VIH-10264 update the roles allowed to view booking list (#1290)

hmcts · Oct 23, 2023 · 66e8c97 · 66e8c97
1 parent 0aac602
commit 66e8c97
Show file tree

Hide file tree

Showing 5 changed files with 34 additions and 40 deletions.
diff --git a/AdminWebsite/AdminWebsite.UnitTests/Controllers/BookingListControllerTest.cs b/AdminWebsite/AdminWebsite.UnitTests/Controllers/BookingListControllerTest.cs
@@ -35,7 +35,7 @@ public void Setup()
         [Test]
         public async Task Should_return_booking_list_if_cursor_is_null()
         {
-            _userIdentity.Setup(x => x.IsAdministratorRole()).Returns(true);
+            _userIdentity.Setup(x => x.IsATeamLead()).Returns(true);
 
             _bookingsApiClient.Setup(x =>
             x.GetHearingsByTypesAsync(It.IsAny<GetHearingRequest>()))
@@ -55,7 +55,7 @@ public async Task Should_return_booking_list_if_cursor_is_null()
         [Test]
         public async Task Should_return_booking_list_if_cursor_is_not_null()
         {
-            _userIdentity.Setup(x => x.IsAdministratorRole()).Returns(true);
+            _userIdentity.Setup(x => x.IsATeamLead()).Returns(true);
             _bookingsApiClient.Setup(x =>
                     x.GetHearingsByTypesAsync(It.IsAny<GetHearingRequest>()))
                 .ReturnsAsync(new BookingsResponse());
@@ -78,7 +78,7 @@ public async Task Should_return_booking_list_if_cursor_is_not_null()
         [Test]
         public async Task Should_return_unauthorized_for_booking_list_if_user_is_not_admin()
         {
-            _userIdentity.Setup(x => x.IsAdministratorRole()).Returns(false);
+            _userIdentity.Setup(x => x.IsATeamLead()).Returns(false);
 
             _bookingsApiClient.Setup(x =>
            x.GetHearingsByTypesAsync(It.IsAny<GetHearingRequest>()))
@@ -99,7 +99,7 @@ public async Task Should_return_unauthorized_for_booking_list_if_user_is_not_adm
         [Test]
         public async Task Should_throw_exception_for_booking_list_and_returns_bad_result()
         {
-            _userIdentity.Setup(x => x.IsAdministratorRole()).Returns(true);
+            _userIdentity.Setup(x => x.IsATeamLead()).Returns(true);
 
             _bookingsApiClient.Setup(x =>
            x.GetHearingsByTypesAsync(It.IsAny<GetHearingRequest>()))
@@ -191,7 +191,7 @@ public async Task
         [Test]
         public async Task Should_return_ok_for_booking_list_with_defined_types_list()
         {
-            _userIdentity.Setup(x => x.IsAdministratorRole()).Returns(true);
+            _userIdentity.Setup(x => x.IsATeamLead()).Returns(true);
 
             _bookingsApiClient.Setup(x =>
                     x.GetHearingsByTypesAsync(It.IsAny<GetHearingRequest>()))
@@ -211,7 +211,7 @@ public async Task Should_return_ok_for_booking_list_with_defined_types_list()
 
             okResult.StatusCode.Should().Be(200);
 
-            _userIdentity.Verify(x => x.IsAdministratorRole(), Times.Once);
+            _userIdentity.Verify(x => x.IsATeamLead(), Times.Once);
             _bookingsApiClient.Verify(s => s.GetCaseTypesAsync(true), Times.Once);
             _bookingsApiClient.Verify(x => x.GetHearingsByTypesAsync(It.IsAny<GetHearingRequest>()), Times.Once);
         }
@@ -221,7 +221,7 @@ public async Task Should_return_ok_for_booking_list_and_exclude_repeated_types()
         {
             var hearingTypesIds = new List<string> { "1", "2" };
 
-            _userIdentity.Setup(x => x.IsAdministratorRole()).Returns(true);
+            _userIdentity.Setup(x => x.IsATeamLead()).Returns(true);
 
             _bookingsApiClient.Setup(x =>
                     x.GetHearingsByTypesAsync(It.IsAny<GetHearingRequest>()))
@@ -242,7 +242,7 @@ public async Task Should_return_ok_for_booking_list_and_exclude_repeated_types()
 
             okResult.StatusCode.Should().Be(200);
 
-            _userIdentity.Verify(x => x.IsAdministratorRole(), Times.Once);
+            _userIdentity.Verify(x => x.IsATeamLead(), Times.Once);
             _bookingsApiClient.Verify(s => s.GetCaseTypesAsync(true), Times.Once);
             _bookingsApiClient.Verify(x => x.GetHearingsByTypesAsync(It.IsAny<GetHearingRequest>()), Times.Once);
         }
@@ -478,7 +478,7 @@ private List<CaseTypeResponse> GetCaseTypesList()
 
         private void SetupTestCase()
         {
-            _userIdentity.Setup(x => x.IsAdministratorRole()).Returns(true);
+            _userIdentity.Setup(x => x.IsATeamLead()).Returns(true);
             _userIdentity.Setup(x => x.GetGroupDisplayNames()).Returns(new List<string> { "type1", "type2" });
             _bookingsApiClient.Setup(x =>
                     x.GetHearingsByTypesAsync(It.IsAny<GetHearingRequest>()))

diff --git a/AdminWebsite/AdminWebsite.UnitTests/Controllers/ReferenceDataControllerTests.cs b/AdminWebsite/AdminWebsite.UnitTests/Controllers/ReferenceDataControllerTests.cs
@@ -53,7 +53,7 @@ public async Task Should_return_all_hearing_types()
         {
             // Arrange
             var includeDeleted = true;
-            _userIdentityMock.Setup(x => x.IsAdministratorRole()).Returns(true);
+            _userIdentityMock.Setup(x => x.IsATeamLead()).Returns(true);
             _bookingsApiClientMock.Setup(x =>
                     x.GetCaseTypesAsync(includeDeleted))
                     .ReturnsAsync(GetCaseTypesList());

diff --git a/AdminWebsite/AdminWebsite.UnitTests/Security/UserIdentityTests.cs b/AdminWebsite/AdminWebsite.UnitTests/Security/UserIdentityTests.cs
@@ -50,36 +50,25 @@ public void Should_return_group_DisplayNames()
         [TestCase(AppRoles.JudgeRole, false)]
         [TestCase(AppRoles.RepresentativeRole, false)]
         [TestCase(AppRoles.CaseAdminRole, false)]
-        [TestCase(AppRoles.VhOfficerRole, true)]
-        public void Should_set_the_isvhofficeradministratorrole_property(string appRole, bool expectedValue)
-        {
-            var user = new ClaimsPrincipalBuilder().WithRole(appRole).Build();
-            var userIdentity = new UserIdentity(user);
-            userIdentity.IsVhOfficerAdministratorRole().Should().Be(expectedValue);
-        }
-
-        [TestCase(AppRoles.CitizenRole, false)]
-        [TestCase(AppRoles.JudgeRole, false)]
-        [TestCase(AppRoles.RepresentativeRole, false)]
-        [TestCase(AppRoles.CaseAdminRole, true)]
         [TestCase(AppRoles.VhOfficerRole, false)]
-        public void Should_set_the_iscaseadministratorrole_property(string appRole, bool expectedValue)
+        [TestCase(AppRoles.AdministratorRole, true)]
+        public void Should_set_the_isvhofficeradministratorrole_property(string appRole, bool expectedValue)
         {
             var user = new ClaimsPrincipalBuilder().WithRole(appRole).Build();
             var userIdentity = new UserIdentity(user);
-            userIdentity.IsCaseAdministratorRole().Should().Be(expectedValue);
+            userIdentity.IsATeamLead().Should().Be(expectedValue);
         }
 
         [TestCase(AppRoles.CitizenRole, false)]
         [TestCase(AppRoles.JudgeRole, false)]
         [TestCase(AppRoles.RepresentativeRole, false)]
-        [TestCase(AppRoles.CaseAdminRole, true)]
         [TestCase(AppRoles.VhOfficerRole, true)]
-        public void Should_set_the_isadministratorrole_property(string appRole, bool expectedValue)
+        [TestCase(AppRoles.AdministratorRole, false)]
+        public void Should_set_the_is_a_cso_role_property(string appRole, bool expectedValue)
         {
             var user = new ClaimsPrincipalBuilder().WithRole(appRole).Build();
             var userIdentity = new UserIdentity(user);
-            userIdentity.IsAdministratorRole().Should().Be(expectedValue);
+            userIdentity.IsACso().Should().Be(expectedValue);
         }
 
         [Test]

diff --git a/AdminWebsite/AdminWebsite/Controllers/BookingListController.cs b/AdminWebsite/AdminWebsite/Controllers/BookingListController.cs
@@ -58,7 +58,7 @@ public async Task<ActionResult> GetBookingsList([FromBody]BookingSearchRequest r
             {
                 request.Cursor = _encoder.Encode(request.Cursor);
             }
-            if (_userIdentity.IsAdministratorRole())
+            if (_userIdentity.IsATeamLead() || _userIdentity.IsACso())
             {
                 request.CaseTypes ??= new List<string>();
                 request.CaseTypes.AddRange(_userIdentity.GetGroupDisplayNames());

diff --git a/AdminWebsite/AdminWebsite/Security/UserIdentity.cs b/AdminWebsite/AdminWebsite/Security/UserIdentity.cs
@@ -8,10 +8,20 @@ namespace AdminWebsite.Security
     public interface IUserIdentity
     {
         IEnumerable<string> GetGroupDisplayNames();
-        bool IsAdministratorRole();
+
+        /// <summary>
+        /// Does a user have a CSO role (aka VHO but not a team lead)
+        /// </summary>
+        /// <returns></returns>
+        bool IsACso();
+
+        /// <summary>
+        /// Does a user have a Team Lead role
+        /// </summary>
+        /// <returns></returns>
+        bool IsATeamLead();
+
         string GetUserIdentityName();
-        bool IsVhOfficerAdministratorRole();
-        bool IsCaseAdministratorRole();
         IEnumerable<string> GetAdministratorCaseTypes();
     }
 
@@ -36,20 +46,15 @@ public IEnumerable<string> GetAdministratorCaseTypes()
         {
             return _administratorRoleClaims.UserCaseTypes;
         }
-
-        public bool IsAdministratorRole()
-        {
-            return IsVhOfficerAdministratorRole() || IsCaseAdministratorRole();
-        }
-
-        public bool IsVhOfficerAdministratorRole()
+
+        public bool IsACso()
         {
             return _currentUser.IsInRole(AppRoles.VhOfficerRole);
         }
 
-        public bool IsCaseAdministratorRole()
+        public bool IsATeamLead()
         {
-            return _currentUser.IsInRole(AppRoles.CaseAdminRole);
+            return _currentUser.IsInRole(AppRoles.AdministratorRole);
         }
 
         public string GetUserIdentityName()