pcm-verfication-on-funding-table

pull
  • Loading branch information
jenbeckett committed Nov 20, 2024
2 parents d20a080 + 8467611 commit 1f0ba68
Show file tree
Hide file tree
Showing 6 changed files with 26 additions and 23 deletions.
10 changes: 5 additions & 5 deletions backend/src/middlewares/validatePermission.js
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,12 @@ const { getRoles } = require('../components/lookup')

/**
* Validates that the user has the specified permission.
* @param {*} permission
* @param {*} requiredPermissions
* @returns
*/
module.exports = function (permission) {
module.exports = function (...requiredPermissions) {
return async function (req, res, next) {
log.verbose(`validating permission ${permission}`)
log.verbose(`validating permission ${requiredPermissions}`)

const userRole = req.session?.passport?.user?.role

Expand All @@ -18,9 +18,9 @@ module.exports = function (permission) {

const roles = await getRoles()
const matchingRole = roles.find((role) => role.data.roleId === userRole.ofm_portal_roleid)
const permissions = matchingRole ? matchingRole.data.permissions : []
const permissions = matchingRole ? matchingRole.data.permissions?.map((p) => p.permissionName) : []

const valid = permissions.some((p) => p.permissionName === permission)
const valid = requiredPermissions?.some((p) => permissions.includes(p))

valid ? next() : res.sendStatus(403)
}
Expand Down
10 changes: 5 additions & 5 deletions backend/src/routes/facilities.js
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ router.get(
passport.authenticate('jwt', { session: false }),
isValidBackendToken,
validatePermission(PERMISSIONS.VIEW_ORG_FACILITY),
[param('facilityId', 'URL param: [facilityId] is required').not().isEmpty()],
[param('facilityId', 'URL param: [facilityId] is required').notEmpty().isUUID()],
validateFacility(false),
(req, res) => {
validationResult(req).throw()
Expand All @@ -35,7 +35,7 @@ router.get(
passport.authenticate('jwt', { session: false }),
isValidBackendToken,
validatePermission(PERMISSIONS.VIEW_ORG_FACILITY),
[param('facilityId', 'URL param: [facilityId] is required').not().isEmpty()],
[param('facilityId', 'URL param: [facilityId] is required').notEmpty().isUUID()],
validateFacility(false),
(req, res) => {
validationResult(req).throw()
Expand All @@ -50,8 +50,8 @@ router.patch(
'/:facilityId',
passport.authenticate('jwt', { session: false }),
isValidBackendToken,
validatePermission(PERMISSIONS.UPDATE_ORG_FACILITY),
[param('facilityId', 'URL param: [facilityId] is required').not().isEmpty()],
validatePermission(PERMISSIONS.UPDATE_ORG_FACILITY, PERMISSIONS.APPLY_FOR_FUNDING),
[param('facilityId', 'URL param: [facilityId] is required').notEmpty().isUUID()],
validateFacility(true),
(req, res) => {
validationResult(req).throw()
Expand All @@ -67,7 +67,7 @@ router.get(
passport.authenticate('jwt', { session: false }),
isValidBackendToken,
validatePermission(PERMISSIONS.VIEW_ORG_FACILITY),
[param('facilityId', 'URL param: [facilityId] is required').not().isEmpty()],
[param('facilityId', 'URL param: [facilityId] is required').notEmpty().isUUID()],
validateFacility(false),
(req, res) => {
validationResult(req).throw()
Expand Down
10 changes: 5 additions & 5 deletions backend/src/routes/organizations.js
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ router.get(
passport.authenticate('jwt', { session: false }),
isValidBackendToken,
validatePermission(PERMISSIONS.VIEW_ORG_FACILITY),
[param('organizationId', 'URL param: [organizationId] is required').not().isEmpty()],
[param('organizationId', 'URL param: [organizationId] is required').notEmpty().isUUID()],
validateOrganization(),
(req, res) => {
validationResult(req).throw()
Expand All @@ -35,7 +35,7 @@ router.get(
passport.authenticate('jwt', { session: false }),
isValidBackendToken,
validatePermission(PERMISSIONS.VIEW_ORG_FACILITY),
[param('organizationId', 'URL param: [organizationId] is required').not().isEmpty()],
[param('organizationId', 'URL param: [organizationId] is required').notEmpty().isUUID()],
validateOrganization(),
(req, res) => {
validationResult(req).throw()
Expand All @@ -50,9 +50,9 @@ router.put(
'/:organizationId',
passport.authenticate('jwt', { session: false }),
isValidBackendToken,
validatePermission(PERMISSIONS.UPDATE_ORG_FACILITY),
validatePermission(PERMISSIONS.UPDATE_ORG_FACILITY, PERMISSIONS.APPLY_FOR_FUNDING),
validateOrganization(),
[param('organizationId', 'URL param: [organizationId] is required').not().isEmpty()],
[param('organizationId', 'URL param: [organizationId] is required').notEmpty().isUUID()],
(req, res) => {
validationResult(req).throw()
return updateOrganization(req, res)
Expand All @@ -67,7 +67,7 @@ router.get(
passport.authenticate('jwt', { session: false }),
isValidBackendToken,
validatePermission(PERMISSIONS.MANAGE_USERS_EDIT),
[param('organizationId', 'URL param: [organizationId] is required').not().isEmpty()],
[param('organizationId', 'URL param: [organizationId] is required').notEmpty().isUUID()],
validateOrganization(),
(req, res) => {
validationResult(req).throw()
Expand Down
14 changes: 7 additions & 7 deletions frontend/package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion frontend/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@
"eslint-config-prettier": "^9.0.0",
"eslint-plugin-prettier": "^5.2.1",
"eslint-plugin-vue": "^9.27.0",
"happy-dom": "^15.10.1",
"happy-dom": "^15.10.2",
"prettier": "^3.3.3",
"vite": "^4.5.5",
"vitest": "^0.34.6"
Expand Down
3 changes: 3 additions & 0 deletions frontend/src/views/applications/FacilityDetailsView.vue
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@
v-model="primaryContact"
:items="contacts"
:disabled="readonly"
:hide-details="readonly"
item-title="fullName"
item-value="contactId"
label="Select Primary Contact"
Expand Down Expand Up @@ -62,6 +63,7 @@
v-model="secondaryContact"
:items="availableSecondaryContacts"
:disabled="readonly"
:hide-details="readonly"
item-title="fullName"
label="Select Secondary Contact"
density="compact"
Expand Down Expand Up @@ -90,6 +92,7 @@
v-model="expenseAuthority"
:items="availableExpenseAuthorities"
:disabled="readonly"
:hide-details="readonly"
item-title="fullName"
label="Select Expense Authority"
:rules="rules.required"
Expand Down

0 comments on commit 1f0ba68

Please sign in to comment.